We are currently setting up an integration with CyberArk PAM using the SCIM 2.0 connector.
The object types initially supported are: User, Group, Entitlement and Role.
We’re wondering whether this connector can be extended to other types of objects (e.g. safes) to support fine-grained management of user rights, i.e. whether it’s possible to use other endpoints (such as /Containers, /PriviligedData…) via this connector (full details of SCIM PAM extension is here
I can’t see any indication of this in the SCIM 2.0 source documentation here, which only mentions a non-compliant server.
Don’t believe you can extend the PAM-SCIM connector to support safes/container with OOTB. You can explore CyberArk REST API to possibly onboard as WebServices or reach out to your CSM
Hello Suresh,
It seems there was a misunderstanding. I was talking about the SCIM 2.0 connector (generic).
SCIM-PAM is a pre-packaged (billed) connector with the PAM extension part, which is not natively present in generic SCIM 2.0 connector, hence my question.
Thanks anyway for your contribution regarding CyberArk’s standard REST API.
I look forward to feedback from other members.
