CyberArk Trust Protection Foundation - SaaS
Trust Protection Foundation - SaaS Certification
This page is meant to be your home base throughout the certification process, so please feel free to jump around, read ahead, bookmark and come back to it as needed.
✅ Ready to certify?
If you've already completed your solution, understand and meet the necessary requirements and are ready to submit a request for Certification, you can start here.
Introduction
As a CyberArk Trust Protection Foundation - SaaS Certified solution, you have an extra level of confidence that your solution was designed with your best interests at the forefront. For that reason, certified solutions see more adoption from our mutual users. When building a solution for Trust Protection Foundation, one desired outcome should be official certification. Official certification is the first step to listing the solution on the CyberArk Marketplace, which is the #1 way end users discover and deploy solutions.
✅ Success
Certification is the only way that a solution will be listed on the CyberArk Marketplace as compatible with Certificate Manager - SaaS.

The Certificate Manager - SaaS Certification Program is still evolving and so some specifics about the following requirements are subject to change. Ample notice will be given to any developers of an existing certified solution, ensuring plenty of time to make any necessary updates to maintain certification.
The following requirements are applicable to every Certificate Manager - SaaS solution, however there may be additional, unlisted requirements depending on the specific use case of the solution. There will be solutions and use cases that come forward that are totally new and unique from every solution that has gone through the certification process - and that's GREAT! It means machine identity management is continuing to evolve and see continued adoption.
ℹ️ We're all in this together
In cases where the CyberArk team requests additional requirements be met, we will work with you to determine what success looks like and do our best to provide any Tools/guidance necessary to reach certification.
Technical Certification vs. Partner Program
The technical certification process is not to be confused with CyberArk Partnership, though the two are related. The best way to think about it would be "Packaging" vs. "Marketing".
Packaging
The final step of the Certificate Manager - SaaS certification process will be Packaging - deciding how end users will deploy and interact with your solution. In order for end users to discover the solution and establish a strong user base, the packaging of the solution should be polished and easy to understand. Use of company logos, iconography, product names, marketing copy, etc. will all help users quickly identify your solution in the growing CyberArk Marketplace.

Marketing
Marketing, on the other hand, focuses on bringing attention to a fully packaged & published solution. Once the solution has been certified and the initial Marketplace Listing has been created, the next logical step would be an official partnership with CyberArk, which will also engage the CyberArk Marketing team to start making some noise about the new solution available to CyberArk users.
Requirements
There are currently two levels of certification for Certificate Manager - SaaS solutions, Foundation Certification and Advanced Certification. It's our hope that every developer strives for the most comprehensive solution, but understand that isn't always possible due to resource and/or time constraints. The purpose of creating multiple levels of certification is two-fold:
- It provides a lower barrier to entry for smaller organizations and individual contributors
- It provides an opportunity for developers to further differentiate their solution by providing additional collateral that will help end users get started #fastsecure when using the solution.
Meeting the requirements for Foundation Certification should be the first point of focus for any new developer. These requirements have been designed to create a simple pathway for developers to get a listing onto the CyberArk Marketplace, while ensuring a consistent, stable experience for all Certificate Manager - SaaS end users. All Certificate Manager - SaaS solutions that are published on the CyberArk Marketplace are required to meet the requirements for Foundation Certification.
Advanced Certification provides a means to differentiate a solution that goes above & beyond the requirements specified above. Functionally, both Foundation Certification and Advanced Certification have the same technical requirements. The difference between the two levels is really about end user enablement and ongoing testing to ensure the solution remains fully functional.
From an end user's perspective, generally the more collateral available to be consumed, the less likely end users are to have questions that might block them from testing and ultimately utilizing the solution. The easier it is to deploy and test the solution, the more widely adopted that solution becomes throughout the user base. More users generate more feedback and ideas, and the solution becomes more robust as a result.
Certification Requirements
Foundation
- The description of the solution is an accurate representation of functionality.
- The solution doesn't interfere with Certificate Manager - SaaS native functionality or performance.
- The solution was developed with overall security best practices in mind and makes no attempts to harvest user data.
- The solution uses generally available interfaces to interact with Certificate Manager - SaaS (VCert, REST API, etc.).
- Accompanying documentation must be packaged with the solution and should include any necessary configuration instructions as well as clear usage examples. Templates are provided for this purpose. (NOTE: a free CyberArk Account will be required to access this resource)
- The support model is clearly defined for all user types.
- A demonstration of all documented functionality must be scheduled & completed with the CyberArk Ecosystem team.
Advanced
Everything listed in the Foundation Certification Requirements section tab be completed, in addition to the following:
- A 5-10 minute technical demonstration video covering any initial configuration and typical usage examples must be available online.
- When necessary, and if possible/feasible for the solution, a test instance or account will be provided to the CyberArk Ecosystem team for internal testing and demonstration purposes.
- Automated testing must be put in place to test all documented functionality of your solution.
- All REST endpoints and/or VCert functions used by the solution must be documented and provided to CyberArk.
These will be used internally by CyberArk to track which features & functions are being used most by developers and end users. They will not be shared publicly.
ℹ️ Do you have feedback about the certification process?
We've tried to make the certification process as simple and pain free as possible, but we're always looking to make it better. If you have any suggestions or feedback to improve the process, we'd love to hear them!
Resources & FAQs
Below are some useful resources and frequently asked questions from previous developers who've already completed the certification process:
Resources
⚠️ Account Required
Some of the resources on this page will require a CyberArk user account in order to access. Please feel free to create one. If you encounter any issues, please let us know.
- Certificate Manager - SaaS API Documentation
- Example Solution Repo - This provides a thorough example of how the README.md file should be created to be most impactful for CyberArk users. Rather than creating Word documents or PDFs, all documentation should start in Markdown, which provides better version control and can then be easily translated to other formats as needed.
- CyberArk Marketplace - Explore the Marketplace to get an idea about some of the existing solutions to CyberArk.
FAQs
Will my solution be listed on the CyberArk Marketplace if I don't pursue official certification?
✅ Your solution may still be listed if it works with Certificate Manager - Self-Hosted, but it will not be listed as officially compatible with Certificate Manager - SaaS and will not have the official badge of certification.
How long will the certification process take?
✅ The certification process itself moves relatively quickly - you've already done the time-consuming part building and documenting the solution. Once you've submitted a Request for Certification, it typically takes only a couple of days to schedule the final milestone demo (a short session for you to demonstrate the described functionality to the CyberArk Ecosystem team).
Will I receive any marketing assets that I can use on my own websites and collateral?
✅ Yes, definitely! We love seeing CyberArk certification badges out in the wild. Official badges will be provided upon completion of the certification process.
How often will I be required to re-certify my solution?
✅ For now, we'd like you to re-certify for any Major release or feature addition/enhancement. Minor releases don't require re-certification. If you've just released a new Major version or added a new feature, please submit a new certification request.
Submit Your Solution
Once your solution has been built and been tested internally by your team, you've produced any accompanying documentation and you've recorded a short video demo walking through each supported function of your solution, your solution is ready for certification!