CyberArk Privilege Cloud MCP. Control vaulted secrets and sessions via your AI agent.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
Just plug in your AI agents and start using Vinkius.
CyberArk Privilege Cloud MCP Server manages your enterprise's privileged access. You can list secure Safes, check vaulted credentials, onboard new accounts, and forcibly terminate active sessions—all directly from your AI agent.
It gives your AI client full control over identity security and privileged access management, eliminating the need to navigate the PVWA interface.
What your AI agents can do
Add account
Creates and provisions a new privileged account into a specific Vault Safe.
Delete account
Removes a privileged account from the CyberArk Vault, stopping failed password rotations.
Get account
Retrieves detailed properties for a specific vaulted account before modification or interaction.
List all secure Safes, all users, all groups, and all vaulted accounts, providing metadata like rotational status and assigned CPMs.
Provision new accounts using add_account, update accounts, or delete them using delete_account within the Vault Safe.
Pull clear-text passwords from the Vault via retrieve_password after providing a mandatory, logged justification.
Instantly cut active privileged sessions (PSM/PSMP) using terminate_session for incident response.
List users and groups to check if the RBAC rules are correctly applied across the organization's logical access architecture.
Ask AI about this MCP
Supported MCP Clients
Gemini Waiting for input…
CyberArk Privilege Cloud MCP Server: 10 Tools for Vault Management
Use these tools to list users, retrieve passwords, onboard accounts, and terminate sessions across your entire CyberArk environment.
019d7580add account
Creates and provisions a new privileged account into a specific Vault Safe.
019d7580delete account
Removes a privileged account from the CyberArk Vault, stopping failed password rotations.
019d7580get account
Retrieves detailed properties for a specific vaulted account before modification or interaction.
019d7580get safe
Fetches the metadata and details for a specific PAM Safe.
019d7580list accounts
Searches and lists all privileged accounts vaulted in CyberArk, including status and allocation.
019d7580list groups
Lists all CyberArk Vault User Groups, verifying the RBAC structure.
019d7580list safes
Lists every secure Safe container in CyberArk Privileged Access Manager.
019d7580list users
Lists all active CyberArk users, including both local and synchronized accounts.
019d7580retrieve password
Retrieves the clear-text password for an account, requiring a mandatory justification and generating an audit log.
019d7580terminate session
Forcibly cuts an active privileged session (PSM/PSMP) instantly as part of incident response.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with CyberArk Privilege Cloud, then connect any of our 4,700+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 4,700+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
What you can do with this MCP connector
Connecting your AI client to the CyberArk Privilege Cloud MCP Server gives your agent full control over identity security and privileged access management. You can manage your enterprise vault directly, skipping the whole PVWA interface. You'll find tools to list every secure Safe, check all active users and groups, and handle every vaulted account.
Audit and List Vault Resources
- You can use
list_safesto see every secure container in CyberArk Privileged Access Manager. You'll also findget_safeto pull the metadata and details for a specific Safe.list_userslists every active CyberArk user, covering both local accounts and synchronized ones.list_groupsverifies the RBAC structure by showing all CyberArk Vault User Groups.list_accountssearches and lists all privileged accounts vaulted in CyberArk, showing their status and allocation. You can also useget_accountto grab detailed properties for any specific vaulted account before you make changes.
Manage Credentials
- Need to onboard a new account? Use
add_accountto create and provision a new privileged account into a specific Vault Safe. If an account needs to be pulled from the Vault, you can usedelete_accountto remove it and stop any failed password rotations. Theretrieve_passwordtool lets you pull a clear-text password from the Vault, but you've gotta provide a mandatory justification, and it logs the whole thing for auditing.
Control Active Sessions
- If there's an incident, you can use
terminate_sessionto instantly cut an active privileged session (PSM/PSMP) for incident response. This is a direct, immediate action.
Verify Access Policies
- You can check if the RBAC rules are right by listing all groups with
list_groupsand verifying users withlist_users.
Account Oversight
- The system provides deep visibility into your vaulting architecture. You can see which accounts are vaulted, their rotational status, and their assigned CPMs by listing accounts. You can also use
get_accountto get detailed properties on any account, helping you audit its state.
How CyberArk Privilege Cloud MCP Works
- 1 Subscribe to the CyberArk Privilege Cloud server and provide your CyberArk Subdomain and Bearer access token.
- 2 Your AI client connects and authenticates using the service user client credentials flow.
