REST APIs

This section includes CyberArk's REST API commands, how to use them, and samples for typical implementations.

Overview

Use REST APIs to configure and automate workflows in Privilege Cloud.

You can automate tasks that are usually performed manually using the UI, and incorporate them into system and account-provisioning scripts.

REST APIs are included in Privilege Cloud and can be used without any additional configuration.

Each object has its own URL path in the Privilege Cloud Portal that can be accessed using the relevant HTTPS request.

REST APIs can be accessed with any tool or language that enables you to create HTTPS requests and handle HTTPS responses.

API URL structure

The Privilege Cloud API URL differs from the Privilege Cloud Portal URL:

Privilege Cloud Portal API URL

https://<subdomain>.privilegecloud.cyberark.cloud/PasswordVault/

depending on the API generation, the URL specifies either API or Webservices:

Gen 2: https://<subdomain>.privilegecloud.cyberark.cloud/PasswordVault/API/

Gen 1: https://<subdomain>.privilegecloud.cyberark.cloud/PasswordVault/WebServices//

Privilege Cloud Portal URL

https://<subdomain>.cyberark.cloud/privilegecloud/

Supported platforms

The Privilege Cloud SDK is a RESTful API that can be invoked by any RESTful client for various programming and scripting environments, including Java, C#, Perl, PHP, Python and Ruby.

Authorization requirement

For every REST API call except for Logon, the request must include an HTTPS header field named Authorization, containing the value of a session token received from the Logon activity.

For details about authentication, see Authentication.

In this section:

Return Codes

The following table lists all the return codes that are returned from the REST APIs.

Return Code

Code Number

Description

Success

200

The request succeeded. The actual response will depend on the request method used.

Created

201

The request was fulfilled and resulted in a new resource being created.

Accepted

202

The request has been accepted for processing.

No Content

204

The server successfully processed the request and is not returning any content (no response body). This code is typically returned by DELETE requests.

Bad request

400

The request could not be understood by the server due to incorrect syntax.

Unauthorized

401

The request requires user authentication.

Forbidden

403

The server received and understood the request, but will not fulfill it. Authorization will not help and the request MUST NOT be repeated.

Not Found

404

The server did not find anything that matches the Request-URI. No indication is given of whether the condition is temporary or permanent.

Conflict

409

The request could not be completed due to a conflict with the current state of the resource.

Too Many Requests

429

The user has sent too many requests in a given amount of time ("rate limiting").

Internal Server Error

500

The server encountered an unexpected condition which prevented it from fulfilling the request.

Not Implemented

501

The server does not support this operation due to version incompatibility.