The client application used to access One Identity Safeguard for Privileged Sessions (SPS) must meet the following criteria:
Support SOAP version 1.1 or later.
Support WSDL version 1.1.
Properly handle complex object types.
Include a JSON decoder for interpreting the results of search operations.
The following client libraries have been tested with SPS.
|Client name||Programming language||Status||Comments|
|Apache Axis 1||Java||Working|
|Built-in .NET library||.NET||Working||
SPS does not support the Expect HTTP Header feature, and must be disabled, for example, using System.Net.ServicePointManager.Expect100Continue = false;
|Scio||Python||Partially working||Does not handle complex object types, so it cannot perform search queries.|
Accessing One Identity Safeguard for Privileged Sessions (SPS) using the RPC API locks certain components of SPS from other users, just like accessing SPS using the web interface or the console. Locking SPS via RPC can be performed either explicitly by calling the lockAcquire function, or implicitly when an operation requires the lock. In either case, ensure that your application verifies that the lock is received and properly handles if the component is locked by someone else (for example, because a user is accessing the component from the web interface).
For details on how locking works in SPS, see "Multiple users and locking" in the Administration Guide.
The documentation of the One Identity Safeguard for Privileged Sessions (SPS) RPC API is available online from the SPS web interface: select Basic Settings > Management > RPC API settings > Open documentation, or directly from the following URL: https://<ip-address-of-SPS>/rpc-api-doc/. This documentation contains the detailed description of the available services and classes.
The following describes how to configure One Identity Safeguard for Privileged Sessions (SPS) to accept RPC API connections.
To configure SPS to accept RPC API connections
Log in to the SPS web interface.
Select Basic Settings > Management > RPC API settings > Enable RPC API.
Figure 292: Basic Settings > Management > RPC API settings — Enabling RPC API access to SPS
Users accounts belonging to a usergroup that have read and write/perform rights to the Access RPC API privilege can access SPS via the RPC API.