- 3 You issue a natural language command (e.g., 'List all accounts for 10.0.0.1') and the agent executes the corresponding tool call.
The bottom line is, your AI agent talks to CyberArk using standardized tools, so you don't have to click through the console.
Who Is CyberArk Privilege Cloud MCP For?
Security Analysts and SOC teams who need to monitor privileged account status and terminate suspicious sessions in real-time. IT Administrators who manage service accounts and safe configurations without touching the PVWA interface. Auditors and Compliance officers who must verify complex organizational security policies. DevOps Engineers needing temporary credentials for automated maintenance with full audit trails.
Monitoring privileged accounts and using terminate_session to cut active connections when suspicious behavior is detected.
Onboarding new service accounts or adjusting safe configurations using add_account and get_safe.
Running list_users and list_groups to verify that the organization's access control rules match current policy.
Retrieving temporary credentials using retrieve_password for automated maintenance tasks, ensuring every action is logged.
What Changes When You Connect
- See all necessary credentials and group memberships by using
list_accountsandlist_groups. This gives you a single view of the entire PAM logical access architecture, eliminating the need to cross-reference multiple dashboards. - Stop manual credential retrieval.
retrieve_passwordpulls the actual secret from the Vault—and it forces an audit log and justification, making the action compliant by default. - Respond to security incidents faster. You can instantly terminate a suspicious active session using
terminate_session, cutting the connection immediately without logging into the PSM console. - Manage the full lifecycle of an account. Use
add_accountto onboard a new service account anddelete_accountwhen it's decommissioned. This keeps your vault clean and fully auditable. - Audit the containers holding your secrets.
list_safeslets you locate every critical tier-0 credential or local admin password, telling you exactly where it resides. - Verify who has access to what.
list_usersandget_safelet you check user accounts and the specific Safe metadata to confirm proper access boundaries.
Real-World Use Cases
Incident Response: Cutting a Bad Session
A SOC analyst detects anomalous behavior mid-session. Instead of scrambling to log into the PSM console, they tell their agent: 'Terminate active session sess_abc.' The agent runs terminate_session, instantly cutting the connection and stopping the threat.
Compliance Audit: Verifying Access Rules
An auditor needs to confirm that only the Ops team has read access to the Root account Safe. They ask the agent to run list_safes, then list_groups, and finally get_safe to verify the specific RBAC rules are in place.
Onboarding: Provisioning a New Service Account
A DevOps engineer needs a new service account for an upcoming deployment. They instruct the agent to run add_account, specifying the platform ID and the target Safe, completing the full onboarding cycle without manual console steps.
Troubleshooting: Finding a Secret Credential
A developer needs a temporary database password for emergency maintenance. They ask the agent to run list_accounts to find the right credential, and then use retrieve_password with the mandatory reason, getting the secret back immediately.
The Tradeoffs
Forgetting the Audit Trail
A user manually retrieves a password via the web console, assuming the process is sufficient. The lack of mandatory, auditable justification means the action is poorly logged.
→
Always use the agent's retrieve_password tool. It requires you to provide a justification reason, ensuring the action is logged with the necessary compliance details.
Trying to Guess Safe Locations
A junior admin attempts to locate a critical credential by guessing the Safe name or relying on tribal knowledge, wasting time and risking security gaps.
→
Start by running list_safes. This gives you a complete, definitive list of all available containers, telling you exactly where the credentials are stored.
Manually Tracking User Permissions
An administrator tries to track down which groups have access to which specific Safe, leading to complex, error-prone manual cross-referencing across multiple UIs.
→
Use the agent to run list_groups and list_users. You can then use get_safe to verify the permissions applied to those groups against the target Safe.
When It Fits, When It Doesn't
Use this server if your workflow requires managing the full lifecycle of privileged accounts—from initial provisioning (add_account) and ongoing rotation to the actual retrieval (retrieve_password) and emergency session termination (terminate_session). It's best when the process is highly regulated and requires an immutable audit trail.
Don't use it if you just need to check a single status field, or if you are only performing ad-hoc reads. For simple read-only checks, you can limit your calls to list_accounts or get_safe. But if you need to act—change a password, delete an account, or kill a session—you need the full suite of tools.
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by CyberArk. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Works with Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This server provides 10 capabilities that interface natively with Claude, ChatGPT, Cursor, and any MCP client. No middleware. No custom integration required.
