Get onboarding rules
This method returns information about all the defined onboarding rules.
The user who runs this web service must belong to the Vault Admins group.
URL
-
Make sure there are no spaces in the URL.
-
The following characters are not supported in URL values: + & %
-
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/
|
|
|
The following optional value can be specified in the URL:
|
Parameter |
?name |
|
Type |
String |
|
Description |
A filter that specifies the rule name. Separate a list of names with commas. If none of the specified rules exist, the API returns an empty list. If a value for this parameter is not specified, the API returns all of the rules. |
|
Valid values |
A list of rule names, separated by commas. For example: ?name=rulename1,rulename2 |
Resource information
|
HTTP method |
GET |
|
Content type |
application/json |
Header parameter
|
Parameter |
Description |
|---|---|
|
Authorization |
The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None |
Body parameters
None
Result
|
|
Parameter |
RuleId |
|
Type |
Number |
|
Description |
A numeric identifier for the rule, assigned by the system. |
|
Parameter |
RuleName |
|
Type |
String |
|
Description |
Name of the rule. This is either auto-generated or specified by the user when the rule is created. |
|
Parameter |
TargetPlatformId |
|
Type |
String |
|
Description |
The ID of the platform that the onboarded account will be associated with. |
|
Parameter |
TargetDeviceType |
|
Type |
String |
|
Description |
Device type of the Target Platform |
|
Parameter |
TargetSafeName |
|
Type |
String |
|
Description |
The name of the Safe where the onboarded account will be stored. Security requirement: If the user is not an owner of the Safe, a null string will be returned. |
|
Parameter |
IsAdminIDFilter |
|
Type |
Boolean |
|
Description |
Whether or not only accounts with the following admin ID will be onboarded automatically according to this rule.
If this value is set to false, the admin ID will not be considered and all accounts matching the rule will be onboarded. |
|
Parameter |
MachineTypeFilter |
|
Type |
String |
|
Description |
The Machine Type by which to filter. |
|
Parameter |
SystemTypeFilter |
|
Type |
String |
|
Description |
The System Type by which to filter. |
|
Parameter |
UserNameFilter |
|
Type |
The name of the user by which to filter. |
|
Description |
String |
|
Parameter |
CreationTime |
|
Type |
Time |
|
Description |
The date and time when the rule was created. |
|
Parameter |
RulePrecedence |
|
Type |
Number |
|
Description |
The order in which the rules are run. Rules are ordered based on creation time. The most recently created rule will have a precedence of 1, the next most recently created rule will have a precedence of 2, and so on. During discovery, when a new account is discovered, it is first compared to the rule with precedence 1 to check if the account matches the rule's filters. If so, the account is onboarded according to the rule. If not, the account is compared to the next rule by precedence, and so on. |
|
Parameter |
UserNameMethod |
|
Type |
String |
|
Description |
The method to use when applying the username filter. |
|
Parameter |
AddressFilter |
|
Type |
String |
|
Description |
The IP address or DNS domain name of the machine by which to filter. |
|
Parameter |
AddressMethod |
|
Type |
String |
|
Description |
The method to use when applying the address filter. |
|
Parameter |
AccountCategoryFilter |
|
Type |
String |
|
Description |
Filter for privileged or non-privileged accounts. |
|
Parameter |
RuleDescription |
|
Type |
String |
|
Description |
A description of the rule. |
|
Parameter |
LastOnboardedTime |
|
Type |
Time |
|
Description |
The last time that an account was successfully onboarded using this rule. |
Return codes
For a complete list of return codes, see Return Codes.
