CyberArk Identity 23.6 Release
With the 23.6 release, CyberArk Identity supports the following new features:
CyberArk Single Sign-On (SSO)
Export Dynamic Role Membership
You can now export the list of users assigned dynamic roles in a CSV or XLS file format. The ability to export dynamic role membership can simplify your audit processes and provide a way to demonstrate compliance. For example, you can now download a list of active users assigned a role based on specific attributes, or export all users assigned a dynamic role. The exported list is emailed in the XLS or CSV format to the requesting user.
Export dynamic role membership in CSV or XLS file format.
Learn more about dynamic role membership.
CyberArk Single Sign-On and CyberArk Workforce Password Management (WPM)
Additional Attributes for Applications
You can now create and store additional custom attributes for apps protected by CyberArk WPM and CyberArk SSO. Previously, the application integration template allowed you to store labels, tags, notes and passwords for each application. Now, you can create additional attributes applicable to all apps and define text, number, date and time or true/false values for each attribute. This allows you to search and filter apps by these attributes in the admin portal or use APIs to return filtered results. The APIs support searching for specific attribute values and searching with operators such as “greater than” or “less than.” For example, you can now use an API to return all apps with more than two required multi-factor authentication (MFA) factors.
Create additional attributes for applications.
Learn more about additional attributes for applications.
CyberArk Workforce Password Management
Import Notes Using a CSV File
CyberArk Workforce Password Management supports credential migration from third-party password managers, including LastPass, KeePass, Google Password Manager and Dashlane. With this release, users can also import secure notes and notes associated with application accounts or passwords. This allows CyberArk WPM users to securely store notes in their CyberArk Identity Cloud or the CyberArk Privileged Access Manager (PAM) Self-Hosted vault. Using an intuitive interface, end users can export existing notes to a CSV file and import them into the solution. This simplifies migration to the solution and enables enterprises to store sensitive notes and business app credentials in a centralized cloud or self-hosted vault.
Import notes using a CSV file
Learn more about importing notes and credentials.
Simplified Migration From LastPass
CyberArk Workforce Password Management now supports direct migration from the LastPass password manager. Previously, migration from LastPass required users to export their app credentials and notes using a CSV file. CyberArk WPM now includes a more secure web-based import option that does not involve the storage of exported credentials on the endpoint. End users simply provide their LastPass username and password to initiate LastPass migration. CyberArk WPM automatically captures and migrates business app credentials, secured items, notes, TOTP authentication setup and personal folders from the LastPass vault. The automatic migration process does not include shared items and records other than login credentials or notes such as credit cards and bank accounts.
Migrate directly from Lastpass to CyberArk WPM.
Note: Support for direct LastPass migration is currently in preview. Please get in touch with CyberArk support to enable it on your tenant.
Support for Apps Protected With TOTP Authentication
Time-based one-time password (TOTP) is a common form of two-factor authentication that requires users to provide a temporary passcode generated by an algorithm during login to the application. Many username and password-based business applications provide built-in TOTP second-factor authentication to secure access and reduce the risk of account takeover.
With this release, end users and administrators can set up the TOTP authentication step within business apps protected by CyberArk Workforce Password Management and share these apps and the TOTP verification code with other users. This allows users accessing business applications through the CyberArk WPM portal to complete TOTP authentication to the applications by using the verification codes from the CyberArk WPM web portal, the CyberArk Identity Browser Extension or the browser context menu. The TOTP authentication step is supported for admin and user-added apps with credentials stored in the CyberArk Identity Cloud vault.
Setup TOTP authentication step within business apps.
Note: support for TOTP authentication is currently in preview. Please get in touch with CyberArk support to enable it on your tenant.
Credential Autofill for Apps not Present in the CyberArk App Catalog
CyberArk WPM allows end-users to import applications that do not exist in the CyberArk App Catalog. Previously, these apps could be launched from the CyberArk WPM portal but required the end user to copy their credentials manually to log in. Now, all apps, including applications not in the CyberArk app catalog, support autofill of credentials. This provides a better user experience and enables seamless login.
Automatically insert end-user credentials for all apps.
UI Enhancements for CyberArk Identity End User Portal
Polish Language Support
You can now set Polish as your language preference for the CyberArk Identity User Portal, mobile application, widgets interface and email templates.
New CyberArk SSO Application Tiles
Application tiles have been revamped to include the following labels and icons:
- New. Green label appears when an application or secured item has recently been added to your User Portal dashboard.
- Shield. Purple icon signifies that CyberArk Secure Web Sessions protect the application.
- People. Grey icon identifies a shared access application or item.
- Exclamation mark. Red icon indicates an error with the application setup. Applications with errors are greyed out and not accessible by end users.
New User Portal Design for Workforce Password Management Users
You can now access the User Portal dashboard for CyberArk Workforce Password Management and view protected items in multiple ways. For example, you can choose to:
- View “All Items” in a single tab – these include applications, secured notes, and passwords.
- View only “Applications” in a single tab.
- View only “Secured Items” in a single tab.
Custom Folders
You can now create a new folder by dragging and dropping the applications and secret items you want to add.
Group Applications and Items
To help access applications easily and quickly, you can now group applications based on their type, tag or none.
New Ways to Organize and Find Your Applications and Items
You can now rearrange your application and secured item tiles by dragging and dropping them based on where you want to place them within your User Portal dashboard. You can now also view the total number of applications and secured items and click “Show next” to view more.
Option to Return to Legacy UI
We know it takes time to adapt to UI changes, so you now have the option to switch back to the legacy UI. Please note that we will allow all end users to switch between the legacy and the new UI until October 2023. At that time all users will automatically transition to the new UI.
Please read our UI enhancements available in CyberArk Identity 23.6 preview announcement if you’d like to know more. For more information on the 23.6 release, please see the CyberArk Identity release notes.