Centrify Identity Services
  • 12 Feb 2024
  • 1 Minute to read
  • Dark
  • PDF

Centrify Identity Services

  • Dark
  • PDF

Article summary

Centrify Identity Services manages application access, endpoints, and network infrastructure.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices
  • Users


  1. Centrify Tenant URL (required) - The URL for the tenant (e.g. mycompany.my.centrify.net)

  2. Application ID (required) - The Application ID (Created in Step 2)

  3. Client Scope (required) - The Scope name (Created in Step 3)

  4. Client ID and Client Secret (required) - Will be used to authorize the Confidential Client (In Step 4).

  5. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  6. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

  7. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.


Creating a Client Application in Centrify

Creating a Confidential Client for Axonius Application in Centrify is required.
Follow the instructions in Client Credentials Flow.

  • The Client Application requires the following Scope permissions (Step 3):
    • CDirectoryService/GetUsers
    • UPRest/GetResultantAppsForUser
    • Redrock/Query
  • The adapter performs queries using the Redrock/Query REST API endpoint against the following table(s):
    • VaultAccount
  • The query does not retrieve nor store any information about passwords, hashes, etc.
  • Axonius requires the account to be an OAuth Confidential Client (Step 4)
    • Important to enable the Is OAuth Confidential Client
  • User must be in a role that gives them access to use the APIs that the server is scoped to.


Axonius uses the Centrify Identity Services API

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.