RESTful API
(Feature available only in the Enterprise Edition)

Introduction

Password Manager Pro APIs allow you to connect, interact and integrate with Password Manager Pro directly. The APIs belong to the REpresentational State Transfer (REST) category. Password Manager Pro APIs use the GET, PUT, and POST methods to offer a wide range of operations such as creating resources and adding accounts to them, adding SSL certificates and SSH keys, associating SSH keys with resources, retrieving passwords, retrieving resource/account details, updating passwords programmatically, sharing resources/accounts to users and so on.

Pre-requisite

Creating API user accounts is the first step in the process of configuring REST APIs for Application-to-Application password management. Click here to know how to create an API user account.

APIs Summary

Methods used to invoke APIs

GET

To fetch resources, accounts, passwords, account/resource details

PUT

To change a password

POST

To create new resource and accounts

How to make use of the APIs?

Invoking the APIs

The APIs can be invoked via HTTP POST, GET and PUT requests. All parameters in the request should be form-urlencoded. For all the APIs you need to pass the AUTH token, which is mandatory.

Supported Format

Password Manager Pro supports the JSON format and the URL structure for it is given below:

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Password Manager Pro provides a wide range of APIs to:

1. Get the Resources Owned and Shared to a User

Description

To get the list of resources which are owned by or shared to an API user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources

Sample Output

In the output (as shown in the sample below), you will get all the resources owned and shared by the specific API user.

{
"operation" : {
"name" : "GET RESOURCES" ,
"result " : {
"status" : "Success",
"message" : "Resources fetched successfully"
},
"totalRows":3,
"Details": {
{
"RESOURCE DESCRIPTION":"CentOS Machine",
"RESOURCE NAME":"CentOS Machine",
"RESOURCE ID":"301",
"RESOURCE TYPE":"Linux",
"NOOFACCOUNTS" : "3"
},
{
"RESOURCE DESCRIPTION":"Cisco IOS Device",
"RESOURCE NAME":"Cisco IOS Device",
"RESOURCE ID":"302",
"RESOURCE TYPE":"Cisco IOS",
"NOOFACCOUNTS":"2"
},
{
"RESOURCE DESCRIPTION":"Weblogic Data Source Password",
"RESOURCE NAME":"WebLogic Server",
"RESOURCE ID":"303",
"RESOURCE TYPE":"WebLogic Server",
"NOOFACCOUNTS":"2"
} } } }


2. Get the Accounts that are Part of a Resource

Description

To get the list of accounts and resource details present in the resource. Resource ID can be obtained from the GET RESOURCES API (explained above).

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/303/accounts


Sample Output

In the output (as shown in the sample below), you will get all the resources owned and shared by the specific API user.

{
"operation":{
"name":"GET RESOURCE ACCOUNTLIST",
"result ":{
"status": "Success ,
"message":"Resource details with account list fetched successfully"
},
"Details":{
"RESOURCE ID":"303",
"RESOURCE NAME":"MSSQL server",
"RESOURCE DESCRIPTION" :"WebLogic Data source password",
"RESOURCE TYPE":"MS SQL server",
"DNS NAME":" sqlserver-l",
"PASSWORD POLICY":"Strong",
"DEPARTMENT": "SQL Server DBA" ,
"LOCATION":"Level 10",
"RESOURCE URL":"http://sqlserver-1/",
"RESOURCE OWNER": "admin",
"CUSTOM FIELD":{
"CUSTOMFIELDVALUE":"78336298",
"CUSTOMFIELDTYPE":"Numeric",
"CUSTOMFIELDLABEL":"License No" ,
"CUSTOMFIELDCOLUMNNAME":"COLUMN_LONG1"
},{
"CUSTOMFIELDVALUE":"Sep 10, 2013",
"CUSTOMFIELDTYPE" : "Date",
"CUSTOMFIELDLABEL":" Installed Date",
"CUSTOMFIELDCOLUMNNAME" "COLUMN_DATE1"
}, {
"CUSTOMFIELDVALUE":"Tese123$*%%,
"CUSTOMFIELDTYPE":"Password",
"CUSTOMFIELDLABEL":"Resource Password", "CUSTOMFIELDCOLUMNNAME":"COLUMN_SCHAR1"
}, {
"CUSTOMFIELDVALUE":"YES"
"CUSTOMFIELDTYPE":"Character",
"CUSTOMFIELDLABEL":"Secure Resource",
"CUSTOMFIELDCOLUMNNAME":"COLUMN_CHAR1"
} },
"ACCOUNT LIST": {
{
"ISFAVPASS": "false",
"ACCOUNT NAME":"sysdba",
"PASSWDID":"308",
"PASSWORD STATUS":"[In Use]",
"ACCOUNT ID":"308"
}, {
"ISFAVPASS":"false",
"ACCOUNT NAME":"system",
"PASSWDID":"307"
"PASSWORD STATUS":"*****",
"ACCOUNT ID":"307"
} } } } }


Note: If password access control had been enabled AND If the password status is 'IN USE', you will see the output as [ In use ].


3. Get Details of an Account

Description

To get the details of an account that is part of a resource, you need to pass both Resource ID and Account ID to fetch the required details.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/303/accounts/307

Sample Output

{
"operation":{
"name":"GET RESOURCE ACCOUNT DETAILS",
result":{
status":"Success",
message":"Account details fetched successfully"
},
"Details":{
"DESCRIPTION":"",
"LAST ACCESSED TIME":"N/A",
"LAST MODIFIED TIME":"Sep 10, 2013 3:33 PM",
"PASSWORD STATUS":"*****",
"PASSWDID":"307",
"CUSTOM FIELD":[
{
"CUSTOMFIELDVALUE": "56455567",
"CUSTOMFIELDTYPE":"Numeric",
"CUSTOMFIELDLABEL":"Account LIC Number",
"CUSTOMFIELDCOLUMNNAME":"COLUMN_LONG1"
}, {
"CUSTOMFIELDVALUE": "Sep 10, 2013",
"CUSTOMFIELDTYPE":"Date",
"CUSTOMFIELDLABEL":"Acc creation date",
"CUSTOMFIELDCOLUMNNAME":"COLUMN_DATE1"
}, {
"CUSTOMFIELDVALUE": "Test12345",
"CUSTOMFIELDTYPE":"Password",
"CUSTOMFIELDLABEL":"Secondary Password",
"CUSTOMFIELDCOLUMNNAME":"COLUMN_SCHAR1"
},{
"CUSTOMFIELDVALUE": "YES",
"CUSTOMFIELDTYPE":"Character",
"CUSTOMFIELDLABEL":"Secure Account",
"CUSTOMFIELDCOLUMNNAME":"COLUMN_CHAR1"
} ] } } }


4. Get the Password of an Account that is Part of a Resource

Description

To get the password of an account that is part of a resource, you need to pass both Resource ID and Account ID to fetch the required details.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>/password

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

In case the setting at your end demands a reason to be supplied for retrieving a password, you need to pass the following details as input. If the ticketing system is enabled, you need to pass ticket ID for validation.

INPUT_DATA={"operation":{"Details":{"REASON":"Need the password to Login Windows Server","TICKETID":"7"}}}

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/303/accounts/307/password


curl -X GET -k -H "Content-Type: text/json" -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/2/accounts/2/password --data-urlencode INPUT_DATA={"operation":{"Details":{"REASON":"Need the password to Login Windows Server"}}}

Sample Output

{
"operation":{
"name":"GET PASSWORD",
"result":{
"status": "Success",
"message":"Password fetched successfully"
},
"Details":{
"PASSWORD":"fqxdB7ded@4"
} } }


Note: If there occurs any problem on retrieving password, the reason will be displayed as part of message.


5. Change the Password of an Account

Description

To change the password of an account that is part of a resource, you need to pass both Resource ID and Account ID to fetch the required details. If the ticketing system is enabled, you need to pass ticket ID for validation.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>/password

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Input Data

You need to pass input data such as new password, reset type and reason. Reset type should be either LOCAL or REMOTE.

INPUT_DATA={
"operation":{
"Details":{
"NEWPASSWORD":"Test@12345$",
"RESETTYPE":"LOCAL",
"REASON":"Password Expired",
"TICKETID":"7"
} } }

Sample Request

curl -X PUT -k -H "AUTHTOKEN<<Authtoken_generated_from_Password_Manager_Pro>>" https:/<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/2/accounts/2/password --data-urlencode INPUT_DATA={"operation":{"Details":{"NEWPASSWORD":"Test12345$","RESETTYPE":"LOCAL","REASON":"test","TICKETID":"7"}}}

Sample Output

{
"operation":{ "name":"CHANGE PASSWORD",
"result":{
"status":"Success",
"message":"Password changed successfully"
} } }


Note: If there occurs any problem on changing password, the reason will be displayed as part of message.


6. Create a New Resource

Description

To create a new resource in Password Manager Pro.

Input Data

You need to pass input data such as name of the resource, account name, resource type, password, URL, description, notes and any other additional fields at the resource and account levels. You can add as many as 40 custom fields (20 each at resource and account levels). Of these, resource name, account name, resource type and password are mandatory.

INPUT_DATA={
"operation":{
"Details":{
"RESOURCENAME":"Windows Server",
"ACCOUNTNAME":"Administrator",
"RESOURCETYPE":"Windows",
"PASSWORD":"Test123#@!",
"NOTES":"Testing API",
"RESOURCEURL":"http://windowsserver/adminconsole",
"RESOURCEPASSWORDPOLICY":"Strong",
"ACCOUNTPASSWORDPOLICY":"Strong",
"RESOURCECUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Resource",
"CUSTOMVALUE":"YES"
} ],
"ACCOUNTCUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Account",
"CUSTOMVALUE":"YES"
} ] } } }

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources --data-urlencode "INPUT_DATA={\"operation\":{\"Details\":{\"RESOURCENAME\":\"Windows Server\",\"ACCOUNTNAME\":\"Administrator\",\"RESOURCETYPE\":\"Windows\",\"PASSWORD\" :\"Test@123\",\"RESOURCEPASSWORDPOLICY\":\"Strong\",\"ACCOUNTPASSWORDPOLICY\":\"Strong\",\"RESOURCECUSTOMFIELD\":[{\"CUSTOMLABEL\":\"Secure Resource\",\"CUSTOMVALUE\":\"YES\"}],\"ACCOUNTCUSTOMFIELD\":[{\"CUSTOMLABEL\":\"Secure Account\",\"CUSTOMVALUE\":\"YES\"}]}}}"

Sample Output

{
"operation":{
"name":"CREATE RESOURCE",
"result":{
"status":"Success",
"message":"Resource Windows Server has been added successfully"
} }


Note: If you want to add a new resource under Administrator/Password Administrator/Privileged Administrator an additional parameter "OWNERNAME" having the value of that particular user should be added to the resource details. While adding the resource to AD user, the username must be in the format "Domain-Name\\UserName".


