Thycotic and SailPoint IDN integration

Hi Experts,

Has anyone integrated Thycotic with IdentityNow for the user provisioning or any other usecases?

Does SCIM PAM connector help us with all the scenarios of user management and container management? We have used SCIM PAM connector earlier for CyberArk integration which worked fine, but wondering if this connector also supports Thycotic?

Thanks,
Archana

Hey @sgeddam003,

Although I have not personally done this, it should be possible to integrate Thycotic with IDN usng the SCIM PAM connector. Thycotic as a SailPoint technology partner was certified against our PAM module (which is built on top of the SCIM + PAM spec) back in March of 2019. You can find their partner landing page here: Thycotic Secret Server Integration.

The Thycotic site also has some documentation available on this; you can find that here: Thycotic Documentation. There is also a troubleshooting section found under IdentityNow in the lefthand menu of that same site.

I hope this helps you to get started!

Hi @michael.ellis,

Thanks for the reply. We have followed Thycotic documentation to install SCIM connector. But to integrate and manage the users and folders of Thycotic from IdentityNow, I am doubtful whether to use SCIM 2.0 OOTB connector or ask SailPoint team to install SCIM PAM on our environment. I understand SCIM PAM works fine for CyberArk integration in IdentityNow. And the partner certified module link which you provided would talk more on IIQ and not IDN.

Do you know if SCIM PAM connector is only a custom connector for Cyberk and not for other PAM solutions? Would you be able to check with the team of SCIM PAM to confirm if it can be used for Thycotic integration?

Thanks,
Archana

Hi @sgeddam003 - you are correct - the CyberArk + IDN integration is specific to CyberArk and was put together and is delivered by Professional Services.

1 Like

There is some emerging work to establish an updated SCIM-PAM spec (among other SCIM improvements) that would be more generally applicable to PAM solutions (both established and emerging). If that sounds interesting to you, you may want to join this IETF111 session on July 29 at 1:30pm Pacific to learn more:
https://datatracker.ietf.org/group/sins/about/

Caveats: this is still emerging work, there is no guarantee SailPoint would necessarily support the updated spec, etc etc.