Manage identities settings

This topic describes the Remote Access settings that define general vendor and user behavior. You can modify the settings or leave the default values.

Set vendor general settings

  1. in the Remote Access Admin portal, click Settings > Identities.

  2. Set the following:

    Setting

    Description

    Vendor email verification interval

    How often a vendor's corporate email address must be re-verified. This setting is validated during login. If the previous email verification date has passed this threshold, the vendor is required to re-verify the email used in their invitation to the Remote Access tenant.

    Options:

    • Never
    • Once a day
    • Once a week
    • Once in 2 weeks

    Default value: Never

     

    This option can be used to verify valid vendors and keep track of personnel at a vendor organization.

    Automatically remove expired Vendors

    The number of days after which a vendor is removed from your Remote Access tenant, after the access timeframe expires. For this vendor to re-connect, you must send a new invitation.

    Options:

    • Never
    • after 30 days
    • after 90 days
    • after 180 days
    • after 365 days

    Default value: Never

    Require photo during Vendor onboarding

    The prompt displayed about submitting a photo during the vendor join process in the CyberArk Mobile app.

    Valid options are:

    • Optional
    • Required
    • Hidden

    Default value: Optional

Set vendor invitations general settings

Set the following:

Setting

Description

Vendor invitation expiration (in days)

The number of days that vendor invitations are valid.

Specify any number from 1.

Default value: 3 days

Language

Enable the language option to show the language selector in the vendor invitation form. This allows the inviter to choose the language of the invitation being sent to the vendor.

Currently supports Japanese.

To activate this feature, contact CyberArk Support.

Allowed email domains

Determine specific email domains that inviters in this tenant are allowed to send invitations.
Type the domain name, then press Enter or comma to add the domain to the list. The domain must include a dot and no special characters. For example: example.com.

To upload a CSV file, specify multiple domains on different lines in Column A.

Custom invitation templates

Create and manage custom invitation templates to add to vendor invitations.

Allow new vendors to use self-service invitation

Activate this setting to enable the URL that you can share to enable self-service vendor invitations. New vendors can then submit a request to join Remote Access, and fill in their own details. For details, see Self-service requests.

Set user general settings

Set the following:

Setting

Description

Require Administrator confirmation when users join

Whether an invited user is activated automatically or requires confirmation from the Remote Access tenant admin when they join Remote Access.

Delegate Administrator permissions time frame (in days)

The number of days in which the Delegate admin privileges flow must be completed.
Specify any number from 1.
Default value: 1 day

Set user invitations general settings

Set the following:

Setting

Description

Max number of users allowed per invitation

The maximum number of times the same user invitation can be scanned by different users.
Specify any number from 1.
Default value: 100,000 users

User invitation expiration (in days)

The number of days that user invitations are valid.
Specify any number from 1.
Default value: 3 days