Deploy EPM web services
This topic introduces the Endpoint Privilege Manager web services, which enable you to automate tasks that are usually performed manually in the EPM console.
SDK Supported Platforms
The EPM Web Services SDK is a RESTful API that can be invoked by any RESTful client for various programming and scripting environments, including Java, C#, Perl, PHP, Python and Ruby.
Using the EPM Web Services SDK
The EPM Web Services SDK enables you to perform activities on EPM objects via a REST Web Service interface. Each EPM object has its own URL path in the EPM website that can be accessed using the relevant HTTP/S request verb.
|
Although you can use HTTP requests, for security reasons it is recommended to use HTTPS. If you use the APIs only to retrieve data, for security reasons it is recommended to create a user with read-only permissions and log in with this user to run the APIs. |
For information about the codes returned by the REST web services API commands, refer to Return Codes.
Policy types
For a full list of policy types, see Policy types.
Policy actions
For a full list of policy types, see Policy actions.
API versioning
This topic explains how to specify which REST API version you intend to implement.
By default, all called REST APIs are the latest version. You can manually change the version of the selected API by specifying the version to implement in the URL.
|
https://<EPM_Server>/EPM/API/22.9.0.1/Sets/<setId>/Events/<Category> |
|
|
Best practice: We recommend not specifying the version number in the REST API URL, which will run the latest version of the API. Review the EPM Release Notes to determine which APIs changed in each release. |
API limitations
|
These parameters are read-only and cannot be configured. |
Limitations for new APIs
Events and files
The following table lists the number of APIs that can be called for events and files in a specific timeframe.
|
Number of calls |
Timeframe |
|---|---|
|
1,000 |
5 minutes |
|
5 |
1 second |
The following table lists the number of events and files that can be extracted by APIs.
|
Number of events |
Timeframe |
|---|---|
|
100,000 |
24 hours |
New policy APIs
The following table lists the number of APIs that can be called for new policy APIs in a specific timeframe.
|
Number of calls |
Timeframe |
|---|---|
|
5 |
1 minute |
Application definitions
The following table lists the maximum number of application definitions that can be created in policies and application groups.
|
Definition type |
Maximum number of definitions |
|---|---|
|
Policies |
1,000 in each policy |
|
Application groups |
1,000 in each application group |
Limitations for deprecated APIs
|
Number of calls |
Timeframe |
|---|---|
|
5 |
1 minute |
Limit the concurrent login sessions
Only one login per minute per user is allowed using the API.
Return Codes
The following table lists all the return codes that are returned from the REST Web Services API.
|
Return Code |
Code Number |
Description |
|---|---|---|
|
Success |
200 |
The request succeeded. The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
Created |
201 |
The request was fulfilled and resulted in a new resource being created. |
|
Accepted |
202 |
The request has been accepted for processing, but the processing has not been completed. |
|
No Content |
204 |
The server successfully processed the request and is not returning any content (no response body). This code is typically returned by DELETE requests. |
|
Bad request |
400 |
The request could not be understood by the server due to incorrect syntax. |
|
Unauthorized |
401 |
|
|
Forbidden |
403 |
|
|
Not Found |
404 |
The requested resource could not be found, or the user does not have permissions for this resource. |
|
Method Not Allowed |
405 |
A request method is not supported for the requested resource. |
|
Request Timeout |
408 |
The request was received by the server, but there was a timeout reaching one of the next components. |
|
Conflict |
409 |
The request could not be completed due to a conflict with the current state of the resource. |
|
Internal Server Error |
500 |
The server encountered an unexpected condition which prevented it from fulfilling the request. |
