CyberArk Integration

The compromise of user credentials poses a risk of unauthorized access to accounts. Nowadays, providing additional security measures to solve such issues is possible with the SecTrail authentication server.

"In this document, you can find information about providing two-factor authentication for SecTrail and CyberArk via one-time password (SoftOTP)."

Integration of SecTrail with CyberArk

1. The login credentials are entered on the CyberArk login screen.
2. The credentials (username and password) are sent to the SecTrail server via RADIUS request through CyberArk,
3. SecTrail sends the RADIUS response to CyberArk after verifying the user's identity (using Active Directory, Database, etc.). If the authentication is successful, SecTrail sends a one-time password to the address obtained from the user information in the database (AD, LDAP, Local) via SMS or E-mail. External SMS Proxy or E-mail server is used during the sending process. In case of using Software Key (SoftOTP), the password is generated through SecTrail Authenticator mobile application.
4. If the response is successful, CyberArk presents the user with a second screen.
5. The user enters the one-time password generated by SMS, E-Mail or SecTrail Authenticator mobile application transmitted by SecTrail,
6. CyberArk sends the one-time password to SecTrail via a RADIUS request,
7. SecTrail verifies the one-time password and sends the response to CyberArk.
8. If the response is successful, CyberArk grants the user access and starts the session.

Mobile Application Support

If you want to use SoftOTP, you can ensure your security through the SecTrail Authenticator mobile application.

You can download the SecTrail Authenticator application to your mobile device from the Apple App Store or Google Play Store.