CyberArk Privilege Cloud
  • 18 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

CyberArk Privilege Cloud

  • Dark
    Light

Article summary

CyberArk Privilege Cloud is a SaaS solution that enables organizations to securely store, rotate and isolate credentials (for both human and non-human users), monitor sessions, and deliver scalable risk reduction to the business. Privilege Cloud protects, controls, and monitors privileged access across on-premises, cloud, and hybrid infrastructures. More information can be found at official CyberArk Documentation.

Integration Method: API

Tables: Account Change (3001), Application Lifecycle (6002), Group Management (3006), User Inventory (5003)

This integration supports the following events.

Event

Description

Accounts

Returns a list of all the accounts in Privilege Cloud.

Applications

Returns a list of all the applications in Privilege Cloud.

Groups

Returns a list of all existing user groups in Privilege Cloud.

Users

Returns a list of all existing users in Privilege Cloud.

Note:

CyberArk Privilege Cloud it is a SaaS service and is continuously updated. This document was prepared using version 14.5 in February 2025.

Prerequisites

  • The user should have admin privileges as we need to use admin’s credentials while configuring data source as “Key Id” and “Secret Key”.

  • The user who runs Privilege Cloud web service requires List Accounts permission in the Safe.

  • The user who runs Privilege Cloud web service requires Audit Users permission in Privilege Cloud.

  • The user should have access to DataBee console.

Configuration Overview

  1. Create a new admin user for DataBee or use an existing one. We need to use admin’s username and password as “Key Id” and “Secret Key” respectively while configuring data source.

  2. Add the CyberArk Privilege Cloud data feed in the DataBee console with the below parameters.

    DataBee Parameter

    CyberArk Privilege Cloud Parameter

    Token: <identity-tenant-id>

    CyberArk identity tenant id

    Key Id

    Admin’s Username

    Secret Key

    Admin’s Password

    API Base URL: <subdomain>

    CyberArk subdomain

CyberArk Configuration

Integration with CyberArk happens with admin username/password credentials. Apart from that we require CyberArk Subdomain and Identity Tenant Id to configure data source.

Find CyberArk subdomain

  1. Find the <subdomain> on the login page of CyberArk Identity User Portal from the URL as highlighted below.

Find CyberArk identity tenant id

  1. Find the <identity-tenant-id> on the login page of CyberArk Identity Administration Portal from the URL as highlighted below.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
     

  2. Search for the CyberArk Privilege Cloud and click it as shown below.
     

  3. Click on the API Ingest option for collection method.
     

  4. Enter feed contact information and click Next.
     

  5. In the configuration page, confirm the following:

    • API Base URL: replace <subdomain> placeholder with your CyberArk subdomain.

    • Authorization Method: Bearer Token

    • Secret Key: paste the admin password.

    • Key Id: paste the admin username.

    • Token URL: replace <identity-tenant-id> placeholder with your CyberArk identity tenant id.

    • Event Types: preselected for all the event types that integration pulls.
       

  6. Click Submit.

Troubleshooting Tips

  • Make sure we are using admin’s username and password of CyberArk for DataBee configuration.

  • Make sure the user who runs Privilege Cloud web service requires Audit Users and List Accounts permissions in Privilege Cloud.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence