search

cyberark / epv-api-scripts

These API scripts enable CyberArk users to automate privileged account management task like account creation, user management, and more.
https://www.cyberark.com/best
Apache License 2.0
193 stars 174 forks source link

How to properly use Safe Management script when using Shared Services #346

Closed Atobou closed 8 months ago

Atobou commented 1 year ago

Summary

Cannot make the Safe Management script work properly with Identity Authentication

Steps to Reproduce

  1. Generate Identity token (https://github.com/cyberark/epv-api-scripts/tree/main/Identity%20Authentication#list-command)
PS C:\epv-api-scripts> $header = Get-IdentityHeader

cmdlet Get-IdentityHeader at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
IdentityTenantURL: ##############
IdentityUserName: ############
Challenge 1:
UP - Enter Password
Please enter the answer from the challenge type: ***************
Challenge 2:
There are 3 options to choose from.
1 - is OTP - Sent Mobile Authenticator request to your device. Please follow the instructions to proceed with authentication or enter verification code here.
2 - is EMAIL - Email sent to xxxx@xxxxx. Click the link or manually enter the code to authenticate.
3 - is SMS - Sending a text to mobile phone ending... xxxx. Enter the code or click the link in the message to proceed with authentication.
Please enter the option number you want to use. from 1-3: 1
Waiting for Push to be pressed
OobPending
LoginSuccess
  1. Run any Safe Management script with the -logontoken $header parameter (https://github.com/cyberark/epv-api-scripts/tree/main/Safe%20Management#authentication) Example below 
    PS C:\epv-api-scripts> .\Safe-Management.ps1 -PVWAURL "https://######.cyberark.cloud/privilegecloud" -logonToken $header -Add -SafeName "TEST_SAFE_API"                             
=======================================
Starting script (v2.1.5)
Adding the safe TEST_SAFE_API...
LogonToken passed, session NOT logged off
Script ended
=======================================
  2. The safe was not created even if no errors in the output.

Expected Results

If creating a safe I would expect the safe to be created.

Actual Results

Output without errors

Reproducible

Version/Tag number

Safe Management script (v2.1.5)

Environment setup

CyberArk Shared Services v13.1

Additional Information

N/A

bab29 commented 1 year ago

Please reproduce error with -verbose and attach log