INPUT_DATA={
"operation":{
"Details":{
"RESOURCENAME":"Windows Server",
"ACCOUNTNAME":"Administrator",
"RESOURCETYPE":"Windows",
"PASSWORD":"Test@123!",
"NOTES":"Testing API",
"RESOURCEURL":"http://windowsserver/adminconsole",
"OWNERNAME":"admin",
"RESOURCECUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Resource",
"CUSTOMVALUE":"YES"
} ],
"ACCOUNTCUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Account",
"CUSTOMVALUE":"YES"
} ] } } }


Note: If you want to add a resource to a static resource group, an additional parameter "RESOURCEGROUPNAME" having the value of that particular resource group should be added to the resource creation input. If the group already exists, this resource will be added to that group; otherwise, a new group with the name specified here will be created.


INPUT_DATA={
"operation":{
"Details":{
"RESOURCENAME":"Windows Server",
"ACCOUNTNAME":"Administrator",
"RESOURCETYPE":"Windows",
"PASSWORD":"Test123#@!",
"NOTES":"Testing API",
"RESOURCEURL":"http://windowsserver/adminconsole",
"RESOURCEGROUPNAME":"Windows Servers",
"RESOURCECUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Resource",
"CUSTOMVALUE":"YES"
} ],
"ACCOUNTCUSTOMFIELD":[
{
"CUSTOMLABEL":"Secure Account",
"CUSTOMVALUE":"YES"
} ] } } }


Note: You can also add files as a separate resource in Password Manager Pro. To add a file as a new resource, the 'Content-Type' in the request has to be modified as shown in the sample below. Once you have modified, you just have to pass the file along with it.


INPUT_DATA={
"operation":{
"Details":{
"RESOURCENAME":"Active Directory",
"ACCOUNTNAME":"Administrator",
"RESOURCETYPE":"License Store",
"PASSWORD":"Test123#@!",
"NOTES":"Testing API",
"RESOURCEURL":"http://windowsserver/adminconsole"
} } }

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: multipart/form-data" -F 'file=@standalonesample.txt' -F 'INPUT_DATA={"operation":{"Details":{"RESOURCENAME":"Windows Server","ACCOUNTNAME":"Administrator","RESOURCETYPE":"File Store","PASSWORD":"Test123#@!","NOTES":"Testing API","RESOURCEURL":"http://windowsserver/adminconsole"}}}' "https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources"


7. Get the Account ID and Resource ID

Description

To get the account ID and resource ID, you need to pass the resource name and account name in the URL.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/getResourceIdAccountId? RESOURCENAME=(Resourcename)&ACCOUNTNAME=(Account name)

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" "https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/getResourceIdAccountId?RESOURCENAME=MSSQLServer&ACCOUNTNAME=system"

Sample Output

{
"operation":{
"name":"GET_RESOURCEACCOUNTID",
"result":{
"status":"Success",
"message":"Resource ID and account ID fetched successfully for the given resource
name and account name."
},
"Details":{
"RESOURCEID":"303",
"ACCOUNTID":"307"
} } }


8. Get the Resource ID using the Resource Name

Description

To fetch the resource ID, you can provide the resource name alone in the URL.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/resourcename/{RESOURCENAME}

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/resourcename/test

Sample Output

{"operation":{ "name": "GET_RESOURCEID", "result":{ "status": "Success", "message": "Resource ID fetched successfully for the given resource name." }, "Details":{ "RESOURCEID": "1" } }


9. Delete a Resource in Password Manager Pro

Description

To delete a resource for the given resource ID. Resource ID can be obtained from the GET RESOURCES API (explained above).

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/{resourceid}

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

DELETE

Input Data

None

Sample Request

curl -X DELETE -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/2

Sample Output

{
"operation":{
"name":"DELETE RESOURCE"
"result":{"status":"Success"
"message":"Resources deleted successfully."}
}


10. Request Password Approval by the Admin

Description

Method to request the admin for password access approval. The account id has to be passed for the same in the URL.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountid}/requestpassword

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

In case the setting at your end demands a reason to be supplied for requesting a password, you need to pass the following details as input.

Sample Input

INPUT_DATA={
"operation":{
"Details":{
PASSWDID":"1"
"REASON":"Testing"
} } }

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/7/requestpassword?INPUT_DATA= { "operation" : { "Details":{ "REASON" : "Testing"}}}

Sample Output

{
"operation":{
"name":"REQUEST_PASSWORD" ,
"result":{
"status":"Success" ,
"message":"Request to view password have been raised successfully"
},
"Details":{
"STATUS" : "WAITING FOR APPROVAL / CHECKOUT" ;
} } }


11. Get the List of Password Requests

Description

Method to get the list of password requests to be approved or rejected by the admin who is logged in.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/passwordaccessrequests

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Sample Input

INPUT_DATA= { "operation" : { "Details" : { "REASON" : "Testing", "TICKETID" : "7"}}}

Sample Request

curl -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/passwordaccessrequests

Sample Output

{
"operation":{
"name":"GET_PASSWORDREQUEST"
"result":{
"status":"Success"
"message" : "Password Request fetched successfully"
}
"Details": {
"REQUESTER USERID":"2"
"REQUESTED BY":"guest"
"REQUESTED BY FULLNAME" : "Guest guest"
"PASSWORDREQUESTLIST" : [
{
"ACCOUNT ID" : "1"
"ACCOUNT NAME" : "ACCOUNT1"
"RESOURCE ID":"1"
"RESOURCE NAME":"apt-server1"
"PASSWD ID" : "1"
"STATUS":""
"REQUESTED TIME":"Nov 27
"REASON" : "For connecting the machine and update the Password Manager Pro server".
} {
"ACCOUNT ID" : "2"
"ACCOUNT NAME" : "ACCOUNT2"
"RESOURCE ID":"2"
"RESOURCE NAME":"apt-server2"
"PASSWD ID" : "2"
"STATUS":""
"REQUESTED TIME":"Nov 28
"REASON" : "For connecting the machine and update the Password Manager Pro server".
} ] } } }


Note: Requester ID is the same as the ID of the user who has requested the password.


12. Reject a Password Request

Description

Method for the admin to reject the password requests. This requires the account ID and requester ID to be passed in the URL.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountid}/requester/{requesterid}/reject

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Sample Input

INPUT_DATA={
"operation":{
"Details":{
"PASSWDID":"1"
"REQUESTEDID" : "2" (userid of the request raised user)
} } }


Note: Requester ID is the same as the ID of the user who has requested the password.

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/7/requester/34/reject

Sample Output

{
"operation":{
"name" : "ADMIN_REQUEST_REJECT"
"result" : {
"status" : "Success"
"message": "Password Rejected successfully"
} } }


13. Approve a Password Request

Description

Method for the admin to approve the password requests. Here, the account ID and the Requester ID are required to be passed in the URL.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountid}/requester/{requesterid}/approve

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

None

Note: Requester ID is the same as the ID of the user who has requested the password. REQUESTEDID can be obtained from the GET PASSWORDREQUEST API(REQUESTER USERID).

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/7/requester/34/approve

Sample Output

{
"operation" : {
"name" : "ADMIN_REQUEST_APPROVE"
"result" : {
"status" : "Success"
"message": "Password Approved successfully"
} } }


14. Check-in the Password Approved by the Admin

Description

Method to check-in the password approved by the admin. The account and requester IDs have to passed in the URL for the same.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountid}/requester/{requesterid}/checkin

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

INPUT_DATA={
"operation":{
"Details":{
"PASSWDID" : "1"
"REQUESTEDID" : "2" (userid of the request raised user)
} }


Note: Requester ID is the same as the ID of the user who has requested the password.


Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/7/requester/34/checkin

Sample Output

{
"operation":{
"name" : "ADMIN_REQUEST_CHECKIN"
"result" : {
"status" : "Success"
"message" : "Password have been checked in successfully"
} } }


15. Checkout the Password Approved by the Admin

Description

Method to checkout the password after being approved by the admin after request. The account ID had to be passed for the same in the URL.

URL

https://:<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountid}/checkout

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

On account of customized settings that demand reason for password checkout, you need to pass the following as input.

Sample Input

INPUT_DATA= {
"operation":{
"Details":{
"REASON":"N/A"
} } }

Sample Request

curl -X POST -k-H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/7/checkout?INPUT_DATA= { "operation" : { "Details" : { "REASON" : "N/A"}}}

Sample Output

{
"operation": {
"name" : "REQUEST_CHECKOUT" "result" : {
"status" : "Success"
"message" : "Password have been checked out successfully"
"Details":{
"STATUS" : "***** [checkIn]"
} } }


16. Generate Password

Description

Method to generate passwords using existing policies in Password Manager Pro.

URL

https:// <Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address> :<Port>/restapi/json/v1/passwords/generate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

INPUT_DATA={ "operation" : { "Details" : { "POLICY" : "Strong"}}}

Sample Output

{
"operation": {
"name": "GENERATE PASSWORD",
"result": {
"status": "Success",
"message": "Password generated successfully."
},
"Details": {
"PASSWORD": "u%mdh7gfN"
} } }

17. Create a New User

Description

Method to add a user.

URL

https:// <Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address> :<Port>/restapi/json/v1/user

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

INPUT_DATA={"operation": {"Details":{"USERNAME":"jason1", "FIRSTNAME":"Jason","LASTNAME":"J","FULLNAME":"JasonThomas","EMAIL":"jason@opmanager.com","POLICY":"Strong","ROLE":"Password User","ISSUPERADMIN":"true|false","PASSWORD":"Test@123","DEPARTMENT":"NOC","LOCATION":"Level 10 - South Wing","ISAPIUSER":"false","HOSTNAME":"admin-2100","EXPIRYDATE":"yyyy-mm-dd|NeverExpires"}}}

Sample Output

{
"operation": {
"name": "CREATE_USER",
"result": {
"status": "Success",
"message": "User Created Successfully"
} } }


18. Edit Resources

Description

Method to edit resources.

URL

https://server-name:port/restapi/json/v1/resources/{RESOURCEID}

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Input Data

(Optional inputs are given in grey)

Sample Input

Note: If you want to edit resource type, an additional parameter "RESOURCETYPE" having the value of that particular resource type should be added to the input. While editing 'Resource Type' cannot be changed from Key Store, File Store, License Store, Rackspace, and AWS IAM to other resource types and viceversa.


INPUT_DATA={
"operation" : {
"Details": {
"RESOURCENAME" : "Test",
"LOCATION" : "4th floor",
"RESOURCEURL" : "http://test",
"RESOURCEPASSWORDPOLICY":"Strong",
"DEPARTMENT" : "Test",
"RESOURCEDESCRIPTION" : "Created for quality assurance",
"RESOURCETYPE" : "Windows",
"RESOURCECUSTOMFIELD" : [
{
"CUSTOMLABEL" : "Secure Resource",
"CUSTOMVALUE" : "YES"
} ] } } }

Sample Request

curl -X PUT -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1 --data-urlencode "INPUT_DATA={\"operation\":{\"Details\":{\"RESOURCENAME\":\"Test\",\"LOCATION\":\"4thfloor\",\"RESOURCEURL\":\"http://test\",\"RESOURCEPASSWORDPOLICY\":\"Strong\",\"DEPARTMENT\": \"Test\", \"RESOURCEDESCRIPTION\" : \"Created for quality assurance\", \"RESOURCECUSTOMFIELD\" : [{\"CUSTOMLABEL\" : \"Secure Resource\", \"CUSTOMVALUE\" : \"YES\" }]}}}"

Sample Output

{"operation":{ "name":"EDIT RESOURCE", "result":{"status":"Success","message":"Resource Test modified successfully."}}}


19. Delete an Account under a Specific Resource

Description

To delete an account under a specific resource.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>/

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

DELETE

Sample Request

curl -X DELETE -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1/accounts/1

Sample Output

{ "operation":{
"name":"DELETE ACCOUNT",
"result":{"status":"Success","message":"Account Test123 deleted successfully."}}}


20. Get License Keys, Files, Digital Certificates, Documents, Images, etc.

Description

To get files, keys, certificates, etc. that are either an individual resource or a part of other resources.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>/downloadfile

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

In case the setting at your end demands a reason to be supplied for downloading the file, you need to pass the following details as input. If the ticketing system is enabled, you need to pass ticket ID for validation.

