### PowerShell: Example to Get Tenant Cnames Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenantCname.md A simple PowerShell example demonstrating how to execute the Get-IDTenantCname cmdlet to retrieve tenant CNAME records from the command line. ```PowerShell PS C:\> Get-IDTenantCname ``` -------------------------------- ### Get Status of All Connectors (PowerShell Example) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDConnector.md This example demonstrates how to use `Get-IDConnector` without any parameters to retrieve the health status of all configured cloud connectors. ```PowerShell PS C:\> Get-IDConnector ``` -------------------------------- ### Get Detailed Help for IdentityCommand Cmdlet Source: https://github.com/pspete/identitycommand/blob/main/README.md Displays comprehensive help documentation for a specific cmdlet, such as 'New-IDSession', from the 'IdentityCommand' module. The '-Full' parameter provides all available details, including parameters, examples, and related links. ```powershell Get-Help New-IDSession -Full ``` -------------------------------- ### Get user by ID Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md This example shows how to fetch details of a specific user by providing their unique ID using the -id parameter. ```PowerShell PS C:\> Get-IDUser -id 1234-abcd-5678-efgh ``` -------------------------------- ### Example 1: Basic Usage of Get-IDDownloadUrl Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDDownloadUrl.md Demonstrates the basic invocation of the Get-IDDownloadUrl cmdlet to retrieve download URLs. ```PowerShell PS C:\> Get-IDDownloadUrl ``` -------------------------------- ### Example: Authenticating to CyberArk Identity Tenant with New-IDPlatformToken Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDPlatformToken.md This example demonstrates how to use the `New-IDPlatformToken` cmdlet to perform OAuth confidential client service user authentication. It shows how to specify the tenant URL and pass a `PSCredential` object for authentication. ```PowerShell PS C:\> New-IDPlatformToken -tenant_url https://sometenant.id.cyberark.cloud -Credential $Cred ``` -------------------------------- ### Authenticate to CyberArk Identity with Credentials Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md This example demonstrates how to initiate authentication to a specified CyberArk Identity tenant using user credentials, allowing for MFA challenges. ```PowerShell PS C:\> $Cred = Get-Credential PS C:\> New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -Credential $Cred ``` -------------------------------- ### Get user by username Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md This example illustrates how to retrieve user details by specifying their username or email address with the -username parameter. ```PowerShell PS C:\> Get-IDUser -username someuser@somedomain.com ``` -------------------------------- ### Get all cloud directory users Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md This example demonstrates how to retrieve details for all existing users in the cloud directory using Get-IDUser without any parameters. ```PowerShell PS C:\> Get-IDUser ``` -------------------------------- ### Get Tech Support user details Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md This example shows how to retrieve details for the Tech Support user using the -TechSupportUser switch parameter. ```PowerShell PS C:\> Get-IDUser -TechSupportUser ``` -------------------------------- ### Example: Retrieve Identity Tenant Configuration Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenantConfiguration.md Demonstrates a basic usage of the Get-IDTenantConfiguration cmdlet. Executing this command will output the current configuration data of the Identity tenant. ```PowerShell PS C:\> Get-IDTenantConfiguration ``` -------------------------------- ### PowerShell Example: Retrieve Identity Tenant Information Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenant.md Illustrates a basic usage of the Get-IDTenant cmdlet to output Identity tenant information directly to the console. ```PowerShell PS C:\> Get-IDTenant ``` -------------------------------- ### Get-IDUserIdentifier Basic Usage Example Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUserIdentifier.md An example demonstrating how to execute the Get-IDUserIdentifier cmdlet from the PowerShell console to retrieve user identifiers. ```PowerShell PS C:\> Get-IDUserIdentifier ``` -------------------------------- ### Example: Get IdentityCommand Session Details Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDSession.md Demonstrates how to use `Get-IDSession` to retrieve and display the current IdentityCommand module's session