Create an access request
This method creates an access request for a specific account. This account may be either a password account or an SSH Key account.
URL
|
-
Make sure there are no spaces in the URL.
-
The following characters are not supported in URL values: + & %
-
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/
Resource information
HTTP method |
Content type |
---|---|
POST |
application/json |
Header parameter
Parameter |
Description |
---|---|
Authorization |
The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None |
Body parameters
|
Parameter |
Description |
---|---|
AccountId |
The ID of the account to access. Type: String Mandatory: Yes |
Reason |
The reason for accessing the account. Type: String Mandatory: No |
TicketingSystemName |
The name of the ticketing system specified in the request. Type: String Mandatory: No |
TicketID |
The ticket ID given by the ticketing system. Type: String Mandatory: No |
MultipleAccess |
Whether or not the request is for multiple access. Type: Boolean Mandatory: No Default value: No ??? |
FromDate |
If the request is for a timeframe, the time from when the user wants to access the account, in Unix time. Type: Integer Mandatory: No |
ToDate |
If the request is for a timeframe, the time until the user wants to access the account, in Unix time. Type: Integer Mandatory: No |
AdditionalInfo |
Additional information included in the request. A list of values that are predefined in the configuration. Type: List (key:value) Mandatory: No |
UseConnect |
Whether or not the request is for a connection through the PSM. Type: Boolean Mandatory: No |
ConnectionComponent |
If the connection is through PSM, the name of the connection component to connect with that is defined in the configuration. Type: String Mandatory: No |
ConnectionParams |
A list of parameters required to perform the connection, as defined in each connection component configuration. See Create an access request below. Type: List |
Connection parameters
Parameter |
Description |
---|---|
value |
The content of the parameter. Type: String Valid values: Text |
ShouldSave |
Whether or not this value is saved with the account for future attempts to connect to the remote machine. Type: Boolean Valid values: True/False Default value: False |
Result
{ |
Parameter |
Description |
---|---|
RequestID |
The request's unique ID, composed of the SafeName and internal RequestID. Type: Text |
SafeName |
The name of the Safe where the requested account is stored. Type: Text |
RequestorUserName |
The requestor's user name. Type: Text |
RequestorReason |
The requestor's reason for accessing the account, and any additional information. Type: Text |
Ticket ID |
The unique ID of the ticket. Type: Text |
Ticketing System |
The ticketing system that issued the ticket. Type: Text |
Emergency |
Whether or not this request is critical. Type: Boolean |
RefNo |
The unique reference number of this request. Type: Integer |
PSMRemoteMachine |
The address of the remote machine to access using the account in this request. Type: Text |
UserReason |
The reason given by the user for accessing the account in this request. Type: Text |
CreationDate |
The time when the request was created, in Unix time. Type: Integer |
Operation |
The operation that is performed with the account in this request. Type: Text |
ExpirationDate |
The time the request expires, in Unix time. Type: Integer |
OperationType |
The operation that was requested:
Type: Integer |
AccessType |
Whether the request is for single or multiple access. Type: Text |
ConfirmationsLeft |
The number of confirmers who still need to respond to the request. Type: Integer |
AccessFrom |
The time from when the account is needed, in Unix time. Type: Integer |
AccessTo |
The time until when the account is needed, in Unix time. Type: Integer |
Status |
The request status:
Type: Integer |
StatusTitle |
A description of the request status. Type: Text |
InvalidRequestReason |
If the request is invalid, this indicates what caused it to become invalid:
Type: Integer |
CurrentConfirmationLevel |
The current confirmation level:
Type: Integer |
RequiredConfirmersCountLevel2 |
The number of level 2 confirmers that need to respond. Type: Integer |
TicketingSystemProperties |
The list of ticketing system information. Type: List |
Ticketing system properties
Parameter |
Description |
---|---|
Name |
The name of the ticketing system. Type: Text |
Number |
The ticket number. Type: Integer |
Status |
The status of the ticket.
Type: Integer |
Additional info/Additional details
Parameter |
Description |
---|---|
AccountID |
An internal account ID that contains the SafeID and ObjectID. Type: Text |
Properties
Parameter |
Description |
---|---|
Address |
The address of the machine where the account is used (IP or machine name). Type: Text |
Safe |
The Safe where the account is stored in the Vault. Type: Text |
Folder |
The folder where the account is stored in the Vault. Type: Text |
Name |
The unique name of the account in this request. Type: Text |
PolicyID |
The policy ID associated with this account. Type: Text |
PlatformName |
The platform associated with this account. Type: Text |
DeviceType |
The device type associated with this account. Type: Text |
LastVerifiedDate |
The time that this account was last verified. Type: Date/Time |
LastModifiedDate |
The time that this account was last modified. Type: Date/Time |
LastModifiedBy |
The name of the user who last modified the account specified in this request. Type: Date/Time |
LastUsedDate |
The last time when the account specified in this request was used. Type: Date/Time |
LastUsedBy |
The name of the last user who accessed the account specified in this request. Type: Text |
Username |
The name of the last user who accessed the account specified in this request. Type: Text |
LockedBy |
If the account specified in this request is locked, the name of the user locking it. Type: Text |
CPMDisabled |
The reason if the account specified in this request is disabled for automatic management. Type: Text |
CPMStatus |
The status of CPM management for the account specified in this request. Type: Text |
ManagedByCPM |
Whether or not the account specified in this request is managed by the CPM. Type: Boolean |
DeletedBy |
The name of the user who deleted the account specified in this request. Type: Text |
DeletionDate |
The time when the account specified in this request was deleted. Type: Date/Time |
ImmediateCPMTask |
If the account is flagged for an immediate CPM task, the task that will be performed. Type: Text |
LastCPMTask |
The last CPM task that was performed on the account specified in the request. Type: Text |
CreationDate |
The time when the request was created, in Unix time. Type: Integer |
IsSSHKey |
Whether or not this account contains an SSH key. Type: Boolean |
CreationMethod |
How this account was created in the Vault. Type: Text |
CPMErrorDetails |
Details of any CPM errors that were issued for this account. Type: Text |
RetriesCount |
The number of times that this account tried to log on to a remote machine. Type: Integer |
LastFailDate |
The last time this account failed to log on to a remote machine. Type: Date/Time |
LastTask |
The last task that this account was used for. Type: Task |
Confirmers
Parameter |
Description |
---|---|
Type |
The type of confirmer.
Type: Integer |
ID |
The internal ID of the confirming user or group. Type: Integer |
Name |
The name ID of the confirming user or group. Type: Text |
Action |
The action performed by the confirmer.
Type: Integer |
Reason |
The reason for the confirmer's action. Type: Text |
ActionDate |
The time when the confirmer performed their action, in Unix time. Type: Integer |
Return codes
For a complete list of return codes, see Return Codes.