INPUT_DATA={"operation":{
"Details":{
"REASON":"Need the key file to connect the remote host", //optional when reason is forced
"TICKETID":"7", // optional when ticketing system is enabled
"ISCUSTOMFIELD":"true" //optional Need to be given if the file to be downloaded is account/resource additional field file type
"CUSTOMFIELDTYPE":"ACCOUNT / RESOURCE" // optional -If its account additional field it must be ACCOUNT or if its resource
additional field it must be RESOURCE
"CUSTOMFIELDLABEL" : "LicenseFIle" // optional - Name of the resource/account additional field
} } }

Sample Request

curl -i -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1501/accounts/3601/downloadfile


21. Create Accounts under a Specific Resource

Description

To create multiple accounts that are associated with a specific resource ID.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

You need to pass input data such as account list, name of the accounts, passwords, and description.

The params RECORD_RDP_SESSIONS, RECORD_CLI_SESSIONS, DISABLE_PASSWORD_RESETS, CONFIGURE_PASSWORD_RESET, ACCOUNT_RESOURCE_GROUP_IDS, IIS_WEB_CONFIG_RESET, IIS_APP_POOL_RESTART, IIS_APP_POOL_RESET, SERVICES_RESTART, SERVICES_RESET and SCHEDULED_TASK_RESET are available from build 12230 and above only.


INPUT_DATA={
"operation":{
"Details":{
"ACCOUNTLIST": [
{
"ACCOUNTNAME":"bestest013",
"PASSWORD":"Pa$$Word@124",
"ACCOUNTPASSWORDPOLICY":"Strong",
"RECORD_RDP_SESSIONS":true,
"RECORD_CLI_SESSIONS":true,
"DISABLE_PASSWORD_RESETS":true,
"CONFIGURE_PASSWORD_RESET":true,
"ACCOUNT_RESOURCE_GROUP_IDS":["3002","3003"],
"IIS_WEB_CONFIG_RESET":true,
"IIS_APP_POOL_RESTART":true,
"IIS_APP_POOL_RESET":true,
"SERVICES_RESTART":true,
"SERVICES_RESET":true,
"SCHEDULED_TASK_RESET":true,
"NOTES":"IT Security - BES PMP API Test"
},
{
"ACCOUNTNAME":"bestest113",
"PASSWORD":"Pa$$Word@123",
"ACCOUNTPASSWORDPOLICY":"Strong",
"RECORD_RDP_SESSIONS":true,
"RECORD_CLI_SESSIONS":true,
"DISABLE_PASSWORD_RESETS":true,
"CONFIGURE_PASSWORD_RESET":true,
"ACCOUNT_RESOURCE_GROUP_IDS":["3002","3003"],
"IIS_WEB_CONFIG_RESET":true,
"IIS_APP_POOL_RESTART":true,
"IIS_APP_POOL_RESET":true,
"SERVICES_RESTART":true,
"SERVICES_RESET":true,
"SCHEDULED_TASK_RESET":true,
"NOTES":"IT Security - BES PMP API Test"
} ] } } }


The params TOTP_SECRET, TOTP_ALGORITHM, TOTP_DIGITS, and TOTP_VALIDITY are available from build 12430 and above only.


You need to pass the TOTP_SECRET param in the input data to configure TOTP for an account. By default, the website accounts configured with TOTP as the 2FA supports the SHA1 Algorithm, 6-digit TOTP codes, and a validity of 30 seconds. If your account supports a different set of parameters for TOTP codes, use these params TOTP_ALGORITHM, TOTP_DIGITS, and TOTP_VALIDITY.

Sample Input

INPUT_DATA={
"operation":{
"Details":{
"ACCOUNTLIST": [
{
"ACCOUNTNAME":"bestest013",
"PASSWORD":"Pa$$Word@124",
"ACCOUNTPASSWORDPOLICY":"Strong",
"TOTP_SECRET":"SDFGKJSDFKJGDSFLKJGLDSFGL",
"TOTP_ALGORITHM":"SHA1",
"TOTP_DIGITS":"6",
"TOTP_VALIDITY":"30",
"NOTES":"IT Security - BES PAM API Test"
},
{
"ACCOUNTNAME":"bestest113",
"PASSWORD":"Pa$$Word@123",
"ACCOUNTPASSWORDPOLICY":"Strong",
"TOTP_SECRET":"NDVDSFIADKFASDFSJDSADJF",
"NOTES":"IT Security - BES PAM API Test"
}
]
}
}
}

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1/accounts --data-urlencode "INPUT_DATA={\"operation\":{ \"Details\":{ \"ACCOUNTLIST\": [{ \"ACCOUNTNAME\": \"bestest047\",\"PASSWORD\":\"Pa$$Word@123\",\"ACCOUNTPASSWORDPOLICY\":\"Strong\",\"NOTES\":\"IT Security - BES PMP API Test\"},{\"ACCOUNTNAME\":\"bestest048\", \"PASSWORD\":\"Pa$$Word@123\",\"ACCOUNTPASSWORDPOLICY\":\"Strong\",\"NOTES\":\"IT Security - BES PMP API Test\"}]}}}"

Sample Output

{"operation":
{"name":"ADD ACCOUNTS","result":
{"status":"Success","message":"Account added successfully"},
"Details":[
{"bestest047":{"STATUS":"Account added successfully"},
"bestest048":{"STATUS":"Account added successfully"}}]}}


22. Edit an Account under a Specific Resource

Description

To edit an account under a specific resource.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<Resource ID>/accounts/<Account ID>/

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Sample Input

The params RECORD_RDP_SESSIONS, RECORD_CLI_SESSIONS, DISABLE_PASSWORD_RESETS, CONFIGURE_PASSWORD_RESET, ACCOUNT_RESOURCE_GROUP_IDS, IIS_WEB_CONFIG_RESET, IIS_APP_POOL_RESTART, IIS_APP_POOL_RESET, SERVICES_RESTART, SERVICES_RESET and SCHEDULED_TASK_RESET are available from build 12230 and above only.


INPUT_DATA=
{
"operation":{
"Details":{
"ACCOUNTNAME":"bestest013",
"ACCOUNTPASSWORDPOLICY":"Strong",
"RECORD_RDP_SESSIONS":true,
"RECORD_CLI_SESSIONS":true,
"DISABLE_PASSWORD_RESETS":true,
"CONFIGURE_PASSWORD_RESET":true,
"ACCOUNT_RESOURCE_GROUP_IDS":["3002","3003"],
"IIS_WEB_CONFIG_RESET":true,
"IIS_APP_POOL_RESTART":true,
"IIS_APP_POOL_RESET":true,
"SERVICES_RESTART":true,
"SERVICES_RESET":true,
"SCHEDULED_TASK_RESET":true,
"NOTES":"IT Security - BES PMP API Test"
}} }


The params TOTP_SECRET, TOTP_ALGORITHM, TOTP_DIGITS, and TOTP_VALIDITY are available from build 12430 and above only.


To reconfigure the TOTP for an account, the TOTP_SECRET param should be passed in the input data along with the ACCOUNTNAME param, whereas to remove the TOTP for an account, the TOTP_SECRET param value should be empty.

Sample Input

INPUT_DATA={
"operation":{
"Details":{
"ACCOUNTNAME":"bestest013",
"TOTP_SECRET":"SDFGKJSDFKJGDSFLKJGLDSFGL",
"TOTP_ALGORITHM":"SHA1",
"TOTP_DIGITS":"6",
"TOTP_VALIDITY":"30",
"NOTES":"IT Security - BES PAM API Test"
}
}
}

Sample Request

curl -X PUT -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1/accounts/1 --data-urlencode "INPUT_DATA={\"operation\":{ \"Details\":{\"ACCOUNTNAME\" : \"Test account\",\"ACCOUNTPASSWORDPOLICY\":\"Strong\",\"NOTES\":\"Created for quality assurance\", \"ACCOUNTCUSTOMFIELD\" : [{\"CUSTOMLABEL\" : \"Secure Account\", \"CUSTOMVALUE\" : \"YES\"}]}}}"

Sample Output

{"operation":{ "name":"EDIT ACCOUNT", "result":{"status":"Success","message":"Account Test account modified successfully"}}}


23. Delete a User

Description

Method to delete a specific user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/{userid}

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

DELETE

Sample Request

curl -X DELETE -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/307

Sample Output

{"operation":{"name":"DELETE USER","result":{"status":"Success","message":"User Michael deleted Successfully"} } }


24. Create an API User

Description

Method to create an API user.

URL

https:// <Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address> :<Port>/restapi/json/v1/user

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

INPUT_DATA={"operation":{"Details":{"USERNAME":"jason","FULLNAME":"Jason
Thomas","EMAIL":"jason@opmanager.com","POLICY":"Strong","ROLE":"Password
User","ISSUPERADMIN":"true|false","DEPARTMENT":"NOC","LOCATION":"Level 10 - South
Wing","ISAPIUSER":"true","HOSTNAME":"admin-2100","EXPIRYDATE":"yyyy-mm-dd|NeverExpires"}}}

Sample Output

{"operation":{"name":"CREATE_USER","result":{"status":"Success","message":"SUCCESS"},
"Details":{"AUTHTOKEN":"7D94xxxB-CxxB-44F5-xxxx-931xxxxxx}}}


25. Create a New SSH Key

Description

To create a new SSH key.

URL

https:// <Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address> :<Port>/api/pki/restapi/createsshkey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data has to be passed as input:

{"operation":{"Details":{"keyName":"keytest",
"passPhrase":"passPhrase",
"comment":"comment",
"length":"2048",
"keyType":"ssh-rsa"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/createsshkey?INPUT_DATA={"operation":{"Details":{"keyName":"keytest","passPhrase":"passPhrase","comment":"comment","length":"2048","keyType":"ssh-rsa"}}}

Sample Response

{ "name": "CreateSSHKey",
"result": {
"status": "Success",
"message": "New SSH key created successfully" }
}


Note: Following are the key types that can be used to create new SSH keys:

  • ssh-rsa (key length: 1024/2048/4096)
  • ssh-dss (key length: 1024)
  • ed25519 (no specific key length)
  • ecdsa (key length: 256/384/521)

26. Delete an SSH Key

Description

To delete a particular SSH key.

