CyberArk Identity supports authentication process such as Adaptive
MFA, external IDP authentication, social login, along with standards such as SAML and
OIDC.
OAuth 2.0 allows client applications to access to protected resources,
and OIDC is an authentication layer on top of OAuth. CyberArk Identity supports OAuth
2.0 & OpenID Connect protocols.
CyberArk Identity provides APIs to add and manage CyberArk Identity
directory users, Active Directory users connected to the cloud service, and federated
users.
CyberArk Identity provides APIs to add and manage policies, which can
define a user's MFA profile and security settings as well as manage endpoint
authentication.
CyberArk Identity provides APIs to manage applications and assign
users to browser-based apps, native mobile apps, and custom apps for single sign-on
(SSO).
Manage user life cycles using SCIM outbound and inbound provisioning
APIs. CyberArk Identity also provides APIs to manage privilege accounts and related
objects with SCIM APIs.
Manage mobile devices using device management APIs. The APIs can be
used to enable or disable SSO, delete a device, lock, unlock, power off, wipe, or reboot
a device, ping a device etc.
CyberArk Identity provides APIs to retrieve analytics data and add
Webhooks to invoke another web service after a security alert or CyberArk Identity
Analytics server event.