One Identity Safeguard for Privileged Sessions 6.2.0 - Creating custom Credential Store plugins

Input arguments

  • session_id

    Type: string

    Description: The unique identifier of the session.

  • cookie

    Type: dictionary

    Description: The cookie returned by the previous hook in the session. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by one of the previous calls in this particular custom Credential Store plugin. You can use the cookie to maintain the state for each particular connection or to transfer information between the different methods of the plugin. For an example that transfers information in the cookie between two methods, see "Examples" in the Creating custom Authentication and Authorization plugins.

  • session_cookie

    Type: dictionary

    Description: You can use the session cookie to maintain global state between plugins for each particular connection. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by a previous plugin hook in the session.

  • protocol

    Type: string

    Description: The protocol name, in lowercase letters (http, ica, rdp, ssh, telnet, vnc).

  • client_ip

    Type: string

    Description: A string containing the IP address of the client.

  • gateway_username

    Type: string
  • gateway_password

    Type: string
  • gateway_groups

    Type: list
  • gateway_domain

    string
  • target_username

    string
  • target_host

    string
  • target_port

    Type: int
  • target_domain

    Type: string

Returned values

  • cookie

    Type: dictionary
    Required: no

    Description: The cookie returned by the previous hook in the session. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by one of the previous calls in this particular custom Credential Store plugin. You can use the cookie to maintain the state for each particular connection or to transfer information between the different methods of the plugin. For an example that transfers information in the cookie between two methods, see "Examples" in the Creating custom Authentication and Authorization plugins.

  • session_cookie

    Type: dictionary
    Required: no

    Description: You can use the session cookie to maintain global state between plugins for each particular connection. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by a previous plugin hook in the session.

  • passwords

    Type: string list
    Required: no

    Description: If the plugin returns multiple passwords, SPS tries to use them to authenticate on the target server (in the order they are listed).

get_private_key_list

Called when an SSH private key is required to login on the target. Can be called multiple times for the same session.

Input arguments

  • session_id

    Type: string

    Description: The unique identifier of the session.

  • cookie

    Type: dictionary

    Description: The cookie returned by the previous hook in the session. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by one of the previous calls in this particular custom Credential Store plugin. You can use the cookie to maintain the state for each particular connection or to transfer information between the different methods of the plugin. For an example that transfers information in the cookie between two methods, see "Examples" in the Creating custom Authentication and Authorization plugins.

  • session_cookie

    Type: dictionary

    Description: You can use the session cookie to maintain global state between plugins for each particular connection. If this is the first call for that session, it is initialized as an empty dictionary, otherwise it has the value returned by a previous plugin hook in the session.

  • protocol

    Type: string

    Description: The protocol name, in lowercase letters (http, ica, rdp, ssh, telnet, vnc).

  • client_ip

    Type: string

    Description: A string containing the IP address of the client.

  • gateway_username

    Type: string
  • gateway_password

    Type: string
  • gateway_groups

    Type: list
  • gateway_domain

    Type: string
  • target_username

    Type: string
  • target_host

    Type: string
  • target_port

    Type: int
  • target_domain

    Type: string

Related Documents