Get authentication methods

This method returns a list of all existing authentication methods. Any user who is a member of the Vault admins group can run this web service.

URL

 
https://{PVWA_SERVER}/passwordvault/api/Configuration/AuthenticationMethods
 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

Resource information

HTTP method

Content type

GET

application/json

Header parameter

Parameter

Description

Authorization

The token that identifies the session, encoded in BASE 64.

Type: string

Mandatory: yes

Default value: none

Body parameters

None

Result

 
{
"Methods": [
{
"id": "windows",
"displayName": "",
"enabled": false,
"mobileEnabled": false,
"logoffUrl": "",
"secondFactorAuth": null,
"signInLabel": "",
"usernameFieldLabel": "",
"passwordFieldLabel": ""
},
{
"id": "saml",
"displayName": "",
"enabled": true,
"mobileEnabled": false,
"logoffUrl": "https://domain.com/idp/logoff",
"secondFactorAuth": null,
"signInLabel": "",
"usernameFieldLabel": "",
"passwordFieldLabel": ""
}
]}

Parameter

Description

id

The authentication module unique identifier.

Type: string

displayName

The display name of the authentication method.

Type: string

enabled

Whether or not the authentication method is enabled for use.

Type: bool

mobileEnabled

Whether or not the authentication method is available from the mobile application.

Type: bool

logoffURL

The logoff page URL of the third-party server. The user is redirected to this page in order to complete the logoff.

Type: string

secondFactorAuth

Defines which second factor authentication to use when connecting to the Vault. An empty value will disable the second factor authentication.

Valid values: cyberark, radius, ldap

Type: string

signInLabel

Defines the sign-in text for this authentication method. Relevant only for CyberArk, RADIUS and LDAP authentication methods.

Type: string

userNameFieldLabel

Defines the label of the username field for this authentication method. Relevant only for CyberArk, RADIUS, and LDAP authentication methods.

Type: string

passwordFieldLabel

Defines the label of the password field for this authentication method. Relevant only for CyberArk, RADIUS, and LDAP authentication methods.

Type: string

Return codes

For a complete list of return codes, see Return Codes.