Create an access request
This method creates an access request for a specific account. This account may be either a password account or an SSH Key account.
URL
|
-
Make sure there are no spaces in the URL.
-
The following characters are not supported in URL values: + & %
-
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/
Resource information
|
HTTP method |
Content type |
|---|---|
|
POST |
application/json |
Header parameter
|
Parameter |
Description |
|---|---|
|
Authorization |
The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None |
Body parameters
|
|
Parameter |
Description |
|---|---|
|
AccountId |
The ID of the account to access. Type: String Mandatory: Yes |
|
Reason |
The reason for accessing the account. Type: String Mandatory: No |
|
TicketingSystemName |
The name of the ticketing system specified in the request. Type: String Mandatory: No |
|
TicketID |
The ticket ID given by the ticketing system. Type: String Mandatory: No |
|
MultipleAccess |
Whether or not the request is for multiple access. Type: Boolean Mandatory: No Default value: No ??? |
|
FromDate |
If the request is for a timeframe, the time from when the user wants to access the account, in Unix time. Type: Integer Mandatory: No |
|
ToDate |
If the request is for a timeframe, the time until the user wants to access the account, in Unix time. Type: Integer Mandatory: No |
|
AdditionalInfo |
Additional information included in the request. A list of values that are predefined in the configuration. Type: List (key:value) Mandatory: No |
|
UseConnect |
Whether or not the request is for a connection through the PSM. Type: Boolean Mandatory: No |
|
ConnectionComponent |
If the connection is through PSM, the name of the connection component to connect with that is defined in the configuration. Type: String Mandatory: No |
|
ConnectionParams |
A list of parameters required to perform the connection, as defined in each connection component configuration. See Create an access request below. Type: List |
Connection parameters
|
Parameter |
Description |
|---|---|
|
value |
The content of the parameter. Type: String Valid values: Text |
|
ShouldSave |
Whether or not this value is saved with the account for future attempts to connect to the remote machine. Type: Boolean Valid values: True/False Default value: False |
Result
|
{ |
|
Parameter |
Description |
|---|---|
|
RequestID |
The request's unique ID, composed of the SafeName and internal RequestID. Type: Text |
|
SafeName |
The name of the Safe where the requested account is stored. Type: Text |
|
RequestorUserName |
The requestor's user name. Type: Text |
|
RequestorReason |
The requestor's reason for accessing the account, and any additional information. Type: Text |
|
Ticket ID |
The unique ID of the ticket. Type: Text |
|
Ticketing System |
The ticketing system that issued the ticket. Type: Text |
|
Emergency |
Whether or not this request is critical. Type: Boolean |
|
RefNo |
The unique reference number of this request. Type: Integer |
|
PSMRemoteMachine |
The address of the remote machine to access using the account in this request. Type: Text |
|
UserReason |
The reason given by the user for accessing the account in this request. Type: Text |
|
CreationDate |
The time when the request was created, in Unix time. Type: Integer |
|
Operation |
The operation that is performed with the account in this request. Type: Text |
|
ExpirationDate |
The time the request expires, in Unix time. Type: Integer |
|
OperationType |
The operation that was requested:
Type: Integer |
|
AccessType |
Whether the request is for single or multiple access. Type: Text |
|
ConfirmationsLeft |
The number of confirmers who still need to respond to the request. Type: Integer |
|
AccessFrom |
The time from when the account is needed, in Unix time. Type: Integer |
|
AccessTo |
The time until when the account is needed, in Unix time. Type: Integer |
|
Status |
The request status:
Type: Integer |
|
StatusTitle |
A description of the request status. Type: Text |
|
InvalidRequestReason |
If the request is invalid, this indicates what caused it to become invalid:
Type: Integer |
|
CurrentConfirmationLevel |
The current confirmation level:
Type: Integer |
|
RequiredConfirmersCountLevel2 |
The number of level 2 confirmers that need to respond. Type: Integer |
|
TicketingSystemProperties |
The list of ticketing system information. Type: List |
Ticketing system properties
|
Parameter |
Description |
|---|---|
|
Name |
The name of the ticketing system. Type: Text |
|
Number |
The ticket number. Type: Integer |
|
Status |
The status of the ticket.
Type: Integer |
Additional info/Additional details
|
Parameter |
Description |
|---|---|
|
AccountID |
An internal account ID that contains the SafeID and ObjectID. Type: Text |
Properties
|
Parameter |
Description |
|---|---|
|
Address |
The address of the machine where the account is used (IP or machine name). Type: Text |
|
Safe |
The Safe where the account is stored in the Vault. Type: Text |
|
Folder |
The folder where the account is stored in the Vault. Type: Text |
|
Name |
The unique name of the account in this request. Type: Text |
|
PolicyID |
The policy ID associated with this account. Type: Text |
|
PlatformName |
The platform associated with this account. Type: Text |
|
DeviceType |
The device type associated with this account. Type: Text |
|
LastVerifiedDate |
The time that this account was last verified. Type: Date/Time |
|
LastModifiedDate |
The time that this account was last modified. Type: Date/Time |
|
LastModifiedBy |
The name of the user who last modified the account specified in this request. Type: Date/Time |
|
LastUsedDate |
The last time when the account specified in this request was used. Type: Date/Time |
|
LastUsedBy |
The name of the last user who accessed the account specified in this request. Type: Text |
|
Username |
The name of the last user who accessed the account specified in this request. Type: Text |
|
LockedBy |
If the account specified in this request is locked, the name of the user locking it. Type: Text |
|
CPMDisabled |
The reason if the account specified in this request is disabled for automatic management. Type: Text |
|
CPMStatus |
The status of CPM management for the account specified in this request. Type: Text |
|
ManagedByCPM |
Whether or not the account specified in this request is managed by the CPM. Type: Boolean |
|
DeletedBy |
The name of the user who deleted the account specified in this request. Type: Text |
|
DeletionDate |
The time when the account specified in this request was deleted. Type: Date/Time |
|
ImmediateCPMTask |
If the account is flagged for an immediate CPM task, the task that will be performed. Type: Text |
|
LastCPMTask |
The last CPM task that was performed on the account specified in the request. Type: Text |
|
CreationDate |
The time when the request was created, in Unix time. Type: Integer |
|
IsSSHKey |
Whether or not this account contains an SSH key. Type: Boolean |
|
CreationMethod |
How this account was created in the Vault. Type: Text |
|
CPMErrorDetails |
Details of any CPM errors that were issued for this account. Type: Text |
|
RetriesCount |
The number of times that this account tried to log on to a remote machine. Type: Integer |
|
LastFailDate |
The last time this account failed to log on to a remote machine. Type: Date/Time |
|
LastTask |
The last task that this account was used for. Type: Task |
Confirmers
|
Parameter |
Description |
|---|---|
|
Type |
The type of confirmer.
Type: Integer |
|
ID |
The internal ID of the confirming user or group. Type: Integer |
|
Name |
The name ID of the confirming user or group. Type: Text |
|
Action |
The action performed by the confirmer.
Type: Integer |
|
Reason |
The reason for the confirmer's action. Type: Text |
|
ActionDate |
The time when the confirmer performed their action, in Unix time. Type: Integer |
Return codes
For a complete list of return codes, see Return Codes.
