立即与支持人员聊天
与支持团队交流

One Identity Safeguard for Privileged Sessions 8.0 LTS - REST API Reference Guide

Introduction Using the SPS REST API Basic settings User management and access control Managing SPS General connection settings HTTP connections Citrix ICA connections MSSQL connections RDP connections SSH connections Telnet connections VNC connections Search, retrieve, download, and index sessions Reporting Health and maintenance Advanced authentication and authorization Completing the Welcome Wizard using REST Enable and configure analytics using REST REST API examples

Uploading new firmware to SPS

Use the /upload/firmware endpoint to upload new firmware to SPS.

URL
POST https://<IP-address-of-SPS>/api/upload/firmware
Cookies
Cookie name Description Required Values
session_id Contains the authentication token of the user Required

The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.

NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format).

Operations

Operations with the /upload/firmware endpoint include:

Operation HTTP method URL

Notes

Uploading SPS firmware images POST /api/upload/firmware

The enctype attribute of the POST request must be multipart/form-data.

Sample request

The following command uploads a new firmware to SPS.

curl --cookie cookies.txt https://<IP-address-of-SPS>/api/upload/firmware --form firmware=@<sps.iso>

Where <sps.iso> is the path of the new firmware.

Response

The following is a sample response received when a new firmware image is uploaded.

For more information on the meta object, see Message format.

{
     "body": {
       "after_reboot": true,
       "current": false,
       "upgrade_news": null,
       "upgrade_notes": "some notes",
      "version": "6.6.0"
     },
     "key": "2",
     "meta": {
       "href": "/api/upload/firmware",
       "slot": "/api/firmware/slots/2",
       "test": "/api/firmware/test",
       "upgrade": "/api/firmware/upgrade",
       "number_of_empty_slots": 2
     }
   }
		

Elements of the response message body include:

Element

Type

Description

Notes

after_reboot

boolean

This flag shows that the firmware is selected to be the active firmware after upgrade.

In this particular case, the value of after_reboot will always be false, as the firmware has not yet been chosen for upgrade.

current

boolean

Indicates whether the firmware is active.

Possible values:

  • true - the current firmware is the latest version

  • false - the current firmware is not the latest version

upgrade_news

string

Displays SPS Upgrade Notes that is relevant to the current firmware.

If there is no such information available, the value will be null.

upgrade_notes

string

The content of the SPS Upgrade Notes for that firmware image.

 

version

number

The version number of that specific SPS firmware image.

 

HTTP response codes

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Downloading and installing SPS firmware through HTTP

With the /fetch endpoint you can avoid having to manually upload large SPS firmware ISO files before upgrading. Instead, you can install SPS firmware files by providing a URL through the SPS REST API. This also makes it easier to download and install a new firmware image on multiple SPS instances simultaneously. Download requests are processed asynchronously, as indicated by the 202 Accepted HTTP response.

Base URL
https://<address-of-SPS>/api
Cookies

For more information about the authentication token of the user, see Application level error codes.

Sample request

Operations with the /fetch endpoint include:

HTTP method URL Description

Notes

POST

/firmware/fetch

curl -X POST -b "${COOKIE_PATH}" --data "@-" https://<address-of->/api/firmware/fetch

Start downloading SPS firmware files

 

GET

/firmware/fetch

curl -X GET -b "${COOKIE_PATH}" https://<address-of->/api/firmware/fetch

Retrieve the status of SPS firmware downloads

 

GET

/firmware/fetch/<key-of-the-SPS-firmware-download>

curl -X GET -b "${COOKIE_PATH}" https://<address-of->/api/firmware/fetch/<key-of-the-firmware-download>

Retrieve the status of a single SPS firmware download

 

DELETE

/firmware/fetch/<key-of-the-SPS-firmware-download>

curl -X DELETE -b "${COOKIE_PATH}" https://<address-of->/api/firmware/fetch/<key-of-the-firmware-download>

Cancel a SPS firmware download

You can safely cancel running a SPS firmware file download while the status of the download is queued or in-progress.

If you cancel running a firmware download while its status is in-progress, any partially downloaded files will be removed from SPS. However, the status information remains in the queue, and can be removed by sending a second DELETE request to the same URL.

NOTE: After the firmware download and verification steps are completed, it is not possible to cancel the installation of the firmware.

DELETE

/firmware/fetch/<key-of-the-SPS-firmware-download>

curl -X DELETE -b "${COOKIE_PATH}" https://<address-of->/api/firmware/fetch/<key-of-the-firmware-download>

Remove status information of finished, failed, and cancelled downloads

There is no automated procedure to remove outdated firmware downloads. You must remove them manually.

Elements of the request message body include:

Element

Type

Description

Notes

url

string

 

 

checksum

object

When SPS downloads from a HTTPS URL, the server certificate is not validated during the SSL handshake. As a result, a checksum is required so that SPS can verify that the data was not tampered with in transit. The SPS download page for the respective version of the product provides the SHA-256 checksum of all official SPS images.

checksum is a required parameter and can only accept a sha256 hash as a value. This parameter must be used when you are running SPS in a production environment.

checksum.sha256

string

The SHA-256 hash of the SPS ISO image.

 

Elements of the response message body include:

Element

Type

Description

Notes

key

string

The identifier of the SPS firmware download job that is running in the background.

 

bytes_downloaded

number

The number of bytes already downloaded.

 

bytes_total

number

The total number of bytes to be downloaded from the Content-Length header received from the server.

 

error

string

The error message, containing details of the error.

If no error has happened, then the value is null.

info

string

Indicates download-specific information, for example, the SPS firmware file is currently downloading, or that SPS is unable to download the firmware file.

Possible values:

  • null
  • Downloading
  • Verifying checksum
  • Firmware fetching failed
  • Installing

The value of the info field can be null in two scenarios:

  • The firmware download has not started yet.

  • The firmware download and installation has been successful.

slot_id

number

The identifier of theSPS firmware image slot.

Before the firmware download is finished, the value of the slot_id is null.

When the status of the firmware download is finished, the slot_id indicates the location where the downloaded firmware was installed. Note that if an administrator later runs other operations on that particular firmware slot, like deleting it or uploading another firmware, then these will not be reflected in the status of the firmware download.

start_time

string (ISO 8601)

The time at which the SPS firmware download job has started.

 

status

string

The status of the SPS firmware fetching job.

Possible values are:

  • queued - the SPS firmware download is queued.

  • in-progress - the SPS firmware download is being processed.

  • finished - the SPS firmware download has been completed.

  • failed - the SPS firmware could not be downloaded.

  • canceled - the SPS firmware download was canceled.

url

string(URI)

The resource URL of the SPS firmware.

Example:

https://example.com/sps.iso

For more information on the meta object, see Message format.

HTTP response codes

For more information and a complete list of standard HTTP response codes, see Application level error codes.

Network settings

Network configuration options

Contains the endpoints for configuring networking on SPS.

URL
GET https://<IP-address-of-SPS>/api/configuration/network
Cookies
Cookie name Description Required Values
session_id Contains the authentication token of the user Required

The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.

NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format).

Sample request

The following command lists network configuration options.

curl --cookie cookies.txt https://<IP-address-of-SPS>/api/configuration/network
Response

The following is a sample response received when listing network configuration options.

For more information on the meta object, see Message format.

{
  "items": [
    {
      "key": "dns",
      "meta": {
        "href": "/api/configuration/network/dns"
      }
    },
    {
      "key": "ip_forwarding_rule_pairs",
      "meta": {
        "href": "/api/configuration/network/ip_forwarding_rule_pairs"
      }
    },
    {
      "key": "naming",
      "meta": {
        "href": "/api/configuration/network/naming"
      }
    },
    {
      "key": "nics",
      "meta": {
        "href": "/api/configuration/network/nics"
      }
    },
    {
      "key": "routing",
      "meta": {
        "href": "/api/configuration/network/routing"
      }
    }
  ],
  "meta": {
    "first": "/api/configuration/aaa",
    "href": "/api/configuration/network",
    "last": "/api/configuration/x509",
    "next": "/api/configuration/passwords",
    "parent": "/api/configuration",
    "previous": "/api/configuration/management",
    "transaction": "/api/transaction"
  }
}
Element Description
dns The address of the primary and secondary DNS server.
ip_forwarding_rule_pairs Rules for routing between the network interfaces.
naming DNS search domain, hostname, and appliance nickname settings.
nics References the endpoints of the three physical network interfaces.
routing Routing table. Defines the address of the gateway server for each configured subnet.
Status and error codes

The following table lists the typical status and error codes for this request. For a complete list of error codes, see Application level error codes.

Code Description Notes
401 Unauthenticated The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
403 Unauthorized The requested resource cannot be retrieved because the client is not authorized to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved.
404 NotFound The requested object does not exist.
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级