EPM Web Services

This topic introduces the Endpoint Privilege Manager Web Services, which enable you to automate tasks that are usually performed manually in the EPM console.

SDK Supported Platforms

The EPM Web Services SDK is a RESTful API that can be invoked by any RESTful client for various programming and scripting environments, including Java, C#, Perl, PHP, Python and Ruby.

Using the EPM Web Services SDK

The EPM Web Services SDK enables you to perform activities on EPM objects via a REST Web Service interface. Each EPM object has its own URL path in the EPM website that can be accessed using the relevant HTTP/S request verb.

 

Although you can use HTTP requests, for security reasons it is recommended to use HTTPS.

If you use the APIs only to retrieve data, for security reasons it is recommended to create a user with read-only permissions and log in with this user to run the APIs.

For information about the codes returned by the REST web services API commands, refer to Return Codes.

Policy types

For a full list of policy types, see Policy types.

Policy actions

For a full list of policy types, see Policy actions.

API versioning

This topic explains how to specify which REST API version you intend to implement.

By default, all called REST APIs are the latest version. You can manually change the version of the selected API by specifying the version to implement in the URL.

 

https://<EPM_Server>/EPM/API/22.9.0.1/Sets/<setId>/Events/<Category>

 

 

Best practice: We recommend not specifying the version number in the REST API URL, which will run the latest version of the API. Review the EPM Release Notes to determine which APIs changed in each release.

API limitations

 

These parameters are read-only and cannot be configured.

Limitations for new APIs

Events and files

The following table lists the number of APIs that can be called for events and files in a specific timeframe.

Number of calls

Timeframe

1,000

5 minutes

5

1 second

The following table lists the number of events and files that can be extracted by APIs.

Number of events

Timeframe

100,000

24 hours

New policy APIs

The following table lists the number of APIs that can be called for new policy APIs in a specific timeframe.

Number of calls

Timeframe

5

1 minute

Limitations for deprecated APIs

Number of calls

Timeframe

3

5 minutes

Limit the concurrent login sessions

Only one login per minute per user is allowed using the API.

Return Codes

The following table lists all the return codes that are returned from the REST Web Services API.

Return Code

Code Number

Description

Success

200

The request succeeded. The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action.

Created

201

The request was fulfilled and resulted in a new resource being created.

Accepted

202

The request has been accepted for processing, but the processing has not been completed.

No Content

204

The server successfully processed the request and is not returning any content (no response body). This code is typically returned by DELETE requests.

Bad request

400

The request could not be understood by the server due to incorrect syntax.

Unauthorized

401

  • The request requires user authentication.

  • Your session has expired and your user has been disconnected

Forbidden

403

  • The request was valid, but the server is refusing action. The user might not have the necessary permissions for the action.

  • The request was valid, but the usage limit according to the license was reached.

Not Found

404

The requested resource could not be found, or the user does not have permissions for this resource.

Method Not Allowed

405

A request method is not supported for the requested resource.

Request Timeout

408

The request was received by the server, but there was a timeout reaching one of the next components.

Conflict

409

The request could not be completed due to a conflict with the current state of the resource.

Internal Server Error

500

The server encountered an unexpected condition which prevented it from fulfilling the request.