URL

https://< Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address >:<Port>/api/pki/restapi/deleteSSHKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

DELETE

Input Data

The following data has to be passed as input:

{"operation":{"Details":{"key_name":"newkey1","withoutDisassociation":"true"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address >:<Port>/api/pki/restapi/deleteSSHKey?INPUT_DATA={"operation":{"Details":{"key_name":"newkey1","withoutDisassociation":"true"}}}

Sample Response

{ "name": "DeleteSSHKey", "result": { "status": "Success", "message": "SSH keys newkey1 deleted successfully"}}


27. Fetch All the SSH Keys

Description

To fetch all the discovered SSH keys.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSHKeys

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSHKeys

Sample Response

{ "name": "GetAllSSHKeys", "result": { "status": "Success", "message": "All SSH Keys fetched successfully" }, "totalRows": 1, "details": [ { "KeyName": "testkey", "KeyType": "ssh-rsa", "KeyLength": "2048", "FingerPrint": "SHA256:v28/AlRYrpBKjAp4JoTRphLOkFdVb1ummVcyFHSfC5I", "isPassphraseAvailable": false, "CreatedBy": "mm", "CreationTime": "Today" } ] }


28. Fetch a Particular SSH Key

Description

To fetch a particular SSH key from the discovered keys.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getSSHKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The name of the operation and key to be passed as input

{"operation":{"Details":{"keyName":"key"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getSSHKey?INPUT_DATA={"operation":{"Details":{"keyName":"key"}}}

Sample Response

{ "name": "GetSSHKey", "result": { "status": "Success", "message": "SSH Key testkey fetched successfully" }, "details": [ { "KeyName": "testkey", "KeyType": "ssh-rsa", "KeyLength": "2048", "FingerPrint": "SHA256:v28/AlRYrpBKjAp4JoTRphLOkFdVb1ummVcyFHSfC5I", "isPassphraseAvailable": false, "CreatedBy": "mm", "CreationTime": "Today" } ] }


29. Export an SSH Key

Description

To export a particular SSH key.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/exportSSHKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The name of the operation and key have to be passed as input.

{"operation":{"Details":{"keyName":"key"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/exportSSHKey?INPUT_DATA={"operation":{"Details":{"keyName":"key"}}}

Sample Response

Key file


30. Get SSH Keys for a User

Description

To get all the SSH keys associated with a particular user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getSSHkeysforuser

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The username and resource name have to be passed as input.

{"operation":{"Details":{"userName":"test","resourceName":"172.21.xxx.xx"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getSSHkeysforuser?INPUT_DATA={"operation":{"Details":{"userName":"test","resourceName":"172.21.xxx.xx"}}}

Sample Response

{ "name": "GetSSHKeysForUser", "result": { "status": "Success", "message": "SSH keys for user test of resource pmp-centos6 fetched successfully" }, "details": "testkey,testkey1" }


31. Fetch all Associated Users

Description

To fetch all the users associated with SSH keys.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllAssociatedUsers

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllAssociatedUsers

Sample Response

{ "name": "GetAllAssociatedUsers", "result": { "status": "Success", "message": "All associated users fetched successfully" }, "totalRows": 1, "details": [ { "UserName": "test", "ResourceName": "pmp-centos6" } ] }


32. Get an SSL Certificate

Description

To obtain an SSL certificate from Password Manager Pro's certificate repository.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The operation details and the name of the SSL certificate fetched have to be passed as input.

{ "operation": { "Details" : { "common_name" : "*.google.com", "serial_number":"XXXXXXXXXXXXXX" } } }

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificate?INPUT_DATA={"operation":{"Details":{"common_name":"*.google.com","serial_number":"XXXXXXXXXXXXXX"}}}

Sample Response

Certificate object


33. Get all SSL Certificates

Description

To obtain all SSL certificates from Password Manager Pro's certificate repository.

HTTP Method

GET

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSLCertificates

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{"withExpiryDaysLessThan":"500","withKeyLength":"1024","withSignatureAlgorithm":"SHA1"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSLCertificates?INPUT_DATA={"operation":{"Details":{"withExpiryDaysLessThan":"500"}}}

Sample Response

{ "name": "GetAllSSLCertificates", "result": { "status": "Success", "message": "All SSL Certificates fetched successfully" }, "totalRows": 2, "details": [ { "CertID": 1, "DNS Name/FQDN": "paytm.com", "Port": 443, "Common Name": "*.paytm.com", "Issuer": "GeoTrust Inc.", "FromDate": "Oct 13, 2015", "ExpiryDate": "Aug 27, 2017", "KeyStrength": "2048", "SignatureAlgorithm": "SHA256withRSA" }, { "CertID": 302, "DNS Name/FQDN": "204.141.32.155", "Port": 443, "Common Name": "*.zoho.com", "Issuer": "Sectigo Limited", "FromDate": "Jul 2, 2020", "ExpiryDate": "Sep 30, 2022", "KeyStrength": "2048", "SignatureAlgorithm": "SHA256withRSA", "serialNumber": "48f4ca7636b856af0300000000cc5801" } ] }


Note: Including the Input Data in the API request is optional. In case input data is provided, you can add any one or all of the available filters: withExpiryDaysLessThan,withKeyLength,withSignatureAlgorithm.


34. Get all SSL Certificate Expiry

Description

To get the expiry dates of all SSL certificates.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSLCertsExpiryDate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getAllSSLCertsExpiryDate

Sample Response

{ "name": "GetAllSSLCertificatesExpiryDate", "result": { "status": "Success", "message": "Certificates expiry date fetched successfully" }, "totalRows": 2, "details": [ { "Common Name": "*.paytm.com","serialNumber": "XXXXXX", "ExpiryDate": "Aug 27, 2021" }, { "Common Name": "*.zoho.com", "serialNumber": "XXXXXX","ExpiryDate": "Apr 30, 2021" } ] }


35. Get SSL Certificate Details

Description

To get the details of a particular SSL certificate.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificateDetails

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The operation details and the name of the certificate have to be passed as input.

{"operation":{"Details":{"common_name":"*.google.com","serial_number":"xxxxxxxxxxxx"}}}


Note: It is optional to provide the serial number to fetch certificate details.

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificateDetails?INPUT_DATA={"operation": {"Details":{"common_name":"*.google.com"}}}

Sample Response

{ "name": "GetCertificateDetails", "result": { "status": "Success", "message": "Details of certificate *.zoho.com fetched successfully" }, "details": [ { "certtype": "Domain", "certificateTemplate": "N/A", "endpoint": { "hostName": "*.zoho.com", "port": "443", "expiry_date": "2021-04-30 05:29:59.0", "from_date": "2019-07-02 05:30:00.0", "certSignAlg": "SHA256withRSA", "Sans": "*.zoho.com,zoho.com", "serial": "8c0b04e91a1796d86d1de5e89c8b3c5c", "fingerPrint": "aeecb6227dc8adef18a8fb99465739996e2782a8", "keyalg": "RSA", "PublicKeyLength": 2048, "PrivateKey": false, "isAWS": false }, "isCertInstalledMulipleServers": false, "issuer": { "cname": "Sectigo RSA Domain Validation Secure Server CA", "org": "Sectigo Limited", "orgunit": "-" }, "issuedto": { "cname": "*.zoho.com", "org": "-", "orgunit": "Domain Control Validated" }, "intermediate": {}, "ipaddress": "204.141.32.155", "CertificateId": "302" } ] }


36. Get SSL Certificate Keystore File

Description

To get the key store file of a particular SSL certificate.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificateKeyStore

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The name of the operation and the common name of the keystore file have to be passed as input.

{ "operation" : { "Details" : { "common_name" : "apitest", "serial_number":"XXXXXXXXXXXXXX" } } }

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificateKeyStore?INPUT_DATA={"operation":{"Details":{"common_name":"apitest","serial_number":"XXXXXXXXXXXXXX"}}}

Sample Response

KeyStore File Object


37. Get an SSL Certificate Passphrase

To get the private key passphrase of an SSL certificate.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificatePassphrase

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

The following data has to be passed as input:

{"operation":{"Details":{"common_name":"mycert","serial_number":"XXXXXXXXXXXXXX"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/getCertificatePassphrase?INPUT_DATA={"operation":{"Details":{"common_name":"mycert","serial_number":"XXXXXXXXXXXXXX"}}}

Sample Response

{ "name": "GetCertificatePassphrase", "result": { "status": "Success", "message": "Private key passphrase of certificate mycert is 123456789" } }


38. Get an SSL Certificate in Different File Formats
(API applicable from build 13000 and above only)

Description 

To obtain a certificate from Password Manager Pro's certificate repository in different file formats.

HTTPS Method

GET

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

The operation details and the name of the certificate fetched to be passed as input

{"operation":{"Details":{"common_name":"certificate_common_name","serial_number":"certificate_serial_number,"fileType":"File format"}}}

Notes: 

  • The certificates can be exported in the following file formats:  CER, CRT, DER, P7B, PKCS, JKS, PEM, KEY. 
  • Specify the required file format in 'fileType' to export the certificate in that format.

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/api/pki/restapi/getCertificate?INPUT_DATA={"operation":{"Details":{"common_name":"examplecert","serial_number":"182e967a976","fileType":"PEM"}}}

Sample Response

Certificate object


39. Add an SSL Certificate

To add an SSL certificate to Password Manager Pro's certificate repository.

URL

https://< Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address >:<Port>/api/pki/restapi/addCertificate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data has to be passed as input:

input data: {"operation":{"Details":{"fileType":"KEYSTORE","PASSWORD":"PASSWORD"}}}


Note: The fileType specified in the input data can be either CERTFILE or KEYSTORE. For CERTFILE fileType, the PASSWORD field need not be specified.

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>> " -H 'Content-Type: multipart/form-data' -F INPUT_DATA={"operation":{"Details":{"fileType":"KEYSTORE","PASSWORD":"PASSWORD"}}} -F File=@D:/certs/newcert.keystore https://< Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address >:<Port>/api/pki/restapi/addCertificate

Sample Response

{ "name": "AddCertificate",
"result":
{{"Status":"Success",
"Message": "Certificate newcert.com added successfully"} } }


40. Delete an SSL Certificate

Description

To delete an SSL certificate from Password Manager Pro's certificate repository.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/deleteCertificate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

DELETE

Input Data

The operation name and the common name of the certificate have to be passed as input.

{"operation": {"Details":{ "common_name" : "apitest", "serial_number" : "XXXXXXXXXXXXXX"} } }

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/deleteCertificate?INPUT_DATA={"operation": {"Details":{"common_name":"apitest","serial_number":"XXXXXXXXXXXXXX"}}}

Sample Response

{"name":"DeleteCertificate","result":{"status":"Success","message":"Certificate apitest deleted successfully."}}


41. Perform SSL Certificate Discovery

Description

To discover a particular SSL certificates.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/sslCertSingleDiscovery

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The name/IP address of the host and port number have to be passed as input.

{"operation":{"Details":{"HOST":"de-ubuntu10-1","TIMEOUT":"300","PORT":"<Port>"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/sslCertSingleDiscovery?INPUT_DATA={"operation":{"Details":{"HOST":"de-ubuntu10-1","TIMEOUT":"300","PORT":"<Port>"}}}

Sample Response

{ "name": "Get SSL Discovery", "totalRows": 1, "details": { "zoho.com": [ "SUCCESS", "SSL Certificate already available, *.zoho.com certificate found at port 443" ] } }


42. Perform SSL Certificate Discovery (For a Range of IP Addresses)

Description

To discover a set of SSL certificates.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/sslCertRangeDiscovery

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The start and end IP addresses, port number and time-out have to be passed as input.

{"operation":{"Details":{"StartIpAddress":"192.xxx.xxx.0",
"EndIpAddress":"192.xxx.xxx.3",
"TIMEOUT":"3",
"PORT":"443"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/sslCertRangeDiscovery?INPUT_DATA={"operation":{"Details":{"StartIpAddress":"192.xxx.xxx.0","EndIpAddress":"192.xxx.xxx.3","TIMEOUT":"3","PORT":"443"}}}

Sample Response

{ "name": "Get SSL Discovery", "totalRows": 4, "details": { "192.168.216.1": [ "FAILURE", "Connection failed,no certificate found at port 443" ], "192.168.216.0": [ "FAILURE", "Connection timed out,no certificate found at port 443" ], "192.168.216.2": [ "FAILURE", "Connection timed out,no certificate found at port 443" ], "192.168.216.3": [ "FAILURE", "Connection timed out,no certificate found at port 443" ] } }


43. Create CSR

Description

To create a certificate signing request.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/createCSR

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data need to be passed as input.

{"operation":{"Details":{"CNAME":"mytestcert",
"ALT_NAMES":"test",
"ORGUNIT":"zohocorp",
"ORG":"manageengine",
"LOCATION":"chennai",
"STATE":"Tamilnadu",
"COUNTRY":"IN",
"PASSWORD":"zohocorp",
"VALIDITY":"888",
"VALIDITY_TYPE":"days",
"ALG":"RSA",
"LEN":"4096",
"SIGALG":"SHA256",
"StoreType":"PKCS12"}}}


Note: Validity type can be days, hours or minutes.

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/createCSR?INPUT_DATA={"operation":{"Details":{"CNAME":"mytestcert", "ALT_NAMES":"test", "ORGUNIT":"zohocorp", "ORG":"manageengine", "LOCATION":"chennai", "STATE":"Tamilnadu","COUNTRY":"IN", "PASSWORD":"zohocorp", "VALIDITY":"888","VALIDITY_TYPE":"days", "ALG":"RSA", "LEN":"4096", "SIGALG":"SHA256", "StoreType":"PKCS12"}}}

Sample Response

{ "name": "CreateCSR", "result": { "status": "Success", "message": "CSR saved successfully" }, "totalRows": 1, "details": [ { "CSR_ID": 602 } ] }


44. Get CSR List

Description

To get CSR list.

HTTPS Method

GET

Input Data

INPUT_DATA={"operation":{"Details":{"common_name":"testcsr"}}} (optional)


Note: Without INPUT_DATA all the CSR will be fetched. But with INPUT_DATA, the CSR matching the common_name criteria alone will be fetched.

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Sample Request

https://<HostName>:7272/api/pki/restapi/getCSRList

Sample Response

{ "name": "GetCSRList", "result": { "status": "Success", "message": "Fetched all CSRs successfully" }, "totalRows": 1, "details": [ { "CREATED_BY": "admin", "KEYALGORITHM": "RSA", "KEYSTORE_TYPE": "JKS", "isPassword": true, "CSR_ID": 1, "CREATED_DATE": "May 15, 2020 19:51", "LOGIN_ID": 301, "KEY_STRENGTH": 2048, "DOMAIN_NAME": "testcsr", "VALIDITY": "30", "SIGNATURE_ALGORITHM": "SHA256withRSA" } ] }


45. Sign CSR

Description

To sign CSR.

HTTPS Method

POST

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{"serverName":"pmp-w12r2-1","caName":"pmp-w12r2-1-ca","templateName":"DomainController","CSR_ID":"1"}}} 

Sample Request

https://<HostName>:7272/api/pki/restapi/signCSR

Sample Response

{"name":"SignCSR","result":{"status": "Success","message":"Successfully testdomain.com certificate signed"}}


46. Create an SSL Certificate

Description

To create an SSL certificate.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/createCertificate

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data have to be passed as input:

{"operation":{"Details":{"CNAME":"mytestcert",
"ALT_NAMES":"test",
"ORGUNIT":"zohocorp",
"ORG":"manageengine",
"LOCATION":"chennai",
"STATE":"Tamilnadu",
"COUNTRY":"IN",
"PASSWORD":"zohocorp",
"VALIDITY":"888",
"VALIDITY_TYPE":"days",
"ALG":"RSA",
"LEN":"4096",
"SIGALG":"SHA256",
"StoreType":"PKCS12"}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address> :<Port>/api/pki/restapi/createCertificate?INPUT_DATA={"operation":{"Details":{"CNAME":"mytestcert", "ALT_NAMES":"test", "ORGUNIT":"zohocorp", "ORG":"manageengine", "LOCATION":"chennai", "STATE":"Tamilnadu","COUNTRY":"IN", "PASSWORD":"zohocorp", "VALIDITY":"888", "VALIDITY_TYPE":"days", "ALG":"RSA", "LEN":"4096", "SIGALG":"SHA256", "StoreType":"PKCS12"}}}

Sample Response

{"name":"CreateCertificate","result":{"status":"Success","message":"Certificate saved successfully"}}


47. Get the ID of a User

Description

To get the ID of a user by passing their username.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/getUserId

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

GET

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/getUserId?USERNAME=user1

Sample Response

{
"operation": {
"name":"get_USERID",
"result": { "status":"Success","message":"User Id for the specified username  have been fetched successfully"},"Details":{"USERID":"1"}}}


48. Delete a User with their Username

Description

To delete a user by passing their username.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user?USERNAME=(username)

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

DELETE

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server OR IP  address>:<Port>/restapi/json/v1/user?USERNAME=admin1


Sample Response

{"operation":{"name":"DELETE USER","result":{"status":"Success","message":"User admin1 deleted successfully"}}}


49. Add a User to a User Group

Description

To add a user to a user group by passing their username and the user group to which they should be added.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/addUserToUserGroup?USERNAME=(username)&USERGROUPNAME=(usergroupname)

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

POST

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/restapi/json/v1/user/addUserToUserGroup?USERNAME=admin1&USERGROUPNAME=TestGroup


Sample Response

{"operation":{"name":"ADD USER TO USERGROUP","result":{"status":"Success","message":"User admin1 added to User Group TestGroup successfully"}}}


50. Lock a User

Description

To lock a user by passing their username.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/lock?USERNAME=(username)

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

PUT

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server OR IP  address>:<Port>/restapi/json/v1/user/lock?USERNAME=apiuser


Sample Response

{"operation":{"name":"LOCK USER","result":{"status":"Success","message":"User account apiuser locked successfully."}}}


51. Unlock a User

Description

To unlock a user by passing their username.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/unlock?USERNAME=(username)

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

PUT

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server OR IP  address>:<Port>/restapi/json/v1/user/unlock?USERNAME=apiuser


Sample Response

{"operation":{"name":"UNLOCK USER","result":{"status":"Success","message":"User account apiuser unlocked successfully. "}}}


52. Import an SSH Key

Description

To import an SSH key.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/addSSHKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data is to be passed as input:

{
"operation":
{
"Details":
{
"keyName":"testkey","passphrase":"passtrix"
} } }

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H 'Content-Type: multipart/form-data' -F INPUT_DATA={"operation":{"Details":{"keyName":"testkey","passphrase":"passtrix"}}} -F File=@D:/certs/keys/test1-passtrix/test1_Jul-21-2017-15_56.key https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/addSSHKey

Sample Response

{
"name":"addSSHKey","result":
{
"status":"SUCCESS","message":"Key imported successfully"
} }


53. Associate an SSH Key

Description

To associate an SSH key.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/associateKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data is to be passed as input:

{
"operation":
{
"Details":
{
"keyName":"testkey","resourceName":"test.csez.zohocorpin.com","userName":"test"
} } }

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/associateKey?INPUT_DATA={"operation":{"Details":{"keyName":"testkey","resourceName":"test.csez.zohocorpin.com","userName":"test"}}}

Sample Response

{
"name": "associateKey", "result":
{ "status": "Success", "message": "Key associated successfully"
} }


54. Dissociate an SSH Key

Description

To dissociate an SSH key.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/dissociateKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data is to be passed as input:

{
"operation":
{
"Details":
{
"keyName":"testkey","resourceName":"test.csez.zohocorpin.com","userName":"test"
} } }

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/dissociateKey?INPUT_DATA={"operation":{"Details":{"keyName":"testkey","resourceName":"test.csez.zohocorpin.com","userName":"test"}}}

Sample Response

{
"name": "dissociateKey", "result":
{
"status": "SUCCESS", "message": "Key dissociated successfully."
} }


55. Export an SSH Key as a Specific Key Type
(API applicable from build 13000 and above only)

Description

To export a particular SSH key as a specific Key Export Type (Public or Private).

HTTPS METHOD

POST

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

  1. {"operation":{"Details":{"keyName":"Key","keyExportType":"public"}}}
  2. {"operation":{"Details":{"keyName":"Key","keyExportType":"private"}}}

Note: Specify 'public or 'private' in 'keyExportType' to indicate to fetch public or private key.

Sample Request

  1. https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/api/pki/restapi/exportSSHKey?INPUT_DATA={"operation":{"Details":{"keyName":"Key","keyExportType":"public"}}}
  2. https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/api/pki/restapi/exportSSHKey?INPUT_DATA={"operation":{"Details":{"keyName":"Key","keyExportType":"private"}}}

Sample Response

Key file


56. Create Static and Dynamic Resource Groups

Description

To create static and dynamic resource groups in Password Manager Pro.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

The following data must be passed as input to create a static resource group:

INPUT_DATA={
"operation": {
"Details": {
"GROUPNAME": "CG1",
"DESCRIPTION": "description",
"PARENTGROUPID": 306,
"GROUPTYPE":"STATIC",
"POLICY": "Low",
"NoHelpDeskRetrieval": "false"
}}}

The following data must be passed as input to create a dynamic resource group:

INPUT_DATA={
"operation": {
"Details": {
"GROUPNAME": "CG3",
"DESCRIPTION": "description",
"PARENTGROUPID": 3002,
"POLICY": "Low",
"NoHelpDeskRetrieval": "false",
"GROUPTYPE":"DYNAMIC",
"andor": "and",
"NoOfCriteria": 2,
"condition_1": "RESOURCENAME",
"operator_1": "CONTAINS",
"valuefield_1": "a",
"condition_2": "LOGINNAME",
"operator_2": "CONTAINS",
"valuefield_2": "e"
}}}

Sample Request

curl -X POST -k -H "AUTHTOKEN:<<Authtoken_generated_from_Password_Manager_Pro>>" -H "Content-Type: text/json" https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup --data-urlencode "INPUT_DATA={\"operation\": {\"Details\": {\"critgroup\": \"CG1\",\"critdesc\": \"description about CG1\",\"RuleCriteria\": \"Low\",\"NoHelpDeskRetrieval\": \"false\",\"andor\": \"and\",\"NoOfCriteria\": 2,\"condition_1\": \"RESOURCENAME\",\"operator_1\": \"CONTAINS\",\"valuefield_1\": \"win\",\"condition_2\": \"LOGINNAME\",\"operator_2\":\"CONTAINS\",\"valuefield_2\": \"PMP\"} } }"

Sample Output

{
"operation":
{
"name":"CREATE RESOURCE GROUP",
"result":
{
"status":"Success",
"message":"Group CG1 has been added successfully."
} } }


57. Get Audit Details

Description

To get the audit details in Password Manager Pro.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/audit?AUDITTYPE=<<Resource/User>>&STARTINDEX=&LIMIT=&DURATION=<<TODAY / YESTERDAY/ LAST_7_DAYS >>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP method

GET

Input Data

None

Sample Request

https://localhost:<Port>/restapi/json/v1/audit?AUDITTYPE=Resource&STARTINDEX=1&LIMIT=2&DURATION=YESTERDAY

Sample Response

{
"operation":
"name": "GET_AUDIT",
"result":
"status": "Success",
"message": "Audits fetched successfully." },
"totalRows": 2,
"Details":
"AUDITID": "3002",
"RESOURCENAME": "Not Applicable",
"ACCOUNTNAME": "N/A",
"OPERATIONTYPE": "CI/CD Settings Updated",
"OPERATEDBY": "admin",
"IPADDRESS": "localhost",
"USERNAME": "N/A",
"LASTACCESSEDTIME": "2019-01-03 14:51:06.666",
"REASON": "Jenkins Authtoken Modified.",
"NAME": "N/A",
"CLIENT": "Web Client"
},
"AUDITID": "2113",
"RESOURCENAME": "test",
"ACCOUNTNAME": "test",
"OPERATIONTYPE": "Password Verification Failed",
"OPERATEDBY": "System",
"IPADDRESS": "localhost",
"USERNAME": "N/A",
"LASTACCESSEDTIME": "2019-01-03 01:45:00.107",
"REASON": "Password Manager Pro could not verify the password integrity.",
"NAME": "N/A",
"CLIENT": "Web Client"
} ] } }


58. Share a Resource to a User

Description

To share a resource to a user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<resourceid>/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Input Data

INPUT_DATA={"operation": {"Details": {"ACCESSTYPE": "modify","USERID":"1" } } } Allowed accesstypes: view, modify, fullaccess, revoke

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server OR IP address>:<Port>/restapi/json/v1/resources/1/share

Sample Response

{ "operation": { "name": "SHARE RESOURCE","result": { "status":"Success","message":"Read and Modify permission granted to user successfully." } } }


59. Share an Account to a User

Description

To share an account to a user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<resourceid>/accounts/<accountid>/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Input Data

INPUT_DATA={ "operation": { "Details": { "ACCESSTYPE":"modify","USERID":"1" } } } Allowed accesstypes: view, modify, revoke

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server OR IP address>:<Port>/restapi/json/v1/accounts/11/share

Sample Response

{ "operation": { "name": "SHARE ACCOUNT","result": { "status":"Success","message":"View and Modify permission granted to user successfully." } } }


60. Share a Resource to a User Group
(API applicable from build 11200 and above only)

Description

To share a resource to a user group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<resourceid>/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

PUT

Input Data

INPUT_DATA={"operation":{"Details":{"ACCESSTYPE":"view","USERGROUPID":"1"}}}

Allowed accesstypes: view, modify, fullaccess, revoke

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1/share

Sample Response

{ "operation": { "result": { "message": "Read Only permission granted to user group(s) successfully.", "status": "Success" }, "name": "SHARE RESOURCE" } }


61. Share an Account to a User Group

(API applicable from build 11200 and above only)

Description

To share an account to a user group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<resourceid>/accounts/<accountid>/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

PUT

Input Data

INPUT_DATA={"operation":{"Details":{"ACCESSTYPE":"view","USERGROUPID":"1"}}}

Allowed accesstypes: view, modify, fullaccess, revoke

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/1/accounts/1/share

Sample Response

{ "operation": { "result": { "message": "Read Only permission granted to user group(s) successfully.", "status": "Success" }, "name": "SHARE ACCOUNT" } }


62. Share Resource Groups to Users in Bulk

(API applicable from build 12450 and above only)

Description

To share resource groups to users in bulk.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

PUT

Sample Input

INPUT_DATA=
{
"operation": {
"Details": {
"resourceGroupIds": ["301","302","601"],
"userIds":["1","2"],
"accessType":"view|modify|fullaccess|revoke"
}
}
}

Sample Output

{
"operation": {
"result": {
"message": "Revoke action triggered. Refer Audit for more details.",
"status": "Success",
"statusCode": 20001
},
"operationName": "SHARE_RESOURCEGROUP(S)"
}
}


63. Bulk Share Resource Groups to User Groups
(API applicable from build 12450 and above only)

Description

To share resource groups to user groups in bulk.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/share

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

PUT

Sample Input

INPUT_DATA=
{
"operation": {
"Details": {
"resourceGroupIds": ["301","302","601"],
"userGroupIds": ["1","2"],
"accessType":"view|modify|fullaccess|revoke"
}
}
}


Sample Output

{
"operation": {
"result": {
"message": "Revoke action triggered. Refer Audit for more details.",
"status": "Success",
"statusCode": 20001
},
"operationName": "SHARE_RESOURCEGROUP(S)"
}
}


64. Fetch User Group ID

(API applicable from build 11200 and above only)

Description

To fetch the UserGroupID of a user group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/getUserGroupId?USERGROUPNAME=<usergroupname>

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

GET

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/getUserGroupId?USERGROUPNAME=<usergroupname>

Sample Response

{"operation":{"name":"GET_USERGROUPID","result":{"status":"Success","message":"Usergroup Id for the specified usergroup name have been fetched successfully. "},"Details":{"USERGROUPID":"1"}}}


65. Configure Remote Password Reset for Linux Resources

(API applicable from build 11200 and above only)

Description

To configure remote password reset for Linux resources

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/configureremotepasswordreset

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

POST

Input Data

INPUT_DATA={"operation": {"Details": {

"REMOTEMODE":"ssh|telnet", // Default value - ssh

"LINUX_SSHTELNETPORT":"22",

"LINUX_USERPROMPT":"$",

"LINUX_LANDINGSERVER":"test",

"RESOURCEIDENTIFIER":"linux | others", // Default value - linux

"WDRESOURCEID":"1",

"WDACCOUNTID":"1",

"REMOTELOGINACCOUNT":"",

"AUTHENTICATION":"passauth | keyauth", // Default value -passauth

"ELEVATIONTYPE":"su | sudo", // Default value - sudo

"ROOTACCOUNT":"root",

"LINUXROOTUSERPROMPT":"#",

"RESOURCEIDS":["301","302","601"],

"RESOURCETYPE":"Linux",

"REMOVEENTER":"true | false" // Default value - false}}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/configureremotepasswordreset

Sample Response

{"operation":{"result":{

"message": "Password reset details configured for the matching resources.",

"status": "Success"},"Details":{

"CONFIGURATION RESULT":[{

"STATUS": "SUCCESS",

"RESOURCENAME": "pmp-os1.win.domain.com",

"RESOURCEID": "3"},{

"STATUS": "SUCCESS",

"RESOURCENAME": "DC-u16.lin.domain.com",

"RESOURCEID": "4"}]},

"name": "CONFIGURE REMOTE PASSWORD RESET"}}


66. Deploy an SSL Certificate
(API applicable from build 11300 and above only)

Description

To Deploy SSL Certificate.

HTTPS Method

POST

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{"common_name":"testcert","serial_number":"xxxxxxxx","serverName":"testmachine"}}}


Note: It is optional to provide the server name. The server name allows you to deploy certificates to that particular server. Without the server name, the certificates are deployed to all the saved servers from the client.

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/deployCertificate 

Sample Response

{"result": {
"message": "Certificate deployment is successful.",
"status": "Success"
},
"name": "DeployCertificate",
"totalRows": 1,
"deployStatus": [
{
"server": "testmachine",
"message": "Certificate testcert of format CER and PFX deployed in testmachine successfully.",
"status": "Success"
}]}


67. Share SSL Certificate to User
(API applicable from build 11300 and above only)

Description

To share SSL certificate to user.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/shareCertificateToUser

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "common_name":"certificate","serial_number":"179ae1f45a8" ,"userId":"301"}}}

Sample Response

{"result": {
"message": "Certificate shared successfully.",
"status": "Success"
}, "name": "ShareCertificate"}


68. Share SSL Certificate to User Group
(API applicable from build 11300 and above only)

Description

To share SSL certificate to user group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/shareCertificateToUserGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "common_name":"certificate","serial_number":"179ae1f45a8" ,"userGroupId":"301"}}}

Sample Response

{ "result": { "message": "Certificate shared successfully.", "status": "Success" }, "name": "ShareCertificate" }


69. Share SSL Certificate Group to User
(API applicable from build 11300 and above only)

Description

To share SSL certificate group to user.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/shareCertificateGroupToUser

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "certificate_group_name":"certificate" ,"userId":"301"}}}

Sample Response

{"result": { "message": "Certificate shared successfully.", "status": "Success" }, "name": "ShareCertificate" }


70. Share SSL Certificate Group to User Group
(API applicable from build 11300 and above only)

Description

To share SSL certificate group to user group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/shareCertificateGroupToUserGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "certificate_group_name":"certificate" ,"userGroupId":"301"}}}

Sample Response

{ "result": { "message": "Certificate shared successfully.", "status": "Success" }, "name": "ShareCertificate" }


71. Revoke SSL Certificate from User
(API applicable from build 11300 and above only)

Description

To revoke SSL certificate from user.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/revokeCertificateFromUser

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "common_name":"certificate","serial_number":"179ae1f45a8" ,"userId":"301"}}}

Sample Response

{ "result": { "message": "Access to certificate revoked successfully.", "status": "Success" }, "name": "RevokeCertificate" }


72. Revoke SSL Certificate from User Group
(API applicable from build 11300 and above only)

Description

To revoke SSL certificate from user group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/revokeCertificateFromUserGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "common_name":"certificate","serial_number":"179ae1f45a8" ,"userGroupId":"301"}}}

Sample Response

{ "result": { "message": "Access to certificate revoked successfully.", "status": "Success" }, "name": "RevokeCertificate" }


73. Revoke SSL Certificate Group from User
(API applicable from build 11300 and above only)

Description

To revoke SSL certificate group from user.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/revokeCertificateGroupFromUser

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "certificate_group_name":"certificate" ,"userId":"301"}}}

Sample Response

{ "result": { "message": "Access to certificate revoked successfully.", "status": "Success" }, "name": "RevokeCertificate" }


74. Revoke SSL Certificate Group from User Group
(API applicable from build 11300 and above only)

Description

To revoke SSL certificate group from user group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/revokeCertificateGroupFromUserGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA:{"operation":{"Details":{ "certificate_group_name":"certificate" ,"userGroupId":"301"}}}

Sample Response

{ "result": { "message": "Access to certificate revoked successfully.", "status": "Success" }, "name": "RevokeCertificate" }


75. Create SSL Certificate Group
(API applicable from build 11300 and above only)

Description

To create an SSL certificate group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/createCertificateGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{ "group_name":"NAME","group_description":"This is the description for the group certificate","group_mail":"pmp@zohocorporation.com","ssl_details":"301,202"}}}

Sample Response

{"result":{"message":"Certificate group added successfully.","status":"Success"},"name":"createCertificateGroup"}


76. Delete SSL Certificate Group
(API applicable from build 11300 and above only)

Description

To delete SSL certificate group.

