ICS-Specific Configurations Using REST APIs
Monitoring NTP Status
To monitor NTP status:
Copy
Request
GET https://{{IP}}/api/v1/system/status/ntp
Response
{
"content-type": "application/json",
"content-length": "1129"
}
"{
"ntp-server-status":
{
"<IP Address>": {
"delay": "0.000",
"jitter": "0.000",
"offset": "0.000",
"pool": "64",
"reach": "0",
"refid": ".INIT.",
"remote NTP Server": "<IP Address>",
"stratum": "16",
"type": "u",
"when": "-"
},
"<IP Address>\": {
"delay": "0.000",
"jitter": "0.000",
"offset": "0.000",
"pool": "64",
"reach": "0",
"refid": ".INIT.",
"remote NTP Server": "<IP Address>",
"stratum": "16",
"type": "u",
"when": "-"
},
"<IP Address>": {
"delay": "0.000",
"jitter": "0.000",
"offset": "0.000",
"pool": "64",
"reach": "0",
"refid": ".INIT.",
"remote NTP Server": "<IP Address>",
"stratum": "16",
"type": "u",
"when": "-"
},
"<IP Address>": {
"delay": "0.000",
"jitter": "0.000",
"offset": "0.000",
"pool": "64",
"reach": "0",
"refid": ".INIT.",
"remote NTP Server": "<IP Address>",
"stratum": "16",
"type": "u",
"when": "-"
}
}
}"
Toggling Syslog Fault Tolerance setting
To toggle syslog fault tolerance settings:
Copy
Request
GET /api/v1/configuration/system/log/syslog-settings/syslog-setting/node1
Response
{
"content-type": "application/json",
"content-length": "197"
}
"{
"node": "node1",
"syslog-servers": {
"syslog-server": [
{
"communication-type": "tcp",
"fault-tolerant": "false",
"name": "<IP Address>"
}
]
}
}"
Request
PUT /api/v1/configuration/system/log/syslog-settings/syslog-setting
"{
"node": "node1",
"syslog-servers": {
"syslog-server": [
{
"communication-type": "tcp",
"fault-tolerant": "true",
"name": "<IP Address>"
}
]
}
}"
Response
{
"content-type": "application/json",
"content-length": "124"
}
"{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}"
Toggling the Telemetry Settings
To toggle the telemetry settings:
Copy
Request
GET /api/v1/configuration/system/configuration/telemetry
Response
{
"content-type": "application/json",
"content-length": "62"
}
"{
"crash-analytics": "false",
"google-analytics": "true"
}"
Request
PUT /api/v1/configuration/system/configuration/telemetry
"{
"crash-analytics": "true",
"google-analytics": "true"
}"
Response
{
"content-type": "application/json",
"content-length": "124"
}
"{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}"
Fetch SAML Service Provider
Fetch settings for ICS acting as SAML Service Provider.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/saml-config/sp?name=Test&peersp=Test' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json'
Response
{
"download_url": "/dana-admin/auth/servers.cgi?sdpauthname=saml1",
"idp_entity_id": "https://www.domain.com",
"idp_issuer": "https://www.domain.com",
"idp_signing_certificate": "-----BEGIN CERTIFICATE-----MIIFijCCA3ICCQCMXMKkHADNeTANBgkqhkiG9w0BAQsFADCBhjELMAkGA1UEBhMC\nWFgxEjAQBgNVBAgMCVN0YXRlTmFtZTERMA8GA1UEBwwIQ2l0eU5hbWUxFDASBgNV\nBAoMC0NvbXBhbnlOYW1lMRswGQYDVQQLDBJDb21wYW55U2VjdGlvbk5hbWUxHTAb\nBgNVBAMMFENvbW1vbk5hbWVPckhvc3RuYW1lMB4XDTIzMTEwMjAwMDE1NloXDTMz\nMTAzMDAwMDE1NlowgYYxCzAJBgNVBAYTAlhYMRIwEAYDVQQIDAlTdGF0ZU5hbWUx\nETAPBgNVBAcMCENpdHlOYW1lMRQwEgYDVQQKDAtDb21wYW55TmFtZTEbMBkGA1UE\nCwwSQ29tcGFueVNlY3Rpb25OYW1lMR0wGwYDVQQDDBRDb21tb25OYW1lT3JIb3N0\nbmFtZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANFFuS4bTyNeLgKZ\nL4TNqeLFusa+ueT2XH1Q7M219ROQ3Pxib4JM2Qd3upHlK6HKDWgImV19XL2B1OY3\n7xyVUeegpkkBXimnQQsYgtT1uCazhbgStN3RPs5BQKF6joogXf4w9lRvsk5W6Nck\nGNa4ibSodNizuMjb0PgOry1b7ae64g3ipmfnxriPuGVZoM4VYEAYcbHPtSuzcNJm\n/vVM5damhcF1gvMuTQSnN289XKdN/Lpd+RxlH6ZQf1iUQwPkg9MQ6dVIIUIKCXUb\nwi6NhNCKw9IoEBjEdoNhuH3nNDgMPMTszB2AZDnxI8xhyHIC+kS7F73fOTnd05Rc\nipwGtydIbO+E0VDyBp1zdFgus7Ex8gOqlJrZcXqnIZob7DE3W8XwTE8Cd4/u/Rym\nEJEgsjIWxJebFo1XAJaO/ui+nsCfnytjXfmCp8BKgkEvKL2mPC6JJGOJ/eN2cqtE\nFFe5Adh1qvjAhrzrFF7rz1Y3Kk9eEBl2jeilwESaBUn2uTX+2WraDo++Y2A9+y9/\nvj4BYp1AiGijLXZXaa70DEz6TFcHm/kzhtKszSm0JBfdv/xWRR2i5ZQOJsAiPKur\nrGNGDzWAeX2RR5rV6QGW+2w0nixQ0dzbhEMnETBHHTMf3kayaXjvJ2qV11XTY56P\nJKqiFtjz2J8Fp3tsc47gxqdXuFq5AgMBAAEwDQYJKoZIhvcNAQELBQADggIBAIyh\nCyiCgKZfZUONMl4TcC3p1Ru9lougLaV5A9sEMP6VrjpJUf2z8hitt5mOJR79e8SC\nF5Xe0gXj5gqbmpMT4uxYjNGTbD/Vg7AWk5/KXZaaDZDDiNAsZcMlEMt0NPqk6bWc\nEQfgJRSVnJnf3oS4wcSA712AIjT7JfyMYCdeu5aVetrmv8XEKk3s3wAjj0vFDIYX\nlaKSgdCmg055W8hWGzYDQe6voelwvQi35tQKxnKKfYF6+6FpRqOJ7h8MLaLoFLPo\nseA5oObpzXnD83LBbLTm7V57HkWoolBFV4vi7FfUs2QaugANP+Uw84TmmNzHYQQF\nXixqtqWs8nS6tGoIa+ASpSTExpA/iXmqpN0GQLrKitXEnewPrgw+lvxDGyF5OU3M\nP5C7c7CpCakF7laCAA0TOfcAHmlB/AXqyesijHno3EyCvqztqL+WADKE+7eEMkLh\nNnYu5wEm6QMapQb4bQzg8pXRdGAMJLpGUfiYPg4aaBhnS81M8WO8NsiGWZfUDZpX\nJfhA4lM53JOos44BwZbVcJONyUwpVeaVLvxhwidmwr7PL2suupGN9CO44NiqpbrK\niYT9yp2/leilJlWMKQieIwpMX5qMo9w+e00EanbM/+/CQ7moc7LbdsUVIpgUZJhm\n5QoJLEIT3Tg6nDAzPKrPtru4tFuB2wGj1ezKpz5Q\n-----END CERTIFICATE-----,
"idp_slo_service": "https://www.domain.com/slo",
"idp_transfer_url": "https://www.domain.com/transfer",
"status": "success",
"zta_auth_sp_acs_url": "https://sso.pulsesecureaccess.net/dana-na/auth/saml-consumer.cgi",
"zta_auth_sp_entity_id": "https://sso.pulsesecureaccess.net/dana-na/auth/saml-endpoint.cgi?p=sp1"
}
Fetch Metadata for a SAML
To fetch metadata for specified SAML auth server
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/saml-config/test/download-metadata' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json' \
-d ''
Response
{
"result":
"<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" cacheDuration=\"P9999DT0H0M0S\" entityID=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-endpoint.cgi?p=sp1\"><md:SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-logout.cgi?SpId=sp1\"/><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-consumer.cgi\" index=\"1\" isDefault=\"1\"/></md:SPSSODescriptor></md:EntityDescriptor>"
}
Fetch Status of SAML IdP configuration
To fetch status of SAML IdP configuration and the URL to download IdP metadata.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/saml-config/idp' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json'
Response
{
"download_url": "/dana-admin/auth/signinSAMLMDP.cgi?download=true",
"idp_entity_id": "https://sso.pulsesecureaccess.net/dana-na/auth/saml-endpoint.cgi",
"saas_apps_sp_entities": [],
"status": "success"
}Fetch IdP Signin Metadata
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/saml-config/idp/download-signin-metadata' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json' \
-d ''
Response
{
"result": "<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" cacheDuration=\"P365DT0H0M0S\" entityID=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-endpoint.cgi\"><md:IDPSSODescriptor WantAuthnRequestsSigned=\"1\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:KeyDescriptor use=\"signing\"><ds:KeyInfo xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"><ds:X509Data><ds:X509Certificate>\nMIIEnzCCA4egAwIBAgIIdyHjRDDysdUwDQYJKoZIhvcNAQELBQAwcjELMAkGA1UE\nBhMCPz8xCzAJBgNVBAgMAj8/MQswCQYDVQQHDAI/PzEPMA0GA1UECgwGSXZhbnRp\nMQswCQYDVQQLDAI/PzEYMBYGA1UEAwwPcHVsc2VzZWN1cmUubmV0MREwDwYJKoZI\nhvcNAQkBFgI/PzAeFw0yMzEwMzAyMTI3MDJaFw0yOTA0MjEyMTI3MDJaMHIxCzAJ\nBgNVBAYTAj8/MQswCQYDVQQIDAI/PzELMAkGA1UEBwwCPz8xDzANBgNVBAoMBkl2\nYW50aTELMAkGA1UECwwCPz8xGDAWBgNVBAMMD3B1bHNlc2VjdXJlLm5ldDERMA8G\nCSqGSIb3DQEJARYCPz8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI\nqhYS1PUbHP18RupW0dZRgd2Ul/fWapUYtoraE6Q92J575007aqlMJHetxOf7bq7c\nLITlR19xuw/oCXOajbltOl9A1SbiDKZmI0nyMKs7a9zunM2NKRX77IJ8FEe0CNQw\ncV1poMe6qF3xBGIV35Ou6iN8SGBK8oO7VwfG/bW7b7vWryXYleJvqpC2WGar/vwL\nqhDiC/FBak7ziBFMxwAvs5fxogXO/ziGh9PBDzUAlicOQGtNsnuOTlsBM1o/17yd\nM1CtI1byIqZlDKB4vCjSDivt+S6YeB+Foj5e1qnSe/EWO2NBSTLIJ6LVahffj3vc\n4qrhJA5Y3LrgWjJDm07VAgMBAAGjggE3MIIBMzAJBgNVHRMEAjAAMBEGCWCGSAGG\n+EIBAQQEAwIGQDAzBglghkgBhvhCAQ0EJhYkT3BlblNTTCBHZW5lcmF0ZWQgU2Vy\ndmVyIENlcnRpZmljYXRlMB0GA1UdDgQWBBQsNREiYq0w4R91WluEAcoEuHvcazCB\nmQYDVR0jBIGRMIGOoXakdDByMQswCQYDVQQGEwI/PzELMAkGA1UECAwCPz8xCzAJ\nBgNVBAcMAj8/MQ8wDQYDVQQKDAZJdmFudGkxCzAJBgNVBAsMAj8/MRgwFgYDVQQD\nDA9wdWxzZXNlY3VyZS5uZXQxETAPBgkqhkiG9w0BCQEWAj8/ghQTTlUiSNvfsnsK\n4DMOE9oAU1eQnTAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEw\nDQYJKoZIhvcNAQELBQADggEBADOJxbVJIP1qSPgfQTvjtdT5Lxe+L4vqee6BbIAK\njTJT0dRj6SvlPTxVyUXHc74eFCWGpDd4f+QOBNo6k6wGxsvBnFF7eGccqhPBIo2P\nGU3N27dj6MqPd+satdW0xmfEDsNXwV0nVvRJyX+B8YRzgNXoLy0xI2Lxu9uQcwWl\nkUHDpQwEhNug/8BZUN5B/xZwJnqTbsJVkhv8SIMA7vsT2olQYOD6jvBSjJSwGQca\nmyR949Uz8NDHoeOxTpN8lSIWe1e73OjXPOv57AU991fP1tXMqIKz6ju209DMV1mq\nHfchWCYDe6rmIcMJBDBp9CSBTtpUg9qqcLG0FG/BlOJrK/4=\n</ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:ArtifactResolutionService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:SOAP\" Location=\"https://sso.pulsesecureaccess.net/dana-ws/saml20.ws\" index=\"1\" isDefault=\"1\"/><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-logout.cgi\"/><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</md:NameIDFormat><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName</md:NameIDFormat><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-sso.cgi\"/><md:SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-sso.cgi\"/></md:IDPSSODescriptor></md:EntityDescriptor>"
}
Fetch Metadata for a Metadata Provider
Fetch metadata for specified metadata provider
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/saml-config/test?operation=download-saml-metadata' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json' \
-d ''
Response
{
"result": "<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" entityID=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-endpoint.cgi?p=sp1\"><md:SPSSODescriptor WantAssertionsSigned=\"0\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-logout.cgi?SpId=sp1\" index=\"-1\" isDefault=\"0\"/><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://sso.pulsesecureaccess.net/dana-na/auth/saml-consumer.cgi\" index=\"1\" isDefault=\"1\"/></md:SPSSODescriptor></md:EntityDescriptor>"
}
Update Entity IDs
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/saml/metadata-server-configuration?operation=updateEntityIds' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json' \
-d ''
Response
{
"result": {
"info": [
{
"message": "Update Entity Ids succeeded."
