지금 지원 담당자와 채팅
지원 담당자와 채팅

One Identity Safeguard for Privileged Sessions 7.0.5.1 LTS - REST API Reference Guide

Introduction Using the SPS REST API Basic settings User management and access control Managing SPS General connection settings HTTP connections Citrix ICA connections MSSQL connections RDP connections SSH connections Telnet connections VNC connections Search, download, and index sessions Reporting Health and maintenance Advanced authentication and authorization Completing the Welcome Wizard using REST Enable and configure analytics using REST

Modifying the configuration of SPS

The following sections describe deleting, creating and changing objects.

Delete an object

To delete a configuration object (for example, a policy), use a DELETE request with the ID of the object as the key.

  • You cannot delete policies or objects that are used in other policies (for example, you cannot delete a Time policy that is used in a Channel policy).

  • You cannot delete built-in policies that are available on SPS by default.

  • You must commit your changes to take effect. For details, see Commit a transaction.

URL
DELETE https:<IP-address-of-SPS>/api/configuration/<endpoint>/<object-id>
Sample request

The following command deletes an RDP Channel policy.

curl --cookie cookies -X DELETE -https:<IP-address-of-SPS>/api/configuration/rdp/channel_policies/<object-id>
Response

The following is a sample response received.

{
  "meta": {
    "first": "/api/configuration/rdp/channel_policies/-20100",
    "href": "/api/configuration/rdp/channel_policies/<id-of-the-deleted-object>",
    "last": "/api/configuration/rdp/channel_policies/<id-of-the-deleted-object>",
    "next": null,
    "parent": "/api/configuration/rdp/channel_policies",
    "previous": "/api/configuration/rdp/channel_policies/655555",
    "transaction": "/api/transaction"
  }
}
Code Description Notes
200 OK The resource was successfully deleted.
401 Unauthenticated The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
403 Unauthorized The requested resource cannot be retrieved because the client is not authorized to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
409 Conflict No open Transaction is available. Open a transaction before using this request. For details, see Open a transaction.

Create a new object

To create a new object (for example, a new policy), complete the following steps.

  1. Authenticate and open a transaction.

  2. Post the new object as a JSON object to the appropriate resource URL.

  3. If successful, the REST server creates an ID for the new object, and returns it in the key field of the response.

  4. Commit the transaction.

URL
POST https:<IP-address-of-SPS>/api/configuration/<path-to-the-parent-resource>
Sample request

The following command creates a new RDP Channel policy. The data content of the request is read from the file body.json

curl -H "Content-Type: application/json" -d @body.json --cookie session_id=1aca4793549c6f22aecd98bc1047d1bf32dd76ef -X POST https://<object-id>/api/configuration/rdp/channel_policies/

For a simple RDP Channel policy that uses the default settings and allows only the Drawing channel, the JSON object is the following.

{
  "name": "drawing-only",
  "rules": [
    {
      "actions": {
        "audit": true,
        "content_policy": null,
        "four_eyes": false,
        "ids": false
      },
      "allowed_for": {
        "clients": [],
        "gateway_groups": [],
        "remote_groups": [],
        "servers": [],
        "time_policy": "-100"
      },
      "channel": "#drawing"
    }
  ]
}
Response

The following is a sample response received, showing the properties of Content policy objects.

{
  "key": "f79bcc85-bb8b-4fa5-a141-eb4cf2b6ef33",
  "meta": {
    "href": "/api/configuration/rdp/channel_policies/f79bcc85-bb8b-4fa5-a141-eb4cf2b6ef33",
    "parent": "/api/configuration/rdp/channel_policies",
    "transaction": "/api/transaction"
  }
}
Code Description Notes
201 Created The new resource was successfully created.
400 Bad Request The request body format is invalid. The data is not a properly formatted JSON object.
401 Unauthenticated The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
403 Unauthorized The requested resource cannot be retrieved because the client is not authorized to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
409 Conflict No open Transaction is available. Open a transaction before using this request. For details, see Open a transaction.
417 Expectation Failed

If you receive the "417 - Expectation Failed" error code when using curl, use curl with the --http1.0 or the -H "Expect:" option.

Change an object

To modify or update an object, use a PUT request on the object you want to change. In the body of the request, you have to upload the entire object, not only the parameter that you want to change.

URL
PUT https:<IP-address-of-SPS>/api/configuration/<path-to-the-parent-resource>/<id-of-the-object-to-modify>
Sample request

The following command updates an RDP Channel policy. The data content of the request is read from the file body.json.

curl -H "Content-Type: application/json" -d @body.json --cookie session_id=07640a0bf14cdd361d8f5ae2b0b482a786c7a604 -X PUT https://10.40.255.17/api/configuration/rdp/channel_policies/<id-of-the-object-to-modify>

For a simple RDP Channel policy that uses the default settings and allows only the Drawing channel, the JSON object is the following.

{
  "name": "drawing-only",
  "rules": [
    {
      "actions": {
        "audit": true,
        "content_policy": null,
        "four_eyes": false,
        "ids": false
      },
      "allowed_for": {
        "clients": [],
        "gateway_groups": [],
        "remote_groups": [],
        "servers": [],
        "time_policy": "-100"
      },
      "channel": "#drawing"
    }
  ]
}
Response

The following is a sample response received.

{
  "meta": {
    "first": "/api/configuration/rdp/channel_policies/-20100",
    "href": "/api/configuration/rdp/channel_policies/<id-of-the-modified-object>",
    "last": "/api/configuration/rdp/channel_policies/<id-of-the-modified-object>",
    "next": null,
    "parent": "/api/configuration/rdp/channel_policies",
    "previous": "/api/configuration/rdp/channel_policies/655555",
    "transaction": "/api/transaction"
  }
}
Code Description Notes
201 Created The new resource was successfully created..
400 Bad Request The request body format is invalid. The data is not a properly formatted JSON object.
401 Unauthenticated The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
403 Unauthorized The requested resource cannot be retrieved because the client is not authorized to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
409 Conflict No open Transaction is available. Open a transaction before using this request. For details, see Open a transaction.
417 Expectation Failed

If you receive the "417 - Expectation Failed" error code when using curl, use curl with the --http1.0 or the -H "Expect:" option.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택