HTTPS Method

DELETE

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/deleteCertificateGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{ "group_name":"NAME"}}}

Sample Response

{"result":{"message":"The certificate group is deleted successfully.","status":"Success"},"name":"deleteCertificateGroup"}


77. Edit SSL Certificate Group
(API applicable from build 11300 and above only)

Description

To edit SSL certificate group.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/editCertificateGroup

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

INPUT_DATA={"operation":{"Details":{ "group_name":"NEW NAME","group_description":"This is new description for the group certificate","group_mail":"pmp1@zohocorporation.com","ssl_details":"1,2,3"}}}

Sample Response

{"result":{"message":"The certificate group is updated successfully.","status":"Success"},"name":"editCertificateGroup"}


78. Generate an SSL Agent Install Key
(API applicable from build 11300 and above only)

Description

To generate an SSL agent install key.

HTTPS Method

POST

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/api/pki/restapi/generateInstallKey

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Sample Response

{ "result": { "message": "Agent install key fetched successfully", "status": "Success" }, "name": "GetAgentInstallKey", "totalRows": 1, "AgentInstallKey": "20570b9e0ceaa936" }


79. Get Password Policies
(API applicable from build 11300 and above only)

Description

To list all the password policies in the organization.

HTTPS Method

GET

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/passwords/policies

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

Sample Response

{ "operation":{ "result":{ "message": "Password Policies fetched successfully", "status": "Success" }, "Details":{ "ORGANIZATION": "CHAKRIORG", "POLICIES":[ { ENFORCE MIXED CASE": "false", " PASSWORD MAX LENGTH": "8", " ENFORCE SPL CHARS": "false", " POLICYNAME": "Low", " ENFORCE NUMERALS": "false", " NO OF SPL CHARS REQUIRED": "0", " DEFAULTPOLICY": "false", " CHECK DICTIONARY WORD": "false", " NUMBER OF LOWERCASE CHARACTERS REQUIRED": "0", " REUSE OF OLD PASSWORDS": "Don't allow last 1 passwords", " CHECK ANAGRAM OF LOGINNAME": "false", POLICYID": "10000000000001", CHECK SEQUENCE": "false", DESCRIPTION": "Password with less strict constraints", " ENFORCE STARTING WITH AN ALPHABET": "false", " CHECK REPEATED SUBSTRING": "false", " PASSWORD CAN CONTAIN LOGINNAME": "false", " NUMBER OF UPPERCASE CHARACTERS REQUIRED": "0", " CHECK SIMILARITY OF PASSWORDS": "false", " PASSWORD VALIDITY PERIOD": "0", " NUMBER OF NUMERALS": "0", " PASSWORD MIN LENGTH": "4" }, { " ENFORCE MIXED CASE": "true", " PASSWORD MAX LENGTH": "10", " ENFORCE SPL CHARS": "false", " POLICYNAME": "Medium", " ENFORCE NUMERALS": "true", " NO OF SPL CHARS REQUIRED": "0", " DEFAULTPOLICY": "false", " CHECK DICTIONARY WORD": "false", " NUMBER OF LOWERCASE CHARACTERS REQUIRED": "1", " REUSE OF OLD PASSWORDS": "Don't allow last 5 passwords", " CHECK ANAGRAM OF LOGINNAME": "false", " POLICYID": "10000000000002", " CHECK SEQUENCE": "false", " DESCRIPTION": "Password with few strict constraints", " ENFORCE STARTING WITH AN ALPHABET": "true", " CHECK REPEATED SUBSTRING": "false", " PASSWORD CAN CONTAIN LOGINNAME": "true", " NUMBER OF UPPERCASE CHARACTERS REQUIRED": "1", " CHECK SIMILARITY OF PASSWORDS": "true", " NUMBER OF PASSWORDS TO CHECK FOR SIMILARITY": "1", " PASSWORD VALIDITY PERIOD": "180", " NUMBER OF NUMERALS": "1", " PASSWORD MIN LENGTH": "6" }, { ENFORCE MIXED CASE": "true", " SEQUENCE LENGTH": "5", " PASSWORD MAX LENGTH": "16", " ENFORCE SPL CHARS": "true", POLICYNAME": "Strong", " ENFORCE NUMERALS": "true", " CHECK NUMERIC SEQUENCE": "true", " KEYBOARD LAYOUT": "QWERTY", " DESCRIPTION": "Password with strict constraints", " ENFORCE STARTING WITH AN ALPHABET": "true", " NUMBER OF PASSWORDS TO CHECK FOR SIMILARITY": "1", " PASSWORD VALIDITY PERIOD": "30", " DICTIONARY NAME": "Common Words", CHECK CONSECUTIVE SEQUENCE": "true", " NO OF SPL CHARS REQUIRED": "1", " DEFAULTPOLICY": "true", " CHECK DICTIONARY WORD": "true", " NUMBER OF LOWERCASE CHARACTERS REQUIRED": "1", " REUSE OF OLD PASSWORDS": "Don't allow last 10 passwords", " CHECK ANAGRAM OF LOGINNAME": "false", " CHECK ALPHABET SEQUENCE": "true", " POLICYID": "10000000000003", " CHECK KEYBOARD SEQUENCE": "true", " CHECK OBVIOUS SUBSTITUTION": "false", " CHECK SEQUENCE": "true", " CHECK REPEATED SUBSTRING": "true", " PASSWORD CAN CONTAIN LOGINNAME": "true", " NUMBER OF UPPERCASE CHARACTERS REQUIRED": "1", " CHECK SIMILARITY OF PASSWORDS": "true", " NUMBER OF NUMERALS": "1", " PASSWORD MIN LENGTH": "8" }, { " ENFORCE MIXED CASE": "true", " PASSWORD MAX LENGTH": "32", " ENFORCE SPL CHARS": "true", POLICYNAME": "Offline Password File", " ENFORCE NUMERALS": "true", " NO OF SPL CHARS REQUIRED": "1", " DEFAULTPOLICY": "false", " CHECK DICTIONARY WORD": "false", " NUMBER OF LOWERCASE CHARACTERS REQUIRED": "1", " REUSE OF OLD PASSWORDS": "Don't allow last 10 passwords", " CHECK ANAGRAM OF LOGINNAME": "false", " POLICYID": "10000000000004", " CHECK SEQUENCE": "false", " DESCRIPTION": "Policy for offline password access", " ENFORCE STARTING WITH AN ALPHABET": "false", " CHECK REPEATED SUBSTRING": "false", " PASSWORD CAN CONTAIN LOGINNAME": "true", " NUMBER OF UPPERCASE CHARACTERS REQUIRED": "1", " CHECK SIMILARITY OF PASSWORDS": "false", " PASSWORD VALIDITY PERIOD": "30", " NUMBER OF NUMERALS": "1", " PASSWORD MIN LENGTH": "16" }, { " ENFORCE MIXED CASE": "true", " SEQUENCE LENGTH": "3", " PASSWORD MAX LENGTH": "10", " ENFORCE SPL CHARS": "false", " POLICYNAME": "test", " ENFORCE NUMERALS": "true", " CHECK NUMERIC SEQUENCE": "true", " KEYBOARD LAYOUT": "QWERTY", " DESCRIPTION": "testing", " ENFORCE STARTING WITH AN ALPHABET": "true", " NUMBER OF PASSWORDS TO CHECK FOR SIMILARITY": "1", " PASSWORD VALIDITY PERIOD": "180", " DICTIONARY NAME": "Common Words", " CHECK CONSECUTIVE SEQUENCE": "false", " NO OF SPL CHARS REQUIRED": "0", " DEFAULTPOLICY": "false", " CHECK DICTIONARY WORD": "true", " NUMBER OF LOWERCASE CHARACTERS REQUIRED": "1", " REUSE OF OLD PASSWORDS": "Don't allow last 5 passwords", CHECK ANAGRAM OF LOGINNAME": "true", CHECK ALPHABET SEQUENCE": "true", " POLICYID": "10000000000011", " CHECK KEYBOARD SEQUENCE": "true", " CHECK OBVIOUS SUBSTITUTION": "true", " CHECK SEQUENCE": "true", " CHECK REPEATED SUBSTRING": "true", " PASSWORD CAN CONTAIN LOGINNAME": "true", " NUMBER OF UPPERCASE CHARACTERS REQUIRED": "1", " CHECK SIMILARITY OF PASSWORDS": "true", " NUMBER OF NUMERALS": "1", " PASSWORD MIN LENGTH": "6" } ] }, "name": "GET PASSWORD POLICIES" } }


80. Get all Resource Types
(API applicable from build 11300 and above only)

Description

To list all the resource types in the organization.

HTTPS Method

GET

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/resourcetypes

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

Input Data

INPUT_DATA={ "operation":{ "Details":{ "RESOURCETYPE_CONTAINING":["brocade"], } } }

Sample Response

{ "operation":{ "result":{ "message": "Resource Types fetched successfully", "status": "Success" }, "Details":{ "RESOURCETYPES":[ { "COMMAND_SET":[ "Brocade" ], "ISSYNCSUPPORTED": "false", "CUSTOMRESOURCETYPE": "Windows", "ISCERTIFICATE": "false", "CATEGORY": "network", "SYNCTYPE": "CustomCli", "ISDEFAULT_SUPPORTED_RESOURCETYPE": "true", "OSID": "40", "RESOURCE_ATTRIBUTES":[ "DNS Name / IP Address", "Group Name", "Resource Description", "Department", "Resource URL", "Location", "Password Policy", "Resource Name" ], "ACCOUNT_ATTRIBUTES":[ "Password Policy", "Private Key", "Notes", "User Account", "User Account Password" ], "RESOURCETYPE": "Brocade", "DEFAULTRESOURCETYPE": "false" }, { "COMMAND_SET":[ "Brocade SAN Switch" ], "ISSYNCSUPPORTED": "false", "CUSTOMRESOURCETYPE": "Windows", "ISCERTIFICATE": "false", "CATEGORY": "network", "SYNCTYPE": "CustomCli", "ISDEFAULT_SUPPORTED_RESOURCETYPE": "true", "OSID": "42", "RESOURCE_ATTRIBUTES":[ "DNS Name / IP Address", "Group Name", "Resource Description", "Department", "Resource URL", "Location", "Password Policy", "Resource Name" ], "ACCOUNT_ATTRIBUTES":[ "Password Policy", "Private Key", "Notes", "User Account", "User Account Password" ], "RESOURCETYPE": "Brocade SAN Switch", "DEFAULTRESOURCETYPE": "false" }, { "COMMAND_SET":["Brocade VDX"], "ISSYNCSUPPORTED": "false", "CUSTOMRESOURCETYPE": "Windows", "ISCERTIFICATE": "false", "CATEGORY": "network", "SYNCTYPE": "CustomCli", "ISDEFAULT_SUPPORTED_RESOURCETYPE": "true", "OSID": "41", "RESOURCE_ATTRIBUTES":[ "DNS Name / IP Address", "Group Name", "Resource Description", "Department", "Resource URL", "Location", "Password Policy", "Resource Name" ], "ACCOUNT_ATTRIBUTES":[ "Password Policy", "Private Key", "Notes", "User Account", "User Account Password" ], "RESOURCETYPE": "Brocade VDX", "DEFAULTRESOURCETYPE": "false" } ], "ORGANIZATIONNAME": "MSPOrg" }, "name": "GET RESOURCE TYPES" } }


