Get mapping details

This method returns all the details of specific directory mapping that is defined in the Vault.

To run this web service, the user must be a member of the Vault Admins group and have the following permissions:

  • Add/Update users

  • Manage Directory Mapping

URL

 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

 

https://<IIS_Server_Ip>/PasswordVault/api/Configuration/LDAP/Directories/{DirectoryUID}/Mappings/{id}

The following mandatory value is required in the URL:

Parameter

DirectoryUID

Type

String

Description

Unique ID of the directory from which users can log onto the Vault.

Parameter

id

Type

Integer

Description

Unique ID of the directory mapping

Resource Information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session.

Valid values

A session token that was returned from the “Logon” method, encoded in BASE 64.

Body parameters

None

Result

 
{
"LDAPBranch": "string",
"VaultGroups": [
"string"
],
"MappingAuthorizations": [
"AddUpdateUsers"
],
"Location": "string",
"AuthenticationMethod": [
"AuthTypePass"
],
"UserType": "string",
"DisableUser": true,
"UserActivityLogPeriod": 0,
"UserExpiration": 0,
"LogonFromHour": 0,
"LogonToHour": 0,
"MappingID": 0,
"DirectoryMappingOrder": 0,
"MappingName": "string",
"LDAPQuery": "string",
"DomainGroups": [
"string"
]

 

Parameter

mappingID

Type

Integer

Description

Unique ID of the directory mapping.

Parameter

mappingName

Type

String

Description

The name of the PAS role.
For example: Vault Admins, Safe Managers.

Parameter

directoryMappingOrder

Type

Integer

Description

The order in which Maps are matched with users and groups from the External Directory when determining if they can be created in the Vault.

Parameter

LDAPBranch

Type

String

Description

The LDAP branch that is used for external directory queries.

Parameter

domainGroups

Type

List of Strings

Description

Users who belong to these LDAP groups are assigned to relevant roles in the PAS system.

Parameter

ldapQuery

Type

String

Description

Filter applied to users in the specified branch to assign them to relevant roles in the PAS system.

Parameter

authenticationMethod

Type

List of Strings

Description

The authentication method used by users created by this map to log onto the Vault.

Parameter

userType

Type

String

Description

The interfaces that users in the current mapping can use to access the Vault.

This is only available to users with "Add/Update users" permissions.

Parameter

disableUser

Type

Boolean

Description

Whether or not users in the current mapping are temporarily inaccessible.

Parameter

userActivityLogPeriod

Type

Integer

Description

The number of days that activity records for users in the current mapping are stored before they can be deleted.

Parameter

userExpiration

Type

Integer

Description

The date in Unix time after which user accounts in the current mapping are no longer accessible. '0' (zero) indicates never.

Parameter

logonFromHour

Type

Integer

Description

The time from when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.

Parameter

logonToHour

Type

Integer

Description

The time until when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.

Parameter

mappingAuthorization

Type

List of Strings

Description

Security attributes and permissions that are applied when LDAP user accounts in the current mapping are created in the Vault.

For example: mappingAuthorization: AddSafes , AddUpdateUsers , ActivateUsers

Parameter

Location

Type

String

Description

The Vault location where users in the current mapping are added.

Return Codes

For a complete list of return codes, see Return Codes.