Skip to main content

About Cerby

Cerby is an identity, access, and password management platform for “disconnected” applications: apps without SSO/SCIM support or with seat-based licensing in social/marketing tools. Connecting Cerby to Serval enables centralized lifecycle management of those accounts, automated user provisioning into business hub integrations, and password/secret reads from Cerby-managed vaults.

What the Cerby integration enables

CapabilityDescription
Account inventoryList accounts, retrieve account metadata, and inspect MFA/rotation state
Secret readsRead passwords and TOTP codes for accounts stored in supported vaults
User & team managementList users and teams, create local/guest users, share accounts and collections
Business hub integrationsList, invite, update entitlements for, and remove users from connected SaaS integrations
Job monitoringPoll automated job status (e.g. invite-user, update-entitlement) until completion
Anything defined in the Cerby API can be accessed through Serval.

Cerby configuration

Prerequisites

  • An active Cerby workspace
  • Workspace Admin, Super Admin, or Owner role (required for most read endpoints and all write endpoints)
  • Permission to create API keys in the Cerby web app

Create an API key

1

Navigate to API key settings

Sign in to Cerby and go to SettingsDeveloperAPI Keys.
2

Create a new key

Click Create API Key. Give it a descriptive name (e.g., Serval Integration).
3

Select scopes

Grant the scopes you intend to use from Serval. The minimum set the healthchecks exercise is:
  • Read accounts
  • Read users
  • Read items (collections / secrets)
  • Read integrations
  • Read vaults
Add Write scopes (e.g. Write integrations, Write users, Write collections, Write secrets) only if your workflows will mutate state.
4

Copy your key

Copy the generated API key immediately. Cerby will not show it again.
The API key is displayed only once. Store it securely; if lost you must create a new one.

Identify your workspace name

Your Cerby workspace name is the subdomain in your URL. For https://acme.cerby.com, the workspace name is acme. Serval uses it to build the base host acme.cerby.com for every API call.

Serval configuration

  1. In Serval, go to AppsAvailableCerbyConnect
  2. Enter the following:
    FieldDescription
    Workspace nameThe subdomain part of your Cerby URL (e.g., acme for acme.cerby.com). Do not include .cerby.com.
    API TokenThe API key created above
  3. Click Save
Serval will verify your credentials and connect to Cerby. Once saved, run the healthchecks below to confirm each required scope is present.

Healthchecks

The Cerby integration ships with five read-only healthchecks. Each exercises a different scope so a failure tells you exactly which permission is missing.
#HealthcheckScope required
001Validate API connectionRead vaults
002List usersRead users
003List teamsRead users (also needs Admin role)
004List integrationsRead integrations
005List collectionsRead items

Additional resources

Cerby API documentation

Full API reference for the Cerby platform

Cerby

Learn more about Cerby’s identity and access management platform
Need help? Contact support@serval.com for assistance with your Cerby integration.