Generate an MFA caching SSH key for another user

This method can be triggered by a strong user to generate an MFA caching SSH key for a specific user to be used connecting to targets via PSM for SSH.

The user who runs this method requires the following permission in the Vault:

• Reset Users' Passwords

In addition, the user who runs this web service must be in the same Vault Location or higher as the user whose public SSH keys are retrieved.

URL

 

https://<IIS_Server_Ip>/PasswordVault/API/Users/{userID}/Secret/SSHKeys/Cache/

The following mandatory value is required in the URL:

Parameter	UserName
Type	String
Description	The name of the user whose MFA caching SSH key will be generated.   This username is not case-sensitive. Specify the name of any user in the Vault.
Valid values	Vault user name

Resource information

HTTP method	POST
Content type	application/json

Header parameter

Parameter	Description
Authorization	The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None

Body parameters

Parameter	formats
Type	json list of strings
Description	The list of formats to output the key, separated by commas. The list contains all or part of the values: {PPK, PEM, OpenSSH}
Mandatory	No
Default value	PEM

Parameter	keyPassword
Type	String
Description	The passphrase to protect the private key on generation.
Mandatory	No
Default value	no passphrase

Result

{'count': <number of private key types>, 'creationTime': <key creation time>, 'expirationTime': <key expiration time>, 'publicKey': <public key> 'value': [{'format': '<key format>', 'keyAlg': '<key encryption>', 'privateKey': <first private key> 'value': [{'format': '<key format>', 'keyAlg': '<key encryption>', 'privateKey': <second private key> 'value': [{'format': '<key format>', 'keyAlg': '<key encryption>', 'privateKey': <third private key>}]}

Return codes

For a complete list of return codes, see Return Codes.