81. Associate a Resource to a Resource Group
(API applicable from build 12000 and above only)

Description

To associate a resource to a resource group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/<groupId>/associateResources

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

POST

Input Data

INPUT_DATA={ "operation": {"Details": { RESOURCEIDS:[1, 2] }}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/<groupId>/associateResources

Sample Response

{ "operation": { "result": { "message":"Resource added to group successfully.","status":"Success"}, "Details": { "1": { "status":"Success"}, "2":{ "status":"Success" }}, "name":"ASSOCIATE RESOURCES" }}


82. Dissociate a Resource from a Resource Group
(API applicable from build 12000 and above only)

Description

To dissociate a resource from a resource group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/<groupId>/disassociateResources

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

POST

Input Data

INPUT_DATA={ "operation": {"Details": { RESOURCEIDS:[1, 2] }}}

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/<groupId>/disassociateResources

Sample Response

{ "operation": { "result": { "message":"Resource removed from group successfully.","status":"Success" }, "Details":{ "1":{ "status":"Success"}," 2":{ "status":"Success" }}, "name":"DISASSOCIATE RESOURCES" }}


83. Fetch Resource Groups Associated to a Resource
(API applicable from build 12000 and above only)

Description

To fetch resource groups that are associated to a resource.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<ResourceId>/associatedGroups

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

GET

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resources/<ResourceId>/associatedGroups

Sample Response

{ "operation": { "result":{ "message":"Associated groups fetched successfully","status":"Success"}, "Details":{ "ASSOCIATED GROUPS":[{ "GROUP ID":301,"GROUP NAME":"Default Group"}]}, "name":"GET ASSOCIATED GROUPS" }}


84. Delete a Resource Group
(API applicable from build 12000 and above only)

Description

To delete a particular resource group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup?RESOURCEGROUPID=<resourcegroupid>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

orgName= <<org display name>>

HTTP Method

DELETE

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup?RESOURCEGROUPID=<resourcegroupid>

Sample Response

{ "operation":{ "name":"DELETE RESOURCE GROUP","result": { "status":"Success","message":"Resource Group deleted successfully." }}}


85. Fetch Resource Group ID
(API applicable from build 12000 and above only)

Description

To fetch the ID of a resource group.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/getResourceGroupId?RESOURCEGROUPNAME=<resourcegroupname>&USERID=<userid>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

GET

Input Data

None

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/resourcegroup/getResourceGroupId?RESOURCEGROUPNAME=<resourcegroupname>&USERID=<userid>

Sample Response

{ "operation":{ "name":"GET RESOURCE GROUP ID","result": { "status":"Success","message":"Resource Group Id for the specified Resource Group name have been fetched successfully."} ,"Details":{"RESOURCEGROUPID":"1" }}}


86. Reset Two-Factor Authentication
(API applicable from build 12100 and above only)

Description

To reset two-factor authentication for a username.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/resetMFA?USERNAME=<username>

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

HTTP Method

PUT

Parameter

USERNAME=<username>

Sample Request

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/user/resetMFA?USERNAME=<username>

Sample Response

{
"operation":{
"result":{
"message": "Two Factor Authentication reset successfully",
"status": "Success"
},
"name": "Reset MFA"
}
}


87. Fetch All Resource Groups
(API applicable from build 12230 and above only)

Description

To fetch all owned and shared resource groups of a user.

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/resourcegroup

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

GET

Input Data

None

Sample Output

{
"operation": {
"result": {
"message": "Resource group list fetched successfully",
"status": "Success",
"statusCode": 20000
},
"Details": [
{
"resourceGroupDescription": "Group of Windows resources",
"accessType": "modify",
"resourceGroupName": "a2",
"isOwner": "false",
"resourceGroupType": "dynamic",
"resourceGroupId": "1201",
"timeCreated": "2023-02-24 18:01:24.378",
"subGroupOf": "1", //Parent ID
"ownerId": "1"
},
{
"resourceGroupDescription": "All the resources created by me",
"accessType": "fullaccess",
"resourceGroupName": "Default Group",
"isOwner": "true",
"resourceGroupType": "static",
"resourceGroupId": "301",
"timeCreated": "2023-02-14 14:55:22.998",
"subGroupOf": "",
"ownerId": "301"
},
{
"resourceGroupDescription": "Group of Linux resources",
"accessType": "fullaccess",
"resourceGroupName": "st1",
"isOwner": "false",
"resourceGroupType": "static",
"resourceGroupId": "1202",
"timeCreated": "2023-02-24 18:02:10.251",
"subGroupOf": "2",
"ownerId": "1"
},
{
"resourceGroupDescription": "Group of Windows Domain resources",
"accessType": "fullaccess",
"resourceGroupName": "static",
"isOwner": "false",
"resourceGroupType": "static",
"resourceGroupId": "901",
"timeCreated": "2023-02-24 16:08:26.262",
"subGroupOf": "3",
"ownerId": "1"
}
],
"name": "GET_RESOURCE_GROUPS",
"totalRows": 4
}
}


88. Password Validator
(API applicable from build 12230 and above only)

Description

To validate the given password based on password policy.

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/passwords/validate

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

POST

Sample Input

INPUT_DATA={
"operation":{
"details":{
"password": "Test@123",
// Either Password Policy or Password Policy ID should be given
"passwordPolicy": "Strong",
"passwordPolicyId":"1"
}
}
}

Sample Output

{
"operation": {
"result": {
"message": "Valid",
"status": "Success",
"statusCode": 20000
},
"name": "VALIDATE_PASSWORD"
}
}


89. Delete User Group
(API applicable from build 12230 and above only)

Description

To delete user groups in a specific organization

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/userGroup

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

DELETE

Sample Input

INPUT_DATA={
"operation": {
"details": {
"userGroupIds": [1231,24553]
}
}
}

Sample Output

{
"operation": {
"result": {
"message": "User group(s) has been deleted successfully.",
"status": "Success",
"statusCode": 20000
},
"Details": {
"1231": {
"message": "Invalid User group Id.",
"status": "Failed",
"statusCode": 46000
},
"24553": {
"message": "User group(s) has been deleted successfully.",
"status": "Success",
"statusCode": 20000
}
},
"name": "DELETE_USERGROUP"
}
}


90. Generate and Fetch Password Manager Pro Agent Key
(API applicable from build 12230 and above only)

Description

To fetch the available Password Manager Pro agent key or to generate and fetch a new one.

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/agents/agentkey

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

POST

Input Data

Provide INPUT_DATA only for generating a new agent key.

Sample Input

INPUT_DATA={
"operation": {
"details": {
"generateAgentKey": "true",
"validityPeriod":3 // Provide this param to use the agent key in multiple installations for a stipulated time (In hours).
}
}
}

Sample Output

{
"operation": {
"result": {
"message": "Fetched Agent Key successfully.",
"status": "Success",
"statusCode": 20000
},
"Details": {
"agentKey": "66f835703f814e2e",
"agentKeyEndTime": "09/02/2023 01:03:31"
},
"operationName": "Fetch Agent Key"
}
}


91. Fetch HA Status
(API applicable from build 12230 and above only)

Description

To get the status of the High Availability server.

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/server/getHighAvailabilityStatus

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

GET

Input Data

None

Sample Output

{
"operation": {
"name": "Get HA Status",
"result": {
"status": "Success",
"message": "HA Status fetched successfully"
"statusCode":20000
},
"Details":{
"haStatus":"active",
"isPrimaryServer":"true",
"primaryServer":"master.server.com",
"primaryServerStatus":"active",
"secondaryServer":"slave.server.com",
"secondaryServerStatus":"active",
}
}
}


92. Remove User from User Group
(API applicable from build 12230 and above only)

Description

To remove a user from a user group in a specific organization.

URL

https://<Host-Name-of-Password-Manager-Pro-Server OR IPddress>:<Port>/restapi/json/v1/user/removeUserFromUserGroup

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

POST

Sample Input

INPUT_DATA={
"operation":{
"Details":{
"USERIDS":[1,2],
"USERGROUPIDS":[2,3]
}
}
}

Sample Output

{
"operation": {
"result": {
"message": "Users removed from User Group Successfully",
"status": "Success"
},
"Details": {
"RESULT": [
{
"USERID": "1",
"message": "User Removed Successfully",
"USERGROUPID": "2",
"status": "Success"
},
{
"USERID": "1",
"message": "User does not exist in the User Group",
"USERGROUPID": "3",
"status": "Failed"
},
{
"USERID": "2",
"message": "User does not exist in the User Group",
"USERGROUPID": "2",
"status": "Failed"
},
{
"USERID": "2",
"message": "User Removed Successfully",
"USERGROUPID": "3",
"status": "Success"
}
]
},
"name": "REMOVE USER FROM USER_GROUP"
}
}


93. Fetch TOTP of an Account
(API applicable from build 12430 and above only)

Description

To fetch the TOTP of an account by passing its account ID.

URL

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountId}/totp

Headers

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>
orgName= <<org display name>>

HTTP Method

GET

Input Data

None

Sample Input

https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-Address>:<Port>/restapi/json/v1/accounts/{accountId}/totp

Sample Output

{
"operation": {
"name":"FETCH_CURRENT_TOTP",
"result": {
"message": "TOTP has been successfully fetched.",
"status": "Success",
"statusCode": 20000
},
"Details": {
"TOTP" : "82934234"
}
}


94. Fetch PGP Keys
(API applicable from build 13000 and above only)

Description

To fetch PGP Keys.

HTTPS Method

GET

Header

AUTHTOKEN=<<Authtoken_generated_from_Password_Manager_Pro>>

Input Data

The following data is to be passed as input:

  1. {"operation":{"Details":{"User":"test (test) <tes@test.com>","keyExportType":"public"}}}
  2. {"operation":{"Details":{"User":"test (test) <tes@test.com>","keyExportType":"private"}}}

Notes: 

  1. Specify 'public or 'private' in 'keyExportType' to indicate to fetch public or private key.
  2. If you are using special characters in the key "User", kindly escape them using the backslash.

Sample Request

  1. https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/api/pki/restapi/getPGPKey?INPUT_DATA={"operation":{"Details":{"User":"test (test) <tes@test.com>","keyExportType":"public"}}}
  2. https://<Host-Name-of-Password-Manager-Pro-Server-OR-IP-address>:<Port>/api/pki/restapi/getPGPKey?INPUT_DATA={"operation":{"Details":{"User":"test (test) <tes@test.com>","keyExportType":"private"}}}

Sample Response

Key file




Top