Chat now with support
Chat mit Support

One Identity Safeguard for Privileged Sessions 8.0 LTS - REST API Reference Guide

Introduction Using the SPS REST API Basic settings User management and access control Managing SPS General connection settings HTTP connections Citrix ICA connections MSSQL connections RDP connections SSH connections Telnet connections VNC connections Search, retrieve, download, and index sessions Reporting Health and maintenance Advanced authentication and authorization Completing the Welcome Wizard using REST Enable and configure analytics using REST REST API examples

Firmware management

A list of endpoints managing SPS firmware images.

URL
GET https://<IP-address-of-SPS>/api/firmware
Cookies
Cookie name Description Required Values
session_id Contains the authentication token of the user Required

The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.

NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format).

Sample request

The following command lists management configuration endpoints.

curl --cookie cookies.txt https://<IP-address-of-SPS>/api/firmware
Response

The following is a sample response received when firmware-related configuration endpoints are listed.

For more information on the meta object, see Message format.

{
  "items": [
    {
      "key": "fetch",
      "meta": {
        "href": "/api/firmware/fetch"
      }
    },
	{
      "key": "slots",
      "meta": {
        "href": "/api/firmware/slots"
      }
    },
    {
      "key": "test",
      "meta": {
        "href": "/api/firmware/test"
      }
    },
    {
      "key": "upgrade",
      "meta": {
        "href": "/api/firmware/upgrade"
      }
    }
  ],
  "meta": {
    "href": "/api/firmware",
    "parent": "/api",
    "fetch": "/api/firmware/fetch",
    "slots": "/api/firmware/slots",
    "test": "/api/firmware/test",
    "upgrade": "/api/firmware/upgrade"
  }
}
Endpoints Description

fetch

Install firmware files by providing a URL.

slots Retrieve information about SPS firmware images maintained on the device in locations called slots.
test Trigger an upgrade test without an actual upgrade.
upgrade Upgrade SPS to new firmware.
upload Upload new firmware to SPS.
HTTP response codes

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Retrieving information about SPS firmware image slots

Retrieve information about SPS firmware images maintained on the device in locations called slots.

Base URL
https://<address-of-SPS>/api
Cookies

For more information about the authentication token of the user, see Application level error codes.

Sample request

HTTP operations with the /slots endpoint include:

HTTP method

URL

Description

Notes

GET

/api/firmware/slots

curl -X GET -b "${COOKIE_PATH}" https://<address-of-SPS>/api/firmware/slots

Listing all available firmware image slots

 

GET

/api/firmware/slots/<slot_id>

curl -X GET -b "${COOKIE_PATH}" https://<address-of-SPS>/api/firmware/slots/<slot_id>

Listing a specific firmware image slot

 

DELETE

/api/firmware/slots/<slot_id>

curl -X DELETE -b "${COOKIE_PATH}" https://<address-of-SPS>/api/firmware/slots/<slot_id>

Deleting a firmware image slot

NOTE: Deleting the current firmware, or the one after the reboot, is not allowed.

Examples

Firmware slots

Elements of the response message body include:

Element

Type

Description

Notes

after_reboot

boolean

This flag shows that the firmware is selected to be the active firmware after upgrade.

Possible values:

  • true - the firmware is the active firmware after upgrade

  • false - the firmware is not the active firmware after upgrade

current

boolean

Indicates whether the firmware is active.

Possible values:

  • true - the current firmware is the latest version

  • false - the current firmware is not the latest version

upgrade_news

string

Displays SPS Upgrade Notes that is relevant to the current firmware.

If there is no such information available, the value will be null.

upgrade_notes

string

The content of the SPS Upgrade Notes.

 

version

number

The version number of that specific SPS firmware image.

 

For more information on the meta object, see Message format.

HTTP response codes

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Testing new SPS firmware before upgrade

Use the /firmware/test endpoint as a precheck tool to trigger an upgrade test without an actual upgrade. The test reveals whether the current state of SPS is compatible with the new firmware. Possible areas where errors can occur:

  • version compatibility - the new firmware is compatible with the upgrade policy

  • storage space - there is enough free storage space for the upgrade

  • configuration compatibility - the current configuration settings are supported in the new firmware

  • tainted firmware - whether or not there are manually modified files on the firmware

URL
POST https://<IP-address-of-SPS>/api/firmware/test
Cookies
Cookie name Description Required Values
session_id Contains the authentication token of the user Required

The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.

NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format).

Operations

Operations with the /firmware/test endpoint include:

Operation

HTTP method

URL

Notes

Testing new SPS firmware before upgrade

POST

/api/firmware/test

 

Sample request

The following command triggers a firmware upgrade test.

curl --cookie cookies.txt https://<IP-address-of-SPS>/api/firmware/test --data '{"slot_id": <slot_id>}'

NOTE: You require a payload first, from which you choose the firmware you want to test.

Response

There can be three possible outcomes:

  • the upgrade was successful:

    {"body": "...", "key": <slot_id>}
  • the upgrade was not successful due to invalid input:

    • the slot_id is missing from the payload

      {"error": {"type": "IncompleteRequestBodyError"}}
    • the tested firmware slot is empty

      {"error": {"type": "ResourceNotFound"}}
  • the upgrade was not successful due to an error:

    {"error": {"type": "FirmwareTestFailed"}}

The following is a sample response received when the upgrade test was successful.

For more information on the meta object, see Message format.

