SpyCloud Auth Node
Use the SpyCloud Auth node to integrate the SpyCloud service with Advanced Identity Cloud and assess if a user’s password is compromised. If a user’s password is compromised, the administrator can take remedial action, such as denying access and asking the user to reset their password, or forcing a password reset.
Compatibility
| Product | Compatible? |
|---|---|
Advanced Identity Cloud |
Yes |
PingAM (self-managed) |
Yes |
Ping Identity Platform (self-managed) |
Yes |
| AM customers can get the SpyCloud node here. |
Inputs
This node reads a customizable user identifier from shared state. The identifier is set in the identifierSharedStateKey property in the node configuration.
Dependencies
To use this node, you should have already set up integration with the SpyCloud service in Advanced Identity Cloud. Refer to the SpyCloud documentation to set up the SpyCloud service in your environment.
Configuration
| Property | Usage |
|---|---|
API URL |
The SpyCloud API URL. |
API Key |
The SpyCloud API key. |
Severity |
Allows you to filter based on the numeric severity code. You can find more information about severity codes in SpyCloud documentation. |
identifierSharedStateKey |
The shared state key to find the identifier value. |
Outcomes
Compromised-
Compromised password detected.
Not compromised-
Password is not compromised.
Error-
There was an error while assessing if the password was compromised.
Example
The following sample journey illustrates the use of this node to assess if a user’s password is compromised:
Troubleshooting
If this node logs an error, then an error message is sent to shared state. For example:
-
"[SpyCloud] StackTrace", new Date() + ": " + stackTrace -
"[SpyCloud] Exception", new Date() + ": " + ex.getMessage()
Review the log messages to find the reason for the error and address the issue appropriately.