Contains the endpoints for configuring networking on Safeguard for Privileged Sessions.
GET https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network
Header name | Description | Required | Values |
---|---|---|---|
session_id | Contains the authentication token of the user | Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For details on authentication, see Authenticate to the Safeguard for Privileged Sessions REST API. Note that this session ID refers to the connection between the REST client and the Safeguard for Privileged Sessions REST API. It is not related to the sessions that Safeguard for Privileged Sessions records (and which also have a session ID, but in a different format). |
The following command lists network configuration options.
curl --cookie cookies https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network
The following is a sample response received when listing network configuration options. For details of the meta object, see Introduction.
{ "items": [ { "key": "dns", "meta": { "href": "/api/configuration/network/dns" } }, { "key": "ip_forwarding_rule_pairs", "meta": { "href": "/api/configuration/network/ip_forwarding_rule_pairs" } }, { "key": "naming", "meta": { "href": "/api/configuration/network/naming" } }, { "key": "nics", "meta": { "href": "/api/configuration/network/nics" } }, { "key": "routing", "meta": { "href": "/api/configuration/network/routing" } } ], "meta": { "first": "/api/configuration/aaa", "href": "/api/configuration/network", "last": "/api/configuration/x509", "next": "/api/configuration/passwords", "parent": "/api/configuration", "previous": "/api/configuration/management", "transaction": "/api/transaction" } }
Element | Description |
---|---|
dns | The address of the primary and secondary DNS server. |
ip_forwarding_rule_pairs | Rules for routing between the network interfaces. |
naming | DNS search domain, hostname, and appliance nickname settings. |
nics | References the endpoints of the three physical network interfaces. |
routing | Routing table. Defines the address of the gateway server for each configured subnet. |
The following table lists the typical status and error codes for this request. For a complete list of error codes, see Using the Safeguard for Privileged Sessions REST API.
Code | Description | Notes |
---|---|---|
401 | Unauthenticated | The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
401 | AuthenticationFailure | Authenticating the user with the given credentials has failed. |
404 | NotFound | The requested object does not exist. |
Contains the address of the primary and secondary DNS server.
GET https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/dns
Header name | Description | Required | Values |
---|---|---|---|
session_id | Contains the authentication token of the user | Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For details on authentication, see Authenticate to the Safeguard for Privileged Sessions REST API. Note that this session ID refers to the connection between the REST client and the Safeguard for Privileged Sessions REST API. It is not related to the sessions that Safeguard for Privileged Sessions records (and which also have a session ID, but in a different format). |
The following command lists the configured DNS servers.
curl --cookie cookies https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/dns
The following is a sample response received when listing the configured DNS servers. For details of the meta object, see Introduction.
{ "body": { "primary": "192.168.56.1", "secondary": null }, "key": "dns", "meta": { "first": "/api/configuration/network/dns", "href": "/api/configuration/network/dns", "last": "/api/configuration/network/routing", "next": "/api/configuration/network/ip_forwarding_rule_pairs", "parent": "/api/configuration/network", "previous": null, "transaction": "/api/transaction" } }
Element | Type | Description | |
---|---|---|---|
key | string | Top level element, contains the ID of the endpoints. | |
body | Top level element (string) | Contains the addresses of the DNS servers. | |
primary | string | The IP address of the primary DNS server. | |
secondary | string | The address of the secondary DNS server. |
To modify the address of a DNS server, you have to:
For details, see Open a transaction.
PUT the modified JSON object to the https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/dns endpoint. You can find a detailed description of the available parameters listed in DNS servers.
For details, see Commit a transaction.
The following table lists the typical status and error codes for this request. For a complete list of error codes, see Using the Safeguard for Privileged Sessions REST API.
Code | Description | Notes |
---|---|---|
201 | Created | The new resource was successfully created. |
401 | Unauthenticated | The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
401 | AuthenticationFailure | Authenticating the user with the given credentials has failed. |
404 | NotFound | The requested object does not exist. |
Configures routing between network interfaces. To use an interface in single-interface router mode, configure both interface_a and interface_b elements to reference that same interface.
GET https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/ip_forwarding_rule_pairs
Header name | Description | Required | Values |
---|---|---|---|
session_id | Contains the authentication token of the user | Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For details on authentication, see Authenticate to the Safeguard for Privileged Sessions REST API. Note that this session ID refers to the connection between the REST client and the Safeguard for Privileged Sessions REST API. It is not related to the sessions that Safeguard for Privileged Sessions records (and which also have a session ID, but in a different format). |
The following command lists interface routing rules.
curl --cookie cookies https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/ip_forwarding_rule_pairs
The following is a sample response received when listing interface routing rules. For details of the meta object, see Introduction.
