Is psPAS supported with Privilege Cloud?

[marc-fom]

Hi,

Sorry if this information is provided somewhere and I missed it but trying to connect psPAS module to our Privilege Cloud baseURL I'm getting errors whatever I try with New-PASSession command.
I'm using CyberArk type connection and tried different baseURL:
https://subdomain.privilegecloud.cyberark.cloud
https://subdomain.cyberark.cloud

So does psPAS support only self-hosted PAM or Privilege Cloud is also supported?

Please advise.

Best
Marc

[pspete]

As of right now, you can use these instructions: https://pspas.pspete.dev/docs/authentication/#shared-services-authentication

Soon we may be able to offer additional options in the module.

[marc-fom]

Hi Pete, Thanks, this moved me one step further. Using the creds that work properly for my custom built PowerShell provisioning script does not with your module, this is the error I’m getting: Invoke-PASRestMethod : invalid client creds or client not allowed What are the roles or account attributes that you expect? Does it have to be a service user? Guess so from your wording “Provide tenant ID and non-interactive API User credentials for authentication” The user I’m passing in creds is indeed a service user. Best regards Marc From: Pete Maan ***@***.***> Sent: Tuesday, August 8, 2023 10:40 AM To: pspete/psPAS ***@***.***> Cc: Fombaron, Marc ***@***.***>; Author ***@***.***> Subject: Re: [pspete/psPAS] Is psPAS supported with Privilege Cloud? (Discussion #479) [EXTERNAL SENDER – CAUTION with links and attachments] As of right now, you can use these instructions: https://pspas.pspete.dev/docs/authentication/#shared-services-authentication<https://checkpoint.url-protection.com/v1/url?o=https%3A//pspas.pspete.dev/docs/authentication/%23shared-services-authentication&g=YTQ0MmY0YTg2MTY5N2RlMA==&h=Zjc2OTlmMDUxOGJlYTkwNDFlMDRiY2UzNGM1Y2MyN2QxNTdkM2E5MDc1YmI0MDhlNDU1NzZlMjc3NzQ1ODViMQ==&p=Y3AxZTpjb25zdGVsbGl1bXN3aXR6ZXJsYW5kYWcyOmM6bzo0ZDYyYWYwOTk4YTY1Y2Y0MGQyOTg4NTc0OWUwZTVmYzp2MTpoOlQ=> Soon we may be able to offer additional options in the module. — Reply to this email directly, view it on GitHub<https://checkpoint.url-protection.com/v1/url?o=https%3A//github.com/pspete/psPAS/discussions/479%23discussioncomment-6666811&g=ZmEzYzU2NDMzNTBhY2MzZg==&h=OTg5YjVlYmFhYjc4N2RmYzYzYjExMjFkMTg3NGE0Y2EwNWI1ODRmNWU2NTEwN2U3MzgxZDhmMGFiYmQ4ZDUzOQ==&p=Y3AxZTpjb25zdGVsbGl1bXN3aXR6ZXJsYW5kYWcyOmM6bzo0ZDYyYWYwOTk4YTY1Y2Y0MGQyOTg4NTc0OWUwZTVmYzp2MTpoOlQ=>, or unsubscribe<https://checkpoint.url-protection.com/v1/url?o=https%3A//github.com/notifications/unsubscribe-auth/ALGUSVFPY3BVJ54WLKNYTLDXUH3OJANCNFSM6AAAAAA3ICFTCY&g=ODI0ZjdjMjM3YTNhZDVlOQ==&h=NzgxMzAwY2U5YzVmYjMyYTc2MzUyZDg5NjhlYTA4OGQ3NDFlNzRkZmM5YWEwNjJhOWM5MTU3ZWFjOWUxOGMxNA==&p=Y3AxZTpjb25zdGVsbGl1bXN3aXR6ZXJsYW5kYWcyOmM6bzo0ZDYyYWYwOTk4YTY1Y2Y0MGQyOTg4NTc0OWUwZTVmYzp2MTpoOlQ=>. You are receiving this because you authored the thread.Message ID: ***@***.***> Avis : Ce message et toute pièce jointe sont la propriété de Constellium et sont destinés seulement aux personnes ou à l'entité à qui le message est adressé. Si vous avez reçu ce message par erreur, veuillez le détruire et en aviser l'expéditeur par courriel. Si vous n'êtes pas le destinataire du message, vous n'êtes pas autorisé à utiliser, à copier ou à divulguer le contenu du message ou ses pièces jointes en tout ou en partie. Veuillez prendre note de notre information sur la protection des données en cliquant ici <https://www.constellium.com/data-protection-information-customer-and-supplier> Anmerkung: Diese Nachricht und alle Anhänge sind Eigentum von Constellium und nur für die angegebene Person oder Organisation bestimmt. Wenn Sie diese Nachricht irrtümlich erhalten, informieren Sie bitte den Absender per E-Mail und löschen Sie die Nachricht. Wenn Sie nicht der vorgesehene Empfänger sind, dürfen Sie diese Nachricht oder die Anhänge weder ganz noch teilweise verwenden, kopieren oder sonstwie weiterverbreiten. Bitte lesen Sie unseren Hinweis zum Datenschutz in dem Sie hier klicken.<https://www.constellium.com/data-protection-information-customer-and-supplier> Upozornení: Tato zpráva s prípadnými prílohami je majetkem spolecnosti Constellium a je urcena výhradne uvedeným príjemcum nebo entitám, kterým je adresována. Pokud jste tuto zprávu dostali omylem, informujte prosím e-mailem odesilatele a zprávu smažte. Nejste-li zamýšleným príjemcem, nesmíte používat, kopírovat ani zverejnovat obsah zprávy ci príloh nebo jejich cástí. Přečtěte si prosím naše zásady ochrany osobních údajů kliknutím na odkaz zde.<https://www.constellium.com/data-protection-information-customer-and-supplier> Notice This message and any attachments are the property of Constellium and are intended solely for the named recipients or entity to whom this message is addressed. If you have received this message in error please inform the sender via e-mail and destroy the message. If you are not the intended recipient you are not allowed to use, copy or disclose the contents or attachments in whole or in part. Please take note of our information relating to data protection which you can access by clicking here<https://www.constellium.com/data-protection-information-customer-and-supplier>

[pspete]

Refer to the Vendor documentation on the API service user: https://docs.cyberark.com/PrivCloud-SS/Latest/en/Content/ISPSS/ISPSS-API-Authentication.htm