CyberArk SCIM Connector

New Contributor
New Contributor

Hi All,
We are trying to import the cyberArk application data (Users, Groups, Safes and Privileged Accounts) using the CyberArk SCIM connector.
Posted the Connection JSON below.

1. We have used Cyberark Connector OOTB - connection JSON and Error log file.
"authentications": {
"acctAuth": {
"authType": "Basic",
"httpMethod": "GET",
"httpParams": {},
"httpHeaders": {},
"httpContentType": “application/json”,
"properties": {
"password": "<password>"
"expiryError": "ExpiredAuthenticationToken",
"authError": ["InvalidAuthenticationToken","ExpiredAuthenticationToken","AuthenticationFailed","Read timed out"],
"statusCode": [200, 201, 202, 203, 204, 205]
"errorPath": "error.code",
"maxRefreshTryCount": 5,
"tokenResponsePath": "access_token",
"tokenType": "Basic",
"accessToken": "<access token>"
tried updating the Ip instead of hostname 
2. In the advanced section (copy and paste JSON) url : references <IP>   *can we use a DNS name?*
3. When we configure HTTPS communication saviynt-----> SCIM can we use .p7b certificates, or can we use PKCS12 certificates? Are there any formats that Saviynt is not compatible with to make a successful connection. What format do we need to use

Error Message from logs :

The connectivity Fails with the below error response -

2023-09-18T15:07:16.351522889Z stdout F 2023-09-18 15:07:16,351 [http-nio-8080-exec-62] DEBUG domain.EcmConfigController  - vaultConfig not found for the connectionId 42
PSCIM Set up details :
  • ON prep hosted
  • Pointing to on premise JVM server 
  • SCIM service account with all permissions created (sa_serviceaccount)
  • Able to get Successful response on postman



Saviynt Employee
Saviynt Employee

Below are the formats supported for Certificate file and you can check for the same when you navigate to Admin>Settings>File Directory>Connector files. You can convert the certificate to one of the supported format and then test.