Get onboarding rules

This method returns information about all the defined onboarding rules.

The user who runs this web service must belong to the Vault Admins group.

URL

 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

 

 

https://<IIS_Server_Ip>/PasswordVault/api/AutomaticOnboardingRules/

{?name=<rulename1,rulename2,...>}

The following optional value can be specified in the URL:

Parameter

?name

Type

String

Description

A filter that specifies the rule name. Separate a list of names with commas.

If none of the specified rules exist, the API returns an empty list.

If a value for this parameter is not specified, the API returns all of the rules.

Valid values

A list of rule names, separated by commas.

For example: ?name=rulename1,rulename2

Resource information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session.

Valid values

A session token that was returned from the “Logon” method, encoded in BASE 64.

Body parameters

None

Result

 
{

"AutomaticOnboardingRules": [

{

"RuleId": <ID>,

"RuleName": "<rule name>",

"TargetPlatformId": "<platform ID>",

"TargetDeviceType": "<device type>",

"TargetSafeName": "<Safe name>",

"IsAdminIDFilter": <filter>,

"MachineTypeFilter": "<filter>",

"SystemTypeFilter": "<filter>",

"UserNameFilter": "<filter>",

"CreationTime": <time>,

"RulePrecedence": <precedence>,

"UserNameMethod": "<Equals>",

"AddressFilter": "<filter>",

"AddressMethod": "<Equals>",

"AccountCategoryFilter": "<Any>",

"RuleDescription": "<description>",

"LastOnboardedTime": <time>

},

],

"Total": <number>

}

 

Parameter

RuleId

Type

Number

Description

A numeric identifier for the rule, assigned by the system.

Parameter

RuleName

Type

String

Description

Name of the rule. This is either auto-generated or specified by the user when the rule is created.

Parameter

TargetPlatformId

Type

String

Description

The ID of the platform that the onboarded account will be associated with.

Parameter

TargetDeviceType

Type

String

Description

Device type of the Target Platform

Parameter

TargetSafeName

Type

String

Description

The name of the Safe where the onboarded account will be stored.

Security requirement: If the user is not an owner of the Safe, a null string will be returned.

Parameter

IsAdminIDFilter

Type

Boolean

Description

Whether or not only accounts with the following admin ID will be onboarded automatically according to this rule.

  • Unix accounts whose UID is 0

  • Windows accounts whose SID ends with 500

If this value is set to false, the admin ID will not be considered and all accounts matching the rule will be onboarded.

Parameter

MachineTypeFilter

Type

String

Description

The Machine Type by which to filter.

Parameter

SystemTypeFilter

Type

String

Description

The System Type by which to filter.

Parameter

UserNameFilter

Type

The name of the user by which to filter.

Description

String

Parameter

CreationTime

Type

Time

Description

The date and time when the rule was created.

Parameter

RulePrecedence

Type

Number

Description

The order in which the rules are run.

Rules are ordered based on creation time. The most recently created rule will have a precedence of 1, the next most recently created rule will have a precedence of 2, and so on.

During discovery, when a new account is discovered, it is first compared to the rule with precedence 1 to check if the account matches the rule's filters. If so, the account is onboarded according to the rule. If not, the account is compared to the next rule by precedence, and so on.

Parameter

UserNameMethod

Type

String

Description

The method to use when applying the username filter.

Parameter

AddressFilter

Type

String

Description

The IP address or DNS domain name of the machine by which to filter.

Parameter

AddressMethod

Type

String

Description

The method to use when applying the address filter.

Parameter

AccountCategoryFilter

Type

String

Description

Filter for privileged or non-privileged accounts.

Parameter

RuleDescription

Type

String

Description

A description of the rule.

Parameter

LastOnboardedTime

Type

Time

Description

The last time that an account was successfully onboarded using this rule.

Return codes

For a complete list of return codes, see Return Codes.