CyberArk Identity IAM Provider
Enterprise workforce IAM platform from Israel offering SSO, Adaptive MFA, lifecycle management, and privileged access. Native AD/LDAP sync via on-prem connector, SAML/OIDC/WS-Federation IdP, FIDO2 certified, FedRAMP High authorized. Includes built-in UBA/risk analytics, SCIM 2.0 provisioning, and a no-code workflow automation add-on. SaaS-only deployment on AWS across 13 global regions.
Features
- 🇺🇸US🇨🇦🇳🇦🇩🇦Canada🇸🇴🇺🇹🇭🇦🇲🇪🇷🇮🇨🇦South America🇪🇺EU🇲🇮🇩🇩🇱🇪🇪🇦🇸🇹Middle East🇦🇵🇦🇨APAC
If you want to compare IAM features of different providers, please check out the (C)IAM Identity Providers benchmark.
Looking for CyberArk Identity’s OpenID Connect protocol compatibility? View CyberArk Identity on the OpenID Connect Providers benchmark.
Frequently Asked Questions
Does CyberArk Identity support Username and Password authentication method?
CyberArk Identity supports Username and Password authentication method. Read more
Does CyberArk Identity support Social Sign-in authentication method?
CyberArk Identity supports Social Sign-in authentication method. Social login supported with Google, Facebook, LinkedIn, and Microsoft as identity providers. Read more
Does CyberArk Identity support Passkey authentication method?
CyberArk Identity supports Passkey authentication method. FIDO2 passkeys supported including platform authenticators (Windows Hello, Touch ID) and roaming authenticators (YubiKey). CyberArk is FIDO2 certified. Read more
Does CyberArk Identity support Email Passwordless authentication method?
CyberArk Identity partially supports Email Passwordless authentication method. Email OTP supported as an authentication factor and can serve as a passwordless challenge, but is primarily positioned as an MFA factor rather than a dedicated standalone passwordless flow. Read more
Does CyberArk Identity support Phone Passwordless authentication method?
CyberArk Identity partially supports Phone Passwordless authentication method. SMS OTP and phone call are supported as MFA factors; not specifically marketed as a primary passwordless authentication path. Read more
Does CyberArk Identity support Magic Link authentication method?
CyberArk Identity does not support Magic Link authentication method. No dedicated magic link authentication feature. Email OTP code is used instead of a click-to-login link.
Does CyberArk Identity support Anonymous / Guest authentication method?
CyberArk Identity does not support Anonymous / Guest authentication method. No anonymous or guest authentication feature. CyberArk Identity requires authenticated user identity.
Does CyberArk Identity support Time-based One-Time Password (TOTP) MFA?
CyberArk Identity supports Time-based One-Time Password (TOTP) MFA. OATH TOTP supported via CyberArk Authenticator (desktop), CyberArk Identity mobile app (iOS/Android), or any OATH TOTP-compatible authenticator (Google Authenticator, Microsoft Authenticator). Hardware OTP tokens importable in bulk. Read more
Does CyberArk Identity support HMAC-based One-Time Password (HOTP) MFA?
CyberArk Identity supports HMAC-based One-Time Password (HOTP) MFA. OATH HOTP (counter-based) supported alongside TOTP. Hardware HOTP tokens can be imported in bulk via CSV. Read more
Does CyberArk Identity support Universal 2nd Factor (U2F) MFA?
CyberArk Identity supports Universal 2nd Factor (U2F) MFA. Physical FIDO U2F security keys (e.g. YubiKey) supported as a phishing-resistant MFA factor. Read more
Does CyberArk Identity support WebAuthn MFA?
CyberArk Identity supports WebAuthn MFA. FIDO2/WebAuthn supported as MFA and passwordless factor, covering both platform authenticators and roaming security keys. CyberArk holds official FIDO2 certification. Read more
Does CyberArk Identity support Email Code MFA?
