Skip to main content

The #1 agentic semantic tool search: 91.6% first-try accuracy on S1 Search Bench Explore Tool Discovery

Live 31 Actions

CyberArk (Privilege Cloud) MCP Server
for AI Agents

Connect your AI agent to StackOne's CyberArk (Privilege Cloud) MCP server and give it 31 MCP tools out of the box. Auth, tool execution, and security all managed.

Start Free Book Demo Read Docs →
CyberArk (Privilege Cloud) logo
CyberArk (Privilege Cloud) MCP Server
Built by StackOne StackOne
DrataGPLocalyzeFlipMindtoolsScreenloop

Coverage

31 Agent Actions

Create, read, update, and delete across CyberArk (Privilege Cloud) — and extend your agent's capabilities with custom actions.

MCP Actions → Build Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your CyberArk (Privilege Cloud) MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every CyberArk (Privilege Cloud) tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every CyberArk (Privilege Cloud) call.

Tools Discovery →

What is the CyberArk (Privilege Cloud) MCP Server?

A CyberArk (Privilege Cloud) MCP server lets AI agents read and write CyberArk (Privilege Cloud) data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's CyberArk (Privilege Cloud) MCP server ships with 31 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, observability, and agent execution runtime. Connect it from MCP clients like Claude Desktop, Claude Code, Cursor, Goose, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All CyberArk (Privilege Cloud) MCP Tools

Every action from CyberArk (Privilege Cloud)'s API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Users

  • Add User

    Add a new user to Privilege Cloud via POST /Users

  • Get Users

    Retrieve a list of all existing users in Privilege Cloud via GET /Users

  • Update User

    Update an existing user via PUT /Users/{UserID}

  • Delete User

    Delete a specific user in Privilege Cloud via DELETE /Users/{UserID}

Groups

  • Create Group

    Add a new group via POST /UserGroups

  • Get Groups

    Retrieve a list of all existing user groups via GET /UserGroups

  • Update Group

    Update a Vault group via PUT /UserGroups/{groupId}

  • Delete Group

    Delete a Privilege Cloud group via DELETE /UserGroups/{GroupID}

Safes

  • Add Safe

    Add a new Safe to Privilege Cloud via POST /Safes

  • Update Safe

    Update a single Safe in Privilege Cloud via PUT /Safes/{SafeUrlId}

  • Delete Safe

    Delete a Safe from the Vault via DELETE /Safes/{safeUrlId}

Safe Members

  • Add Safe Member

    Add an existing user or group as a Safe member via POST /Safes/{safeUrlId}/Members

  • Update Safe Member

    Update an existing Safe member via PUT /Safes/{SafeUrlId}/Members/{MemberName}

  • Remove Safe Member

    Remove a member from a Safe via DELETE /Safes/{safeUrlId}/Members/{memberName}

Accounts

  • Add Account

    Add a new privileged account to Privilege Cloud via POST /Accounts

  • Get Accounts

    Retrieve a list of all privileged accounts via GET /Accounts

  • Update Account

    Update an existing account's details via PATCH /Accounts/{AccountID}

  • Delete Account

    Delete a specific account in the Vault via DELETE /Accounts/{id}

Other (13)

  • Add Member To Group

    Add a user as a member to an existing Vault group via POST /UserGroups/{id}/Members

  • Get User Details

    Retrieve information about a specific user via GET /Users/{UserID}

  • Get Group Details

    Retrieve details of a single user group via GET /UserGroups/{ID}

  • Get All Safes

    Retrieve a list of all Safes in the Vault via GET /Safes

  • Get Safe Details

    Retrieve information about a specific Safe via GET /Safes/{SafeUrlId}

  • Get All Safe Members

    Retrieve a list of members of a Safe via GET /Safes/{SafeUrlId}/Members

  • Get Account Details

    Retrieve details of a specific privileged account identified by its ID via GET /Accounts/{id}

  • Get Password Value

    Retrieve the password or SSH key of an existing account via POST /Accounts/{accountId}/Password/Retrieve

  • Get Platforms

    Retrieve all existing account platforms via GET /Platforms

  • Get Platform Details

    Retrieve details of a specific platform via GET /Platforms/{PlatformName}

  • Remove User From Group

    Remove a specific user from a user group in the Vault via DELETE /UserGroups/{groupID}/Members/{member}

  • Activate User

    Activate a suspended user via POST /Users/{UserID}/Activate

  • Reset User Password

    Reset an existing Vault user's password via POST /Users/{UserID}/ResetPassword

Set Up Your CyberArk (Privilege Cloud) MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to CyberArk (Privilege Cloud) in under 10 lines of code.

MCP Clients

Claude Desktop setup guide
Claude Code setup guide
Cursor setup guide
Goose setup guide

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

Check More developer MCP Servers

PingOne

113+ actions

OpenVPN CloudConnexa

62+ actions

Sophos Central

54+ actions

Absolute Software

19+ actions

All developer MCP Servers →

Platform Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

MCP vs A2A: Architecture, Security, and When to Use Each

MCP vs A2A: what each protocol standardizes, how they differ, their shared security risks including indirect prompt injection, and when to use one, both, or a hybrid architecture.

12 min

MCP vs API: What 200+ Connector Builds Taught Us

MCP wraps APIs, it doesn't replace them. After building 200+ connectors that serve both, here's when each approach wins.

14 min read

CyberArk (Privilege Cloud) MCP Server FAQ

Does StackOne have a CyberArk (Privilege Cloud) MCP server?
Yes. StackOne offers a hosted CyberArk (Privilege Cloud) MCP server with 31 pre-built actions, and every action is tested and QA'd by StackOne. Connect it to Claude, Cursor, and any other MCP client, or to any agent framework through the AI Action SDK. It ships with managed agent authentication, prompt injection defense, and tool discovery with server-side execution that preserve your agent's context window and keep reasoning performance.
CyberArk (Privilege Cloud) MCP server vs direct API integration — what's the difference?
A CyberArk (Privilege Cloud) MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling CyberArk (Privilege Cloud). A CyberArk (Privilege Cloud) MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling CyberArk (Privilege Cloud) at runtime. StackOne provides both.
How does CyberArk (Privilege Cloud) authentication work for AI agents?
CyberArk (Privilege Cloud) authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own CyberArk (Privilege Cloud) account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are CyberArk (Privilege Cloud) MCP tools vulnerable to prompt injection?
Yes — CyberArk (Privilege Cloud) MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a CyberArk (Privilege Cloud) agent and how do I avoid it?
Context bloat happens when CyberArk (Privilege Cloud) tool schemas and API responses eat your CyberArk (Privilege Cloud) agent's memory, preventing it from reasoning effectively. A single CyberArk (Privilege Cloud) query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my CyberArk (Privilege Cloud) agent can access?
Yes — you can limit which actions your CyberArk (Privilege Cloud) agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my CyberArk (Privilege Cloud) MCP server?
Yes — you can create custom agent actions for your CyberArk (Privilege Cloud) MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research CyberArk (Privilege Cloud)'s API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a CyberArk (Privilege Cloud) MCP server?
Skip a CyberArk (Privilege Cloud) MCP server if your integration is purely software-to-software — direct CyberArk (Privilege Cloud) API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call CyberArk (Privilege Cloud) actions at runtime.
What AI frameworks and AI clients does the StackOne CyberArk (Privilege Cloud) MCP server support?
The StackOne CyberArk (Privilege Cloud) MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo