지금 지원 담당자와 채팅
지원 담당자와 채팅

One Identity Safeguard for Privileged Sessions 8.0 LTS - REST API Reference Guide

Introduction Using the SPS REST API Basic settings User management and access control Managing SPS General connection settings HTTP connections Citrix ICA connections MSSQL connections RDP connections SSH connections Telnet connections VNC connections Search, retrieve, download, and index sessions Reporting Health and maintenance Advanced authentication and authorization Completing the Welcome Wizard using REST Enable and configure analytics using REST REST API examples

Management email

Querying email configuration

Querying email configuration request

curl --cookie cookies.txt --request GET https://<IP-address-of-SPS>/api/configuration/management/email

Querying email configuration response

{
    "key": "email",
    "body": {
        "admin_address": "administrator@test-network",
        "sender_address": "box@test-network",
        "server": {
            "selection": "fqdn",
            "value": "smtp.test-network"
        },
        "alerting_address": "alert-investigator@test-network",
        "reporting_address": "report-collector@test-network",
        "user_authentication": null,
        "encryption": {
           "selection": "disabled"
        }
    },
    "meta": {
        "first": "/api/configuration/management/accounting",
        "href": "/api/configuration/management/email",
        "last": "/api/configuration/management/web_gateway_authentication",
        "next": "/api/configuration/management/exported_configuration_encryption",
        "parent": "/api/configuration/management",
        "previous": "/api/configuration/management/disk_fillup_prevention",
        "transaction": "/api/transaction"
   }
}
Querying encrypted email configuration

Querying encrypted email configuration request

curl --cookie cookies.txt --request GET https://<IP-address-of-SPS>/api/configuration/management/email

Querying encrypted email configuration response

    {
        "key": "email",
        "body": {
            "admin_address": "administrator@test-network",
            "sender_address": "box@test-network",
            "server": {
                "selection": "fqdn",
                "value": "smtp.test-network"
            },
            "alerting_address": "alert-investigator@test-network",
            "reporting_address": "report-collector@test-network",
            "user_authentication": {
               "username": "testuser",
               "password": {
                   "key": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
                   "meta": {"href": "/api/configuration/passwords#XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"}
               }
            },
            "encryption": {
               "selection": "starttls",
               "server_certificate_check": {
                   "fingerprint": {
                       "digest": "a5:56:d1:12:f5:14:ae:2a:2b:3e:33:d4:74:13:64:f6:d2:c0:f6:60:b0:5a:2c:e6:0c:60:d7:34:14:16:d2:b1",
                       "hash_algorithm": "sha256"
                   },
                   "issuer": "/C=RO/ST=TheRootState/L=TheRootLocality/O=TheRootOrganization/OU=TheRootOrganizationalUnit/CN=the.root.common.name.io/emailAddress=the@root.email.address.io",
                   "not_after": "2024-08-11T13:04:43+00:00",
                   "not_before": "2014-08-14T13:04:43+00:00",
                   "subject": "/C=CA/ST=TheCaState/L=TheCaLocality/O=TheCaOrganization/OU=TheCaOrganizationalUnit/CN=the.ca.common.name.io/emailAddress=the@ca.email.address.io",
                   "pem": "-----BEGIN CERTIFICATE-----\nMIIEWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQ0FADCBzDELMAkGA1UEBhMCUk8x\nFTATBgNVBAgMDFRoZVJvb3RTdGF0ZTEYMBYGA1UEBwwPVGhlUm9vdExvY2FsaXR5\nMRwwGgYDVQQKDBNUaGVSb290T3JnYW5pemF0aW9uMSIwIAYDVQQLDBlUaGVSb290\nT3JnYW5pemF0aW9uYWxVbml0MSAwHgYDVQQDDBd0aGUucm9vdC5jb21tb24ubmFt\nZS5pbzEoMCYGCSqGSIb3DQEJARYZdGhlQHJvb3QuZW1haWwuYWRkcmVzcy5pbzAe\nFw0xNDA4MTQxMzA0NDNaFw0yNDA4MTExMzA0NDNaMIHAMQswCQYDVQQGEwJDQTET\nMBEGA1UECAwKVGhlQ2FTdGF0ZTEWMBQGA1UEBwwNVGhlQ2FMb2NhbGl0eTEaMBgG\nA1UECgwRVGhlQ2FPcmdhbml6YXRpb24xIDAeBgNVBAsMF1RoZUNhT3JnYW5pemF0\naW9uYWxVbml0MR4wHAYDVQQDDBV0aGUuY2EuY29tbW9uLm5hbWUuaW8xJjAkBgkq\nhkiG9w0BCQEWF3RoZUBjYS5lbWFpbC5hZGRyZXNzLmlvMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAnDH+7TXsG4KIuEgH/Q6zcV2+RKbcIGIM+Qy7AXPK\nMaC2zz+rFLdwrkE60S6q5kbj4Qviw0EB9xrFqyYzDu+9QeWgLYUVVSCAZiRkfrcz\nw4+LC5CcyxpLx7AwaJTGSZOjCAzQI0M+5VNxlUg96OMiQmLI1LyGcWiCU/b1DH+o\nkI9f7+E8I5TwJEepb6pUiAnGVJoq19v39SlKDDDZ2oS47ElQPQM6QhyT6C9R10GI\n1ILYkgVQCR6dKCqRiar+DrgULY6I/YpZjzsoQT9cuK3kPZqn5P/O/EUWfuVY6BWZ\nn/OW6/JEZvpxyP1IrNq2Mc1dfSFWxqaUd+Lu+xvIMGkpJwIDAQABo1AwTjAdBgNV\nHQ4EFgQUP0o72Giv/Nc5rbYbmARjo4WggCcwHwYDVR0jBBgwFoAUHCS1guZGRNHN\nSvIRRCht25WOJOEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAsXiL\ntf6rYuY5Lr8WrUAM344il4fT+NQQ9ikbAIO9bLUaZG+cXbWLNeQSP/iDuBwWi2JF\noFhSAekr1UZvWu+eL62BeLl2CxB5SCayey9fIVTG8C+QHuOmsjLvTyQsUPByt2rE\nPB35hhxkSscUA4JyGN5dx08aaLBaULjaUwrib9gM7Iqg41pV+8MGPyHidUFeHPCS\nmuhmxoGlwjnzOuG3kE06EY9NjZ0oRnNnFtAat33/WgUDMMXK7H4t0IKojGgajvga\nqf42osfXzBTA7hD2qaTv/p/jGtt+UGJefsS2BkLn7aNGpOPhmC+So0bOhRCwmasV\nWywaLFBDEYDnAEbK5Q==\n-----END CERTIFICATE-----\n"
               },
               "client_authentication": {
                    "key": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
                    "meta": {
                       "href": "/api/configuration/x509/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
                    }
               }
            }
        },
        "meta": {
           "first": "/api/configuration/management/accounting",
           "href": "/api/configuration/management/email",
           "last": "/api/configuration/management/web_gateway_authentication",
           "next": "/api/configuration/management/exported_configuration_encryption",
           "parent": "/api/configuration/management",
           "previous": "/api/configuration/management/disk_fillup_prevention",
           "transaction": "/api/transaction"
       }
    }
Configure authentication to the SMTP server

Configure authentication to the SMTP server request

curl --cookie cookies.txt --request PUT --data '@-' https://<IP-address-of-SPS>/api/configuration/management/email <<'REQUEST'
{
   "admin_address": "administrator@test-network",
   "sender_address": "box@test-network",
   "server": {
       "selection": "fqdn",
       "value": "smtp.test-network"
   },
   "alerting_address": "alert-investigator@test-network",
   "reporting_address": "report-collector@test-network",
   "user_authentication": null,
   "user_authentication": {
      "username": "testuser",
      "password": {
          "plain": "testuser-password"
      }
   },
   "encryption": {
      "selection": "disabled"
   }
}
REQUEST

Configure authentication to the SMTP server response

{
   "meta": {
       "first": "/api/configuration/management/accounting",
       "href": "/api/configuration/management/email",
       "last": "/api/configuration/management/web_gateway_authentication",
       "next": "/api/configuration/management/exported_configuration_encryption",
       "parent": "/api/configuration/management",
       "previous": "/api/configuration/management/disk_fillup_prevention",
       "transaction": "/api/transaction"
   }
}
Configure STARTTLS encryption without certificate checks

Configure STARTTLS encryption without certificate checks request

curl --cookie cookies.txt --request PUT --data '@-' https://<IP-address-of-SPS>/api/configuration/management/email <<'REQUEST'
{
   "admin_address": "administrator@test-network",
   "sender_address": "box@test-network",
   "server": {
       "selection": "fqdn",
       "value": "smtp.test-network"
   },
   "alerting_address": "alert-investigator@test-network",
   "reporting_address": "report-collector@test-network",
   "user_authentication": null,
   "user_authentication": {
      "username": "testuser",
      "password": {
          "plain": "testuser-password"
      }
   },
   "encryption": {
       "selection": "starttls",
       "server_certificate_check": null,
       "client_authentication": null
   }
}
REQUEST

Configure STARTTLS encryption without certificate checks response

{
   "meta": {
       "first": "/api/configuration/management/accounting",
       "href": "/api/configuration/management/email",
       "last": "/api/configuration/management/web_gateway_authentication",
       "next": "/api/configuration/management/exported_configuration_encryption",
       "parent": "/api/configuration/management",
       "previous": "/api/configuration/management/disk_fillup_prevention",
       "transaction": "/api/transaction"
   }
}
Configure STARTTLS encryption with server certificate check, and authenticate as client with an X.509 certificate

Configure STARTTLS encryption with server certificate check, and authenticate as client with an X.509 certificate request

curl --cookie cookies.txt --request PUT --data '@-' https://<IP-address-of-SPS>/api/configuration/management/email <<'REQUEST'
{
   "admin_address": "administrator@test-network",
   "sender_address": "box@test-network",
   "server": {
       "selection": "fqdn",
       "value": "smtp.test-network"
   },
   "alerting_address": "alert-investigator@test-network",
   "reporting_address": "report-collector@test-network",
   "user_authentication": null,
   "user_authentication": {
      "username": "testuser",
      "password": {
          "plain": "testuser-password"
      }
   },
   "encryption": {
       "selection": "starttls",
       "server_certificate_check": {
           "pem": "-----BEGIN CERTIFICATE-----\nMIIEWTCCA0GgAwIBAgIBAjANBgkqhkiG9w0BAQ0FADCBzDELMAkGA1UEBhMCUk8x\nFTATBgNVBAgMDFRoZVJvb3RTdGF0ZTEYMBYGA1UEBwwPVGhlUm9vdExvY2FsaXR5\nMRwwGgYDVQQKDBNUaGVSb290T3JnYW5pemF0aW9uMSIwIAYDVQQLDBlUaGVSb290\nT3JnYW5pemF0aW9uYWxVbml0MSAwHgYDVQQDDBd0aGUucm9vdC5jb21tb24ubmFt\nZS5pbzEoMCYGCSqGSIb3DQEJARYZdGhlQHJvb3QuZW1haWwuYWRkcmVzcy5pbzAe\nFw0xNDA4MTQxMzA0NDNaFw0yNDA4MTExMzA0NDNaMIHAMQswCQYDVQQGEwJDQTET\nMBEGA1UECAwKVGhlQ2FTdGF0ZTEWMBQGA1UEBwwNVGhlQ2FMb2NhbGl0eTEaMBgG\nA1UECgwRVGhlQ2FPcmdhbml6YXRpb24xIDAeBgNVBAsMF1RoZUNhT3JnYW5pemF0\naW9uYWxVbml0MR4wHAYDVQQDDBV0aGUuY2EuY29tbW9uLm5hbWUuaW8xJjAkBgkq\nhkiG9w0BCQEWF3RoZUBjYS5lbWFpbC5hZGRyZXNzLmlvMIIBIjANBgkqhkiG9w0B\nAQEFAAOCAQ8AMIIBCgKCAQEAnDH+7TXsG4KIuEgH/Q6zcV2+RKbcIGIM+Qy7AXPK\nMaC2zz+rFLdwrkE60S6q5kbj4Qviw0EB9xrFqyYzDu+9QeWgLYUVVSCAZiRkfrcz\nw4+LC5CcyxpLx7AwaJTGSZOjCAzQI0M+5VNxlUg96OMiQmLI1LyGcWiCU/b1DH+o\nkI9f7+E8I5TwJEepb6pUiAnGVJoq19v39SlKDDDZ2oS47ElQPQM6QhyT6C9R10GI\n1ILYkgVQCR6dKCqRiar+DrgULY6I/YpZjzsoQT9cuK3kPZqn5P/O/EUWfuVY6BWZ\nn/OW6/JEZvpxyP1IrNq2Mc1dfSFWxqaUd+Lu+xvIMGkpJwIDAQABo1AwTjAdBgNV\nHQ4EFgQUP0o72Giv/Nc5rbYbmARjo4WggCcwHwYDVR0jBBgwFoAUHCS1guZGRNHN\nSvIRRCht25WOJOEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQ0FAAOCAQEAsXiL\ntf6rYuY5Lr8WrUAM344il4fT+NQQ9ikbAIO9bLUaZG+cXbWLNeQSP/iDuBwWi2JF\noFhSAekr1UZvWu+eL62BeLl2CxB5SCayey9fIVTG8C+QHuOmsjLvTyQsUPByt2rE\nPB35hhxkSscUA4JyGN5dx08aaLBaULjaUwrib9gM7Iqg41pV+8MGPyHidUFeHPCS\nmuhmxoGlwjnzOuG3kE06EY9NjZ0oRnNnFtAat33/WgUDMMXK7H4t0IKojGgajvga\nqf42osfXzBTA7hD2qaTv/p/jGtt+UGJefsS2BkLn7aNGpOPhmC+So0bOhRCwmasV\nWywaLFBDEYDnAEbK5Q==\n-----END CERTIFICATE-----\n"
       },
       "client_authentication": "x509-identity-0"
   }
}
REQUEST