CyberArk Identity supports Email Code MFA. Email confirmation code is a supported MFA challenge factor in authentication profiles. Read more
Does CyberArk Identity support Phone Code MFA?
CyberArk Identity supports Phone Code MFA. SMS text message confirmation code and phone call OTP are both supported MFA factors. Read more
Does CyberArk Identity support Recovery Code MFA?
CyberArk Identity does not support Recovery Code MFA. No dedicated backup/recovery code feature. Account recovery is handled via self-service password reset using alternative MFA factors.
Does CyberArk Identity support Push Notification MFA?
CyberArk Identity supports Push Notification MFA. CyberArk Identity mobile app (iOS/Android) supports push notification MFA — users approve or deny login requests on their device. Wearables also supported as a token. Read more
Does CyberArk Identity support Adaptive / Risk-Based MFA MFA?
CyberArk Identity supports Adaptive / Risk-Based MFA MFA. CyberArk Adaptive MFA evaluates AI/ML risk signals (device, network, location, user behavior, time of day) to dynamically step up or step down authentication requirements. Read more
Does CyberArk Identity support Cisco Duo MFA?
CyberArk Identity supports Cisco Duo MFA. Cisco Duo is natively integrated as a configurable MFA factor. Administrators configure via Integration Key, Secret Key, and API hostname from the Duo Admin Panel. Read more
Does CyberArk Identity support Step-Up Authentication MFA?
CyberArk Identity supports Step-Up Authentication MFA. Step-up authentication through adaptive MFA policies — additional factors are required based on resource sensitivity, risk score, or contextual changes mid-session. Read more
Does CyberArk Identity support OpenID Connect (OIDC) integration protocol?
CyberArk Identity supports OpenID Connect (OIDC) integration protocol. Read more
Does CyberArk Identity support SAML 2.0 integration protocol?
CyberArk Identity supports SAML 2.0 integration protocol. Full SAML 2.0 IdP support for hundreds of certified app integrations. Supports IdP-initiated and SP-initiated SSO for B2B federation and enterprise application integration. Read more
Does CyberArk Identity support WS-Federation integration protocol?
CyberArk Identity supports WS-Federation integration protocol. WS-Federation explicitly supported as an SSO IdP protocol. Used for Microsoft Azure Portal and other WS-Federation-aware applications. Read more
Does CyberArk Identity support Machine-to-Machine (M2M) Authentication integration protocol?
CyberArk Identity supports Machine-to-Machine (M2M) Authentication integration protocol. OAuth 2.0 client credentials grant for M2M authentication. Applications exchange client ID and secret for access tokens to call protected APIs. Read more
Does CyberArk Identity support OpenID Connect (OIDC) Federation identity federation?
CyberArk Identity supports OpenID Connect (OIDC) Federation identity federation. Federation with external IdPs via OIDC supported. Microsoft Entra ID can be federated using OIDC with PKCE as the recommended flow. Read more
Does CyberArk Identity support SAML 2.0 Federation identity federation?
CyberArk Identity supports SAML 2.0 Federation identity federation. SAML 2.0 federation with external IdPs supported, including configurable routing rules and tenant-to-tenant SAML federation. Read more
Does CyberArk Identity support Active Directory / LDAP identity federation?
CyberArk Identity supports Active Directory / LDAP identity federation. CyberArk Identity Connector (on-premises agent on a domain-joined Windows server) synchronizes AD users and groups to CyberArk Identity every 5 minutes. Supports multi-domain and multi-forest AD deployments. Read more
Does CyberArk Identity support Azure Active Directory (Entra ID) identity federation?
CyberArk Identity supports Azure Active Directory (Entra ID) identity federation. Microsoft Entra ID (Azure AD) integration via SAML, OIDC, and SCIM. Users can be provisioned from Entra ID via inbound SCIM and Entra ID can act as an IdP for CyberArk. Read more
Does CyberArk Identity support Bulk User Import user management?