details, including the tenant URL, authenticated user, session ID, WebSession object, and timing information for commands. ```PowerShell PS C:\> Get-IDSession Name Value ---- tenant_url https://abc1234.id.cyberark.cloud User some.user@somedomain.com TenantId ABC1234 SessionId 1337CbGbPunk3Sm1ff5ess510nD3tai75 WebSession Microsoft.PowerShell.Commands.WebRequestSession StartTime 12/02/2024 22:58:13 ElapsedTime 00:25:30 LastCommand System.Management.Automation.InvocationInfo LastCommandTime 12/02/2024 23:23:07 LastCommandResults {"success":true,"Result":{"SomeResult"}} ``` -------------------------------- ### Authenticate to CyberArk Identity Tenant with PowerShell Source: https://github.com/pspete/identitycommand/blob/main/IdentityCommand/about_IdentityCommand.help.txt This example demonstrates how to initiate authentication to a specified CyberArk Identity tenant using `New-IDSession` and `Get-Credential` in PowerShell. It handles initial authentication and any required MFA challenges. ```PowerShell $Credential = Get-Credential New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -Credential $Credential ``` -------------------------------- ### Install IdentityCommand Module from PowerShell Gallery Source: https://github.com/pspete/identitycommand/blob/main/README.md This command installs the IdentityCommand PowerShell module for the current user from the PowerShell Gallery, which is the recommended and easiest installation method. ```powershell Install-Module -Name IdentityCommand -Scope CurrentUser ``` -------------------------------- ### Download IdentityCommand Module for Manual Installation Source: https://github.com/pspete/identitycommand/blob/main/README.md This command downloads the IdentityCommand module from the PowerShell Gallery to a specified local path, allowing for manual copying to a PowerShell module directory. ```powershell Save-Module -Name IdentityCommand -Path C:\temp ``` -------------------------------- ### Get Accessible ID Analytics Datasets Example Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDAnalyticsDataset.md Demonstrates how to retrieve all datasets accessible to the current user using the Get-IDAnalyticsDataset cmdlet. ```PowerShell PS C:\> Get-IDAnalyticsDataset ``` -------------------------------- ### Example: Lock User by ID Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Lock-IDUser.md Demonstrates how to use the `Lock-IDUser` cmdlet to set the cloud lock status for a user with a specific ID. This example shows a common usage pattern. ```PowerShell PS C:\> Lock-IDUser -user 1234 ``` -------------------------------- ### Get Status of Specific Connector by ID (PowerShell Example) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDConnector.md This example shows how to use `Get-IDConnector` with the `-proxyUuid` parameter to retrieve the health status of a specific cloud connector identified by its UUID. ```PowerShell PS C:\> Get-IDConnector -proxyUuid 1234 ``` -------------------------------- ### Get User Roles for a Specific ID (PowerShell) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUserRole.md This example demonstrates how to retrieve a list of roles for a user by providing their unique identifier (ID). It shows a basic invocation of the `Get-IDUserRole` cmdlet. ```PowerShell PS C:\> Get-IDUserRole -ID SomeID ``` -------------------------------- ### Get current authenticated user details Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md This example demonstrates how to retrieve details for the currently authenticated user using the -CurrentUser switch parameter. ```PowerShell PS C:\> Get-IDUser -CurrentUser ``` -------------------------------- ### Get PowerShell Module Paths Source: https://github.com/pspete/identitycommand/blob/main/README.md This command retrieves a list of all directories where PowerShell modules can be stored, useful for identifying valid locations for manual module installation. ```powershell $env:PSModulePath.split(';') ``` -------------------------------- ### Validate IdentityCommand Module Installation Source: https://github.com/pspete/identitycommand/blob/main/README.md Checks if the 'IdentityCommand' module is available on the system by listing all available PowerShell modules. This command helps confirm successful installation. ```powershell Get-Module -ListAvailable IdentityCommand ``` -------------------------------- ### Make API Request with Authenticated Web Session (PowerShell) Source: https://github.com/pspete/identitycommand/blob/main/IdentityCommand/about_IdentityCommand.help.txt This example illustrates how to use the `Websession` object obtained from `GetWebSession` with `Invoke-RestMethod` to make further authenticated API requests. It demonstrates a POST request with a sample body. ```PowerShell $Websession = $session.GetWebSession() Invoke-RestMethod -WebSession $websession ` -Method Post ` -Uri https://somedomain.id.cyberark.cloud ` -Body @{SomeProperty = 'SomeValue'} | ConvertTo-Json ``` -------------------------------- ### Query User Table with Invoke-IDSqlcmd Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Invoke-IDSqlcmd.md Demonstrates how to use `Invoke-IDSqlcmd` to query the 'User' table, retrieving 'ID' and 'Username' columns, sorted by 'Username' in a case-insensitive manner. This example shows a basic SQL query execution. ```PowerShell PS C:\> Invoke-IDSqlcmd -Script 'Select ID, Username from User ORDER BY Username COLLATE NOCASE' ``` -------------------------------- ### Authenticate to CyberArk Identity with SAML Assertion Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md This example shows how to authenticate to CyberArk Identity using a SAML assertion obtained from an external Identity Provider. ```PowerShell PS C:\> $SAMLResponse = New-SAMLInteractive -LoginIDP "https://1234.idp.com/app/cyberarkidentity/i5d7/sso/saml" PS C:\> New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -SAMLResponse $SAMLResponse ``` -------------------------------- ### PowerShell Example: Logout Current User Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Close-IDSession.md Demonstrates a simple usage of the Close-IDSession cmdlet to log out the current user from a PowerShell console. ```PowerShell PS C:\> Close-IDSession ``` -------------------------------- ### Example: Unlock User by ID Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Unlock-IDUser.md Demonstrates how to use the `Unlock-IDUser` cmdlet to disable cloud lock for a user by providing their unique ID (Uuid). This example sets the cloud lock status to false for a user with the ID '1234'. ```PowerShell PS C:\> Unlock-IDUser -user 1234 ``` -------------------------------- ### Retrieve Web Session Object from CyberArk Identity Session (PowerShell) Source: https://github.com/pspete/identitycommand/blob/main/IdentityCommand/about_IdentityCommand.help.txt Similar to `GetToken`, this example demonstrates how to use the `GetWebSession` method to obtain a web session object. This object can be utilized for subsequent `Invoke-RestMethod` calls, preserving the authenticated context. ```PowerShell $Session = New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -Credential $Credential $session.GetWebSession() ``` -------------------------------- ### Authenticate Service User for API Activities Source: https://github.com/pspete/identitycommand/blob/main/README.md This example shows how to authenticate a dedicated service user to the CyberArk Identity platform to obtain an authentication token for API activities. It leverages `Get-Credential` for input and `New-IDPlatformToken` to establish a session, making it suitable for non-interactive API use cases. ```powershell PS C:\> $Credential = Get-Credential PS C:\> New-IDPlatformToken -tenant_url https://sometenant.id.cyberark.cloud -Credential $Credential ``` -------------------------------- ### Check Cloud Lock Status for a User by ID Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Test-IDUserCloudLock.md This example demonstrates how to use the `Test-IDUserCloudLock` cmdlet to check the cloud lock status for a user. The cmdlet requires the unique ID (Uuid) of the user as a parameter. ```PowerShell PS C:\> Test-IDUserCloudLock -user 1234 ``` -------------------------------- ### Retrieve Module Scope Session Data Source: https://github.com/pspete/identitycommand/blob/main/README.md This example illustrates the use of the `Get-IDSession` command to retrieve various session-related data from the module's scope. It exports details like the tenant URL, authenticated user, session ID, and web session object, along with information about the last executed command and its results. ```powershell PS C:\> Get-IDSession Name Value ---- tenant_url https://abc1234.id.cyberark.cloud User some.user@somedomain.com TenantId ABC1234 SessionId 1337CbGbPunk3Sm1ff5ess510nD3tai75 WebSession Microsoft.PowerShell.Commands.WebRequestSession StartTime 12/02/2024 22:58:13 ElapsedTime 00:25:30 LastCommand System.Management.Automation.InvocationInfo LastCommandTime 12/02/2024 23:23:07 LastCommandResults {"success":true,"Result":{"SomeResult"}} ``` -------------------------------- ### Retrieve WebSession Object from Authenticated Session Source: https://github.com/pspete/identitycommand/blob/main/README.md This example shows how to retrieve the raw websession object from an authenticated session. After establishing a session with `New-IDSession`, the `GetWebSession()` method is called on the session object, providing the underlying