Configure STARTTLS encryption with server certificate check, and authenticate as client with an X.509 certificate response

{
   "meta": {
       "first": "/api/configuration/management/accounting",
       "href": "/api/configuration/management/email",
       "last": "/api/configuration/management/web_gateway_authentication",
       "next": "/api/configuration/management/exported_configuration_encryption",
       "parent": "/api/configuration/management",
       "previous": "/api/configuration/management/disk_fillup_prevention",
       "transaction": "/api/transaction"
   }
}

Number of audited users

Querying the number of audited users

Querying the number of audited users request

curl --cookie cookies.txt --request GET https://<IP-address-of-SPS>/api/audit/users/_count

Querying the number of audited users response

{
  "count": 3,
  "meta":{
    "href":"/api/audit/users/_count",
    "parent":"/api/audit/users"
  }
}

Private keys

Querying a private key

Querying a private key request

curl --cookie cookies.txt --request GET https://<IP-address-of-SPS>/api/configuration/private_keys/identity-0

Querying a private key response

{
    "key": "identity-0",
    "body": {
      "public_key_fingerprint": {
          "digest": "2048 SHA256:JSFdfkT6wU9c00ddqX53hovDo7KbIB8OREfumUWDh8g no comment (RSA)",
          "hash_algorithm": "sha256"
      },
      "type": "rsa"
    }
}

Rsync backup policy

Querying backup policy

Querying backup policy request

curl --cookie cookies.txt --request GET https://<IP-address-of-SPS>/api/configuration/policies/backup_policies/99275192754364c2b1bd04

Querying backup policy response

{
    "body": {
        "include_node_id_in_path": true,
        "name": "backup_rsync",
        "notification_event": {
            "file_count_limit": 10240,
            "send_filelist": true,
            "type": "none"
        },
        "start_times": [
            "8:00"
        ],
        "target": {
            "auth_key": {
                "key": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX",
                "meta": {
                    "href": "/api/configuration/private_keys/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
                }
            },
            "host_key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAYQCsU80IBrJbOlqCi03qZK+FtgS783VKE1TVZBtDQlsXJ9FXu6KNBvqvSAjcXiWY+izqn+P14UVRY1vOdz7WwLIWOUoTKHfPMqv3bdjwM4Bhd26POWSFyDf46yx1YzvMwgc=",
            "path": "/data/backup",
            "port": 1122,
            "server": {
                "selection": "ip",
                "value": "192.168.122.1"
            },
            "type": "rsync",
            "username": "user1"
        }
    },
    "key": "99275192754364c2b1bd04"
}
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택