}
]
}
}
SAML Metadata Providers
To configure SAML Metadata Providers
Copy
Request
Put /api/v1/configuration/system/configuration/saml-configuration/metadata-providers/metadata-provider
Response
{
"accept-unsigned-metadata" : false,
"cert-subjectCN" : "",
"enable-signing-cert-validation" : false,
"entity-ids" : {},
"filename" : "saml_metadata.xml",
"local-location" : {
"saml-entity-ids" : null
}
"name" : "SAML",
"select-idp" : true,
"select-sp" : false,
"validity" : "0"
"xml-text" : "PG1kOkVudGl0eURlc2NyaXB0b3IgeG1sbnM6bWQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDptZXRhZGF0YSIgY2FjaGVEdXJhdGlvbj0iUDMzM0RUMEgwTTBTIiBlbnRpdHlJRD0iaHR0cHM6Ly9zc28ucHVsc2VzZWN1cmVhY2Nlc3MubmV0L2RhbmEtbmEvYXV0aC9zYW1sLWVuZHBvaW50LmNnaT9wPXNwMSI+PG1kOlNQU1NPRGVzY3JpcHRvciBwcm90b2NvbFN1cHBvcnRFbnVtZXJhdGlvbj0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48bWQ6U2luZ2xlTG9nb3V0U2VydmljZSBCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1SZWRpcmVjdCIgTG9jYXRpb249Imh0dHBzOi8vc3NvLnB1bHNlc2VjdXJlYWNjZXNzLm5ldC9kYW5hLW5hL2F1dGgvc2FtbC1sb2dvdXQuY2dpP1NwSWQ9c3AxIi8+PG1kOk5hbWVJREZvcm1hdD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZDwvbWQ6TmFtZUlERm9ybWF0PjxtZDpOYW1lSURGb3JtYXQ+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6ZW1haWxBZGRyZXNzPC9tZDpOYW1lSURGb3JtYXQ+PG1kOk5hbWVJREZvcm1hdD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDpYNTA5U3ViamVjdE5hbWU8L21kOk5hbWVJREZvcm1hdD48bWQ6TmFtZUlERm9ybWF0PnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OldpbmRvd3NEb21haW5RdWFsaWZpZWROYW1lPC9tZDpOYW1lSURGb3JtYXQ+PG1kOk5hbWVJREZvcm1hdD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDprZXJiZXJvczwvbWQ6TmFtZUlERm9ybWF0PjxtZDpOYW1lSURGb3JtYXQ+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5PC9tZDpOYW1lSURGb3JtYXQ+PG1kOk5hbWVJREZvcm1hdD51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDp0cmFuc2llbnQ8L21kOk5hbWVJREZvcm1hdD48bWQ6QXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlIEJpbmRpbmc9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpiaW5kaW5nczpIVFRQLVBPU1QiIExvY2F0aW9uPSJodHRwczovL3Nzby5wdWxzZXNlY3VyZWFjY2Vzcy5uZXQvZGFuYS1uYS9hdXRoL3NhbWwtY29uc3VtZXIuY2dpIiBpbmRleD0iMSIgaXNEZWZhdWx0PSIxIi8+PC9tZDpTUFNTT0Rlc2NyaXB0b3I+PC9tZDpFbnRpdHlEZXNjcmlwdG9yPg=="
}
Automatic Version Monitoring
To automate version monitoring:
Copy
Request
PUT /api/v1/configuration/system/maintenance/options
"{
"automatic-version-monitoring": \"false\"
}"
Response
{
"content-type": "application/json",
"content-length": "124"
}
"{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}"Enabling Read-Only Mode for the Administrator
To enable read-only mode for the adminstrator:
Copy
Request
GET /api/v1/configuration/system/configuration/telemetry
Response
{
content-type: application/json
content-length: 61
}
"{
"crash-analytics": "true",
"google-analytics": "true"
}"
Request
PUT /api/v1/configuration/system/configuration/telemetry
Response
Status: 403 forbiddenMapping Serial Numbers to Interfaces
To map serial numbers to interfaces:
You must mandatorily add "serial-number" attribute in JSON code for POST operations of certificates.
Copy
Request
GET /api/v1/configuration/system/configuration/certificates/device-certificates/device-certificate/{serial-number}
Host: <IP Address>
Authorization: Basic YWRtaW5kYjpkYW5hMTIz
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"device-certificate": [ { "href": "/api/v1/configuration/system/configuration/certificates/device-certificates/device-certificate/0A%3A90%3A0D%3AD0%3AE6%3AAF%3AC8%3A7E", "serial-number": "0A:90:0D:D0:E6:AF:C8:7E" } ]
}
Request
PUT /api/v1/configuration/system/configuration/certificates/device-certificates/device-
certificate/24%3AEE%3AC8%3ABB%3A00%3A00%3A00%3A00%3A12%3A73
"{
"internal-ports": {
"internal-port": ["<Internal Port>"]
},
"serial-number": "24:EE:C8:BB:00:00:00:00:12:73"
}"
Response
{
"content-type": "application/json",
"content-length": "128"
}
"{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}"
Device Intermediate Certificates
To add Intermediate Certificate:
Copy
Request
curl --location 'https://<ics-ip>/api/v1/configuration/system/configuration/certificates/device-intermediate-certificates/device-intermediate-certificate/' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
--data
'{
"cert-pem": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUd6akNDQkxhZ0F3SUJBZ0lRZUZTZWdtSHpGWWxJVk9MYzJXSnBFREFOQmdrcWhraUc5dzBCQVFzRkFEQXAKTVNjd0pRWURWUVFERXg1VVJsTWdUR0ZpY3lCRFpYSjBhV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3dIaGNOTWpJeApNREV3TVRjeE5qTTVXaGNOTXpJeE1ERXdNVGN5TmpNNFdqQXBNU2N3SlFZRFZRUURFeDVVUmxNZ1RHRmljeUJEClpYSjBhV1pwWTJGMFpTQkJkWFJvYjNKcGRIa3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUsKQW9JQ0FRRGpXcE1mRU9LT0JPN2Y3RjRnOFpTUHd3d3Y2amd4UTNZVkZGZXJVYktlUC8rYTJCZnBKL2szWmY3NQpSUGp2UlVLcHVtdjB4emdxY0J1LzdaV2VpZ2xPYTE0N1kybkNhT2pETXo5QVV2T3Z6VFBheWlLUmt0SHU1R0hICnM3OGEvVzA2ajZyUkwwa3luWWY1SUxBaHZnak8zQlhBbWJSRHYrZHZUQTE4NUQwWHZ0Z1dtYjl6T1VFVC8vUnUKbUx3YVhjY2lrOGwzZ0d4WW5EOTJxbVlsd0g4YTN1azdxUSt0OGpHQVBrQTdGS3lBVHI3eS92UXZ4RytzOGRIOAp0SS9RdEhhUzd1WW5aczI2UURQUEJocGFjL2owLzh5V2NIa2FVYll0VndFRG56MExhQmtIUHU5bkp5aURGZ1MyCnVHQTRvby95alE5SHZSbTVlTytkZmlXd2VjbExyL01hcUZ1RnQ4NGN5Y25jL2o5djd3NjVYOGE3bjF1SkgzejcKbDhvNlk5SXpDVEVwY2FmZkpkd2xZU0Z2VjJpbjNOdXpTNzk4QnROMjZEOWs0OWluN0RmNHc3d1VwM3JRb2lqRQp0VTZCdUZFa2I1aVpET3ZyTXJoYTNZeHhuK1NMbW9IMUpYYjZQR3Y4VVM1K0RtN1cybXRPTURaYjdOSXprZnI5CisyTnRTRmtLb2txRStVQWoyRzJaWHpSQnU5a2R3c0RwMkJpaG41WUJSRGNsUWVSRHVyc0t6ekkvdHpyTTU0cGsKNUNMQllyRzFTejVVamhlTUVnenZHVythNU1Zd3BkVjNGcFVYbDB6K2FVQzVJdmpXU0k4Rjg5TkdJQlovemhEagpoSEQvbVEwTHVOYm9pZmNJK2Jvd2UyNnZURzNITGIvOTh2WU9BeTVkWWkxcDdKUllpUUlEQVFBQm80SUI4RENDCkFld3dDd1lEVlIwUEJBUURBZ0dHTUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SFFZRFZSME9CQllFRkdxTHBZSTMKNUVTNFJVOVdZZ1B6LzN3WDBKSG9NQkFHQ1NzR0FRUUJnamNWQVFRREFnRUFNSUlCbVFZRFZSMGdCSUlCa0RDQwpBWXd3QmdZRVZSMGdBRENDQVlBR0NDb0RCSXN2UTFrRk1JSUJjakNDQVR3R0NDc0dBUVVGQndJQ01JSUJMaDZDCkFTb0FWQUJvQUdVQUlBQlVBRVlBVXdBZ0FFd0FZUUJpQUhNQUlBQkRBR1VBY2dCMEFHa0FaZ0JwQUdNQVlRQjAKQUdrQWJ3QnVBQ0FBUVFCMUFIUUFhQUJ2QUhJQWFRQjBBSGtBSUFCcEFITUFJQUJoQUc0QUlBQnBBRzRBZEFCbApBSElBYmdCaEFHd0FJQUJ5QUdVQWN3QnZBSFVBY2dCakFHVUFMZ0FnQUVNQVpRQnlBSFFBYVFCbUFHa0FZd0JoCkFIUUFaUUJ6QUNBQWRBQm9BR0VBZEFBZ0FHRUFjZ0JsQUNBQWFRQnpBSE1BZFFCbEFHUUFJQUJpQUhrQUlBQjAKQUdnQWFRQnpBQ0FBUXdCbEFISUFkQUJwQUdZQWFRQmpBR0VBZEFCbEFDQUFRUUIxQUhRQWFBQnZBSElBYVFCMApBSGtBSUFCaEFISUFaUUFnQUdZQWJ3QnlBQ0FBYVFCdUFIUUFaUUJ5QUc0QVlRQnNBQ0FBZFFCekFHRUFad0JsCkFDQUFid0J1QUd3QWVRQXVNREFHQ0NzR0FRVUZCd0lCRmlSb2RIUndPaTh2Y0d0cExtTnZjbkF1ZEdaemJHRmkKY3k1amIyMHZZM0J6TG1oMGJXd3dEUVlKS29aSWh2Y05BUUVMQlFBRGdnSUJBQm56NEVqUm5ua2hlQWtGYUNyUgpLL1NUd3AwSFl4V2U3aXh5VmlTRldZcllwUHU5Mnl6dy80WjFyT3phN0FGQUdyelV5TlF4TEtib1JpaG9BZEE3CkNndzNJcWN2YmlsdU0vOU5LNUhnbExnK041Y2x4VlFpeXFjTVRtMW5MRHU0Qi9PeXdmb3lOb0wySm8yZTg0NEoKSGY5enNhSDJBMU9wOEY4c1R3elR2R3NBVVNSaGpabDdNZEsxb3MzLzVzbXRXTmlRT2c5dEtVOEYxSEtuakZSaApPZ3Azdkljc1l3eXBsbDIrUEJYNG1IclFmelBCSFgzdmFxV1VRcTl0MHhzM0pCR3FrYXBIcEdlODdXa3hrSXFkCmpISnhFVXFRbmR1RFBZVkN0c05kQnVRU1R3ZG9ySjRBdFc4RHd2YzA4RDJnSFc1cCs0d1hNelkwc212M3BmbTUKMmhXbTJwblNjR2REMGZrRHJ0dC9EREpUS0hzd3cxWnhqUlhJdHI5b3I1QjhKVDhYMEFPbnJrSEhsRlRIeW5rUgo5STE2Rmdrc1E0bC9PZ25IdHp1eVU5MDM3c1BzS29hTmZlS3lGWWhOZzM2WDB0dERHQ1p4KytBY3F3MjBod2VKClZjd2dZbjNLa0RsVFBWR3p0ZU40N3BRNHl0U0liQjU1dmZWQmJBVWlEaUpjWXl5bFQ2S0pjdWdNdXFTRkY0S20KVFpwQ1Y1d3dSWGM1aVpCYnhqdFE1Ykc3b1JOSWRnYmY0cXJzNFJqVnh4QUNNTFlKMWF1V3dMamREaGZkQWowRQpWSVRyckNTc1hRVk93RWZsTjNKajI1SzdvR3g4NDNSSWp1OVplU0tuUy93TWJiOXRUTnE3bmVoZUMwdXZGYVh1ClNPdEQ5VWdUY1VhWld1SUI0eEEzdkxRMgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==",
"serial-number": "78:54:9E:82:61:F3:15:89:48:54:E2:DC:D9:62:69:10"
}'
Response
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
To Delete the Intermediate Certificates
Copy
curl --location --request DELETE 'https://<ics-ip>/api/v1/configuration/system/configuration/certificates/device-intermediate-certificates/device-intermediate-certificate/78:54:9E:82:61:F3:15:89:48:54:E2:DC:D9:62:69:10' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06'
Upgrading System Software
Ensure that there is a minimum diskspace of 2 GB available in /tmp directory. Rebooting the Gateway clears the /tmp directory incase if there is not enough space.
