Integration of CyberArk Check-in/Check-out and Dual Control Features with SailPoint IdentityNow

Hi All,

Anyone please confirm whether SailPoint IdentityNow supports integration with CyberArk’s check-in/check-out functionality?

Dual Control: This feature ensures that even if a user has access to a CyberArk safe, they must obtain approval from designated approvers to retrieve a password for a specified duration.
Check-in/Check-out: This mechanism locks the account to the first user who retrieves the password. Other authorized users must wait until the account is checked back in. Additionally, CyberArk automatically changes the account password upon check-out.

Appreciate for any suggestion or direction.

Thanks,
Shweta

Any suggestions will be helpful

For dual control, have you looked into integrating ServiceNow with CyberArk. I have done with ServiceNow in the past, so happy to help with that.

Check-in/Check-out feature - I don’t think ISC support that. The integration of CyberArk with ISC is to manage privilege account, their access (groups/safes). See this, Supported Features

if you are looking to credential cycling (to fetch service account password from vault into ISC), then check out this CyberArk Conjur Cloud Credential Provider