CyberArk Identity supports Bulk User Import user management. Bulk import of up to 10,000 users from CSV or Excel (.xls/.xlsx) files via the Identity Administration portal wizard. Read more
Does CyberArk Identity support Password Hash Import (Multiple Formats) user management?
CyberArk Identity does not support Password Hash Import (Multiple Formats) user management. Direct password hash import is not supported. Credential migration uses Progressive Password Migration (PPM) which calls the legacy auth API at first login rather than importing pre-hashed passwords.
Does CyberArk Identity support Bulk User Export user management?
CyberArk Identity partially supports Bulk User Export user management. User data export available via the management REST API and reporting features. A dedicated bulk export UI is not explicitly documented. Read more
Does CyberArk Identity support Bulk User Update / Delete user management?
CyberArk Identity partially supports Bulk User Update / Delete user management. Inbound SCIM provisioning handles bulk updates and deprovisioning from external systems. Direct bulk update/delete via CSV UI is not explicitly documented beyond initial import. Read more
Does CyberArk Identity support Legacy Username Import (Non-Allowed Characters) user management?
CyberArk Identity supports Legacy Username Import (Non-Allowed Characters) user management. Users importable with custom attributes via CSV bulk import, supporting existing username schemes from legacy systems. Read more
Does CyberArk Identity support MFA Enrollment Import user management?
CyberArk Identity partially supports MFA Enrollment Import user management. OATH HOTP/TOTP hardware tokens can be imported in bulk via CSV with seed values. Import of other MFA enrollment types (WebAuthn credentials, push app registrations) is not documented. Read more
Does CyberArk Identity support Inbound SCIM Provisioning user management?
CyberArk Identity supports Inbound SCIM Provisioning user management. SCIM 2.0 inbound provisioning (CyberArk as SCIM server) accepts user and group creation, updates, and deletions from external systems such as Okta and Entra ID. Read more
Does CyberArk Identity support Outbound SCIM Provisioning user management?
CyberArk Identity supports Outbound SCIM Provisioning user management. Outbound SCIM provisioning (CyberArk as SCIM client) pushes user accounts and attributes to SCIM-enabled target applications. Supports SCIM 1.1 and 2.0. Read more
Does CyberArk Identity support SCIM Groups Provisioning user management?
CyberArk Identity supports SCIM Groups Provisioning user management. SCIM group objects supported both inbound and outbound, including inbound group sync from Entra ID/Okta and outbound role-to-group mapping to target apps. Read more
Does CyberArk Identity support Just-In-Time (JIT) User Provisioning user management?
CyberArk Identity partially supports Just-In-Time (JIT) User Provisioning user management. JIT provisioning for application access is supported through SAML federation policies. First-time federated users are provisioned to the tenant on login. Read more
Does CyberArk Identity support Lazy / Trickle Migration from Legacy Database user management?
CyberArk Identity supports Lazy / Trickle Migration from Legacy Database user management. Progressive Password Migration (PPM): users imported with 'TO_BE_MIGRATED' status have credentials validated against a configurable legacy auth API script on first login, then stored in CyberArk Cloud Directory without forcing a password reset. Read more
Does CyberArk Identity support Self-Service Profile Management Portal user management?
CyberArk Identity supports Self-Service Profile Management Portal user management. User Portal self-service interface for managing profile, setting up MFA factors, resetting passwords, and configuring authentication. Read more
Does CyberArk Identity support User Account Linking user management?
CyberArk Identity supports User Account Linking user management. Local account linking lets users authenticate as a target directory user based on matching attributes after authenticating against a source directory — useful for cross-directory migrations. Read more
Does CyberArk Identity support User Blocking / Banning user management?
CyberArk Identity supports User Blocking / Banning user management. Administrators can disable or lock user accounts from the Identity Administration portal. Blocked users cannot authenticate until re-enabled. Read more
Does CyberArk Identity support User Metadata user management?