To upgrade system software:
Copy
Request
curl --location 'https://x.x.x.x/api/v1/system/maintenance/upgrade' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--form 'file=@"/Users/User1/Downloads/package-354.1.pkg"'
Response
{
"result": {
"info": [
{
"message": "Successfully Triggered Upgrade of System Software to 22.x (build xxxx). System will now reboot."
}
]
}
}
Upload Package
Copy
Request
curl --location 'https://x.x.x.x/api/v1/system/maintenance/upgrade?operation=stage-package' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--form 'file=@"/Users/User1/Downloads/package-354.1.pkg"
Response
{
"result": {
"info": [
{
"message": "Successfully staged service package 22.x (build xxxx)"
}
]
}
}
Staged Package Version
Copy
Request
curl --location 'https://x.x.x.x/api/v1/system/maintenance/staged-package-info' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
Response
{
"staged-package-version": " 22.x (build xxx)
}
Delete Stage Package
Copy
Request
curl --location --request POST 'https://x.x.x.x/api/v1/system/maintenance/upgrade?operation=delete-staged-package' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
Response
{
"result": {
"info": [
{
"message": "Successfully deleted staged service package 22.x (buid xxxx)"
}
]
}
}
Upgrade from Stage Package
Copy
Request
curl --location --request POST 'https://x.x.x.x/api/v1/system/maintenance/upgrade?operation=upgrade-from-staged-package' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
Response
{
"result": {
"info": [
{
"message": "Successfully Triggered Upgrade of System Software to 22.x (build xxxx)using staged service package. System will now reboot."
}
]
}
}
Downgrade
Downgrade using clean=true. This allows admin to stage or upgrade to a lower version package form the present one.
Usage of clean=true:
https://x.x.x.x/api/v1/system/maintenance/upgrade?clean=true
https://x.x.x.x/api/v1/system/maintenance/upgrade?operation=stage-package&clean=true
https://x.x.x.x/api/v1/system/maintenance/upgrade?operation=upgrade-from-staged-package&clean=true
Copy
Request
curl --location 'https://x.x.x.x/api/v1/system/maintenance/upgrade?clean=true
' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--form 'file=@"/Users/User1/Downloads/package-354.1.pkg"'
Response
{
"result": {
"info": [
{
"message": "Successfully Triggered Upgrade of System Software to 22.x (build xxxx). System will now reboot."
}
]
}
}
Restarting System Services
To Restart system services:
Copy
Request
POST /api/v1/system/maintenance HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "restart"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully triggered Restart of System Services"
}
]
}
}"
}
Rebooting System
To Reboot the system:
Ensure that there is a minimum diskspace of 2 GB available in /tmp directory. Rebooting the Gateway clears the /tmp directory incase if there is no enough space.
Copy
Request
POST /api/v1/system/maintenance HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "reboot"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully triggered Reboot"
}
]
}
}"
}Rebooting Cluster node
To Reboot cluster node:
Copy
Request
POST /api/v1/system/maintenance HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "reboot-node"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully triggered reboot of cluster node"
}
]
}
}"
}
Rebooting Entire Cluster
To Reboot entire cluster:
Copy
Request
POST /api/v1/system/maintenance HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "reboot-cluster"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully triggered reboot of entire cluster"
}
]
}
}"
}
Rolling Back System Software
To roll back system software:
Copy
Request
POST /api/v1/system/maintenance HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "rollback"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully triggered rollback"
}
]
}
}"
}
Enabling Console Password Protection
To enable console password protection:
Copy
Request
POST /api/v1/system/maintenance/password-protection HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "enable"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully enabled console password protection"
}
]
}
}"
}
Disabling Console Password Protection
To disable console password protection:
Copy
Request
POST /api/v1/system/maintenance/password-protection HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"operation": "disable"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"name" : "{
"result": {
"info": [
{
"message": "Successfully disabled console password protection"
}
]
}
}"
}
Creating a VLAN
To create a VLAN on a cluster node:
Copy
Request
POST /api/v1/configuration/system/network/vlans/Node88/vlan/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"arp-cache": {
"arp-entry": []
},
"name": "vlan-int-1",
"routes": {
"route": []
},
"settings": {
"default-gateway": "<IP Address>",
"default-vlan-interface": "false",
"enable-ipv6": "enabled",
"ip-address": "<IP Address>",
"ipv6-address": "<IPv6 Address>",
"ipv6-default-gateway": "<IPv6 Address>",
"ipv6-prefix-length": "64",
"is-enabled": "enabled",
"netmask": "<IP Address>",
"vlan-id": "2",
"vlan-parent": "0"
},
"virtual-ports": {
"virtual-port": []
}
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}Deleting a VLAN
To delete a VLAN from cluster node:
Copy
Request
DELETE /api/v1/configuration/system/network/vlans/Node88/vlan/vlan-int-1 HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating a User Role
To create a user role:
Copy
Request
POST /api/v1/configuration/users/user-roles/user-role/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"name": "rest-userrole-4",
"web": {
"web-bookmarks": {
"bookmark": [
{
"auto-allow": "disable",
"description": "",
"name": "web-bm-1",
"new-window": "false",
"no-address-bar": "false",
"no-tool-bar": "false",
"parent": "--none--",
"standard": {
"url": "http://www.msn.com"
}
}
]
},
"web-options": {
"browsing-untrusted-sslsites": "true",
"flash-content": "false",
"hpxproxy-connection-timeout": "1800",
"http-connection-timeout": "240",
"java-applets": "true",
"mask-hostname": "false",
"persistent-cookies": "false",
"rewrite-file-urls": "false",
"rewrite-links-pdf": "false",
"unrewritten-page-newwindow": "false",
"user-add-bookmarks": "false",
"user-enter-url": "false",
"users-bypass-warnings": "false",
"warn-certificate-issues": "true",
"websocket-connection-timeout": "900"
}
}
}
Response
HTTP/1.1 201 CREATED
Content-Length: 122
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Fetching the User Login Statistics
To fetch the user login statistics:
Copy
Request
GET /api/v1/system/user-stats HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 169
Content-Type: application/json
{
"user-stats": {
"allocated-user-count": "25",
"current-user-count": "0",
"max-active-user-count-24hrs": "1",
"min-active-user-count-24hrs": "0"
}
}
Updating the User Role Settings
To update the user role settings:
Copy
Request
PUT /api/v1/configuration/users/user-roles/user-role/rest-userrole-4 HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"name": "rest-userrole-4",
"web": {
"web-bookmarks": {
"bookmark": [
{
"auto-allow": "disable",
"description": "",
"name": "web-bm-1",
"new-window": "false",
"no-address-bar": "false",
"no-tool-bar": "false",
"parent": "--none--",
"standard": {
"url": "http://www.yahoo.com"
}
}
]
},
"web-options": {
"browsing-untrusted-sslsites": "true",
"flash-content": "false",
"hpxproxy-connection-timeout": "1800",
"http-connection-timeout": "240",
"java-applets": "true",
"mask-hostname": "false",
"persistent-cookies": "false",
"rewrite-file-urls": "false",
"rewrite-links-pdf": "false",
"unrewritten-page-newwindow": "false",
"user-add-bookmarks": "false",
"user-enter-url": "false",
"users-bypass-warnings": "false",
"warn-certificate-issues": "true",
"websocket-connection-timeout": "900"
}
}
}
Response
HTTP/1.1 200 OK
Content-Length: 122
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}Deleting a User Role
To delete a user role:
Copy
Request
DELETE /api/v1/configuration/users/user-roles/user-role/rest-userrole-4 HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating a User Realm
To create a user realm:
Copy
Request
POST /api/v1/configuration/users/user-realms/realm/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"accounting-server": "None",
"authentication-group": "",
"authentication-policy": {
"browser": {
"customized": "any-user-agent",
"user-agent-patterns": {
"user-agent-pattern": []
}
},
"certificate": {
"cert-key-value-pairs": {
"cert-key-value-pair": []
},
"customized": "allow-all-users"
},
"host-checker": {
"enforce-all-policies": "false",
"enforce-policy-list": null,
"evaluate-all-policies": "false",
"evaluate-logic": "all-policies-must-succeed",
"evaluate-policy-list": null
},
"limits": {
"guaranteed-minimum": null,
"limit-concurrent-users": "false",
"max-sessions-per-user": "1",
"maximum": null
},
"password": {
"primary-password-expiration-warning-days": "14",
"primary-password-management": "true",
"primary-password-minimum-length": "4",
"primary-password-restricted": "allow-passwords-of-minimum-length",
"secondary-password-expiration-warning-days": "14",
"secondary-password-management": "false",
"secondary-password-minimum-length": "4",
"secondary-password-restricted": "allow-passwords-of-minimum-length"
},
"source-ip": {
"customized": "any-ip",
"ips": {
"ip": []
}
}
},
"authentication-server": "AD server",
"description": "",
"device-server": "None",
"directory-server": "AD server",
"dynamic-policy": {
"dynamic-policy-evaluation": "false",
"refresh-interval": "60",
"refresh-policies": "false",
"refresh-roles": "false"
},
"editing-description": "false",
"inbound-ifmap-attributes": "false",
"migration-sharing-type": "enable-session-migration",
"name": "rest-user-realm",
"role-mapping-rules": {
"rule": [
{
"name": "rest-admin-rule",
"roles": [
"test1"
],
"stop-rules-processing": "false",
"user-name": {
"test": "is",
"user-names": [
"user1"
]
}
}
],
"user-selects-role": "false",
"user-selects-roleset": "false"
},
"secondary-authentication-settings": {
"authentication-must-succeed": "true",
"name": "-",
"password-input": "user",
"predefined-password": "",
"predefined-user-name": "",
"user-name-input": "user"
},
"session-migration": "false"
}
Response
HTTP/1.1 201 CREATED
Content-Length: 122
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Deleting a User Realm
To delete a user realm:
Copy
Request
DELETE /api/v1/configuration/users/user-realms/realm/rest-user-realm HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
Creating a Resource Profile
To create a web resource profile:
Copy
Request
POST /api/v1/configuration/users/resource-profiles/web-profiles/web-profile/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"custom": {
"bookmarks": {
"bookmark": [
{
"apply": "all",
"description": "",
"name": "web-resourceprofile",
"new-window": "false",
"no-address-bar": "false",
"no-tool-bar": "false",
"roles": null,
"url": "http://www.google.com"
}
]
},
"client-authentication": [],
"java-acl": [],
"rewriting-options": {
"ptp": [],
"selective-rewriting": "false",
"use-jsam": [],
"use-wsam": []
},
"sso-basic-ntlm-kerberos": [],
"sso-header": [],
"sso-post": [],
"url": "http://www.google.com",
"web-compression": [],
"webacl": [
{
"rules": {
"rule": [
{
"action": "allow",
"name": "Allow http://www.google.com:80/*",
"resource": "http://www.google.com:80/*"
}
]
}
}
],
"webcaching": []
},
"description": "",
"name": "web-resourceprofile",
"roles": [
"rest-userrole-3"
]
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Deleting a Resource Profile
To delete a web resource profile:
Copy
Request
DELETE /api/v1/configuration/users/resource-profiles/web-profiles/web-profile/web-resourceprofile HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating a Resource Policy
To create a web resource policy:
Copy
Request
POST /api/v1/configuration/users/resource-policies/web-policies/web-acls/web-acl/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
{
"action": "allow",
"apply": "selected",
"description": "",
"name": "web-acl-policy",
"parent-type": "none",
"resources": [
"<IP Address>:80,443/*"
],
"roles": [
