CyberArk Privilege Cloud
This connectivity package supports governing and managing CyberArk Privileged Cloud environments. You can perform the following actions:
- Read, provision, and deprovision accounts.
- Change user details, such as name, last name, and email address.
- Read, provision, and deprovision groups (roles).
- Read, provision, and deprovision containers (safes).
- Read, provision, and deprovision privileged data.
- Read, provision, and deprovision user groups assignments.
- Read, provision, and deprovision user containers assignments.
- Read parent/child between groups and groups.
- Read parent/child between Privileged data and containers.
- Read parent/child between containers and groups.
Supported objects and operations
The package is preconfigured to manage the the followings objects in CyberArk Privileged Cloud SCIM REST API:
| CyberArk Privileged Cloud objects | Omada data model | Operations |
|---|---|---|
| Users | Account | Create, read, update, delete |
| Groups | Resource | Create, read, delete |
| Containers | Resource | Create, read, delete |
| Privileged Data | Resource | Create, read, delete |
| ContainerPermissions | Resource | Read |
| Groups | Resource Assignment | Create, read, delete |
| ContainerPermissions | Resource Assignment | Create, read, delete |
| Groups | Resource parent/child | Read |
| Containers | Resource parent/child | Read |
| ContainerPermissions | Resource parent/child | Read |
Minimum required permissions
You need access to the SCIM v2 API, including relevant permissions. Only administrators can get authorization credentials to connect to the CyberArk Privileged Cloud API.
Implementation notes
None.
Network requirements
N/A
Prerequisites
CyberArk Privileged Cloud requires additional configuration to ensure a seamless integration with Omada Identity. See Configure the SCIM server | CyberArk Docs and Use the client credentials flow | for details.