/
CyberArk PAM

CyberArk PAM

This article covers the following topics:

Minimum Required Permissions

  • Admin or application owner permissions in Zilla

  • Admin permissions in CyberArk Identity

Obtain API Information

  1. Log in to your CyberArk Identity Administration portal.

  2. Expand the Apps & Widgets section, click Web Apps, and click Add Web Apps.

image-20250321-185738.png

  1. Click the Custom tab in the Add Web Apps dialog. Add an OAuth2 Client app.

image-20250321-185923.png

  1. Click Yes.

image-20250321-190012.png

  1. Type a name in Application ID field. This value will be used in later step.

image-20250321-190543.png

  1. Go to the Tokens tab on the left menu and enable the Client Creds checkbox option.

image-20250321-190520.png

  1. Go to the Scope tab and click Add.

image-20250321-190643.png

  1. Enter scim in the name field and scim* in the REST Regex.

image-20250326-093044.png

  1. Go to the Permissions tab and click Add.

image-20250321-191019.png

  1. Search for SCIM, select the value, and click Add.

image-20250321-191046.png

  1. Select the View checkbox for SCIM permissions and click Save.

image-20250321-191223.png

  1. Find the SCIM Endpoint in the Issuer field on the General Usage tab. It will be used in the later step.

image-20250321-191748.png

  1. Expand the Core Services section, click Users, and create a service user to authenticate the integration. Select the Is OAuth confidential client checkbox while creating the user. The username and password of this service user will be used as the Client ID and Client Secret respectively in a later step.

image-20250321-192132.png

Set Up the Integration in Zilla

  1. Add the desired application to Zilla. For instructions on this process, refer to this article.

  2. Click Sync now in the upper right corner of the application instance page for CyberArk PAM.

    image-20250321-192747.png

     

  3. Toggle to enable API Integration.

  4. Enter the Application ID obtained in step 5 into OAuth Application ID field.

  5. Enter the SCIM user’s username and password obtained in step 13 into the Client ID and Client Secret fields, respectively.

  6. Enter the SCIM Endpoint obtained in step 12. Do not include / at the end (for example, zilla.id.integration-cyberark.cloud). Click Sync Now/Next.

image-20250326-094635.png

  1. Click Next to start the sync.

image-20250321-193547.png

  1. Click Done.

image-20250321-202850.png

  1. Review the sync summary popup that appears and click Close.

Additional Resources