"rest-userrole-1"
],
"rules": {
"rule": []
}
}
Response
HTTP/1.1 201 CREATED
Content-Length: 122
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Fetching a Resource Policy
To fetch a web resource policy:
Copy
Request
GET /api/v1/configuration/users/resource-policies/web-policies/web-acls/web-acl/name=web-acl-policy,parent-type=none HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 245
Content-Type: application/json
{
"action": "allow",
"apply": "selected",
"description": "",
"name": "web-acl-policy",
"parent-type": "none",
"resources": [
"<IP Address>:80,443/*"
],
"roles": [
"rest-userrole-1"
],
"rules": {
"rule": []
}
}
Deleting a Resource Policy
To delete a web resource policy:
Copy
Request
DELETE /api/v1/configuration/users/resource-policies/web-policies/web-acls/web-acl/name=web-acl-policy,parent-type=none HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonCreating an AD Authentication Server
Copy
Request
POST /api/v1/configuration/authentication/auth-servers/auth-server HTTP/1.1
Host: <IP Address>
Authorization: Basic QmJYZlZ6eER2Tzhodjh4NzhlU28vU1NNZ0tHelJJUHhsbC9pdjcrZlRxcz06
Content-Type: application/json
{
"ad": {
"server-catalog": {
"custom-variables": {
"custom-variable": []
},
"expressions": {
"custom-expression": []
},
"groups": {
"ad-group": []
}
},
"settings": {
"additional-options": {
"allow-trusted-domains": "false",
"change-machine-password-after-every": "0",
"enable-ntlm-protocol": "true",
"enable-periodic-password-change-of-machine-account": "false",
"kerberos": "true",
"max-domain-connections": "5",
"ntlm-protocol": "ntlmv2"
},
"container-name": "Computers",
"domain": "TEST",
"kerberos-realm": "TEST.SAQACERTSERV.COM",
"nodenames": [
{
"computer-name": "0332MWK0NRP111",
"machine-hardware-id": "0332MOGWK0NRP111S",
"node": "localhost2"
}
],
"password-encrypted": "3u+UR6n8AgABAAAAyCaUPKhCg3J/y46bhB4wz6mnupQH0oTHOTfTexJxP2k=",
"save-credentials": "true",
"username": "Administrator"
}
},
"logical-name": "",
"name": "AD-Server",
"user-record-sync": "false"
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Deleting an AD Authentication Server
Copy
Request
DELETE /api/v1/configuration/authentication/auth-servers/auth-server/AD-Server HTTP/1.1
Host: <IP Address>
Authorization: Basic QmJYZlZ6eER2Tzhodjh4NzhlU28vU1NNZ0tHelJJUHhsbC9pdjcrZlRxcz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonTroubleshooting in AD Authentication Server
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth/auth-server/test/troubleshoot?operation=test-user-pswd-change' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"user-name": "userName",
"old-password": "OldPassword",
"new-password": "NewPassword"
}'
Response
{
"result": {
"info": [
{
"message": "Password change for user userName"
}
]
}
}
Fetch API Key for Auth Server
To fetch API key for a Remote Profiler auth server
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/auth/auth-server/test/api-key' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"primary-api-key": "primary-api-key:qt675rt5rfff5jjikiu8",
"secondary-api-key": "secondary-api-key:qt675rt5rfff5jjikiu8"
}
To Fetch API key for a Remote Profiler server without first creating a Remote Profiler auth server configuration
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth/auth-server/api-key-without-saving' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"hostname": "1.1.1.1",
"username": "username",
"password": "password",
"validate-cert": 1,
"secondary-profiler-hostname": "1.1.1.2",
"secondary-profiler-username": "sec-username",
"secondary-profiler-password": "sec-password",
"secondary-profiler-validateCert": 0
}'
Response
{
"primary-api-key": "primary-api-key:qt675rt5rfff5jjikiu8",
"secondary-api-key": "secondary-api-key:qt675rt5rfff5jjikiu8"
}Test LDAP Connection
To test LDAP server connection without first creating an LDAP auth server configuration.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth/auth-server/ldap-test-connection' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"auth-server-name": "ldap_server",
"ldap-server": "10.204.50.81",
"ldap-port": 636,
"backup-server1": "10.204.50.82",
"backup-port1": 989,
"backup-server2": "10.204.50.87",
"backup-port2": 636,
"domain-name": "psecure.net",
"domain-port": 636,
"domain-enabled": 1,
"ldap-connection": "ldaps",
"server-type": "Active Directory",
"cert-validation": 1,
"ldap-cert-verify": 1,
"connection-timeout": 15,
"search-timeout": 60
}
Response
{
"result": [
{
"info": "For Server 1.1.1.1 at port 389 LDAP Server is reachable"
}
]
}
Creating an LDAP Authentication Server
Copy
Request
POST /api/v1/configuration/authentication/auth-servers/auth-server HTTP/1.1
Host: <IP Address>
Authorization: Basic QmJYZlZ6eER2Tzhodjh4NzhlU28vU1NNZ0tHelJJUHhsbC9pdjcrZlRxcz06
Content-Type: application/json
{
"ldap": {
"server-catalog": {
"attributes": {
"user-attribute": [
{
"name": "cn"
},
{
"name": "department"
},
{
"name": "departmentNumber"
},
{
"name": "employeeNumber"
},
{
},
{
"name": "o"
},
{
"name": "ou"
},
{
"name": "sAMAccountName"
},
{
"name": "uid"
},
{
"name": "homeDirectory"
},
{
"name": "homeDrive"
},
{
"name": "wWWHomePage"
}
]
},
"custom-variables": {
"custom-variable": []
},
"expressions": {
"custom-expression": []
},
"groups": {
"user-group": []
}
},
"settings": {
"admin-dn": "CN=Administrator,CN=Users,DC=test,DC=saqacertserv,DC=com",
"admin-password-encrypted":
}
"3u+UR6n8AgABAAAAQkYh+Te/ebXL7gSn+W6IEPOV2YFsaaikH2SVxkb8lTKzWhS1EPFlsNXBpuQP5sWXfeOYfjmhQSRZ5DP/z9UhQ/l16DDne9/u7Lw67HyE/8Q=",
"attribute-to-update-at-server": "",
"attribute-type": "type-integer",
"attribute-value-to-update-at-server": "<LOGINTIMELDAP>",
"authentication-required-to-search-ldap": "true",
"backup-port-1": null,
"backup-port-2": null,
"backup-server-1": "",
"backup-server-2": "",
"connection-timeout": "15",
"connection-type": "plain",
"enable-attribute-update-at-server": "false",
"group-base-dn": "",
"group-filter": "",
"ldap-server-type": "active-directory",
"meetings": {
"email-address": "mail",
"full-name": "displayname",
"name-attribute-mapping": "",
"user-name": "samaccountname"
},
"member-attribute": "",
"nested-group-level": "0",
"port": "389",
"query-attribute": "",
"reverse-group-search": "false",
"search-timeout": "60",
"server": "10.209.124.88",
"server-catalog": "catalog",
"test-user-dn": "",
"user-base-dn": "DC=test,DC=saqacertserv,DC=com",
"user-filter": "samaccountname=<USER>",
"validate-referral-cert": "verifyserverconfigured",
"validate-server-cert": "false"
}
},
"logical-name": "",
"name": "LDAP-Server",
"user-record-sync": "false"
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Group LDAP and AD Auth Servers
Group lookup for LDAP and AD auth servers
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/auth/auth-server/test/groups' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"groups": [
{
"DN": "Group1",
"Type": "static"
},
{
"DN": "Group2",
"Type": "dynamic"
}
]
}Unlock Users Local Auth Server
To Unlock Users under Local Auth Server.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth/auth-server/test/users?operation=unlock' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"users": {
"users": [
"user1",
"user2"
]
}
}'
Response
{
"result": {
"info": [
{
"message": "Successfully unlocked users: user1, user3. Not found user: user2"
}
]
}
}User Operation in Auth Server
Perform selected operation on given auth server
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth/auth-server/test?operation=testcredential' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"base_dn": "dc=sales,dc=com",
"filter": "cn=User1"
}'
Response
{
"groups": [
{
"DN": "Group1",
"Type": "static"
},
{
"DN": "Group2",
"Type": "dynamic"
}
]
}Simulating Auth Server Variables
To simulate custom variables and expressions
Copy
Response
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization/database/retrieve-stats' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-d ''
Request
{
"records-count": 1
}
Creating a Radius Server
Copy
Request
POST /api/v1/configuration/authentication/auth-servers/auth-server HTTP/1.1
Host: <IP Address>
Authorization: Basic
QmJYZlZ6eER2Tzhodjh4NzhlU28vU1NNZ0tHelJJUHhsbC9pdjcrZlRxcz06
Content-Type: application/json
{
"logical-name": "",
"name": "Radius-Server",
"radius": {
"server-catalog": {
"attributes": {
"user-attribute": []
},
"custom-variables": {
"custom-variable": []
},
"expressions": {
"custom-expression": []
}
},
"settings": {
"accounting-port": "1813",
"authenticate-with-tokens-onetimepassword": "false",
"authentication-port": "1812",
"backup-accounting-port": "1813",
"backup-authentication-port": "1812",
"backup-server": "<IP Address>",
"backup-shared-secret-encrypted": "3u+UR6n8AgABAAAA2Th1sUV9vXDS9gRdMt1yCB4Ol6tacMTwhWsTlIFd7Q4=",
"custom-radius-rules": {
"custom-radius-rule": []
},
"interim-update-interval": null,
"load-balance-auth": "false",
"nasid": "",
"nasipaddr": "<IP Address>",
"process-radius-disconnect": "false",
"retries": "0",
"server": "<IP Address>",
"shared-secret-encrypted": "3u+UR6n8AgABAAAA2Th1sUV9vXDS9gRdMt1yCB4Ol6tacMTwhWsTlIFd7Q4=",
"timeout": "30",
"use-nc-assigned-ip": "false",
"use-subsession-interim-update": "false",
"user-name": "<USER>(<REALM>)[<ROLE SEP=\",\">]"
}
},
"user-record-sync": "false"
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
Modifying Radius Server Details
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/Radius-Server HTTP/1.1
Host: <IP Address>
Authorization: Basic QmJYZlZ6eER2Tzhodjh4NzhlU28vU1NNZ0tHelJJUHhsbC9pdjcrZlRxcz06
Content-Type: application/json
{
"name": "Radius-Server",
"radius": {
"settings": {
"backup-accounting-port": "1814",
"backup-authentication-port": "1816",
"backup-server": "<IP Address>"
}
}
}
Response
HTTP/1.1 200 OK
Content-Length: 128
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
} Creating Sign-In-Policy
Copy
Request
POST /api/v1/configuration/authentication/signin/urls/access-urls/access-url/ HTTP/1.1
Host: <IP Address>
Authorization: Basic MEthMXM0MmJraHpjYms0WFZCZ29Xb3k1Nk5NL3JqaDBwQ05iTmFhUlh5ST06
Content-Type: application/json
{
"description": "",
"enabled": "true",
"page": "Default Sign-In Page",
"realm-select": "pick-list",
"url-pattern": "test/url3/",
"user": {
"enable-new-ux-pages": "false",
"meeting-url": "*/meeting/",
"post-authentication-signin-notification-id": "None",
"post-authentication-signin-notification-skip": "false",
"pre-authentication-signin-notification-id": "None",
"realms": [
"Users"
]
}
}
Response
HTTP/1.1 201 CREATED
Content-Length: 128
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting Sign-in-Policy
Copy
Request
DELETE /api/v1/configuration/authentication/signin/urls/access-urls/access-url/test%5C%2Furl3%5C%2F HTTP/1.1
Host: <IP Address>
Authorization: Basic MEthMXM0MmJraHpjYms0WFZCZ29Xb3k1Nk5NL3JqaDBwQ05iTmFhUlh5ST06
Cache-Control: no-cache
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonDisabling Sign-in-URL
Copy
Request
PUT /api/v1/configuration/authentication/signin/urls/access-urls/access-url/test%5C%2Furl1%5C%2F/enabled HTTP/1.1
Host: <IP Address>
Authorization: Basic MEthMXM0MmJraHpjYms0WFZCZ29Xb3k1Nk5NL3JqaDBwQ05iTmFhUlh5ST06
Content-Type: application/json
{
"enabled": "false"
}
Response
HTTP/1.1 200 OK
Content-Length: 128
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Creating a Web Bookmark for a Role
To create a web bookmark for a role:
Copy
Request
POST /api/v1/configuration/users/user-roles/user-role/rest-userrole-1/web/web-bookmarks/bookmark HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
Content-Type: application/json
Cache-Control: no-cache
{
"auto-allow": "disable",
"description": "",
"name": "webbm",
"new-window": "false",
"no-address-bar": "false",
"no-tool-bar": "false",
"parent": "--none--",
"standard": {
"url": "http://www.yahoo.com"
}
}
Response
HTTP/1.1 201 CREATED
Content-Length: 122
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Reordering
For re-ordering existing ordered elements in the configuration, a PUT API can be used with an 'order' suffix. This API can be used to reorder any ordered element in the configuration including role-mapping-rules, resource policies and ACLs.
