Modules

This category covers the initialization and cleanup, and provisions versions of the API and backward compatibility. When version 1.1 or 2.0 are introduced, the initialization can still be performed against 1.0 and the API will be then responsible the upgrade input / downgrade output payloads in order to maintain compatibility.

This category exposes the translations stored in agent binaries if the integrator wants to replace some UI of the agent and take advantage of the existing translations. This is read only access to the dictionary by id or by message id.

This category covers the agent installation health, hardening, and the connectivity status. Installation health is based on SComC and SK service states. Both checks and control are provided for hardening and connectivity status.

This category covers identities of the user, their security identifiers (SID), and their digital certificates (with just public key or with private key).

This category covers the calls to build the inventory and hash the optical media.

This category covers access simulations in order to forecast behavior from the current user and provide a meaningful user interface (for example, there is no need to provide an encryption menu entry if the current user has no right to encrypt).

This category covers the local processing of logs and shadow files. The caller does not have to deal with native formats and compression, and can register multiple handlers if needed.

This category covers the local real-time notifications, which can be filtered by session. The caller does not have to deal with native formats and can register multiple handlers if needed.

This category covers the delivery of policies, triggers the refresh with the server (when running against a Device Control server), and provides some access to resultant machine options.

Ivanti Device Control allows disconnected clients to obtain special temporary permissions while offline.

OEM customizations.

This category covers the various support and diagnostics functions available on the API.

These functions enable the encryption, decryption, querying, and modification of encrypted data volumes.

If a user forgets their password for an encrypted volume, these functions enable recovery when combined with a server.

This category covers the calls to access, burn, and erase optical disks.

The API provides some helpers related to the cryptographic algorithm, which does rely on the OS CNG library.