REST API commands can be executed from either a remote machine or from the Ivanti Security Controls console. In most scenarios you will execute the commands from a remote machine. You might choose to execute commands from the console machine if your orchestrator is installed on the console machine, but this is not typical.

The following are required in order to use the REST API feature:

Ivanti Security Controls 2018.3 or later installed on the console machine

The REST API and all necessary components are automatically installed with Ivanti Security Controls 2018.3 or later. No configuration of these components is required.

On the console machine:

The Ivanti Security Controls Console Service must be running

Port 3121 must be enabled for listening

On the remote machines: If you choose to use the configuration setup script to prepare the remote machines, the PowerShell execution policy must be set to unrestricted

Use either HTTP or HTTPS to access the API

HTTPS is required when accessing the API from a remote machine. A popular option for accessing the API is to use PowerShell scripts. If default credentials are used, the requests must be invoked from an elevated PowerShell prompt.

If you choose to use a REST API tool such as Fiddler, cURL or Postman, the tool must be configured to work with either the NTLM or Negotiate authentication option.

For example, within Postman you must specify NTLM Authentication and provide the necessary credentials.