CyberArk Identity supports User Metadata user management. Custom user attributes supported in CyberArk Cloud Directory, available in authentication scripts, OIDC claims, SAML assertions, and provisioning flows. Read more
Does CyberArk Identity support Application Metadata user management?
CyberArk Identity partially supports Application Metadata user management. Application-level attributes and configuration exist but a distinct per-user-per-app attribute store (like Auth0's app_metadata) is not explicitly documented.
Does CyberArk Identity support User Search user management?
CyberArk Identity supports User Search user management. User search available in the Identity Administration portal and via management REST APIs, across Cloud Directory and connected AD/LDAP directories. Read more
Does CyberArk Identity support Role-Based Access Control (RBAC) user management?
CyberArk Identity supports Role-Based Access Control (RBAC) user management. Role-based access control is a core feature — roles control access to applications, policies, and administrative functions. Built-in predefined roles and custom roles are supported. Read more
Does CyberArk Identity support Organizations (Multi-Tenancy B2B) user management?
CyberArk Identity supports Organizations (Multi-Tenancy B2B) user management. Sub-tenants (customers) can be created under a parent tenant for MSP use cases. Each sub-tenant has independent users, policies, and branding. B2B Identity supports external partner/vendor organizations. Read more
Does CyberArk Identity support Password Strength Policies user management?
CyberArk Identity supports Password Strength Policies user management. Configurable password policies for CyberArk Cloud Directory: minimum length, complexity requirements, history, and expiration. Read more
Does CyberArk Identity support Username Restrictions user management?
CyberArk Identity supports Username Restrictions user management. Login suffixes and tenant URLs are configurable. Up to multiple login suffixes per tenant can be defined to support different username formats. Read more
Does CyberArk Identity support Attribute-Based Access Control (ABAC) access control?
CyberArk Identity partially supports Attribute-Based Access Control (ABAC) access control. Attribute-based policies exist implicitly through adaptive MFA rules that evaluate contextual attributes (location, device, risk score, time of day). A formal named ABAC framework is not documented. Read more
Does CyberArk Identity support Fine-Grained Authorization (FGA / ReBAC) access control?
CyberArk Identity supports Fine-Grained Authorization (FGA / ReBAC) access control. Fine-grained access control policies available — roles and policies control what users can access and under what authentication conditions, including per-application policy assignment. Read more
Does CyberArk Identity support API Authorization (Scopes / Permissions) access control?
CyberArk Identity supports API Authorization (Scopes / Permissions) access control. OAuth 2.0 for API authorization with JWT access tokens. Custom OAuth 2.0 Server application type lets CyberArk Identity act as an authorization server for third-party APIs. Read more
Does CyberArk Identity support Audit Log Retention security feature?
CyberArk Identity supports Audit Log Retention security feature. Audit logs available through the ISPSS Audit service covering all identity events. Specific default retention period is not publicly stated. Read more
Does CyberArk Identity support Audit Log Streaming security feature?
CyberArk Identity supports Audit Log Streaming security feature. SIEM integration via TLS-encrypted syslog and REST API streaming. Documented integrations include Splunk, QRadar, and generic syslog receivers. Read more
Does CyberArk Identity support Security Center (Threat Monitoring Dashboard) security feature?
CyberArk Identity supports Security Center (Threat Monitoring Dashboard) security feature. Security Insights section in the Identity Administration portal with dashboards for user logins, geographic login map, UBA alerts, and access events. Read more
Does CyberArk Identity support Encryption at Rest security feature?
CyberArk Identity supports Encryption at Rest security feature. All data encrypted at rest using AWS KMS. Read more
Does CyberArk Identity support Encryption in Transit security feature?
CyberArk Identity supports Encryption in Transit security feature. All communications enforced over TLS/HTTPS. SIEM log export also supports TLS-encrypted syslog. Read more
Does CyberArk Identity support Customer Managed Keys (BYOK) security feature?