{ "body": [ { "interface_a": { "key": "nic1.interfaces.ff7574025754b3df1647001", "meta": { "href": "/api/configuration/network/nics/nic1/interfaces/ff7574025754b3df1647001" } }, "interface_b": { "key": "nic1.interfaces.ff7574025754b3df1647001", "meta": { "href": "/api/configuration/network/nics/nic1/interfaces/ff7574025754b3df1647001" } } } ], "key": "ip_forwarding_rule_pairs", "meta": { "first": "/api/configuration/network/dns", "href": "/api/configuration/network/ip_forwarding_rule_pairs", "last": "/api/configuration/network/routing", "next": "/api/configuration/network/naming", "parent": "/api/configuration/network", "previous": "/api/configuration/network/dns", "transaction": "/api/transaction" } }
Element | Type | Description | |
---|---|---|---|
key | string | Top level element, contains the ID of the endpoint. | |
body | Top level element (list) | Contains the rules for routing between the network interfaces. | |
interface_a | string |
References the identifier of the network interface. You can configure network interfaces at the /api/configuration/network/nics/ endpoint. To modify or add a network interface, use the value of the returned key as the value of the interface_a element, and remove any child elements (including the key). | |
interface_b | string |
References the identifier of the network interface. You can configure network interfaces at the /api/configuration/network/nics/ endpoint. To modify or add a network interface, use the value of the returned key as the value of the interface_b element, and remove any child elements (including the key). |
To add a rule, you have to:
For details, see Open a transaction.
POST the JSON object to the https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/ip_forwarding_rule_pairs endpoint. You can find a detailed description of the available parameters listed in Routing between interfaces.
If the POST request is successful, the response includes the key of the new rule.
For details, see Commit a transaction.
To modify a rule, you have to:
For details, see Open a transaction.
PUT the modified JSON object to the https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/ip_forwarding_rule_pairs endpoint. You can find a detailed description of the available parameters listed in Routing between interfaces.
For details, see Commit a transaction.
The following table lists the typical status and error codes for this request. For a complete list of error codes, see Using the Safeguard for Privileged Sessions REST API.
Code | Description | Notes |
---|---|---|
201 | Created | The new resource was successfully created. |
401 | Unauthenticated | The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
401 | AuthenticationFailure | Authenticating the user with the given credentials has failed. |
404 | NotFound | The requested object does not exist. |
Contains the settings for the DNS search domain, hostname, and appliance nickname.
GET https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/naming
Header name | Description | Required | Values |
---|---|---|---|
session_id | Contains the authentication token of the user | Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For details on authentication, see Authenticate to the Safeguard for Privileged Sessions REST API. Note that this session ID refers to the connection between the REST client and the Safeguard for Privileged Sessions REST API. It is not related to the sessions that Safeguard for Privileged Sessions records (and which also have a session ID, but in a different format). |
The following command lists the naming settings.
curl --cookie cookies https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/naming
The following is a sample response received when listing naming settings. For details of the meta object, see Introduction.
{ "body": { "domainname": "balabit", "hostname": "scb-api-docs", "nickname": null }, "key": "naming", "meta": { "first": "/api/configuration/network/dns", "href": "/api/configuration/network/naming", "last": "/api/configuration/network/routing", "next": "/api/configuration/network/nics", "parent": "/api/configuration/network", "previous": "/api/configuration/network/ip_forwarding_rule_pairs", "transaction": "/api/transaction" } }
Element | Type | Description | |
---|---|---|---|
key | string | Top level element, contains the ID of the endpoint. | |
body | Top level element (string) | Contains the naming settings. | |
domainname | string | The domain name of the network. | |
hostname | string | The hostname of Safeguard for Privileged Sessions. | |
nickname | string | The nickname for the appliance. Use this name to distinguish between multiple Safeguard for Privileged Sessions appliances on the network. This name is visible in the boot and core login shells. |
To modify a name, you have to:
For details, see Open a transaction.
PUT the modified JSON object to the https://<IP-address-of-Safeguard for Privileged Sessions>/api/configuration/network/naming endpoint. You can find a detailed description of the available parameters listed in Naming options.
For details, see Commit a transaction.
The following table lists the typical status and error codes for this request. For a complete list of error codes, see Using the Safeguard for Privileged Sessions REST API.
Code | Description | Notes |
---|---|---|
201 | Created | The new resource was successfully created. |
401 | Unauthenticated | The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
401 | AuthenticationFailure | Authenticating the user with the given credentials has failed. |
404 | NotFound | The requested object does not exist. |
© 2023 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy