CyberArk Identity Security Platform - Bash Examples

DiscoverAuthn.sh

#!/bin/bash

vibe_check() {
    # Check if jq is installed
    if ! command -v jq &> /dev/null; then
        echo "jq is not installed"
        exit 1
    fi

    # Check if curl is installed
    if ! command -v curl &> /dev/null; then
        echo "curl is not installed"
        exit 1
    fi

    # Test for values in environment variables
    if [ -z "$CYBERARK_SUBDOMAIN" ]; then
        echo "CYBERARK_SUBDOMAIN is not set"
        exit 1
    fi
}

plot() {
    vibe_check

    discover_endpoints=$(curl -s -X GET \
    --url "https://platform-discovery.cyberark.cloud/api/v2/services/subdomain/$CYBERARK_SUBDOMAIN")

    # Extract the identity_user_portal API URI
    identity_user_portal=$(echo "$discover_endpoints" | jq -r '.identity_user_portal.api')

    # Get the client ID and client secret
    # Comment out this section if using environment variables
    echo "Enter your client ID:"
    read -r client_id
    echo "Enter your client secret:"
    read -rs client_secret

    # Get the session token
    response=$(curl -s -X POST \
    --url "$identity_user_portal/oauth2/platformtoken" \
    --header 'content-type: application/x-www-form-urlencoded' \
    --data grant_type=client_credentials \
    --data "client_id=$client_id" \
    --data "client_secret=$client_secret")
    # If using environment variables, use the following instead
    # --data "client_id=$CYBERARK_CLIENT_ID" \
    # --data "client_secret=$CYBERARK_CLIENT_SECRET"

    # Extract the access token
    access_token=$(echo "$response" | jq -r '.access_token')

    # Print the access token
    echo "Access token: $access_token"
}

plot "$@"