CyberArk Identity partially supports Customer Managed Keys (BYOK) security feature. BYOK via AWS KMS is documented for the ISPSS platform (Privilege Cloud). Whether BYOK specifically applies to the Identity SaaS service data tier requires confirmation with CyberArk sales. Read more
Does CyberArk Identity support Bot Detection security feature?
CyberArk Identity supports Bot Detection security feature. CAPTCHA available to mitigate bot and brute-force attacks on login. Adaptive MFA also uses ML to detect automated attack patterns. Read more
Does CyberArk Identity support Brute Force Protection security feature?
CyberArk Identity supports Brute Force Protection security feature. Account lockout policies protect against brute-force guessing. The server returns a consistent response whether the username is valid or invalid to prevent user enumeration. CAPTCHA available. Read more
Does CyberArk Identity support Suspicious IP Throttling security feature?
CyberArk Identity partially supports Suspicious IP Throttling security feature. Adaptive MFA and UBA flag and step-up authentication for logins from suspicious IPs or new locations. Specific rate throttling of IPs as a standalone control is not explicitly documented. Read more
Does CyberArk Identity support Breached Password Detection security feature?
CyberArk Identity partially supports Breached Password Detection security feature. Credential theft detection via the Threat Detection and Response product can alert on suspected credential compromise. Real-time breached-password check against a known-breach database at login is not documented as part of the core Identity product. Read more
Does CyberArk Identity support Device Fingerprinting security feature?
CyberArk Identity supports Device Fingerprinting security feature. User Behavior Analytics (UBA) uses device identity as a risk signal — unknown or new devices elevate risk scores. Device enrollment and trust policies also rely on device fingerprinting. Read more
Does CyberArk Identity support Per-Organization Branding multi-tenancy?
CyberArk Identity supports Per-Organization Branding multi-tenancy. Sub-tenant administrators can configure their own branding (logo, name, colors, login page) independently from the parent tenant. MSPs can manage sub-tenants with separate branding. Read more
Does CyberArk Identity support Per-Organization MFA Policy multi-tenancy?
CyberArk Identity supports Per-Organization MFA Policy multi-tenancy. Each tenant and sub-tenant has independent authentication profiles and MFA policies with separate MFA requirements from the parent tenant. Read more
Does CyberArk Identity support Hosted / Universal Login Page branding feature?
CyberArk Identity supports Hosted / Universal Login Page branding feature. CyberArk hosts the login/user portal at a tenant URL (e.g., company.cyberark.com). Customizable with brand name, logo, and sign-in messages. Read more
Does CyberArk Identity support Embedded / Native Login Components branding feature?
CyberArk Identity supports Embedded / Native Login Components branding feature. Embeddable authentication widgets and JavaScript SDK allow apps to embed authentication flows without redirecting to CyberArk's hosted page. Read more
Does CyberArk Identity support White-Label / Full Brand Removal branding feature?
CyberArk Identity supports White-Label / Full Brand Removal branding feature. Full white-label supported: CyberArk branding can be replaced with a custom brand name and logo throughout the Identity Administration portal and User Portal. Read more
Does CyberArk Identity support Localization / i18n branding feature?
CyberArk Identity partially supports Localization / i18n branding feature. Limited language support: English and Japanese (full portal), Czech, Polish, and Romanian (User Portal, mobile app, auth widget, email templates). Not a comprehensive global localization suite. Read more
Does CyberArk Identity support Prebuilt UI Components (SDK) branding feature?
CyberArk Identity supports Prebuilt UI Components (SDK) branding feature. Pre-built widgets, JavaScript SDK, iOS SDK, and Android SDK provide ready-to-use UI components for embedding authentication and self-service flows. Read more
Does CyberArk Identity support Login / Auth Analytics Dashboard analytics?
