REST API commands can be executed from either a remote machine or from the Ivanti Security Controls console. In most scenarios you will execute the commands from a remote machine. You might choose to execute commands from the console machine if your orchestrator is installed on the console machine, but this is not typical.

The following are required in order to use the REST API feature:

  • Ivanti Security Controls 2018.3 or later installed on the console machine
  • The REST API and all necessary components are automatically installed with Ivanti Security Controls 2018.3 or later. No configuration of these components is required.

  • On the console machine:
    • The Ivanti Security Controls Console Service must be running
    • Port 3121 must be enabled for listening
  • On the remote machines, set up the Security Controls console certificate: see REST API Configuration and Setup Script.
  • Use either HTTP or HTTPS to access the API
  • HTTPS is required when accessing the API from a remote machine. A popular option for accessing the API is to use PowerShell scripts. If default credentials are used, the requests must be invoked from an elevated PowerShell prompt.

  • If you choose to use a REST API tool such as Fiddler, cURL or Postman, the tool must be configured to work with either the NTLM or Negotiate authentication option.
  • For example, within Postman you must specify NTLM Authentication and provide the necessary credentials.

  • The account you use must be a member of the local administrator group on the console machine.