Accounts¶
defines the privileged account existing on the monitored server. It specifies the actual login credentials, user authentication mode: anonymous (without user authentication), regular (with login credentials substitution) or forward (with login and password forwarding); password changing policy as well as the password changer itself.
Data structures¶
| Parameter | Type | Description |
|---|---|---|
| accountpasswordchanger_set | PasswordChangerAttributes | Password Changer settings |
| blocked | bool | |
| credentials | AccountCredentialsAttributes | Required if type == regular || forward |
| dump_mode | string{all, none, raw} | Session recording options |
| id | bigserial | Object Identifier |
| name | string | Unique account name. Required |
| ocr_enabled | bool | Enable OCR option |
| ocr_lang | string | Provide the language for the OCR process |
| password_lastupdate | DateTime | |
| password_change_request | DateTime | |
| password_checkout_time_limit | Time (hh:mm:ss) | Duration of the secret checkout |
| password_recovery | bool | Enable a password verifier to automatically trigger a password changer. Available for type == regular |
| retention | int | Delete session data after {{int}} days. Min value = 1, Max value = 2147483647 |
| server | ||
| id | int | required |
| name | string | required |
| server_id | int | required |
| type | string{anonymous, forward, regular} | required |
| Parameter | Type | Description |
|---|---|---|
| domain | string | |
| login | string | required |
| method | string{password, ssh-key, account} | required if type == regular |
| secret | string |
|
| password_change_policy_id | int | required if type == regular |
| password_change_policy | ||
| id | int | required |
| name | string | required |
| private_key | string |
|
| public_key | string | read only |
| Parameter | Type | Description |
|---|---|---|
| password_changer_type | string{change, verify} | |
| id | int | |
| position | int | required |
| timeout | int | required |
| privileged_mode_password | string | required if changer_id in (5, 6, 7, 8) |
(PC_TELNET_CISCO, PC_TELNET_CISCO_ENABLE, PC_SSH_CISCO, PC_SSH_CISCO_ENABLE) |
||
| privileged_username | string | |
| privileged_password | string | |
| ssh_username | string | required if ( |
| ssh_password | string | required if ( |
| ssh_host | string | required if ( |
| ssh_port | string | required if ( |
| Parameter | Type | Description |
|---|---|---|
| account_id | int |
|
| account | Read only | |
| id | int | |
| name | string | |
| listener_id | int |
|
| listener | Read only | |
| id | int | |
| name | string |
Creating an account¶
Request
| Method | POST
|
| Path | /api/system/accounts
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountModel
|
Possible Response
| Status | 201 CREATED
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountModel
|
| Description | Object successfully created. Resultant object's attributes
are included in response body.
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | ValidationErrors
|
| Description | Validation didn't pass.
|
Retrieving accounts list¶
Request
| Method | GET
|
| Path | /api/system/accounts
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | [
AccountModel,
...
]
|
Retrieving an account¶
Request
| Method | GET
|
| Path | /api/system/accounts/:account_id
|
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountModel
|
Possible Response
| Status | 404 NOT FOUND
|
| Description | No account with given id. |
Modifying accounts¶
Request
| Method | PUT, PATCH
|
| Path | /api/system/accounts/:account_id
|
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountModel
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountModel
|
Possible Response
| Status | 404 NOT FOUND
|
| Description | No account with given id. |
Deleting an account¶
Request
| Method | DELETE
|
| Path | /api/system/accounts/:account_id
|
Possible Response
| Status | 204 NO CONTENT
|
Possible Response
| Status | 404 NOT FOUND
|
| Description | Object with specified identifier was not found. |
Retrieving users allowed to manage accounts¶
Request
| Method | GET
|
| Path | /api/system/accounts/:account_id/granted_users
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status |
200 OK |
| Headers | Content-Type: Application/JSON
|
| Body | [
{
'name': 'username'
'id': 'id'
}, ...
]
|
Granting management privileges¶
Request
| Method | POST
|
| Path | /api/system/accounts/:account_id/granted_users
|
| Body | {
user_id: user_id
}
|
Possible Response
| Status | |
201 CREATED |
Revoking management privileges¶
Request
| Method | DELETE
|
| Path | /api/system/accounts/:account_id/granted_users/:user_id
|
Possible Response
| Status | 204 NO CONTENT
|
Possible Response
| Status | 404 NOT FOUND
|
Retrieving account-safe assignments list¶
Request
| Method | GET
|
| Path | /api/system/accounts
|
Note
Results pagination
Every GET request, which returns a collection of objects can be optionally paginated. To achieve it add a pagination parameter to the request path:
/api/system/objects?page=3&page_size=10
| page | int |
| page_size | int |
Possible Response
| Status | 200 OK
|
| Headers | Content-Type: Application/JSON
|
| Body | [
AccountSafeAssignmentModel,
...
]
|
Creating an account-safe assignments¶
Request
| Method | POST
|
| Path | /api/system/safes/:safe_id/accounts
|
| Body | AccountSafeAssignmentModel
|
Possible Response
| Status | 201 CREATED
|
| Headers | Content-Type: Application/JSON
|
| Body | AccountSafeAssignmentModel
|
Possible Response
| Status | 400 BAD REQUEST
|
| Headers | Content-Type: Application/JSON
|
| Body | ValidationErrors
|
Possible Response
| Status | 404 NOT FOUND
|
Deleting an account-safe assignment¶
Request
| Method | DELETE
|
| Path | /api/system/safes/:safe_id/accounts/:account_id
|
Possible Response
| Status | 204 NO CONTENT
|
Possible Response
| Status | 404 NOT FOUND
|