Manage vendors

This topic describes how administrators and vendors who have the relevant permissions, can view a list of the vendors they manage, and perform certain actions.

View vendor details

In the Remote Access menu, click Identities > Vendors.

The Vendors list displays an overview of each vendor, and enables you to see each vendor's status immediately. You can also search for vendors by Roles and sort the list according to the columns.



Full name

The vendor's full name.


The company that the vendor belongs to.

Allowed to invite

Whether or not this vendor is allowed to invite other vendors.

Last login

The date and time when this vendor last logged in to Remote Access.

Access end date

The last date when this vendor can access CorePAS through Remote Access.


The CyberArk Identity Role that this vendor belongs to.

To view the list of vendor Roles, go to Identities > Roles.


The vendor's current status, which is one of the following:

  • Activated - The vendor can log in to Remote Access.
  • Deactivated - The vendor cannot log in to Remote Access, but still exists in Remote Access.
  • Expired - The vendor's access timeframe has ended. This vendor may be automatically removed from the Remote Access tenant depending on the value set in the Automatically remove vendors following expiration parameter. For more information, see Manage identities settings.
  • Before timeframe - The vendor's access timeframe has not yet started.
  • Awaiting confirmation - The vendor has joined Remote Access but is still waiting to be activated by the Remote Access admin.

Change time frame

Change the vendor access time frame.

More actions

Additional actions, that include:

  • Edit vendor detail
  • Delete vendor
  • Activate / Deactivate vendor

Since vendors can be invited to multiple Remote Access tenants, deleting a vendor from your tenant severs the link and removes them from your tenant only, and not from the Remote Access SaaS. Each vendor can manage their own personal user data and delete their accounts from Remote Access, if required. For more information, see Profile.

  • Remove web apps - removes the selected Vendors access to CyberArk Identity web apps.

Click a vendor to display more details in the Vendor details page.



Vendor details

The vendor's name and contact details.

Administration details

Details about who invited this vendor, their current status, and when they last logged in.

Allowed applications

A list of applications that the vendor can access through Remote Access.

Invited vendors

The vendors who were invited to Remote Access.

Confirm vendor sign-up

When a vendor you invited joins the Remote Access tenant and requires your confirmation to activate their account, you will receive a push notification on your CyberArk Mobile app to confirm.

Syncing Vendors and their assigned Roles with CyberArk Identity

Vendors that are authorized to access CyberArk Identity applications, are assigned to CyberArk Identity Roles. When vendors are invited and assigned a Role in Remote Access, the vendor user and their assigned Role is automatically synced in the CyberArk Identity admin portal.

If changes are made for Vendors and their assigned Roles in the Remote Access portal, but are not propagated to CyberArk Identity properly due to connectivity issues, you can perform a manual sync.

To perform a manual sync for Vendors and their assigned Roles:
  1. From the Remote Access portal, go to Identities > Roles.

  2. In the upper right-hand side of the page, click the Sync button.

If a Role no longer exists in CyberArk Identity or doesn't have any assigned vendors, the Role is removed from Remote Access.