All notable changes to this project will be documented in this file.
- N/A
- N/A
- N/A
Find-SharedServicesURL
- New helper function that can be used to find URLs for ISPSS services under a tenant
ConvertTo-QueryString
- Updates helper function to implement functionality required in
Get-DPAStrongAccount
function of theIdentityCommand.DPA
module. - If multiple values are accepted and provided for a value, return all values joined, delimited by a comma.
- Updates helper function to implement functionality required in
- N/A
- N/A
- N/A
Invoke-IDRestMethod
- Fixes a variable declaration which prevented certain error conditions from being reported.
- Updated to report more errors recieved in various formats from Identity and also DPA.
- N/A
New-IDSession
- Adds
Authorization
header with Bearer token to WebSession object.
- Adds
New-IDPlatformToken
- Adds
Authorization
header with Bearer token to WebSession object. - Updates values in script scope object in-line with the previous module update.
- Adds
- Internal Functions & Error Handling
- Adds additional logic to handle error messages from Identity and other ISPSS services.
- Adds
LastError
details to script scope variable object returned withGet-IDSession
. - Makes contentType matching less stringent to accommodate data returned from other ISPSS services.
New-IDPlatformToken
- Updated
GetWebSession
method to utiliseGet-IDSession
in order to return the WebSession object from the module's script scope.
- Updated
Updates the Get-IDSession
command, which can be used to return data from the module scope:
PS C:\> Get-IDSession
Name Value
---- -----
tenant_url https://abc1234.id.cyberark.cloud
User some.user@somedomain.com
TenantId ABC1234
SessionId 1337CbGbPunk3Sm1ff5ess510nD3tai75
WebSession Microsoft.PowerShell.Commands.WebRequestSession
StartTime 12/02/2024 22:58:13
ElapsedTime 00:25:30
LastCommand System.Management.Automation.InvocationInfo
LastCommandTime 12/02/2024 23:23:07
LastCommandResults {"success":true,"Result":{"SomeResult"}}
Executing this command exports variables like the URL, Username & WebSession object for the authenticated session from IdentityCommand into your local scope, either for use in other requests outside of the module scope, or for informational purposes.
Return data also includes details such as session start time, elapsed time, last command time, as well as data for the last invoked command and the results of the previous command useful for debugging & development purposes.
- Private Function
Get-ParentFunction
- Helper function to get command invocation data from different scopes
- Private Function
Get-SessionClone
- Helper function to create unreferenced copy of IdentityCommand session hashtable object
Get-IDSession
- Returns the module scoped
$ISPSSSession
variable (which includes the WebSession object), instead of just the WebSession object.
- Returns the module scoped
New-IDSession
- Sets values in the script scope
$ISPSSSession
object instead of individual script scope variables.
- Sets values in the script scope
Close-IDSession
- Sets null values in the script scope
$ISPSSSession
object instead of removing individual script scope variables.
- Sets null values in the script scope
- All other functions
- Updated entire codebase to reference
$ISPSSSession
object instead of individual script scope variables.
- Updated entire codebase to reference
- N/A
- N/A
New-IDSession
- Moves ScriptMethod declaration into code body from\xml\IdCmd.ID.Session.Types.ps1xml
.
- Replaces
[Environment]::GetEnvironmentVariable('Temp')
with[System.IO.Path]::GetTempPath()
to correctly determine %TEMP% directory location on Windows as well as OSX.
- N/A
New-IDSession
- Adds federated authentication support, with ability to provide a SamlResponse from an external IDP
- N/A
Additional Functions
Get-IDUserRole
- Get a list of roles for a userGet-IDAnalyticsDataset
- Get all datasets accessible by a userGet-IDTenantCname
- Get Tenant CnamesGet-IDDownloadUrl
- Get download UrlsGet-IDUserIdentifier
- Get the configuration of the user attributesInvoke-IDSqlcmd
- Query the database tables
- N/A
- N/A
Initial module development prior to main release
New-IDSession
- Authenticate to CyberArk Identity, answering MFA challenges to start a new API session.Close-IDSession
- Logoff CyberArk Identity APIClear-IDUserSession
- Signs out user from all active sessionsGet-IDSession
- Get WebSession object from the module scopeGet-IDUser
- Fetch details of cloud directory usersSuspend-IDUserMFA
- Exempt a user from MFATest-IDUserCloudLock
- Checks if a user is cloud lockedLock-IDUser
- Enable user cloud lockUnlock-IDUser
- Disable user cloud lockedGet-IDTenant
- Get Tenant informationGet-IDTenantConfiguration
- Get tenant configuration dataGet-IDConnector
- Get connector healthNew-IDPlatformToken
- Request OIDC token based on grant type
- N/A
- N/A