CyberArk OIDC in Buddy

CyberArk OIDC in Buddy

What is CyberArk?

CyberArk is a cybersecurity platform that provides a suite of solutions to protect organizations from cyber threats by securing privileged accounts and credentials. Despite not having a dedicated CyberArk OIDC profile, you can still configure it using the Custom option, and this guide will show you how.

Set up

  1. In the CyberArk's admin panel, select Add Web Apps, find OpenID Connect in the custom tab and add it

Image loading...Adding OIDC to CyberArkAdding OIDC to CyberArk

  1. Once added, you will see a new OpenID Connect panel that includes all the information regarding the identity provider configuration. If the widow did not show up, open the app and navigate to the trust section.

Image loading...OIDC panel in CyberArkOIDC panel in CyberArk

  1. In Buddy, navigate to Workspace Settings -> Single Sign-On and in the Open ID Connect select the Custom provider

Image loading...OIDC setup in BuddyOIDC setup in Buddy

  1. Copy over the contents of CyberArk's OICD panel to the corresponding fields in Buddy:
  • OpenID Connect client ID -> Client ID
  • OpenID Connect client secret -> Client secret
  • OpenID Connect issuer URL -> Issuer URL
  1. In the CyberArk's panel select the Login initiated by the relying party (RP) oprtion, and add Buddy's Callback URL (READ-ONLY) to CyberArk's Authorized redirect URl's and save.

  2. In CyberArk, navigate to Roles and select the role you want to assign the application to, for example, 'Everybody'.

  3. In the CyberArk's navigate to Assigned Applications, click Add and select the application you have created

Image loading...CyberArk's assigned applicationsCyberArk's assigned applications

  1. Back in Buddy click the Test configuration and enable SSO on success button. If everything is configured correctly the OICD will be enabled.

  2. All that's left is integrating Buddy with CyberArk. Upon log-in, select the "Sign in with SSO" option and provide your workspace handle; you will be redirected to CyberArk to complete the integration process.

Image loading...SSO loginSSO login

Hint
This will work only if you are using a single workspace. If you wish to use multiple workspaces please follow this article
Jarek Dylewski

Jarek Dylewski

Customer Support

A journalist and an SEO specialist trying to find himself in the unforgiving world of coders. Gamer, a non-fiction literature fan and obsessive carnivore. Jarek uses his talents to convert the programming lingo into a cohesive and approachable narration.

Apr 18, 2024
Share