Available Capabilities
Auditing access control across dozens of different consoles is a nightmare.
Today, verifying who can access what means jumping between the PVWA, the LDAP dashboard, and the group policy manager. You check the group membership in one place, then click into a separate Safe to see what the group is permitted to touch. You end up copying and pasting usernames and Safe names just to build a simple matrix.
With this MCP server, you ask your agent to verify the access architecture. It runs `list_groups` and `list_users`, pulling the definitive list of members and groups, and then you use `get_safe` to confirm the exact permissions applied to those groups. The whole audit happens in a single chat session.
CyberArk Privilege Cloud MCP Server: Manage all vault operations.
The process of rotating or onboarding a new service account used to take a ticket, involve manual data entry in several places, and required a security engineer to validate the Platform ID mapping. Now, you tell your agent to use `add_account`, providing the details. The agent handles the entire provisioning and mapping process.
You gain a full, auditable, and automated lifecycle management process. You don't just get a credential; you get the full account, safe, and platform mapping documented in a single, verifiable transaction.
Common Questions About CyberArk Privilege Cloud MCP
How does the CyberArk Privilege Cloud MCP Server handle password retrieval using `retrieve_password`? +
The server requires you to provide a mandatory justification reason before pulling any clear-text password. This action triggers SIEM alerts and ensures the retrieval is fully logged for compliance.
Can I use `terminate_session` to cut a connection? +
Yes. The terminate_session tool forcibly cuts an active privileged session (PSM/PSMP). This is designed for real-time incident response when anomalous behavior is detected.
What is the difference between `list_accounts` and `list_users`? +
list_accounts lists highly sensitive vaulted credentials (like Root accounts). list_users lists all human and synchronized users who consume those sessions.
Do I need to use `get_safe` every time I work with a Safe? +
While list_safes gives you the names, running get_safe fetches the actual metadata, like retention periods and Central Policy Managers (CPM), giving you the full context needed for compliance.
How do I onboard a new account using the `add_account` tool? +
You must specify the new account details and map it to a specific underlying Platform ID (e.g., WinDesktopLocal). This dictates how CyberArk will handle its rotation and verification.
When should I use `list_groups` to check permissions, and what does it show? +
The list_groups tool shows the organizational structure for access control. It lists user groups, which is how CyberArk enforces Role-Based Access Control (RBAC) to manage Safe permissions, rather than assigning permissions to individual users.
What happens if I try to retrieve a password using `retrieve_password` without a justification? +
The system requires a mandatory justification reason before you can retrieve a clear-text password. This audited step ensures that every password checkout is logged with a business reason, meeting compliance requirements.
How do I get detailed information about a Safe using `get_safe`? +
Using get_safe fetches the metadata for a specific PAM Safe. This data includes critical details like retention periods and which Central Policy Managers (CPMs) are assigned to it.
Can my agent retrieve a privileged password for an emergency maintenance task? +
Yes. Use the 'retrieve_password' tool. You must provide the account ID and a justification reason. The agent pulls the secret from the Vault, and the action is fully audited in CyberArk's system logs for compliance.
How do I terminate a suspicious active session via the agent? +
Provide the session ID to the 'terminate_session' tool. The agent will dispatch an instant interrupt signal to the CyberArk platform, killing the live SSH or RDP session immediately to prevent unauthorized actions.
Is it possible to add new service accounts to a Safe through chat? +
Absolutely. Use the 'add_account' tool. You'll need to specify the account name, address, username, platform ID, and the destination Safe. Your agent will onboard the credential and link it to the CPM for automated rotation.
Use it with your favorite AI tools
Connect this server to Cursor, Claude, VS Code, and more.
More in this category
OFAC Sanctions Service
Access authoritative sanctions data via OFAC SLS — track SDN lists, entities, and version history directly from your AI agent.
Censys
Search internet-connected hosts, SSL certificates and attack surface — discover exposed services and vulnerabilities.
Bugcrowd
Manage crowdsourced security via Bugcrowd — track submissions, programs, and targets directly from any AI agent.
You might also like
Limble CMMS
Keep your equipment running with preventive maintenance scheduling, work order management, and asset tracking for facility teams.
Phone Validator Engine
Stop LLMs from hallucinating phone numbers. Validates and formats numbers to E.164 natively.
CBRE Econometric Advisors (EA)
Access global real estate market data via CBRE EA — track rents, vacancy rates, and market forecasts directly from any AI agent.