CyberArk Identity supports Login / Auth Analytics Dashboard analytics. Built-in dashboards: User Logins dashboard (date/time/user/result), User Login Map (geographic locations), and Overview dashboard. UBA provides behavioral analytics on top. Read more
Does CyberArk Identity support SOC 2 Type II Certification compliance?
CyberArk Identity supports SOC 2 Type II Certification compliance. Read more
Does CyberArk Identity support ISO 27001 / 27017 / 27018 Certification compliance?
CyberArk Identity supports ISO 27001 / 27017 / 27018 Certification compliance. ISO 27001, ISO 27017 (cloud security), and ISO 27018 (PII in cloud) certified. Read more
Does CyberArk Identity support HIPAA Business Associate Agreement (BAA) compliance?
CyberArk Identity supports HIPAA Business Associate Agreement (BAA) compliance. HIPAA Business Associate Agreement (BAA) available for customers processing PHI. Read more
Does CyberArk Identity support PCI DSS Compliance compliance?
CyberArk Identity partially supports PCI DSS Compliance compliance. CyberArk Identity helps customers achieve PCI DSS compliance (MFA, access control, audit logging satisfy requirements) but product-level PCI DSS certification is not listed on CyberArk's own compliance page. Read more
Does CyberArk Identity support CSA STAR Certification compliance?
CyberArk Identity supports CSA STAR Certification compliance. CSA STAR Certification held. Read more
Does CyberArk Identity support FedRAMP Authorization compliance?
CyberArk Identity supports FedRAMP Authorization compliance. FedRAMP High Authorization achieved for Workforce Identity SaaS — one of the few IAM vendors with FedRAMP High (not just Moderate). Read more
Does CyberArk Identity support GDPR: Data Export (Portability) compliance?
CyberArk Identity supports GDPR: Data Export (Portability) compliance. GDPR data portability supported — customer data can be retrieved via APIs upon request. Read more
Does CyberArk Identity support GDPR: Right to be Forgotten (User Deletion) compliance?
CyberArk Identity supports GDPR: Right to be Forgotten (User Deletion) compliance. Right to erasure acknowledged in CyberArk's privacy notice. Individuals can request deletion of personal data under applicable conditions. Read more
Does CyberArk Identity support Consent Management compliance?
CyberArk Identity partially supports Consent Management compliance. OAuth 2.0 consent screen presented during authorization. A full-featured end-user consent management platform is not a primary feature of the IAM product. Read more
Does CyberArk Identity support Region Deployment compliance?
CyberArk Identity supports Region Deployment compliance. 13 AWS regions: US East (Virginia), Canada (Montreal), South America (São Paulo), EU (Frankfurt, London, Milan), Middle East (UAE, Tel Aviv), APAC (Singapore, Sydney, Jakarta, Tokyo, Mumbai). Read more
Does CyberArk Identity support Private Cloud Deployment compliance?
CyberArk Identity does not support Private Cloud Deployment compliance. CyberArk Identity is SaaS-only. No self-hosted or on-premises deployment option for the Identity (SSO/MFA/lifecycle) product.
Does CyberArk Identity support SDK Coverage developer integration?
CyberArk Identity supports SDK Coverage developer integration. Official SDKs for JavaScript (browser/SPA), iOS (Swift), Android (Kotlin/Java), and Java (server-side M2M). REST APIs available for all operations. Read more
Does CyberArk Identity support Management API developer integration?
CyberArk Identity supports Management API developer integration. Comprehensive REST management API for users, roles, applications, policies, authentication configuration, and provisioning. Read more
Does CyberArk Identity support Authentication API Rate Limits developer integration?
CyberArk Identity partially supports Authentication API Rate Limits developer integration. Rate limits exist (Policy APIs capped at 30 calls/minute per category). Full authentication API rate limit documentation is not publicly detailed. Read more
Does CyberArk Identity support Actions / Extensibility Pipeline developer integration?
