Create an access request

This method creates an access request for a specific account. This account may be either a password account or an SSH Key account.

URL

 
https://<IIS_Server_Ip>/PasswordVault/API/MyRequests
  • Make sure there are no spaces in the URL.

  • The following characters are not supported in URL values: + & %

  • If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

Resource information

HTTP method

Content type

POST

application/json

Header parameter

Parameter

Description

Authorization

The token that identifies the session, encoded in BASE 64. See Authentication.

Type: String

Mandatory: Yes

Default value: None

Body parameters

 
{
:"accountId": "<Account id>",
"reason":"<Reason>",
"TicketingSystemName": "<Ticketing system>",
"TicketId": "<Ticketid>",
"ConnectionComponent":"<Connection compmonent id>",
"MultipleAccessRequired":<true\false>,
"FromDate":<0-max integer>,
"ToDate":<0-max integer>,
"AdditionalInfo":
{
"<Additional Info name>":"<Addition Info value>",
"<Additional Info name>":"<Addition Info value>"
},
"UseConnect":<true\false>,
"ConnectionParams":
{
"<Connection parameter name>":
{
"value":"<Connection parameter value>",
"ShouldSave<true\false>"
},
<Connection parameter name>:
{
"value":"<Connection parameter value>",
"ShouldSave<true\false>"
}
}
}

Parameter

Description

AccountId

The ID of the account to access.

Type: String

Mandatory: Yes

Reason

The reason for accessing the account.

Type: String

Mandatory: No

TicketingSystemName

The name of the ticketing system specified in the request.

Type: String

Mandatory: No

TicketID

The ticket ID given by the ticketing system.

Type: String

Mandatory: No

MultipleAccess

Whether or not the request is for multiple access.

Type: Boolean

Mandatory: No

Default value: No ???

FromDate

If the request is for a timeframe, the time from when the user wants to access the account, in Unix time.

Type: Integer

Mandatory: No

ToDate

If the request is for a timeframe, the time until the user wants to access the account, in Unix time.

Type: Integer

Mandatory: No

AdditionalInfo

Additional information included in the request. A list of values that are predefined in the configuration.

Type: List (key:value)

Mandatory: No

UseConnect

Whether or not the request is for a connection through the PSM.

Type: Boolean

Mandatory: No

ConnectionComponent

If the connection is through PSM, the name of the connection component to connect with that is defined in the configuration.

Type: String

Mandatory: No

ConnectionParams

A list of parameters required to perform the connection, as defined in each connection component configuration. See Create an access request below.

Type: List

Connection parameters

Parameter

Description

value

The content of the parameter.

Type: String

Valid values: Text

ShouldSave

Whether or not this value is saved with the account for future attempts to connect to the remote machine.

Type: Boolean

Valid values: True/False

Default value: False

Result

 

{
"RequestID":"<ID>",
"SafeName":"<Safe>",
"RequestorUserName":"<username>",
"RequestorReason":"(Ticket ID=<ticketid>)(Ticketing System=<ticketing system>) (Emergency=<true/false>)(RefNo=<number>)(PSMRemoteMachine=<machine>) <reason>",
"UserReason":"<reason>",
"CreationDate":<time/date>,
"Operation": "<operation>",
"ExpirationDate":<time/date>,
"OperationType":<operation>,
"AccessType":"<type>",
"ConfirmationsLeft":<number>,
"AccessFrom":<time/date>,
"AccessTo":<time/date>,
"Status":<status>,
"StatusTitle":"<title>",
"InvalidRequestReason":<number>,
"CurrentConfirmationLevel":<number>,
"RequiredConfirmersCountLevel2":<number>,
"TicketingSystemProperties":{
"Name":"name",
"Number":"<number>",
"Status":"<number>"
},|
"AdditionalInfo":{},
"AccountDetails":{
"AccountID":"<id>",
"Properties":{
"Address":"<address>",
"Safe":"<safe>",
"Folder":"<folder>",
"Name":"<accountname>",
"PolicyID":"<policy>",
"PlatformName":"<platform>",
"DeviceType":"<device>",
"LastVerifiedDate":"<date/time>",
"LastModifiedDate":"<date/time>",
"LastModifiedBy":"<user>",
"LastUsedDate":"<date/time>",
"LastUsedBy":"<username>",
"Username":"<username>",
"LockedBy":"<username>",
"CPMDisabled":"<reason>",
"CPMStatus":"<status>",
"ManagedByCPM":"<True/False>",
"DeletedBy":"<username>",
"DeletionDate":"<date/time>",
"ImmediateCPMTask":"<string>",
"LastCPMTask":"<string>",
"CreationDate":"<date/time>",
"IsSSHKey":"<true/false>",
"CreationMethod":"<string>",
"CPMErrorDetails":"<error>",
"RetriesCount":"<number>",
"LastFailDate":"<date/time>",
"LastTask":"<task>"
}
},
"Confirmers":[
{
"Type":<type>,
"ID":<id>,
"Name":"<name>",
"Action":<number>,
"Reason":"<reason>",
"ActionDate":<date/time>,
"AdditionalDetails":{},
"Members":null
}
]
}

Parameter

Description

RequestID

The request's unique ID, composed of the SafeName and internal RequestID.

Type: Text

SafeName

The name of the Safe where the requested account is stored.

Type: Text

RequestorUserName

The requestor's user name.

Type: Text

RequestorReason

The requestor's reason for accessing the account, and any additional information.

Type: Text

Ticket ID

The unique ID of the ticket.

Type: Text

Ticketing System

The ticketing system that issued the ticket.

Type: Text

Emergency

Whether or not this request is critical.

Type: Boolean

RefNo

The unique reference number of this request.

Type: Integer

PSMRemoteMachine

The address of the remote machine to access using the account in this request.

Type: Text

UserReason

The reason given by the user for accessing the account in this request.

Type: Text

CreationDate

The time when the request was created, in Unix time.

Type: Integer

Operation

The operation that is performed with the account in this request.

Type: Text

ExpirationDate

The time the request expires, in Unix time.

Type: Integer

OperationType

The operation that was requested:

  • 1 – Open

  • 2 – Get file

  • 4 – GetPassword

  • 7 – All

Type: Integer

AccessType

Whether the request is for single or multiple access.

Type: Text

ConfirmationsLeft

The number of confirmers who still need to respond to the request.

Type: Integer

AccessFrom

The time from when the account is needed, in Unix time.

Type: Integer

AccessTo

The time until when the account is needed, in Unix time.

Type: Integer

Status

The request status:

  • 1 - Waiting

  • 2 - Confirmed

  • 7 - Invalid

Type: Integer

StatusTitle

A description of the request status.

Type: Text

InvalidRequestReason

If the request is invalid, this indicates what caused it to become invalid:

  • 0 - None

  • 1 - Expired

  • 2 - Already been used

  • 4 - Missing supervisors

  • 8 - Confirmation setting have changed

  • 16 - Object has been deleted

  • 32 - Incompatible client version

  • 64 - Access time expired

  • 128 - Rejected

Type: Integer

CurrentConfirmationLevel

The current confirmation level:

  • Level 1

  • Level 2

Type: Integer

RequiredConfirmersCountLevel2

The number of level 2 confirmers that need to respond.

Type: Integer

TicketingSystemProperties

The list of ticketing system information.

Type: List

Ticketing system properties

Parameter

Description

Name

The name of the ticketing system.

Type: Text

Number

The ticket number.

Type: Integer

Status

The status of the ticket.

  • Validated

  • Not validated

  • Validation is not needed

Type: Integer

Additional info/Additional details

Parameter

Description

AccountID

An internal account ID that contains the SafeID and ObjectID.

Type: Text

Properties

Parameter

Description

Address

The address of the machine where the account is used (IP or machine name).

Type: Text

Safe

The Safe where the account is stored in the Vault.

Type: Text

Folder

The folder where the account is stored in the Vault.

Type: Text

Name

The unique name of the account in this request.

Type: Text

PolicyID

The policy ID associated with this account.

Type: Text

PlatformName

The platform associated with this account.

Type: Text

DeviceType

The device type associated with this account.

Type: Text

LastVerifiedDate

The time that this account was last verified.

Type: Date/Time

LastModifiedDate

The time that this account was last modified.

Type: Date/Time

LastModifiedBy

The name of the user who last modified the account specified in this request.

Type: Date/Time

LastUsedDate

The last time when the account specified in this request was used.

Type: Date/Time

LastUsedBy

The name of the last user who accessed the account specified in this request.

Type: Text

Username

The name of the last user who accessed the account specified in this request.

Type: Text

LockedBy

If the account specified in this request is locked, the name of the user locking it.

Type: Text

CPMDisabled

The reason if the account specified in this request is disabled for automatic management.

Type: Text

CPMStatus

The status of CPM management for the account specified in this request.

Type: Text

ManagedByCPM

Whether or not the account specified in this request is managed by the CPM.

Type: Boolean

DeletedBy

The name of the user who deleted the account specified in this request.

Type: Text

DeletionDate

The time when the account specified in this request was deleted.

Type: Date/Time

ImmediateCPMTask

If the account is flagged for an immediate CPM task, the task that will be performed.

Type: Text

LastCPMTask

The last CPM task that was performed on the account specified in the request.

Type: Text

CreationDate

The time when the request was created, in Unix time.

Type: Integer

IsSSHKey

Whether or not this account contains an SSH key.

Type: Boolean

CreationMethod

How this account was created in the Vault.

Type: Text

CPMErrorDetails

Details of any CPM errors that were issued for this account.

Type: Text

RetriesCount

The number of times that this account tried to log on to a remote machine.

Type: Integer

LastFailDate

The last time this account failed to log on to a remote machine.

Type: Date/Time

LastTask

The last task that this account was used for.

Type: Task

Confirmers

Parameter

Description

Type

The type of confirmer.

  • 1 - User

  • 2 - Group

Type: Integer

ID

The internal ID of the confirming user or group.

Type: Integer

Name

The name ID of the confirming user or group.

Type: Text

Action

The action performed by the confirmer.

  • 0 - Reject
  • 1 - Confirm

  • 2 - None

Type: Integer

Reason

The reason for the confirmer's action.

Type: Text

ActionDate

The time when the confirmer performed their action, in Unix time.

Type: Integer

Return codes

For a complete list of return codes, see Return Codes.