CyberArk Safe Creation through REST API

cbskiet1986 · February 9, 2021, 3:39pm

Hello Expert,

I am trying to create CyberArk Safe through the REST API and I am able to get the token from CyberArk after passing the username and password but when creating the safe after passing the token then its returning the response code 403. Anybody have the sample code or can provide the details about 403 response code.

URL used to create the CyberArk Safe-

https://<cyberarksafeurl>/PasswordVault/WebServices/PIMServices.svc/Safes

Thanks,

CB Singh

adam_creaney · February 10, 2021, 4:25pm

Hi CB -
A few questions that may help us find a solution:

Where in IdentityIQ are you making the REST request to CyberArk for safe creation?
Are you currently using the Privileged Access Management application type in IdentityIQ to aggregate data from CyberArk?
Do you know if your CyberArk deployment has the optional (from CyberArk) SCIM server component installed?

cbskiet1986 · February 10, 2021, 4:48pm

Hi Adam,

Yes, I am trying from Sailpoint to create the safe in CyberArk through REST API. I am able to get the token but not able to create safe.
Yes and aggregation also working fine.
Not sure about this one but previously it was working through same code but now its creating issue in safe creation.

Thanks
Cb Singh

adam_creaney · February 10, 2021, 8:30pm

If you have a connector set up already (of type ‘Privileged Account Management’) to communicate with CyberArk - you can actually use the SailPoint ‘Provisioner’ class in your beanshell code to do this - an example would look like:

ProvisioningPlan safePlan = new ProvisioningPlan();
ObjectRequest safeReq = new ObjectRequest();
safeReq.setApplication("CyberArk Application Name");
safePlan.setTargetIntegration("CyberArk Application Name");
safeReq.setTargetIntegration("CyberArk Application Name");
safeReq.setNativeIdentity("The new Safe name");
safeReq.setOp(ProvisioningPlan.ObjectOperation.Create);
safeReq.setType("Container");

AttributeRequest aReq = new AttributeRequest("name", ProvisioningPlan.Operation.Set, "The new Safe name");
safeReq.add(aReq);
aReq = new AttributeRequest("location", ProvisioningPlan.Operation.Set, "\\");
safeReq.add(aReq);
aReq = new AttributeRequest("Description", ProvisioningPlan.Operation.Set, "A description about the safe");
safeReq.add(aReq);
safePlan.add(req);

Provisioner safeProvisioner = new Provisioner(context);
safeProvisioner.setDoRefresh(true);
ProvisioningProject createProj = safeProvisioner.compile(safePlan);
safeProvisioner.execute();

Topic		Replies	Views
Identity now cyberark ISC Discussion and Questions scim-connector , connectors	5	119	April 3, 2024
IIQ integration with CyberArk PAM-SCIM IIQ Discussion and Questions identityiq	5	145	March 25, 2024
IDN - Aggregating CyberArk Safe into IDN ISC Discussion and Questions identity-security-cloud	6	190	April 23, 2024
Workflow step giving error IIQ Discussion and Questions workflows , rules , identityiq	8	589	June 27, 2023
Enable API in IIQ IIQ Discussion and Questions apis , identityiq	4	425	November 20, 2023

CyberArk Safe Creation through REST API

Related Topics