Search Results :

×

Setup CyberArk as a SCIM Client using the User Provisioning module in Drupal

User Provisioning allows you to manage all the users at a central user management identity. CyberArk Provisioning service supports SCIM 2.0 protocol for automatic provisioning/de-provisioning. miniOrange User Provisioning and Sync module implement the SCIM endpoints to allow provisioning/de-provisioning of users into the Drupal site as and when any CRUD operation is performed in the central identity i.e. CyberArk.

  • Download the module:
    composer require 'drupal/user_provisioning'
  • Navigate to Extend menu on your Drupal admin console and search for miniOrange User Provisioning using the search box.
  • Enable the module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/user_provisioning/overview
  • Install the module:
    drush en user_provisioning
  • Clear the cache:
     drush cr
  • Configure the module at
    {BaseURL}/admin/config/people/user_provisioning/overview
  • Navigate to Extend menu on your Drupal admin console and click on Install new module button.
  • Install the Drupal User Provisioning and Sync module either by downloading the zip or from the URL of the package (tar/zip).
  • Click on Enable newly added modules.
  • Enable this module by checking the checkbox and click on Install button.
  • Configure the module at
    {BaseURL}/admin/config/people/user_provisioning/overview
Note and Contact Us - SSO between two WordPress sites

Note: You will require the Premium version of the module to set up Drupal as an SCIM server.

  • Head towards the Drupal site and navigate to the User Provisioning tab of the module (/admin/config/people/user_provisioning/provisioning).
  • In the Changes from Provider to Drupal (SCIM Server) section, click on the Configure button, as indicated in the screenshot below.
Click-on-configure-button

  • From Configure Drupal as a SCIM server copy the SCIM Base URL and SCIM Bearer Token and keep it handy.
Drupal User Provisioning and Sync - Copy the SCIM Base URL and SCIM Bearer Token

  • Login into your CyberArk Admin Console.
  • Note and Contact Us - SSO between two WordPress sites

    Note: You can setup Single Sign-On (SSO) into Drupal as SAML SP with CyberArk as IDP by following the steps given here.

  • Go to the Provisioning tab, click Enable Provisioning for this application, and then save your changes.
cyberark cross domain provisioning (scim) - select provisioning

  • To confirm the popup SCIM Provisioning window click on the Yes button.
cyberark cross domain provisioning (scim) - ensure your application support scim and click yes in scim provisioning window

  • Select Live Mode.
cyberark cross domain provisioning (scim) - select preview and live mode

  • Paste the SCIM Base URL copied from the Drupal SCIM User Provisioning module under the SCIM Service URL text field.
cyberark cross domain provisioning (scim) - enter scim service url

  • Select the Authorization Type. There are two types of Authorization:
  • Note and Contact Us - SSO between two WordPress sites

    Note: The Authorization Type determines what information is required and where to find the information.

OAuth 2.0 This Authorization Type uses a workflow to authorize access. The Authorization Header directly provides credentials.
Authorization Header Required choosing a header type
cyberark cross domain provisioning (scim) - enter authorization type

  1. OAuth 2.0 (for more information check here).
    • Authorize URL: Copy and paste Authorize url from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
    • Access Token URL: Copy and paste the Authorize URL from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
    • Client ID: Copy and paste Client ID from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
    • Client Secret: Copy and paste Client Secret from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
    • Scope: Copy and paste Scope from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
  2. cyberark cross domain provisioning (scim) - enter oauth 2.0

  3. Authorization Header
    • In the Authorization Header, Select Header Type as Bearer Token.
    cyberark cross domain provisioning (scim) - enter oauth 2.0

    • Paste the SCIM Bearer Token copied from the Drupal SCIM User Provisioning module under the Bearer Token text field.
    • Click on the Verify and Save button to save your SCIM Provisioning information.
    cyberark cross domain provisioning (scim) - enter oauth 2.0

Congratulations, you have successfully set up Drupal as the SCIM server and CyberArk as the SCIM client.

If the Provision was not successful, please contact us at drupalsupport@xecurify.com. Please send the screenshot of the error window, and we will assist you in resolving the issue and guiding you through the setup.


ADFS_sso ×
Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com