{
     "body":
       { "test_summary": "HA check started\nHA check finished" },
     "key": "1",
     "meta": {
       "href": "/api/firmware/test",
       "parent": "/api/firmware",
       "slot": "/api/firmware/slots/1",
       "upgrade": "/api/firmware/upgrade"
     }
   }
		

The following is a sample response received when the upgrade test was not successful, because the firmware slot is empty.

{
     "error": {
       "details": {
         "mount_point": "/firmware/test",
         "resource": "3"
       },
       "message": "Resource was not found",
       "type": "ResourceNotFound"
     },
     "meta": {
       "href": "/api/firmware/test",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.mount_point

string

The reference point - in this case a URL path - at which details of the error can be accessed.

This is a fix value:

/firmware/test

error.details.resource

number

The identifier of the firmware image slot.

 

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

The following is a sample response received when the upgrade test was not successful, because the slot_id is missing from the payload.

{
     "error": {
       "details": {
         "missing_paths": [
           "slot_id"
         ]
       },
       "message": "Some paths were missing from the request body",
       "type": "IncompleteRequestBodyError"
     },
     "meta": {
       "href": "/api/firmware/test",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.missing_paths

array

A list of missing URL path parameters.

In this case, there can be only one value here, which is slot_id.

error.details.missing_paths.slot_id

 

The identifier of the firmware image slot.

 

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

The following is a sample response received when the upgrade test was not successful, because an error was found during testing.

{
     "error": {
       "details": {
         "exit_code": 1,
         "test_summary": "HA check started\nHA check failed"
       },
       "message": "The firmware test failed",
       "type": "FirmwareTestFailed"
     },
     "meta": {
       "href": "/api/firmware/test",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.exit_code

number

Possible values:

  • 0 - the firmware test passed successfully

  • 1 - the firmware test failed

error.details.test_summary

string

The summary of the upgrade test in free text format.

For example:

HA check started,

HA check failed

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

HTTP response codes

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Upgrading SPS to a new firmware

Use the /firmware/upgrade endpoint to upgrade SPS to a new firmware.

URL
POST https://<IP-address-of-SPS>/api/firmware/upgrade
Cookies
Cookie name Description Required Values
session_id Contains the authentication token of the user Required

The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.

NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format).

Operations

Operations with the /firmware/upgrade endpoint include:

Operation HTTP method URL

Notes

Upgrading SPS to a new firmware POST /api/firmware/upgrade

 

Sample request

The following command upgrades SPS to a new firmware.

curl --cookie cookies.txt https://<IP-address-of-SPS>/api/firmware/upgrade --data '{"slot_id": <slot_id>, "message": "..." | null}'

NOTE: The value of message can be null, if require_commit_log is disabled. If require_commit_log is enabled, then message is filled.

Response

There can be three possible outcomes:

  • the upgrade was successful:

    {"body": "...", "key": <slot_id>}
  • the upgrade was not successful due to invalid input:

    • the slot_id is missing from the payload

      {"error": {"type": "IncompleteRequestBodyError"}}
    • the tested firmware slot is empty

      {"error": {"type": "ResourceNotFound"}}
  • the upgrade was not successful due to an error:

    {"error": {"type": "FirmwareTestFailed"}}

The following is a sample response received when a SPS is upgraded to a new firmware.

For more information on the meta object, see Message format.

{
     "body":
       { "test_summary": "HA check started\nHA check finished" },
     "key": "1",
     "meta": {
       "href": "/api/firmware/upgrade",
       "parent": "/api/firmware",
       "slot": "/api/firmware/slots/1"
     }
   }
		

The following is a sample response received when a firmware upgrade is attempted on an empty slot.

{
     "error": {
       "details": {
         "mount_point": "/firmware/upgrade",
         "resource": "3"
       },
       "message": "Resource was not found",
       "type": "ResourceNotFound"
     },
     "meta": {
       "href": "/api/firmware/upgrade",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.mount_point

string

The reference point - in this case a URL path - at which details of the error can be accessed.

This is a fix value:

/firmware/upgrade

error.details.resource

number

The identifier of the firmware image slot.

 

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

The following is a sample response received when message is missing from the request body during upgrade.

{
     "error": {
       "details": {
         "missing_paths": [
           "message"
         ]
       },
       "message": "Some paths were missing from the request body",
       "type": "IncompleteRequestBodyError"
     },
     "meta": {
       "href": "/api/firmware/upgrade",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.missing_paths

array

A list of missing URL path parameters.

In this case, there can be only one value here, which is message.

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

The following is a sample response received when the firmware test fails during upgrade.

{
     "error": {
       "details": {
         "exit_code": 1,
         "test_summary": "HA check started\nHA check failed"
       },
       "message": "The firmware test failed",
       "type": "FirmwareTestFailed"
     },
     "meta": {
       "href": "/api/firmware/upgrade",
       "parent": "/api/firmware"
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

error.details

object

error.details.exit_code

number

Possible values:

  • 0 -the firmware test passed successfully

  • 1 - the firmware test failed

error.details.test_summary

string

The summary of the upgrade test in free text format.

For example:

  • HA check started

  • HA check failed

error.message

string

The content of the error message.

 

error.type

string

The type of the error message.

 

HTTP response codes

HTTP response codes comprise of standard or endpoint-specific HTTP status and error codes. The following table lists the endpoint-specific HTTP response codes for this request.

HTTP response code Status/Error Description
400 UpgradeMessageMissing The upgrade request did not contain a message. Adding a message is required.

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen