How to integrate sailpoint IIQ with CyberArk PAM?

benutop55 · January 15, 2026, 4:02am

Hello,
Currently I have SailPoint IIQ and I want to integrate it with CyberArk PAM.
I read in the documentation that it uses SCIM and requires an installed CyberArk Identity SCIM Server.
So, to make the integration work, do we need both CyberArk Identity and CyberArk PAM?
Are CyberArk Identity and CyberArk PAM different products?
Could you please help explain how the integration can be done?

Thanks

tarunj · January 15, 2026, 4:16am

CyberArk Identity and CyberArk PAM are both different products.
If you have only CyberArk PAM you can still create a SCIM server, On the CyberArk Marketplace under Integrations there is **CyberArk SCIM Server 2.0.
**
It has to be set up on a windows server, once the service is up and running you can pass the same credentials in IIQ

benutop55 · January 15, 2026, 6:42am

Hi, thanks for your response.

After the service is running, how do I configure CyberArk SCIM?
In SailPoint IIQ, should I add an Application with type SCIM 2.0 and then configure the SCIM configuration settings, is that correct?

Thanks

Arpitha1 · January 15, 2026, 7:29am

Hi @benutop55

You need to import PAM module and FYI, additional license is required. This would provide additional features where you can manage vaults etc.

To know more about, how to integrate sailpoint with PAM module like (Cyberark/beyondtrust), you can go through below url -

Privileged Account Management

You have alternative option where, once your SCIM service is ready you can configure the application in SailPoint using SCIM 2.0 connector. If you want more control with customizable option, then go with WebService connector.

Summarizing,

Option 1: Through PAM module, OOTB feature

Option 2: Through SCIM connector

Option 3: Through Webservice connector

msingh900 · January 15, 2026, 8:29am

You will get more information about the difference of two tools i.e. CyberArk Identity and CyberArk PAM.

Refer below documentation for SCIM Integration of CyberArk and IIQ.

Refer the below documentation for CyberArk PAM Integration.

sukarande · January 15, 2026, 8:30am

@benutop55

You can go with SCIM 2.0. So SailPoint → SCIM → Cyberarc. This way it will work.

benutop55 · January 15, 2026, 9:01am

To create a SCIM Server, does that mean CyberArk Identity is not required?
Is it possible to do this using CyberArk PAM Self-Hosted only?

sukarande · January 15, 2026, 11:47am

@benutop55

Please once visit below 2 sections. All things are clearly explained.

https://docs.cyberark.com/pam-self-hosted/latest/en/content/privilege%20cloud/privcloud-scim.htm

msingh900 · January 15, 2026, 1:12pm

Refer my first msg for PAM Self Hosted.

Thanks

Topic		Replies	Views
Question about Integrating SailPoint with CyberArk Privileged Access Manager (Self-Hosted) IIQ Discussion and Questions identityiq	8	1039	January 13, 2025
IIQ integration with CyberArk PAM-SCIM IIQ Discussion and Questions identityiq	6	1774	May 24, 2024
CyberArk Container Group Members IIQ Discussion and Questions identityiq , certifications , entitlements	3	264	March 28, 2024
Multiple CyberArk SCIM server IIQ Discussion and Questions identityiq	1	245	November 28, 2023
Credential Cycling - PAM Module and CyberArk IIQ Discussion and Questions identityiq	1	172	October 8, 2024

How to integrate sailpoint IIQ with CyberArk PAM?

Related topics