Example: Reorder existing role-mapping-rules in a specific realm.
Copy
Request
PUT /api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/order HTTP/1.1
Host: <IP Address>
Authorization: Basic Y1VPZE1XZ1ZubVEvVnIrcWwrd3lJY3F0Y05WTGhDVkx1M0wrdk5YR3hzVT06
Content-Type: application/json
{
"rule": [
{
"href": "/api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/rule3"
},
{
"href": "/api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/rule1"
}
]
}
Response
HTTP/1.1 200 OK
content-length: 122
content-type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Fetching the Resource with Multiple Identifiers
Example: Retrieve one of SNMP Trap server configured on ICS device
Copy
Request
GET /api/v1/configuration/system/log/snmp/localhost2/trap-servers/trap-server/ip=1.1.1.1,port=162 HTTP/1.1
Host: <IP Address>
Authorization: Basic T0o1dzVpK3g4U0dKV0d1TkJCdWlwVzREaUc0SjZvbkExMVljc0RtNU14bz06
Response
HTTP/1.1 200 OK
content-length: 65
content-type: application/json
{
"community": "public",
"ip": "<IP Address>",
"port": "162"
}
Updating Resource Identified Using Multiple Identifiers
Example: Updating the community string for specific SNMP trap server identified by IP and port
Copy
Request
PUT /api/v1/configuration/system/log/snmp/localhost2/trap-servers/trap-server/ip=1.1.1.1,port=162/community HTTP/1.1
Host: <IP Address>
Authorization: Basic T0o1dzVpK3g4U0dKV0d1TkJCdWlwVzREaUc0SjZvbkExMVljc0RtNU14bz06
Content-Type: application/json
{
"community": "pulsesecure"
}
Response
HTTP/1.1 200 OK
content-length: 122
content-type: application/json
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error!"
}
]
}
}
Fetching Active Number of HTML5 Sessions
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/stats
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
Example:
curl -k -u Tv6YQPETDVOxeO0LCkcOfWeQ5qeET2WStO8GbilIltA=: https://<IP Address>/api/v1/stats
Response
content-type: application/json
{
"active-advanced-html5-sessions": {
"active-advanced-html5-sessions-rdp": 0,
"active-advanced-html5-sessions-ssh": 0,
"active-advanced-html5-sessions-telnet": 0,
"active-advanced-html5-sessions-total": -2,
"active-advanced-html5-sessions-vnc": 0
},
"active-basic-html5-sessions": {
"active-basic-html5-sessions-rdp": 0,
"active-basic-html5-sessions-ssh": 0,
"active-basic-html5-sessions-telnet": 0,
"active-basic-html5-sessions-total": 0
},
"cpu-load": {
"average-cpu-load": "0.33",
"dsagentd-load": "0.00",
"is-cpu-overloaded": "false",
"is-dsagentd-overloaded": "false"
}
}Fetching Active Number of Basic HTML5 Sessions
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/stats/active-basic-html5-sessions
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
Example:
curl -k -u Tv6YQPETDVOxeO0LCkcOfWeQ5qeET2WStO8GbilIltA=: https://<IP Address>/api/v1/stats/ active-basic-html5-sessions
Response
content-type: application/json
{
"active-basic-html5-sessions-rdp": 0,
"active-basic-html5-sessions-ssh": 0,
"active-basic-html5-sessions-telnet": 0,
"active-basic-html5-sessions-total": 0
}
Fetching Active Number of Advanced HTML5 Sessions
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/stats/active-advanced-html5-sessions
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
Example:
curl -k -u Tv6YQPETDVOxeO0LCkcOfWeQ5qeET2WStO8GbilIltA=: https://<IP Address>/api/v1/stats/
active-advanced-html5-sessions
Response
content-type: application/json
{
"active-advanced-html5-sessions-rdp": 0,
"active-advanced-html5-sessions-ssh": 0,
"active-advanced-html5-sessions-telnet": 0,
"active-advanced-html5-sessions-total": -2,
"active-advanced-html5-sessions-vnc": 0
}
Updating Password in Clear Text
Example: Updating password of System Local User.
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/System%20Local/local/users/user/user0001/password-cleartext HTTP/1.1
Host: <IP Address>
Authorization: Basic T0o1dzVpK3g4U0dKV0d1TkJCdWlwVzREaUc0SjZvbkExMVljc0RtNU14bz06
Content-Type: application/json
{
"password-cleartext": "Psecure"
}
Response
HTTP/1.1 200 OK
content-length: 128
content-type: application/json
{
"result": {
"warnings": [
{
"message": "The configuration has been implicitly changed"
}
]
}
}
Applying Authcode and Downloading Licenses from PCLS on VA-SPE|PSA-V
This REST API can be used to download the license key from PCLS and install on the Virtual Appliance.
Copy
Request
PUT /api/v1/license/auth-code HTTP/1.1
Host: <IP Address>
Authorization: Basic TnBDUk1veFFFQTJKZjM0S2ZxV2JKUlhRaDJaWGFrYnkvWVpTR3hhNTdmbz0=
Content-Length: 35
Content-Type: application/json
{
"auth-code":"<auth-code-to-apply>"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 191
{
"result": {
"info": [
{
"message": "Installed new license key \"landmark utility prestige trip mayor diesel faucet summer prestige income heritage\""
}
]
}
}
Applying License
Copy
Request
PUT /api/v1/license/license-key?action=install HTTP/1.1
Host: <IP Address>
Authorization: Basic TnBDUk1veFFFQTJKZjM0S2ZxV2JKUlhRaDJaWGFrYnkvWVpTR3hhNTdmbz0=
Content-Type: application/json
{
"keys":[
"key1",
"key2",
….
]
}
Example:
{
"keys":[
"operation tree crayon holiday kingdom lasso doorway square dish modem gecko",
"buffalo safety inch topaz banquet nitrogen garnish step recital wedge trace"
]
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Installed licenses"
}
]
}
}
Getting License Capacity
To get license capacity info.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/license-capacity' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"capacity": [
{
"auto-leasing": "off",
"feature-leased": 0,
"feature-name": "Concurrent Users for ISA",
"installed-count": 1000000,
"leased-count": 0,
"total-count": 2
},
{
"auto-leasing": "off",
"feature-leased": 0,
"feature-name": "Advanced HTML5 users",
"installed-count": 0,
"leased-count": 0,
"total-count": 2
}
],
"feature-count": 3,
"on-va": "false"
}
Deleting License
Copy
Request
PUT /api/v1/license/license-key?action=delete HTTP/1.1
Host: <IP Address>
Authorization: Basic TnBDUk1veFFFQTJKZjM0S2ZxV2JKUlhRaDJaWGFrYnkvWVpTR3hhNTdmbz0=
Content-Type: application/json
{
"keys":[
"key1",
"key2",
….
]
}
Example:
{
"keys":[
"operation tree crayon holiday kingdom lasso doorway square dish modem gecko",
"buffalo safety inch topaz banquet nitrogen garnish step recital wedge trace"
]
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Deleted <number> licenses"
}
]
}
}
Applying License Auth Code
To apply license Auth Code.
Copy
Request
curl -X 'PUT' \
'https://<ICS-ip>/api/v1/license/auth-code' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"auth-code": "xxxxxxxxx"
}'
Response
{
"result": {
"info": [
{
"message": "Installed new license key \"landmark utility prestige trip mayor diesel faucet summer prestige income heritage\""
}
]
}
}Fetch Leased License Info
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/leased-license-info' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"feature-count": 0,
"node-feature-str": null,
"nodes": [],
"tbv-expired-across-cluster": 1
}
Getting Maximum Licensed Concurrent Users
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/max-licensed-concurrent-users' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"max-licensed-concurrent-users": 2
}
Fetch License Agreement Text
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/license-agreement-text' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"agreement-text": "string"
}
Fetch Last Contact Time
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/license-server-last-contact-time' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"last-contact-time": "06:29:18 AM on May 25, 2022"
}
To fetch PCLS last contact time.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/pcls/last-contact-time' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"last-contact-time": "06:29:18 AM on May 25, 2022"
}
Getting License Clients
Copy
Request
GET /api/v1/license/license-clients HTTP/1.1
Host: <IP Address>
Authorization: Basic TnBDUk1veFFFQTJKZjM0S2ZxV2JKUlhRaDJaWGFrYnkvWVpTR3hhNTdmbz0=
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"license_clients": [
{
"feature_capacities": [
{
"feature_name": "add_user_count",
"leased_value": 25
},
{
"feature_name": "onboard",
"leased_value": 0
},
{
"feature_name": "embeddedrdpapplet",
"leased_value": 0
},
{
"feature_name": "vm_cores_leasable",
"leased_value": 4
},
{
"feature_name": "add_meeting_user_count",
"leased_value": 0
},
{
"feature_name": "cloudsecure_count",
"leased_value": 0
},
{
"feature_name": "named_user_count",
"leased_value": 0
},
{
"feature_name": "ueba",
"leased_value": 0
}
],
"last_renewal": "Wed, 04 Dec 2019 06:32:26 GMT",
"machine_id": "VASPH3944M9D8551S",
"name": "va_spe_3_3_125_4"
},
{
"feature_capacities": [
{
"feature_name": "add_user_count",
"leased_value": 25
},
{
"feature_name": "onboard",
"leased_value": 0
},
{
"feature_name": "embeddedrdpapplet",
"leased_value": 0
},
{
"feature_name": "vm_cores_leasable",
"leased_value": 4
},
{
"feature_name": "add_meeting_user_count",
"leased_value": 0
},
{
"feature_name": "cloudsecure_count",
"leased_value": 0
},
{
"feature_name": "named_user_count",
"leased_value": 0
},
{
"feature_name": "ueba",
"leased_value": 0
}
],
"last_renewal": "Thu, 05 Dec 2019 13:45:31 GMT",
"machine_id": "VASPHXVK2E117PM8S",
"name": "va_spe_3_3_125_8"
},
]
}
Getting License Report from License Server
Copy
Request
GET /api/v1/license/report HTTP/1.1
Host: <IP Address>
Authorization: Basic TnBDUk1veFFFQTJKZjM0S2ZxV2JKUlhRaDJaWGFrYnkvWVpTR3hhNTdmbz0=
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Type: application/json
License Usage Report
{
"LicenseUsageReport": {
"MachineID": "VASPMMXXXXXXXX",
"build-number": "4762",
"cumulative-report": {…},
"granular-report": {…},
"cluster-granular-report": {…},
"time-stamp": "Mon Jan 13 20:04:40 2020",
"version": "9.1"
}
}
Cumulative Report
https://<license-server>/api/v1/license/report/cumulative-report
{
"cumulative-report": {
"add-meeting-user-count": {
"Year":[
{
"Month": [
{
"Date": [
{
"Leased": "0",
"Maximum": "30",
"id": "06"
}
{…},
{…},
{…},
{…}
]
"Leased": "0",
"Maximum": "30",
"id": "Jan",
}
{…}
]
"id": "2020"
}
{…}
]
}
}
}
Granular Report
https://<license-server>/api/v1/license/report/granular-report
{
"license-client": [
{
"add-user-count": {
"Year": [
{
"Month": [
{ "Date": [
{…},
{…},
{…},
{…}
]
"Leased": "0",
"Maximum": "0",
"id": "Jan"
}
],
"id": "2020"
}
]
},
"name": "ISA_V_10_209_125_101",
"software-version": "7.4"
},
{…}
]
}
Cluster Granular Report
https://<license-server>/api/v1/license/report/cluster-granular-report
{
"add-user-count": {
"Year": [
{
"Month": [
{
"Date": [
{
"Leased": "40",
"Maximum": "21",
"client-node": "node63lc,node66lc",
"id": "24"
},
{
"Leased": "40",
"Maximum": "1",
"client-node": "node63lc,node66lc",
"id": "25"
},
{
"Leased": "40",
"Maximum": "1",
"client-node": "node63lc,node66lc",
"id": "26"
}
],
"Leased": "40",
"Maximum": "21",
"id": "Feb"
}
],
"id": "2020"
}
]
},
"cluster-name": "liccluster"
}
The following extensions of the API are supported:
1. /api/v1/license/report – entire license report in JSON
2. /api/v1/license/report/cumulative-report – The cumulative report.
• Following trace-down options available here
i. /api/v1/license/report/cumulative-report/<license-feature-type>
ii. /api/v1/license/report/cumulative-report/<license-feature-type>/<year>
iii. /api/v1/license/report/cumulative-report/<license-feature-type>/<year>/<month>
iv. /api/v1/license/report/cumulative-report/<license-feature-type>/<year>/<month>/<day>
3. /api/v1/license/report/granular-report – License usage report per license client.
