I have reviewed the CyberArk Privilege Cloud connector documents and SCIM SaaS connector document that states it is possible to aggregate Safes, but there is no example. I was not able to see any Safes after the aggregation was triggered. Has anyone done it in the past?
Can you give a little more context on what you plan to use that for? I would think that one would want to aggregate the entitlements that grant access to the safes, and not the safes themselves. Or am I not understanding the use case?
Thanks for responding the messages. The entitlement and safes are unrelated items. If the user has the entitlement, it means the user is able to perform the activity in CyberArk Identity, but it does not mean the user has the right to access the Safes.
According to the guideline, the aggregation of Safes feature is available in IDN.
I am still working with CyberArk team to check the permission of the service account. I will keep it posted
According to the guideline, the aggregation of Safes feature is available in IDN.
The closest thing I can find to this is under entitlement management
- Aggregate container / safes permissions as direct permissions
Which is what I was trying to ask about in my original response.
It states it does aggregate container/safes, but groups is blank after the aggregation is run. Not sure why it is not working
After I have been working with the CyberArk team, the account is able to pull Safes by calling CyberArk REST API. At this moment, IDN is not able to pull Safes using the Privilege Cloud connector in our environment. We will keep working on it where the problem is or it might be the limitation the connector
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.