Contents x
    CyberArk Privilege Cloud
    • 02 Jan 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    CyberArk Privilege Cloud

    • Updated on 02 Jan 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    CyberArk Privilege Cloud is a privileged access management (PAM) solution for securing, managing, and monitoring privileged accounts.

    Types of Assets Fetched

    This adapter fetches the following types of assets:

    • Users
    • Groups
    • Secrets

    Parameters

    1. Host Name or IP Address (required) - The hostname or IP address of the CyberArk Privilege Cloud server.

    2. Authentication Method (required, default: CyberArk) - The authentication method used for the connection. The following authentication methods are supported: CyberArk, Windows, LDAP, RADIUS, SAML, and ISPSS. Refer to APIs for details about configuring SAML authentication.

    3. User Name and Password (required) - The credentials for a user account that has the required permissions to fetch assets. For more information on creating accounts within CyberArk Privilege Cloud, see Add and Manage Users. For more information about logging in, see CyberArk, LDAP, RADIUS.

    4. Tenant ID - Cloud Only - Specify the Tenant ID if you choose ISPSS authentication. The ISPSS method only works with the cloud version.

      Finding the Tenant ID
      1. From CyberArk Privilege Cloud, click the user icon in the top-right corner, then click Tenant details.
      2. The value next to ID is the Tenant ID that you need to use. Copy this into the Tenant ID field in Axonius.

    5. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

    6. HTTPS Proxy (optional) - Connect the adapter to a proxy instead of directly connecting it to the domain.

    7. HTTPS Proxy User Name (optional) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    8. HTTPS Proxy Password (optional) - The password to use when connecting to the server using the HTTPS Proxy.

    To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

    CyberArk Privilege Cloud

    APIs

    Axonius uses the CyberArk REST APIs.

    To use the SAML authentication method you need to enable the SAML IdP initiated SSO flow. Follow instructions in Configure the IdP to implement this. This returns the SAML Response.

    Required Permissions

    The user account used for the adapter connection:

    • Must have Audit permissions.
    • Must be a member of a Safe of in a CyberArk Vault.
    • Must have List Accounts permissions in the Safe.

    Supported From Version

    Supported from Axonius version 6.1


    Was this article helpful?
    What's Next