• Following trace-down options available here
/api/v1/license/report/granular-report/<license-client>
ii. /api/v1/license/report/granular-report/<license-client>/<add-user-count>
iii. /api/v1/license/report/granular-report/<license-client>/<add-user-count>/<year>
iv. /api/v1/license/report/granular-report/<license-client>/<add-user-count>/<year>/<month>
v. /api/v1/license/report/granular-report/<license-client>/<add-user-count>/<year>/<month>/<day>
Example:
API - /api/v1/license/report/granular-report/node63lc/add-user-count/2020/Mar/20
{
"Leased": 40,
"Maximum": 14,
"id": "20"
}
4. /api/v1/license/report/cluster-granular-report – License usage report per license client cluster.
• Following trace-down options available here
i. /api/v1/license/report/cluster-granular-report/<license-client>
ii. /api/v1/license/report/cluster-granular-report/<license-client>/<add-user-count>
iii. /api/v1/license/report/cluster-granular-report/<license-client>/<add-user-count>/<year>
iv. /api/v1/license/report/cluster-granular-report/<license-client>/<add-user-count>/<year>/<month>
v. /api/v1/license/report/cluster-granular-report/<license-client>/<add-user-count>/<year>/<month>/<day>
• Example:
API - /api/v1/license/report/cluster-granular-report/liccluster/add-user-count/2020/Mar/22
{
"Leased": 40,
"Maximum": 16,
"cluster-member": [
"node63lc",
"node66lc"
],
"id": "22"
}
Enable/Disable License Enforcement
Copy
Request
curl -X 'PUT' \
'https://10.10.10.10/api/v1/license/enforcement' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"state": "on"
}'
Response
{
"result": {
"info": [
{
"message": "Set enforcement on"
}
]
}
}Enabling/Disabling ICE License
Copy
Enabling ICE License
Content of ice_enable.json file:
more ice_enable.json
{
"mode": "enabled"
}
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/license/ice -X PUT -H "Content-Type: application/json" -d @ice_enable.json
Example:
curl -k -u TVGJ9xV9XvuA1JDB1nPkjC5BilAQAhUMn2dPHLZgP/o=: https://10.209.125.4/api/v1/license/ice -X PUT -H "Content-Type: application/json" -d @ice_enable.json
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "ICE license is enabled"
}
]
}
}
Disabling ICE License
Content of ice_disable.json file:
more ice_disable.json
{
"mode" : "disabled"
}
Request
curl -k -u TVGJ9xV9XvuA1JDB1nPkjC5BilAQAhUMn2dPHLZgP/o=: https://<IP Address>/api/v1/license/ice -X PUT -H "Content-Type: application/json" -d @ice_disable.json
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "ICE license is disabled"
}
]
}
}
Getting the Current Status of ICE License
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/license/ice
Example:
curl -k -u TVGJ9xV9XvuA1JDB1nPkjC5BilAQAhUMn2dPHLZgP/o=: https://<IP Address>/api/v1/license/ice
Response
ICE License Enabled
HTTP/1.1 200 OK
Content-Type: application/json
{
"mode": "enabled"
}
ICE License Disabled
HTTP/1.1 200 OK
Content-Type: application/json
{
"mode": "disabled"
}
Getting Key Status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/keys-status' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"ive-licCount": 5,
"ive-maxccu": 2,
"ive-maxnuc": 0,
"ive-struct": {
"node-data": [
{
"graceStr": "",
"hardware-id": "0153M05C007PM08G",
"isReachable": 1,
"ive-cl-count": 0,
"ive-hostId": "localhost2",
"ive-name": "localhost2",
"ive-named-user-count": 0,
"ive-user-count": 0,
"license-keys": [
{
"actDate": 0,
"drfeature": 0,
"drmode": 0,
"expired": 0,
"expiry-day": 0,
"expiry-hour": 0,
"expiry-min": 0,
"goodmid": "0153M05C007PM08G",
"inGrace": 0,
"inactive": 0,
"key": "motto system violin tanker prestige copper furnace levee dimple speaker hercules",
"ltl": 0,
"mismatch": 0,
"name": "Add Onboarding license for 1,000 users",
"node": "localhost2",
"time-day": 0,
"time-hour": 0,
"time-min": 0,
"type": "Permanent"
},
{
"actDate": 0,
"drfeature": 0,
"drmode": 0,
"expired": 0,
"expiry-day": 357,
"expiry-hour": 16,
"expiry-min": 52,
"goodmid": "0153M05C007PM08G",
"inGrace": 0,
"inactive": 0,
"key": "cuisine kayak platinum latte stadium studio tofu office razor floor faucet",
"ltl": 1,
"mismatch": 0,
"name": "Add Onboarding license for 1,000 users 1 year subscription",
"node": "localhost2",
"time-day": 357,
"time-hour": 16,
"time-min": 52,
"type": "Subscription"
},
{
"actDate": "Inactive till May 25, 2022",
"drfeature": 0,
"drmode": 0,
"expired": 0,
"expiry-day": 0,
"expiry-hour": 0,
"expiry-min": 0,
"goodmid": "0153M05C007PM08G",
"inGrace": 0,
"inactive": 1,
"key": "cuisine windmill piston text success radiator gusto mountain officer invoice factory",
"ltl": 1,
"mismatch": 0,
"name": "Add Onboarding license for 1,000 users 1 year subscription",
"node": "localhost2",
"time-day": 6,
"time-hour": 0,
"time-min": 0,
"type": "Subscription/Inactive"
},
{
"actDate": 0,
"drfeature": 0,
"drmode": 0,
"expired": 0,
"expiry-day": 7,
"expiry-hour": 16,
"expiry-min": 52,
"goodmid": "0153M05C007PM08G",
"inGrace": 0,
"inactive": 0,
"key": "jaguar hydrogen mule toolbox cameo standard jacket sunglass calendar invoice factory",
"ltl": 1,
"mismatch": 0,
"name": "Subscribe 1000 simultaneous users to ACCESS for 1 year",
"node": "localhost2",
"time-day": 7,
"time-hour": 0,
"time-min": 11,
"type": "Subscription"
},
{
"actDate": 0,
"drfeature": 1,
"drmode": 0,
"expired": 0,
"expiry-day": 0,
"expiry-hour": 0,
"expiry-min": 0,
"goodmid": "0153M05C007PM08G",
"inGrace": 0,
"inactive": 0,
"key": "suburb nirvana tent hinge people meadow cashew",
"ltl": 1,
"mismatch": 0,
"name": "In Case of Emergency License with Instant Virtual System for SA 4000",
"node": "localhost2",
"time-day": 56,
"time-hour": 0,
"time-min": 0,
"type": "Permanent"
}
],
"num-lic": 5,
"serial-num": "0123456789"
}
],
"num-node": 1
}
}
Deleting Named User
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/license/named-users' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action": "remove",
"delete-active-sessions": "true",
"users": [
"testUser1",
"testUser2",
"testUser3"
]
}'
Response
{
"result": {
"info": [
{
"message": "Deleted user(s)"
}
]
}
}
To Delete list of PCS/PPS named users on license server as required.
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/license/named-users/pcs' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action": "remove",
"delete-active-sessions": "true",
"users": [
"testUser1",
"testUser2",
"testUser3"
]
}'
Response
{
"result": {
"info": [
{
"message": "Deleted user(s)"
}
]
}
}
Fetch Named Users
Gives two separate lists of ICS and IPS named users on license server and named users list on license client or independent ICS/IPS
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/named-users' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"pcs": {
"named-users": [
{
"Appliance": "pcs_5",
"Last Login IP": "172.21.24.51",
"Last Login time": "2021-07-16 19:20:13",
"Login Realm": "Users",
"Role": "Users",
"User": "dev1",
"User Agent": "Pulse-Secure/8.3.4.0 (Windows) Pulse/10.0.4.1"
},
{
"Appliance": "pcs_5",
"Last Login IP": "172.21.24.51",
"Last Login time": "2021-07-16 19:20:13",
"Login Realm": "Users",
"Role": "Users",
"User": "dev4",
"User Agent": "Pulse-Secure/8.3.4.0 (Windows) Pulse/10.0.4.1"
}
]
},
"pps": {
"named-users": [
{
"Appliance": "pps_149",
"Last Login IP": "172.21.24.51",
"Last Login time": "2021-07-17 05:26:48",
"Login Realm": "Users",
"Role": "Users",
"User": "test1",
"User Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
}
]
}
}
Fetch list of PCS/PPS named users on license server as required.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/license/named-users/pcs' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"named-users": [
{
"Appliance": "pps_149",
"Last Login IP": "172.21.24.51",
"Last Login time": "2021-07-17 05:26:48",
"Login Realm": "Users",
"Role": "Users",
"User": "test1",
"User Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
},
{
"Appliance": "pps_149",
"Last Login IP": "172.21.24.51",
"Last Login time": "2021-07-17 05:27:20",
"Login Realm": "Users",
"Role": "Users",
"User": "test2",
"User Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0"
}
]
}
Delete Watermarks
Clears all the monthly and daily watermarks for the particular feature in cache
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/private/v1/license/watermarks/test' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: */*'
Response
{
"result": {
"info": [
{
"message": "Deleted successsfully"
}
]
}
}
Test TOTP Connection
To test connection for a potential TOTP auth server configuration, or for an already configured one.
Copy
Response
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth-server/totp?operation=testconnection&name=Test' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"remoteTOTPHost": "1.1.1.1",
"remoteTOTP": "Test",
"remoteAdmin": "admin",
"remotePasswd": "password",
"remoteRealm": "realm"
}'
Request
{
"result": {
"info": [
{
"message": "TOTP server 'Test' is reachable."
}
]
}
}
Fetch User TOTP Auth Server
Get details of users for provided Local TOTP auth server
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/totp/users-list/totp' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"users-list": [
{
"last-attempted-login-time": "2023/12/27 03:53:52",
"last-login-realm": "Users",
"last-successful-login-time": "2023/12/27 03:53:52",
"registration-realm": "Users",
"user-state": "Active",
"username": "user1"
}
]
}
Exporting TOTP Users from One Device to Another Device
Copy
Request
curl -k -u <api-key>: https://ics-ip>/api/v1/totp/<TOTP-AUTH-SERVER-NAME>/users
//NOTE: This API can be executed only on TOTP server configured as Local (and not Remote).
//Example:
curl -k -u X1O3oczUMJbhI8ba3Ov0McD54QCwBgwpSHwOGUVu5Ck=: https://<IP Address>/api/v1/totp/Google%20TOTP%20Auth%20Server/users
Response
HTTP/1.1 200 OK
Content-Length: 191
Content-Type: application/json
{
"users": "21ubWxSvAwABAAAAlx9igwcQok9s+MV0zg/b+oer3z7Kj0iXbVzJ+qDMiguTtWZaxnGHGTGQEcHD7BTMGjz1QYbO00zBF+6DGp2y/9pj+8Wf4SXTQbYIeDomT4w2Kl4oc1EZhFruWLWnll+58x2b0kxsURCb+P0It8K+msqFXBhOEDY7l0W4+P+A8UZaz6In/gMq8Qd766i7RN1oZ+hzHUMYJUB72tzIQ+CiA8tTv6aweC6TGy9/a9C6vVbLY0+ZUgGTffWzJxcoZbEbdwiCFoZyex5UWTUFIj0Z4XAPoZ4HTWZsxP5YwXcJpsnbOzCqW/dTB6WpYWYp6R+MUn2yu/hZeu7z1qVhXlr8bK5LifH/u6J76SpErL1eELh1bYF17DWPfo6xspG7rffhs2k9vPVB1oq2kud+42hPo6vZaMfcwaz9lKRrftIgAu2o3JBJfdNHrUTOu2+Y6Qmc0in6MfIBNNrVr9D6hdWmIdrNr7PXHa4uJoP+CAuOp3OamTox2sgmvE7YNjC0SlSPgyFfx0kfzCb2K3Mrcq1UuJUJLhK7L3lne4f1QiWKoZ8q8zluaV+eRSJHBez9Pjo+LzBpYwoXStduOC20FVY4+KCHDasufdAOCD/Lga4mFFE5ItAui18ObOfRtxLvoZUIuGS8w019mbRaNDlVa52sUzuZBClqx+4lueBCQYEUNrDrHVG0AzqUBbAeL+WV8VRJrxVW8sIlArqY8n29pD66BozsGKoxBqXSe/fZxEDu9ZqI4xfzSCCsfqTiv0LAM4p+cZekhcjvRwtuImNjX+qj7A=="
}
Importing TOTP Users from One Device to Another Device
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/totp/<TOTP-AUTH-SERVER-NAME>/users -H "Content-Type: application/json" -d @totp_users.json -X POST
//NOTE: This API can be executed only on TOTP server configured as Local (and not Remote).
