Access a secure web session

This topic describes how end-users access applications using Secure Web Sessions.

Before you begin

Make sure the Secure Web Sessions browser extension is installed on your web browser.

For more information, see Deploy the browser extension.


Applications that have Secure Web Sessions enabled are not available from the CyberArk Identity mobile app. Secure Web Sessions uses a browser extension that cannot be installed on the CyberArk Identity mobile app.

Access an application with SWS protections

In the CyberArk Identity portal, click the application you want to access. Applications using Secure Web Sessions are indicated with the SWS icon.

When you are authenticated, a message appears stating that the recording has started, and the Secure Web Sessions browser extension icon changes to red .

SWS browser extension notifications appear on your screen according to your OS settings.

View active security layers for an application session

To view the active security layers being applied to your application session, click the SWS browser extension icon.

Re-authenticate to web applications via the CyberArk Mobile app

If your administrator enabled continuous authentication to web applications, you might be prompted to re-authenticate to sessions by scanning a QR code using the CyberArk Mobile app. This prompt is triggered after you have been idle for a certain amount of time, or if a session is detected as being possibly unattended and therefore susceptible to outside threats.

SWS uses the mobile device pedometer to count the amount of footsteps taken from the beginning of a web session, to indicate if a sensitive web session might have been left unattended.

Upon first access to an application where continuous authentication with pedometer lock was enabled by your administrator, you need to allow CyberArk Mobile access to Location and Motion & Fitness (for iOS), or access to physical activity (Android) before you are granted access to the sensitive web application. These access permissions are only used to count the number of footsteps taken from the start of the web session, and this data is collected and processed locally on your device to protect privacy.

Your activities are only monitored during sensitive web sessions that require it, and activities are no longer tracked when you close the sensitive web session.

If you deny access to Location and Motion & Fitness activities on iOS devices, you will not be prompted again.

To gain access to the web session, you need to go to the CyberArk Mobile settings on your mobile device and manually allow access to Location and Motion & Fitness.