Cyberark OpenID Integration
This document provides the instructions for setting up UPSSO as a Third Party IDP to Cyberark application using OpenID.
PREREQUISITES
Administrator access to the UPSSO portal.
Administrator access to the Cyberark application.
CONFIGURING Cyberark OpenID in UPSSO
Login into UPSSO portal as an administrator
Click on the “Application Management” from the left side navigation menu.
Click on the “+ New Record” button. And click the Openid Application.

Enter the given fields to configure
Cyberark openid.
Name : Enter the name of the Cyberark openid
Client id : Enter the client ID of the Cyberark openid
Redirect url : Enter the redirect URL
Sub field : choose the sub field accordingly
Click url : Enter the click URL
Application Image : Select the openid logo


CONFIGURING UPSSO OPENID IN CYBERARK.
Login into the Cyberark application as an administrator user.
Search Administration in the navigation menu and select OIDC Authentication.
Get the configuration details from your provider.
Display name : Enter name displayed to the end user on the login page.
Provider ID : unique ID used to identify the OIDC Provider in CyberArk.
Discovery URL : Enter URL returns metadata that defines the provider's configuration.
Client ID : unique identifier created by the provider when registering to a client application
Logoff URL : Optional
Client Authentication method : Enter the secret key from the provide.
User name claim (optional) : user's attribute in the ID token
Click on SAVE button to save the configuration.
TESTING THE INTEGRATION
Login into the UPSSO portal as a user having the same username as a Cyberark user.
Click on the Cyberark OpenID.
Select the OTP method and enter the OTP and click on the Verify button.
Consent screen will be displayed , click on accept to login to the application.