//Example:
curl -k -u K7Z7xA54AKnv1++kcViamCCiUrEBgMSP+sHKar4EcKY=: https://<IP Address>/api/v1/totp/TOTP_SERVER/users -H "Content-Type: application/json" -d @totp_users.json -X POST
{
"users": "21ubWxSvAwABAAAAlx9igwcQok9s+MV0zg/b+oer3z7Kj0iXbVzJ+qDMiguTtWZaxnGHGTGQEcHD7BTMGjz1QYbO00zBF+6DGp2y/9pj+8Wf4SXTQbYIeDomT4w2Kl4oc1EZhFruWLWnll+58x2b0kxsURCb+P0It8K+msqFXBhOEDY7l0W4+P+A8UZaz6In/gMq8Qd766i7RN1oZ+hzHUMYJUB72tzIQ+CiA8tTv6aweC6TGy9/a9C6vVbLY0+ZUgGTffWzJxcoZbEbdwiCFoZyex5UWTUFIj0Z4XAPoZ4HTWZsxP5YwXcJpsnbOzCqW/dTB6WpYWYp6R+MUn2yu/hZeu7z1qVhXlr8bK5LifH/u6J76SpErL1eELh1bYF17DWPfo6xspG7rffhs2k9vPVB1oq2kud+42hPo6vZaMfcwaz9lKRrftIgAu2o3JBJfdNHrUTOu2+Y6Qmc0in6MfIBNNrVr9D6hdWmIdrNr7PXHa4uJoP+CAuOp3OamTox2sgmvE7YNjC0SlSPgyFfx0kfzCb2K3Mrcq1UuJUJLhK7L3lne4f1QiWKoZ8q8zluaV+eRSJHBez9Pjo+LzBpYwoXStduOC20FVY4+KCHDasufdAOCD/Lga4mFFE5ItAui18ObOfRtxLvoZUIuGS8w019mbRaNDlVa52sUzuZBClqx+4lueBCQYEUNrDrHVG0AzqUBbAeL+WV8VRJrxVW8sIlArqY8n29pD66BozsGKoxBqXSe/fZxEDu9ZqI4xfzSCCsfqTiv0LAM4p+cZekhcjvRwtuImNjX+qj7A=="
}
Response
HTTP/1.1 200 OK
content-length →47
Content-Type: application/json
{
'message' => 'Successfully imported user data'
}
Resetting TOTP User
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/totp/<TOTP-AUTH-SERVER-NAME>/users/<totp-user>?operation=reset -X PUT
Example:
curl -k -u nNuALLLWajGujVF2yT4qyP4nYxy/nwXxBKp0CHu2AZQ=: https://<IP Address>/api/v1/totp/TOTP_SERVER/users/qauser1001?operation=reset -X PUT
Response
Scenario: TOTP user reset
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "TOTP user 'qauser1001' under Authserver 'TOTP_SERVER' has been reset"
}
]
}
}
Scenario: TOTP user does not exist
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"errors": [
{
"message": "TOTP user 'qauser1001' is not present under Authserver 'TOTP_SERVER'"
}
]
}
}
Unlocking TOTP User
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/totp/<TOTP-AUTH-SERVER-NAME>/users/<totp-user>?operation=unlock -X PUT
Example:
curl -k -u nNuALLLWajGujVF2yT4qyP4nYxy/nwXxBKp0CHu2AZQ=: https://<IP Address>/api/v1/totp/TOTP_SERVER/users/qauser1001?operation=unlock -X PUT
Response
Scenario: TOTP user unlocked
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"info": [
{
"message": "TOTP user 'qauser1001' under Authserver 'TOTP_SERVER' has been unlocked"
}
]
}
}
Scenario: TOTP user cannot be unlocked
HTTP/1.1 200 OK
Content-Type: application/json
{
"result": {
"errors": [
{
"message": "Error: Only locked users can be unlocked"
}
]
}
}
VPN ACL creation
Copy
REQUEST:
PUT /api/v1/configuration/users/resource-policies/network-connect-policies/network-connect-acls
Host: <IP Address>
Authorization: Basic SkUyV1BaVjRjcGxleElRMnNiZXpYajE2dEVIUm9Oa05WWDdRWHh3MmpJZz06
Content-Type: text/html; charset=utf-8
{
"network-connect-acl": [
{
"action": "allow",
"apply": "all",
"description": "VPNACL",
"name": "VPNACL",
"resource": [
"*:*"
],
"resources-fqdn": null,
"resources-v6": null,
"roles": null,
"rules": {
"rule": []
}
}
]
}
RESPONSE:
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Copy
REQUEST
GET /api/v1/configuration/users/resource-policies/network-connect-policies/network-connect-acls
Host: <IP Address>
Authorization: Basic SkUyV1BaVjRjcGxleElRMnNiZXpYajE2dEVIUm9Oa05WWDdRWHh3MmpJZz06
Content-Type: application/json
RESPONSE:
HTTP/1.1 200 OK
Content-Length: 205
Content-Type: application/json
{
"network-connect-acl": [
{
"href": "/api/v1/configuration/users/resource-policies/network-connect-policies/network-connect-acls/network-connect-acl/VPNACL",
"name": "VPNACL"
}
]
}
Logs
Fetch Logs
Copy
Request
curl --location 'https://<IP Address>/api/v1/logs/events' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--data
'{
"action": "fetch",
"lines": 3,
"query": "id != ('\''SYS10306'\'' or '\''NWC13978'\'' or '\''NWC13979'\'')",
"filter": "Standard",
"begin-date": "2023-07-08",
"end-date": "2023-07-09"
}'
Response
{
"result": {
"logs": [
{
"id": "SYS32083",
"message": "2023-07-09 23:11:23 - ive - [127.0.0.1] System()[][] - LMDB shards usage stats shard: 0:1% 1:1% 2:1% 3:1% 4:1% 5:1% 6:1% 7:1% 8:1% 9:1% a:1% b:1% c:1% d:1% e:1% f:1% ",
"severity": "info"
},
{
"id": "STS30667",
"message": "2023-07-09 23:00:01 - ive - [127.0.0.1] System()[][] - Number of NCP connections: 0",
"severity": "info"
},
{
"id": "STS20642",
"message": "2023-07-09 23:00:01 - ive - [127.0.0.1] System()[][] - Number of concurrent mail users logged in to the email proxy: 0",
"severity": "info"
}
]
}
}
API cannot save files to local machine, it returns the raw file contents, which the user can redirect to a file they want to save.
Save Logs
Copy
Request
//( Parameters: query, filter, begin-date, end-date, filter)
curl --location 'https://<IP Address>/api/v1/logs/events' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--data
'{
"action": "save",
"query": "id != ('\''SYS10306'\'' or '\''NWC13978'\'' or '\''NWC13979'\'')",
"filter": "Standard",
"begin-date": "2023-07-08",
"end-date": "2023-07-09"
}'
Response
Saved single log
2023-04-09 21:26:37 - ive - [127.0.0.1] System()[][] - Starting services: session server
2023-04-09 21:26:37 - ive - [127.0.0.1] System()[][] - Starting services: postgresd
2023-04-09 21:26:37 - ive - [127.0.0.1] System()[][] - Starting services: Name User Coordinator daemonSave All Logs
Copy
Request
curl --location 'https://<IP Address>/api/v1/logs/all' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--data
'{
"action": "save"
}'
Response
raw file contents in tar.gz format.Clear Logs
Copy
Request
curl --location --request PUT 'https://<IP Address>/api/v1/logs/events' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06' \
--data
'{
"action": "clear"
}'
Response
"{
"result":
{
"info": [
{
"message": "Successfully cleared logs for events"
}
]
}
}"Fetch Debug Log
To get debug log configuration settings
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/maintenance/debuglog' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json'
Response
{
"enabled": true,
"size": 1024,
"detail-level": 0,
"include-logs": true,
"process-names": [
"string"
],
"event-codes": [
"string"
]
}
Update Debug Log
Enable or disable debug log, configure debug log settings or clear debug log
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/system/maintenance/debuglog' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d
'{
"enabled": true,
"clear": true,
"size": 250,
"detail-level": 0,
"include-logs": true,
"process-names": [
"string"
],
"event-codes": [
"string"
]
}'
Response
{
"result": {
"info": [
{
"message": "Successfully updated debug log settings."
}
]
}
}
Fetch Diagnostic Log
Get state of the supported diagnostic log types as well as maximum configured log size
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/maintenance/diagnostic-logs' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json'
Response
{
"radius-log-enabled": true,
"profiler-log-enabled": true,
"snmp-log-enabled": true,
"html5-adv-log-enabled": true,
"samba-log-enabled": true,
"pulseone-nsa-log-enabled": true,
"attack-audit-log-enabled": true,
"attack-audit-log-size": 100
}
Update Diagnostic Log
Enable or disable supported diagnostic log types and configure maximum log size
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/diagnostic-logs' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d
'{
"radius-log-enabled": true,
"profiler-log-enabled": true,
"snmp-log-enabled": true,
"html5-adv-log-enabled": true,
"samba-log-enabled": true,
"pulseone-nsa-log-enabled": true,
"attack-audit-log-enabled": true,
"attack-audit-log-size": 100
}'
Response
{
"result": {
"info": [
{
"message": "Successfully updated diagnostic log settings."
}
]
}
}Trigger User Record Synchronization
To trigger update to User Record Synchronization clients and server status
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization?operation=triggerStatusUpdate' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{}'
Response
{
"result": {
"info": [
{
"message": "Successfully triggered an update to URS clients and servers status."
}
]
}
}
Export and Import User Record Synchronization
To export user details from URS database or cache
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization/database/export' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d
'{
"dataSource": "database",
"usePassword": "on",
"exportPassword": "password",
"confirmExportPassword": "password",
"exportLAS": "SystemLocalLogical"
}'
Response
{
"result": {
"info": [
{
