CyberArk and Nexus Integration Design with SAML

High Level Design

The integration architecture leverages SAML 2.0 protocol to establish secure authentication between Nexus Repository Manager and CyberArk Privileged Access Security (PAS) solution.

Core Components

CyberArk Identity Security Platform (IDAP) - Acts as SAML Identity Provider (IdP)
Nexus Repository Manager - Acts as SAML Service Provider (SP)
CyberArk Privileged Access Security (PAS)
CyberArk Central Policy Manager (CPM)

Authentication Flow

sequenceDiagram
    User->>Nexus: Access Request
    Nexus->>CyberArk IDAP: SAML Authentication Request
    CyberArk IDAP->>User: Login Form
    User->>CyberArk IDAP: Credentials
    CyberArk IDAP->>Nexus: SAML Assertion
    Nexus->>User: Grant Access

Low Level Design

1. CyberArk IDAP Configuration

Configure SAML Application for Nexus
Generate SAML metadata XML
Configure attribute mapping for user properties
Set up authentication policies

2. Nexus Configuration

Enable SAML authentication plugin
Import CyberArk IDAP metadata
Configure SAML assertion mapping
Set up role mapping rules