CyberArk Identity supports Actions / Extensibility Pipeline developer integration. Custom JavaScript scripts configurable in the admin portal for OIDC claims customization, provisioning scripts, and Progressive Password Migration logic. Read more
Does CyberArk Identity support TypeScript Support in Extensibility developer integration?
CyberArk Identity does not support TypeScript Support in Extensibility developer integration. Only JavaScript is documented for custom scripts and hooks. TypeScript support is not mentioned.
Does CyberArk Identity support Custom Domain developer integration?
CyberArk Identity supports Custom Domain developer integration. Custom domains via CNAME with SSL certificate upload supported, up to 10 custom domains per tenant. Read more
Does CyberArk Identity support Deploy CLI (Infrastructure as Code) developer integration?
CyberArk Identity does not support Deploy CLI (Infrastructure as Code) developer integration. No deploy CLI tool documented for CyberArk Identity. Terraform provider is the infrastructure-as-code option.
Does CyberArk Identity support Terraform Provider developer integration?
CyberArk Identity supports Terraform Provider developer integration. CyberArk Identity Security Terraform Provider available in the Terraform public registry for managing CyberArk Identity configurations as IaC. Read more
Does CyberArk Identity support Custom Database Connections developer integration?
CyberArk Identity supports Custom Database Connections developer integration. Progressive Password Migration uses a configurable JavaScript hook to call a custom legacy authentication API, acting as a delegated credential source for migration. Read more
Does CyberArk Identity support Native Webhook Support developer integration?
CyberArk Identity supports Native Webhook Support developer integration. Webhooks supported for triggering external web services on security alerts and UBA events. Payload format uses FreeMarker templating with dynamic CyberArk Identity UBA variables. Read more
Does CyberArk Identity support Universal Login / Hosted Login Page Customization developer integration?
CyberArk Identity supports Universal Login / Hosted Login Page Customization developer integration. Login page fully customizable: brand name, logo, colors, sign-in message, and custom domain. White-label replaces all CyberArk references. Read more
Does CyberArk Identity support Email Templates developer integration?
CyberArk Identity supports Email Templates developer integration. Email templates for sign-in, enrollment, and notifications are customizable via Settings > Customization > Account Customization. Logo, wording, and styling can be modified. Read more
Does CyberArk Identity support Custom OIDC Claims / Token Enrichment developer integration?
CyberArk Identity supports Custom OIDC Claims / Token Enrichment developer integration. Custom OIDC/JWT claims configurable via a script editor in the OAuth2 Server application. Supports adding non-default standard claims and fully custom claims. Read more
Does CyberArk Identity support No-Code Auth Flow Builder / Orchestration feature?
CyberArk Identity supports No-Code Auth Flow Builder / Orchestration feature. CyberArk Identity Flows — a no-code visual automation editor with drag-and-drop logic and 700+ app connectors for building identity lifecycle and event-driven automation workflows. Read more
Does CyberArk Identity support Identity Verification / Document Proofing feature?
CyberArk Identity partially supports Identity Verification / Document Proofing feature. Identity verification available via Transmit Security integration within CyberArk Flows workflows. Not a native built-in feature. Read more
Does CyberArk Identity support Decentralized / Verifiable Credentials feature?
CyberArk Identity does not support Decentralized / Verifiable Credentials feature. No support for DIDs (Decentralized Identifiers), verifiable credentials, or Web3 identity standards.
Does CyberArk Identity support Built-in Billing / Subscription Management feature?
CyberArk Identity does not support Built-in Billing / Subscription Management feature. No built-in billing or subscription management integration.
Does CyberArk Identity support Agentic AI / MCP Server Authentication feature?
CyberArk Identity partially supports Agentic AI / MCP Server Authentication feature. CyberArk has publicly committed to agentic AI identity governance — automating lifecycle management of AI agent identities. As of mid-2026, this is an emerging roadmap initiative rather than a GA feature. Read more
Note: The current data is based on provider documentation/experience and may not be 100% accurate. Please open an issue if you have spotted any inconsistencies.