HTTP session for custom web requests. ```powershell PS C:\> $Session = New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -Credential $Credential PS C:\> $session.GetWebSession() Headers : {[accept, */*], [X-IDAP-NATIVE-CLIENT, True]} Cookies : System.Net.CookieContainer UseDefaultCredentials : False Credentials : Certificates : UserAgent : Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.22621.1778 Proxy : MaximumRedirection : -1 ``` -------------------------------- ### New-IDSession Cmdlet Parameters Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md Detailed documentation for all parameters accepted by the `New-IDSession` cmdlet, including their types, descriptions, and usage constraints. ```APIDOC -Confirm: Type: SwitchParameter Parameter Sets: (All) Aliases: cf Required: False Position: Named Default value: False Accept pipeline input: False Accept wildcard characters: False -Credential: Type: PSCredential Parameter Sets: Credential Aliases: Required: True Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -WhatIf: Type: SwitchParameter Parameter Sets: (All) Aliases: wi Required: False Position: Named Default value: False Accept pipeline input: False Accept wildcard characters: False -tenant_url: Type: String Parameter Sets: (All) Aliases: Required: True Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -SAMLResponse: Type: String Parameter Sets: SAML Aliases: Required: True Position: Named Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### New-IDPlatformToken Cmdlet Syntax Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDPlatformToken.md This snippet provides the complete syntax for the `New-IDPlatformToken` cmdlet, outlining all available parameters, their types, and whether they are required. It includes common PowerShell parameters for broader utility. ```PowerShell New-IDPlatformToken [-tenant_url] [-Credential] [-WhatIf] [-Confirm] [] ``` -------------------------------- ### Invoke-IDSqlcmd Parameters Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Invoke-IDSqlcmd.md Detailed documentation for each parameter of the `Invoke-IDSqlcmd` cmdlet, including its type, required status, position, default value, aliases, and whether it accepts pipeline input. ```APIDOC -Parameter: Caching Type: Int32 Parameter Sets: (All) Aliases: Required: False Position: 4 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: Direction Type: Boolean Parameter Sets: (All) Aliases: Required: False Position: 5 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: Limit Type: Int32 Parameter Sets: (All) Aliases: Required: False Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: PageNumber Type: Int32 Parameter Sets: (All) Aliases: Required: False Position: 2 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: PageSize Type: Int32 Parameter Sets: (All) Aliases: Required: False Position: 3 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: Script Type: String Parameter Sets: (All) Aliases: Required: True Position: 0 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: SortBy Type: String Parameter Sets: (All) Aliases: Required: False Position: 6 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Parameter: CommonParameters Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Generate External PowerShell Help File with platyPS Source: https://github.com/pspete/identitycommand/blob/main/CONTRIBUTING.md This PowerShell snippet demonstrates how to use the `platyPS` module to automatically generate the external help file for the `IdentityCommand` module. It specifies the input path for markdown files and the output path for the XML help file, ensuring that the help content is updated from the source markdown documentation. ```PowerShell #From the module root directory, run: import-module platyPS New-ExternalHelp -Path .\docs\collections\_commands\ -OutputPath .\IdentityCommand\en-US\IdentityCommand-help.xml -Force ``` -------------------------------- ### Test-IDUserCloudLock Cmdlet API Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Test-IDUserCloudLock.md Detailed API documentation for the `Test-IDUserCloudLock` PowerShell cmdlet. This section outlines its syntax, required parameters, their types, and descriptions, providing a complete reference for developers and administrators. ```APIDOC Test-IDUserCloudLock Cmdlet: Description: Check if a user is cloud locked Syntax: Test-IDUserCloudLock [-user] [] Parameters: -user: Type: String Aliases: Uuid Required: True Position: 1 Description: The unique ID (Uuid) of the user to check cloud lock status Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Get-IDDownloadUrl Cmdlet API Documentation Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDDownloadUrl.md Detailed API documentation