Accounts¶
defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: anonymous (without user authentication), regular (with login credentials substitution) or forward (with login and password forwarding); password changing policy as well as the password changer itself.
Data structures¶
Parameter | Type | Description |
---|---|---|
accountpasswordchanger_set | PasswordChangerAttributes | Password Changer settings |
blocked | bool | |
credentials | AccountCredentialsAttributes | Required if type == regular || forward |
dump_mode | string{all, none, raw} | Session recording options |
id | bigserial | Object Identifier |
name | string | Unique account name. Required |
ocr_enabled | bool | Enable OCR option |
ocr_lang | string | Provide the language for the OCR process |
password_lastupdate | DateTime | |
password_change_request | DateTime | |
password_checkout_time_limit | Time (hh:mm:ss) | Duration of the secret checkout |
password_recovery | bool | Enable a password verifier to automatically trigger a password changer. Available for type == regular |
retention | int | Delete session data after {{int}} days. Min value = 1, Max value = 2147483647 |
server | ||
id | int | required |
name | string | required |
server_id | int | required |
type | string{anonymous, forward, regular} | required |
Parameter | Type | Description |
---|---|---|
domain | string | |
login | string | required |
method | string{password, ssh-key, account} | required if type == regular |
secret | string |
|
password_change_policy_id | int | required if type == regular |
password_change_policy | ||
id | int | required |
name | string | required |
private_key | string |
|
public_key | string | read only |
Parameter | Type | Description |
---|---|---|
password_changer_type | string{change, verify} | |
id | int | |
position | int | required |
timeout | int | required |
privileged_mode_password | string | required if changer_id in (5, 6, 7, 8) |
(PC_TELNET_CISCO , PC_TELNET_CISCO_ENABLE , PC_SSH_CISCO , PC_SSH_CISCO_ENABLE ) |
||
privileged_username | string | |
privileged_password | string | |
ssh_username | string | required if ( |
ssh_password | string | required if ( |
ssh_host | string | required if ( |
ssh_port | string | required if ( |
Parameter | Type | Description |
---|---|---|
account_id | int |
|
account | Read only | |
id | int | |
name | string | |
listener_id | int |
|
listener | Read only | |
id | int | |
name | string |
Creating an account¶
Request
Method | POST
|
Path | /api/system/accounts
|
Headers | Content-Type: Application/JSON
|
Body | AccountModel
|
Possible Response
Status | 201 CREATED
|
Headers | Content-Type: Application/JSON
|
Body | AccountModel
|
Description | Object successfully created. Resultant object's attributes
are included in response body.
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | ValidationErrors
|
Description | Validation didn't pass.
|
Retrieving accounts list¶
Request
Method | GET
|
Path | /api/system/accounts
|
Note
Results pagination
Every GET
request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
page | int |
page_size | int |
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | [
AccountModel,
...
]
|
Retrieving an account¶
Request
Method | GET
|
Path | /api/system/accounts/:account_id
|
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | AccountModel
|
Possible Response
Status | 404 NOT FOUND
|
Description | No account with given id. |
Modifying accounts¶
Request
Method | PUT, PATCH
|
Path | /api/system/accounts/:account_id
|
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | AccountModel
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | AccountModel
|
Possible Response
Status | 404 NOT FOUND
|
Description | No account with given id. |
Deleting an account¶
Request
Method | DELETE
|
Path | /api/system/accounts/:account_id
|
Possible Response
Status | 204 NO CONTENT
|
Possible Response
Status | 404 NOT FOUND
|
Description | Object with specified identifier was not found. |
Retrieving users allowed to manage accounts¶
Request
Method | GET
|
Path | /api/system/accounts/:account_id/granted_users
|
Note
Results pagination
Every GET
request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
page | int |
page_size | int |
Possible Response
Status |
200 OK |
Headers | Content-Type: Application/JSON
|
Body | [
{
'name': 'username'
'id': 'id'
}, ...
]
|
Granting management privileges¶
Request
Method | POST
|
Path | /api/system/accounts/:account_id/granted_users
|
Body | {
user_id: user_id
}
|
Possible Response
Status | |
201 CREATED |
Revoking management privileges¶
Request
Method | DELETE
|
Path | /api/system/accounts/:account_id/granted_users/:user_id
|
Possible Response
Status | 204 NO CONTENT
|
Possible Response
Status | 404 NOT FOUND
|
Retrieving account-safe assignments list¶
Request
Method | GET
|
Path | /api/system/accounts
|
Note
Results pagination
Every GET
request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
page | int |
page_size | int |
Possible Response
Status | 200 OK
|
Headers | Content-Type: Application/JSON
|
Body | [
AccountSafeAssignmentModel,
...
]
|
Creating an account-safe assignments¶
Request
Method | POST
|
Path | /api/system/safes/:safe_id/accounts
|
Body | AccountSafeAssignmentModel
|
Possible Response
Status | 201 CREATED
|
Headers | Content-Type: Application/JSON
|
Body | AccountSafeAssignmentModel
|
Possible Response
Status | 400 BAD REQUEST
|
Headers | Content-Type: Application/JSON
|
Body | ValidationErrors
|
Possible Response
Status | 404 NOT FOUND
|
Deleting an account-safe assignment¶
Request
Method | DELETE
|
Path | /api/system/safes/:safe_id/accounts/:account_id
|
Possible Response
Status | 204 NO CONTENT
|
Possible Response
Status | 404 NOT FOUND
|