CyberArk Identity developer documentation

CyberArk Identity supports authentication process such as Adaptive MFA, external IDP authentication, social login, along with standards such as SAML and OIDC.

OAuth 2.0 allows client applications to access to protected resources, and OIDC is an authentication layer on top of OAuth. CyberArk Identity supports OAuth 2.0 & OpenID Connect protocols.

CyberArk Identity supports user self service actions such as registration, password reset, account unlock, forgot username and MFA enrollment.

CyberArk Identity provides APIs to add and manage CyberArk Identity directory users, Active Directory users connected to the cloud service, and federated users.

CyberArk Identity provides APIs to add and manage policies, which can define a user's MFA profile and security settings as well as manage endpoint authentication.

CyberArk Identity provides APIs to manage applications and assign users to browser-based apps, native mobile apps, and custom apps for single sign-on (SSO).

Manage user life cycles using SCIM outbound and inbound provisioning APIs. CyberArk Identity also provides APIs to manage privilege accounts and related objects with SCIM APIs.

Manage mobile devices using device management APIs. The APIs can be used to enable or disable SSO, delete a device, lock, unlock, power off, wipe, or reboot a device, ping a device etc.

CyberArk Identity provides APIs to retrieve analytics data and add Webhooks to invoke another web service after a security alert or CyberArk Identity Analytics server event.