for the Get-IDDownloadUrl PowerShell cmdlet, including its syntax, parameters, inputs, and outputs. ```APIDOC Get-IDDownloadUrl: SYNOPSIS: Get download URLs SYNTAX: Get-IDDownloadUrl [] DESCRIPTION: Get download URLs PARAMETERS: CommonParameters: description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. link: http://go.microsoft.com/fwlink/?LinkID=113216 INPUTS: None OUTPUTS: None ``` -------------------------------- ### New-IDPlatformToken Cmdlet API Specification Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDPlatformToken.md Detailed API documentation for the `New-IDPlatformToken` cmdlet, describing its core function of obtaining an OIDC token and providing a structured breakdown of each parameter, including its type, requirement, position, and a brief description. This serves as a reference for programmatic interaction or understanding cmdlet behavior. ```APIDOC Cmdlet: New-IDPlatformToken Description: Gets a CyberArk Identity Security Platform OIDC token based on grant type. Syntax: New-IDPlatformToken [-tenant_url] [-Credential] [-WhatIf] [-Confirm] [] Parameters: - tenant_url (String) Required: True Position: 1 Description: The URL of the CyberArk Identity tenant to authenticate to. - Credential (PSCredential) Required: True Position: 2 Description: Credential object containing username and password of a service user that is an OAuth confidential client to authenticate to CyberArk Identity. - Confirm (SwitchParameter) Required: False Position: Named Description: Prompts you for confirmation before running the cmdlet. - WhatIf (SwitchParameter) Required: False Position: Named Description: Shows what would happen if the cmdlet runs. The cmdlet is not run. CommonParameters: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### New-IDSession Cmdlet Input Types Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md Lists the .NET types that can be piped as input to the `New-IDSession` cmdlet. ```APIDOC System.String System.Management.Automation.PSCredential ``` -------------------------------- ### IdentityCommand Module Available Commands Source: https://github.com/pspete/identitycommand/blob/main/README.md A comprehensive list of all commands available within the IdentityCommand PowerShell module, detailing their purpose and functionality for interacting with CyberArk Identity. ```APIDOC New-IDSession: Authenticate to CyberArk Identity, answering MFA challenges to start a new API session. Close-IDSession: Logoff CyberArk Identity API Clear-IDUserSession: Signs out user from all active sessions Get-IDSession: Get variables like the WebSession object from the module scope, as well as previously invoked command and API return data. Get-IDUser: Fetch details of cloud directory users Suspend-IDUserMFA: Exempt a user from MFA Test-IDUserCloudLock: Checks if a user is cloud locked Lock-IDUser: Enable user cloud lock Unlock-IDUser: Disable user cloud lock Get-IDTenant: Get tenant information Get-IDTenantConfiguration: Get tenant configuration data Get-IDConnector: Get connector health New-IDPlatformToken: Request OIDC token based on grant type Get-IDUserRole: Get a list of roles for a user Get-IDAnalyticsDataset: Get all datasets accessible by a user Get-IDTenantCname: Get Tenant Cnames Get-IDDownloadUrl: Get download Urls Get-IDUserIdentifier: Get the configuration of the user attributes Invoke-IDSqlcmd: Query the database tables ``` -------------------------------- ### Get-IDSession Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDSession.md Shows the basic syntax for invoking the `Get-IDSession` cmdlet, indicating it accepts common PowerShell parameters. ```PowerShell Get-IDSession [] ``` -------------------------------- ### Get-IDUser Cmdlet API Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUser.md Detailed API documentation for the Get-IDUser PowerShell cmdlet, including its various syntax forms, parameter definitions, and overall functionality. ```APIDOC Get-IDUser Cmdlet: Synopsis: Fetch details of cloud directory users Syntax: GetUsers (Default): Get-IDUser [] GetUser: Get-IDUser -ID [] GetUserByName: Get-IDUser -username [] GetUserAttributes: Get-IDUser [-CurrentUser] [] GetTechSupportUser: Get-IDUser [-TechSupportUser] [] Description: By default, returns details of all existing users in the cloud directory. Specify `id` or `username` parameter to to fetch the details of a specific existing user in the cloud directory. Parameters: -username: Type: String Parameter Sets: GetUserByName Aliases: None Required: True Position: Named Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Description: The username of the user to get details of -ID: Type: String Parameter Sets: GetUser Aliases: Uuid Required: True Position: Named Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Description: The id of the user to get details of -CurrentUser: Type: SwitchParameter Parameter Sets: GetUserAttributes Aliases: None Required: True Position: Named Default value: False Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Description: Specify to return details of authenticated user -TechSupportUser: Type: SwitchParameter Parameter Sets: GetTechSupportUser Aliases: None Required: True Position: Named Default value: False Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Description: Specify to return details of the Tech Support User CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Get-IDConnector Cmdlet Parameter Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDConnector.md Detailed documentation for the parameters of the `Get-IDConnector` PowerShell cmdlet, including type, position, default values, and pipeline input support. ```APIDOC -proxyUuid: Description: The ID of the cloud connector to check Type: String Parameter Sets: (All) Aliases: ID Required: False Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### New-IDSession Cmdlet Syntax (SAML) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md Defines the syntax for the `New-IDSession` cmdlet when authenticating using a SAML response string. ```APIDOC New-IDSession [-tenant_url] -SAMLResponse [-WhatIf] [-Confirm] [] ``` -------------------------------- ### New-IDSession Cmdlet Syntax (Credential) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md Defines the syntax for the `New-IDSession` cmdlet when authenticating using a PSCredential object. ```APIDOC New-IDSession [-tenant_url] [-Credential] [-WhatIf] [-Confirm] [] ``` -------------------------------- ### Get-IDTenantConfiguration Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenantConfiguration.md Defines the syntax for invoking the Get-IDTenantConfiguration cmdlet. This cmdlet does not require any specific parameters beyond the standard CommonParameters. ```APIDOC Get-IDTenantConfiguration [] ``` -------------------------------- ### Get-IDUserRole Cmdlet API Reference (APIDOC) Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUserRole.md Comprehensive API documentation for the `Get-IDUserRole` PowerShell cmdlet. This section outlines the cmdlet's synopsis, detailed description, full syntax, and a breakdown of all available parameters, including their types, descriptions, requirements, and pipeline input acceptance. ```APIDOC Get-IDUserRole: Synopsis: List roles user is a member of. Description: Get a list of roles for a user. Returns user roles and administrative rights associated with the roles. Syntax: Get-IDUserRole [-ID] [[-Limit] ] [[-PageNumber] ] [[-PageSize] ] [[-Caching] ] [[-SortBy] ] [] Parameters: -ID: Type: String Description: The ID of the user Aliases: Uuid Required: True Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Limit: Type: Int32 Description: The maximum number of results to return for the specified page. Aliases: None Required: False Position: 2 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -PageNumber: Type: Int32 Description: The number of pages of results to return. Aliases: None Required: False Position: 3 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -PageSize: Type: Int32 Description: The number of entities to return per page. Aliases: None Required: False Position: 4 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -Caching: Type: Int32 Description: Can be set to the following values: -1: returns live data but writes to the cache for query results. <-1: don't read from or write to the cache for query results. 0: use the cache for both read/write with 'caching in minutes' as TTL of the results. Aliases: None Required: False Position: 5 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -SortBy: Type: String Description: Comma-separated list of column names to sort by. Aliases: None Required: False Position: 6 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Unlock-IDUser Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Unlock-IDUser.md Shows the basic syntax for using the `Unlock-IDUser` cmdlet, including its required parameter and optional common parameters for cloud unlocking a user. ```PowerShell Unlock-IDUser [-user] [] ``` -------------------------------- ### Get-IDUserIdentifier Cmdlet API Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDUserIdentifier.md Detailed API documentation for the Get-IDUserIdentifier PowerShell cmdlet, outlining its synopsis, full description, syntax, and supported common parameters. ```APIDOC Get-IDUserIdentifier: Synopsis: Get user identifiers Description: Get the configuration of the user attributes Syntax: Get-IDUserIdentifier [] Parameters: CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Get-IDTenant Cmdlet Syntax Definition Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenant.md Defines the command-line syntax for the Get-IDTenant PowerShell cmdlet, including optional common parameters. ```APIDOC Get-IDTenant [] ``` -------------------------------- ### Invoke-IDSqlcmd Input Types Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Invoke-IDSqlcmd.md Lists the .NET types that the `Invoke-IDSqlcmd` cmdlet can accept as pipeline input. ```APIDOC System.String System.Int32 System.Boolean ``` -------------------------------- ### Lock-IDUser Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Lock-IDUser.md Defines the command-line syntax for the `Lock-IDUser` PowerShell cmdlet, showing its required and optional parameters. ```PowerShell Lock-IDUser [-user] [] ``` -------------------------------- ### Invoke-IDSqlcmd Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Invoke-IDSqlcmd.md Defines the full syntax for the `Invoke-IDSqlcmd` PowerShell cmdlet, including all parameters, their types, and whether they are optional or required. ```APIDOC Invoke-IDSqlcmd [-Script] [[-Limit] ] [[-PageNumber] ] [[-PageSize] ] [[-Caching] ] [[-Direction] ] [[-SortBy] ] [] ``` -------------------------------- ### Suspend-IDUserMFA Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Suspend-IDUserMFA.md Shows the full syntax for the Suspend-IDUserMFA cmdlet, including parameters, their types, and optional common parameters. ```PowerShell Suspend-IDUserMFA [-ID] [[-timespan] ] [] ``` -------------------------------- ### Suspend-IDUserMFA Cmdlet Parameter Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Suspend-IDUserMFA.md Detailed documentation for each parameter of the Suspend-IDUserMFA cmdlet, including type, requirement, position, default value, aliases, and pipeline input acceptance. ```APIDOC -ID: Description: The unique ID (Uuid) of the user to exempt from MFA Type: String Parameter Sets: (All) Aliases: Uuid Required: True Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False -timespan: Description: Amount of time to exempt the user from MFA (default=10 minutes) Type: Int32 Parameter Sets: (All) Aliases: Required: False Position: 2 Default value: 0 Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Lock-IDUser Cmdlet API Definition Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Lock-IDUser.md Detailed API documentation for the `Lock-IDUser` PowerShell cmdlet, including its purpose, synopsis, and a comprehensive breakdown of its parameters with their types, requirements, and additional properties. ```APIDOC Cmdlet: Lock-IDUser Synopsis: Cloud lock a user Description: Enable cloud lock for a specified user Syntax: Lock-IDUser [-user] [] Parameters: -user: Description: The unique ID (Uuid) of the user to cloud lock. Type: String Required: True Position: 1 Aliases: Uuid Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Default value: None CommonParameters: Description: This cmdlet supports the common parameters available in PowerShell, such as -Debug, -ErrorAction, and -Verbose. ``` -------------------------------- ### Unlock-IDUser Cmdlet Parameters Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Unlock-IDUser.md Detailed documentation for the parameters accepted by the `Unlock-IDUser` cmdlet, including their types, requirements, aliases, and descriptions. This section covers both specific parameters like '-user' and general 'CommonParameters'. ```APIDOC Parameter: -user Description: The unique ID (Uuid) of the user to cloud unlock Type: String Parameter Sets: (All) Aliases: Uuid Required: True Position: 1 Default value: None Accept pipeline input: True (ByPropertyName) Accept wildcard characters: False Parameter: CommonParameters Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### APIDOC: Get-IDAnalyticsDataset Cmdlet Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDAnalyticsDataset.md Detailed API documentation for the Get-IDAnalyticsDataset PowerShell cmdlet, including its synopsis, syntax, description, and supported parameters. ```APIDOC Cmdlet: Get-IDAnalyticsDataset Synopsis: Get all datasets accessible to user Syntax: Get-IDAnalyticsDataset [] Description: Lists the following: - All custom datasets created by one user - All default datasets available to all users in the tenant for CyberArk User Behaviour Analytics Service. Parameters: CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. Reference: For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Get-IDConnector Cmdlet Syntax Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDConnector.md Defines the syntax for the `Get-IDConnector` PowerShell cmdlet, showing its optional `proxyUuid` parameter and support for common