Suspend/resume an active session

This method enables the system to suspend or resume active PSM sessions with either of the following actions:

Action

The system will ...

Suspend

Prevent a user from interacting with an active session until a security manager resumes it. This allows security teams to review the potentially risky session's audit trail to determine whether to allow the privileged user to continue their work.

Resume

Resume the suspended active session and allow the privileged user to continue working.

For more information on configuration, see Active session monitoring settings.

 

URL

  • Make sure there are no spaces in the URL.

  • The following characters are not supported in URL values: + & %

  • If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

 

 

https://<IIS_Server_Ip>/PasswordVault/API/LiveSessions/<LiveSessionId>/<Action>/

The following mandatory values are required in the URL:

Parameter

LiveSessionsId

Type

String

Description

The unique ID of the PSM Active Session.

Valid values

-

Parameter

Action

Type

String

Description

The action that will be triggered by this method.

Valid values

Suspend, Resume

Resource information

HTTP method

POST

Content type

application/json

Header parameter

Parameter

Description

Authorization

The token that identifies the session, encoded in BASE 64. See Authentication.

Type: String

Mandatory: Yes

Default value: None

Configuration

  1. Log on to the PVWA as a user with the Administrator permission.

  2. Navigate to Administration > Options, and select PIM Suite Configuration > Privileged Session Management > General Settings > Server Settings > Live Sessions Monitoring Settings.

  3. Ensure that the AllowPSMNotifications setting is valued with Yes.

  4. Click Apply.

  5. Expand Live Sessions Monitoring Settings > Suspending Live Sessions Users and Groups and make sure that the user who will run the API or the group to which the user belongs is listed here.

  6. Click Apply and then click OK.

 

This parameter is not supported on PSM for SSH and OPM sessions.

Return codes

For a complete list of return codes, see Return Codes.