parameters. ```PowerShell Get-IDConnector [[-proxyUuid] ] [] ``` -------------------------------- ### List Commands in IdentityCommand Module Source: https://github.com/pspete/identitycommand/blob/main/README.md Retrieves a list of all commands (cmdlets, functions, aliases) provided by the 'IdentityCommand' module. This helps users discover available functionalities. ```powershell Get-Command -Module IdentityCommand ``` -------------------------------- ### Import IdentityCommand Module Source: https://github.com/pspete/identitycommand/blob/main/README.md Imports the 'IdentityCommand' module into the current PowerShell session. This step is necessary to make the module's cmdlets and functions accessible for use. ```powershell Import-Module IdentityCommand ``` -------------------------------- ### New-IDSession Cmdlet Output Type Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/New-IDSession.md Specifies the .NET type of the object returned by the `New-IDSession` cmdlet. ```APIDOC System.Object ``` -------------------------------- ### APIDOC: Close-IDSession Cmdlet Definition Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Close-IDSession.md Defines the structure and behavior of the Close-IDSession PowerShell cmdlet, including its syntax, parameters, input requirements, and output type. ```APIDOC Cmdlet: Close-IDSession Synopsis: Logout the current user Syntax: Close-IDSession [] Description: Logout the current user Parameters: CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). Inputs: None Outputs: System.Object ``` -------------------------------- ### Clear-IDUserSession Cmdlet API Reference Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Clear-IDUserSession.md Detailed API documentation for the Clear-IDUserSession PowerShell cmdlet, outlining its syntax, parameters, and their properties. This cmdlet is used to invalidate all sessions for a specified user within CyberArk Identity. ```APIDOC Cmdlet: Clear-IDUserSession Synopsis: Sign Out a user from all CyberArk Identity sessions everywhere. Description: Invalidates all sessions for a user. All the sessions and cookies present for that user will be deleted and user needs to be login again. Only system administrator, users with user management rights, or the user itself can invoke this API. Syntax: Clear-IDUserSession [-ID] [] Parameters: -ID (String): Description: The unique ID (Uuid) of the user to sign out. Aliases: Uuid Required: True Position: 1 Default Value: None Accepts Pipeline Input: True (ByPropertyName) Accepts Wildcard Characters: False CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Invoke-IDSqlcmd Output Type Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Invoke-IDSqlcmd.md Specifies the .NET type of the object returned by the `Invoke-IDSqlcmd` cmdlet after execution. ```APIDOC System.Object ``` -------------------------------- ### APIDOC: Get-IDTenantCname Cmdlet Definition Source: https://github.com/pspete/identitycommand/blob/main/docs/collections/_commands/Get-IDTenantCname.md Defines the Get-IDTenantCname PowerShell cmdlet, including its synopsis, syntax, and supported common parameters. This cmdlet is designed to retrieve CNAME records associated with a tenant. ```APIDOC Get-IDTenantCname Cmdlet: Synopsis: Get Tenant Cnames Syntax: Get-IDTenantCname [] Description: Get Tenant Cnames Parameters: CommonParameters: Description: This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. Reference: For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). ``` -------------------------------- ### Make REST API Call with Retrieved WebSession Source: https://github.com/pspete/identitycommand/blob/main/README.md This snippet demonstrates how to use the `Websession` object obtained from an authenticated IdentityCommand session to make further REST API calls. It shows `Invoke-RestMethod` being used with the `-WebSession` parameter to send a POST request, leveraging the established authentication context. ```powershell PS C:\> $Websession = $session.GetWebSession() PS C:\> Invoke-RestMethod -WebSession $websession ` -Method Post ` -Uri https://somedomain.id.cyberark.cloud ` -Body @{SomeProperty = 'SomeValue'} | ConvertTo-Json ``` -------------------------------- ### Obtain Bearer Token from CyberArk Identity Session (PowerShell) Source: https://github.com/pspete/identitycommand/blob/main/IdentityCommand/about_IdentityCommand.help.txt This snippet shows how to invoke the `GetToken` method on an authenticated session object to retrieve a bearer token. This token can then be used for direct API calls to endpoints not yet covered by module commands. ```PowerShell $Session = New-IDSession -tenant_url https://sometenant.id.cyberark.cloud -Credential $Credential $Session.GetToken() ```