"message": "7AcAADNri2VE+wMAAQAAAEU5RwDlnceCBYzMYgVHgk/GmeyiQC6yqisZvXxJlytlw07F0QQSa2ev93I30PAdYPZziekG/eNbEQFtrSj82QzqmhDzSyDUafYuMWjYlmaWTtNv2021p5Py9YXTLpKxOASZ+g5FwD8ZCLkIlpJ0HfWmYfnNjvJYgv/xXjFVqEHIGUeWcM9gmlUmLbSDuJOEvpHvMwlJNatHPlUizwjvFfdYzvDrzAM/FVfr0mJMlW/SR/pZJMoLv6nCa0crY8o296q9GOzY+ngGVt16BsAJt8TTucX6RiFTNeME1U024wbuplBceNi27fQP6Ddi1a1Mulatt60iuswYtoPqSvMfmnV5/uYbZvsCvg8ZeNZ29+32cvyxPMAF4+6hEV7xgVW2m+hmbuZ0AABEvelEB+B2bi5xSg5nio19ubQayJZpj/QG3OqpYOJqBEJzTarZWsvEow64D5NHfejV/7YKSLR1M9++90Axwwcw6oIBvuLNfYZGVYe4D9Vk9d72bKfNpQJFGTAs7xry5JNubpVmBuB/aFPgbrRRoiYfXcl8Yl21T2TC8FkvhfSOJV+gwXV5ktk+eYcO5PzhXlfZ7Kd+p34Bc3QLCTRJyJczrhmiR9JxY2D1vzgW/iRlOxXZJqptmhfNTnmjZiM/G7keLXv6t2rysxeinvJbL7P+t5HQJ48Ns6I6HY+fEqQbnaM4zvp5izhqs9YzBYhrMFSaUruHOxltlAListDBn5K686J3KUAOo8PQCrW6VksTAeoLOsL4jK5lq11vAULhwn5kvkSXsguK4mRI9OYecehfF1gLJLtXaKLMwjo22EKYSK7RWXniQoAm9NhR9Mk8FS/aTiytk1gHs7CTeurNSSeeyNJ8KTbUySKNSncr6BhwWrJ4cD8R/1pJbRunBKUmkSZM0eZrXruquG4PIwKGWvaWxhaKPf1VVkbsLAQcbAeHtovlWX8yKRImFsp3UhL5HxWmIN7RM2WEZ0Zd7W2PmKKsEZYrIh07+q2SoVIVuADKAxEkpk3ZfKnvDm7K9FPc64ZZPZ71QW08qAnw+eDG9XlHh4P5/73YE/kQjhT9+qxYvyWtYDKlHK4wk2rycZ9yLAhJo9YK4VrKFO/AeZcz9O+zMz7kR87dMTvTcGHLvPBFsK4pYPqbeqZLM3YOukalwbGCXleysphBh9GLTRka0YW0kAPTOY4D1B7uuXSe8ipvNiMtCmX4V53O3Tz6oIKE7ka9zGcBj0slCxSgfuY5siFR7TL0tRvgX8A3wFIvulpDwECpHGFjCdxmfHraULXHl8vXeybCMx1LkeF0B4h9Wqd83Bg+outAXaWafBiCo6zUApyovptSETrrbdBHgyeopt4Ocrg1hc+ePYhMzKH165qo8YQAtMCxfLLYMsKTlcgonSXzKzHQj69JLn0jmklqUu6zuQb0qOC4Km6hR6lQpWLSBgAINdhDT17F2WvMwh7avwBFPDBxEQ89y+rDnwOSwZPrvZXhzkfufXY2NfIPG7xqFHaKfiJnYxealAkh6kelTilJ2vjFfWA63euTlSDMHfWi6RKyQSUk/TmdY9fvlJukNBhFNFzqknsGkwn+5wF6jK3AEOgE+LAj8fPYc2BDO9dji+on28aeS51jjTW916/oimfMr35PhClp47YlUwQNyxSJgsJb1BUxEaDTZQyG2ugmK+Tsh0kgLUP6315Qusg+hyky4LNctkpIl1dkk0sE/hCYg6mtNeWt1ShOYRpzDuRsGN0W5DHb74eFI8uLoEJDxc7JCJF4NkNSTHcwDSt5rl7wm20kEOZOY1SDT2N2L27+3UCTO7KIg8PWM1ECK1ZwzZqBIjriTIR9dszyHF15u3zZhm18DfJ9FKUezzTGmm09SkUQRPaUuYuKmLdNN2xIXVBmLDROjhjpTZHqSK1wSbD7DMnwVwJViJo45mPwWXB1Eh0Uu9SYkMXzRPIZ8cvbNccuVxmPolyzGouDYATVCvX6aDgjKDN40ywAVKL/f9dJh9OxcSreRMyrX+WxbTSZEtgeJq7CLQy1KvtCPXHLmM1aeGIH+ge/muiI9AohHjIQqigyFj8F/GUgOhjYil+CKoQlaTWAZddFTmNfChCqPmIEbUYruZE/hWKI9T8UAl428a1Sd/ygwcjgm4NhZ3PliX35KmBSdZJi/XPgqxo3UWdYtuX1QTX7obsaMoiFHKNEWWhYf7pXCaQEXi26TrWafNObPENZMbqkbxQpD2YtLuNo9HmNVsPMNJXuNtJ/BppCmdve1vyQvhVwxUinTlD+/LWgD1s8xR+fBBh4sdDbNyWOFyGgdnAWyZuoCD0gXezH925W78gfiFsIEp1+G602aK+x5J3FyLbXuqq9ayfDT+SHFTWlnPKRI9tWdHOmGpFnCnrjrXws+qh/v3nExjtYtgT/78lbucP8ckzfFWmc72GXvTFuEgkLCZlJvhojLX1IVgyRLb4N6BSy9wfpWmgo16d1Z0UAerMw163J8BDqlbqEyQJU0mgoBtVAZIuAZ6XMhEeyhgBgVBkqtBovLDk9calAVfSuqmVd219JORreJIU9q8NTYMZdcStYAgj6Vn7MQDiNtWxicU1O2LVV2HuYTfnsm2gU7zNmzKGGuKs8P/Ez6mjr5xeLAA9u0UM3tOlNmg2RN1i3FMkLjrupCSm0O81pCLJC3KjDmlzbrhTsmjOS2cVGMXkMvw=="
}
]
}
}
To import user details from a file or cache
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization/database/import' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d
'{
"dataSource": "file",
"fileData": "7AcAAAxvi2Wt0gQAAQAAALEicuw4CvC3ytCl4aZMkPPEiY5YgjhcqbkknjK+S7diDKBDQ2HLYAgVkSs/BU/8vWJnQXLif17ql75s9IK754xoycpxbNL+dLS888PCMPGxSX++FCPjBr2vCdtWNPgLJuQcHJKndGMrRp/adir95md3N6SLKJK3HkUv7lQMMQ5Ft5cArJp7zUD/jCP/UeSaytH/DYY5Rcg8aAEfbwynRk4zxk1kZsk1b8GGyi8oJQuMPWKL0DrY7ZLVxTMJjaDdL1M8yhRA7i6jvJVK8tUoub0THKKRr2vUH2X3wXPTZLB+yKSVHysWwLpav6Y4yiLyBLYUtAyDppaNTgQ9AsgV3fG1vsvofu2Ut6WvC/EI6m383mLl/ShHeehgNG5KrtDuG5G3ra4mUU83n9V8TlugE1pZsYox+rOvLLTXecHtiHgPuwY9OtnSxutKThtp8jXM/dfvPxLlaKrUyeM/vnzolAJxb3s9/HiBpgEb6mV5Y5vT+vi28s71QUOB3gqFdEzpcFI/IBmUsI+Ys+AP4RQSNNwrUNdlNXUvd46jeJDW34Tq/qyJunSL2sUjNF6ANPaufgKxk2no8ZM+Tq0I2C5mSYpZMNgWKVHU7g5WcEWArOLep2HtHfRcf5/ZA5kEJNoMoCxSOJZGEWBeCy8S04BPhqDnXl5N4KJZW5sO+e5CgdWvEgnGKhuhNxfqNwBM+VPUzj2jEG7WUbFk6pn/tif79Efv6Sj/V/xJlcg7MM9MXhYnkoW33uK6F/uo8lgZQHQ0kQ+u6GBJsOat0wgasHFobrevofBCWCFXyesY1npX6bsUvKSt+vjeDIM6kghmNRhWl/UfzMr7dS7yo++m5OR0gj6maCXSGOdzjFhhEGAv1rAQ8cAKf9GyWJcY5llnYhYO1wdGJBZFd86knP+zzlbQAB0N87HNzWAWT76QzpSHqzg8UOD9rgx5VK16FChRx1TEfi8Dok0CV+vfon40suo+a32WSXsG5Bn991SDVtTCVzTLFuy6IE5RY0lSTJ8JakHWeQ9I/TNEwrCFr0LulbHtz2SiS3tTygcamrSY3YtJ3Fa5OVO51enVv5YBdFKn0dakHQDyYNdKQHxRrDDW1V/HcbatBNRA23LaNJtjWpv/0r/5cBnnRjrvDL8eLfaZWRMR79aWIoPMJPYu1kodN/gz3G2CKuzohSpIPd1dx1hFQeGgeE2Rf1T4pV0U/ZRX9qJLHj/1cG9rsF0LJqJono6AJRDepnZax6ioi/+PQokcyvzMgxl/gG4ZnMHKx5rf/xnU26fTuiPW90iu3KvK0ORnkxzGHgOwUwT1drhteD2to25KeghlKEKdzYD9s7ouXlL8F534xxoX9ovzvWk/EQ1aAOTZwULirVPMmzD0vN9dsxkZfgT7XXowXvth7L7+uWLlp/lQ6sl1ZrOM20a3tHkQckpzwTlyncJL3L27MPWi4m9RYGZNi3UTazc586pphzLsJOMzcV9GWy/dOfi6IwY3UpxGEYg3HqJ99uKbM7EHaeZv10kucRT1wqqqtxZPZxPtpduBQp0Mb2n69IFmb6cH8VB5wjW3H5pvWZyxgCjjnnA7CRohfu24wE3llIiocSGJIZNFTPCaJQVhZhRlIvyNex1sCypbAhMKeGcoPsOf7VuCFkmOUj93hZEtlCDGi84smDwuHNs1kwRHLkolfV18LWJTjBjnv3fZKEIh8qXIkdMN0hsXfxouEu7VMTZSVkIJTI9SMMl/qkHu0OWDw6WpImK+fFatQsQw/nWzztFmSYvbrEHMFPVYmf7tbICeQRXYuwtzPieSdI89gQC3SoahNHYh/DmEQO5JCd9FSdoeA3Zx/OljaXtAqQyYvqygD3a04bNlcCL8ZrK9ny8DrYKOe0R7PkK2X7gSYq7M8flhvjUiUX+DVZ8eo2IXDGN4kzvFvNAlphoD+mQSMCoVDr9PTbdd5OXca/hgTLLK1vm7iZJkhxpZoOdLDnArYIimt8A+1CG9uD6IXQlJxKjk+1NoRhhXkZRpLKkSREOtDCnkm3sLZmG2nNH/4mjGO6FedEdPHXcGrVCQGTphwt0FVbqH/HGPRxruZQhxVFntEa2sFeaEtjYrwPy7GqvgvVveMjpWh4qcGXEeJmSgtHfLLHPGDx9uokJzIv4f2TtGwUiyQv+E5v1NTK7atbNno+JobmCq6qBJ1feUfkCMY87RvxvIvuOEJN1HXwHcbS1AfA2IqJxa7FnenLQMMNpV864pu5wn9L7IoehiI3OlsF329OwrSkJ/6Aqucr7eDbKmJzPvhAdkHjYqvH0k0DofNEgaLk+I6TDjOID5+HgWL0oWNfT25+ipYPZrz+TdwFBbt6+NtA67tpCzJ3ulutLhmK6WnmRpprexAuKOJ7P0C17MLUOJrMYzkCJi5TICFmu8yz+bPXzUSpj0hB/d+IQ9slad9g08uUSoO4Idg5+T6jtGVvUe6rbVqqRU28CmPMYKAuRbL/c176QdXEtSV1H2Egwv++WkVgOOGQrFf3bAMnAMr0SmENRDRONL0ZLw1w7fbwwjkqwCwsimqFC4/W0AqL2l1LHeUZeJqz+PMQFJ3/JGmWfLtyxza7Mj2EoC1JgV31AQSPb0WptOmYVEdy9uSdKsdd7MxUHytbBz+xrbs1M9wz/w8VQe4suCj0cMxjHbLEityM4IGwrvNba8RExTyP90qasSjg==",
"importLAS": "SystemLocalLogical",
"importPassword": "password",
"useNspaceOverride": "on"
}'
Response
{
"result": {
"info": [
{
"message": "Imported 5 record(s) from the uploaded file"
}
]
}
}
Delete Details in User Record Synchronization
Delete user details from URS database
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization/database/delete' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"deleteOperation": "specific",
"deleteLoginName": "user1",
"deleteLAS": "SystemLocalLogical"
}'
Response
{
"result": {
"info": [
{
"message": "Successfully deleted 5 user record(s)"
}
]
}
}
Fetch Count of User Record
Retrieve count of user records in URS database
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-record-synchronization/database/retrieve-stats' \
--header 'Authorization: Basic WUJyZ0wvTFBNNEdETUI3NnZLNGd6aTRzWmR5ejNVOUtieWZsVk5JZDZlST06'
-H 'accept: application/json' \
-d ''
Response
{
"records-count": 2
}
Validate SCEP Server Configuration
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/enterprise-onboard/scep-configuration?operation=validate' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"scep-url": "https://www.google.com",
"scep-challenge": "challenge123",
"scep-retries": 0,
"scep-delay": 0,
"chkEnrollment": "on",
"csr-template-name": "test_csr_template_1",
"encryption-certificate-pem": "MIIDJTCCAg2gAwIBAgIJAJ0fUZ9at2oIMA0GCSqGSIb3DQEBBQUAMCkxCzAJBgNV",
"use-saved-config": "true"
}'
Response
{
"result": {
"info": [
{
"message": "Successfully received a test certificate from the server which will be discarded. More details are available in the Event Log. SCEP configuration is saved."
}
]
}
}
To check CSR Template Status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/enterprise-onboard/csr-template-status' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"num1024Keys": 0,
"num2048Keys": 10000,
"num4096Keys": 0
}
Testing Server Connection
Returns result for aws and azure test connection
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/archiving/cloud-server-test-connection' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"type": "AWS",
"txtS3Server": "<AWS-S3-bucket-name>",
"txtS3Directory": "<AWS-S3-bucket-location>",
"txtS3User": "<AWS-access-key>",
"txtS3Password": "<AWS-secret-key>",
"txtS3Path": "<AWS-Path>"
}
Response
{
"result": "Connection OK"
}
Import or Delete Signing Certificate
Imports and delete sun and java certificates.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/certificates/code-signing-certificates?operation=<import or Delete>' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"type": "ms",
"certFile": "MIIGZQYJKoZIhvcNAQcCoIIGVjCCBlICAQExADALBgkqhkiG9w0BBwGgggY6MIIGNjCCBR6gAwIBAgIKWDOCOAAAAAAB1DANBgkqhkiG9w0BAQUFADBCMRMwEQYKCZImiZPyLGQBGRYDY29tMRgwFgYKCZImiZPyLGQBGRYIYXNxYWNlcnQxETAPBgNVBAMTCG1zcm9vdGNhMB4XDTEwMDMyNTA2NDMyN1oXDTI2MDMyNTA2NTMyN1owgaQxCzAJBgNVBAYTAklOMRIwEAYDVQQIEwlLYXJuYXRha2ExEjAQBgNVBAcTCUJhbmdhbG9yZTEdMBsGA1UEChMUSnVuaXBlciBOZXR3b3JrcyBJbmMxDTALBgNVBAsTBEFBQlUxHTAbBgNVBAMTFEp1bmlwZXIgTmV0d29ya3MgSW5jMSAwHgYJKoZIhvcNAQkBFhFsZWVtYUBqdW5pcGVyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOJUaa1+11UBSbmD9kMadKtFnzwV11HJKGVveWoGbQQTpc1/GrjkX8w8l/7JZGdBDTU20LJv8fE02kCATDnAaL/IGVXYUY9De4s7UUVBwczTH+643aAGSx7BkjUaUzYBR54ANaYNqfVyj58qP9Iwx4cSfZvJvkWVabDmXlQZ2J5aIXK4zohSjhlcimRdqowmLmTYtgigw99sdfdJqTwQJyXCJo7cG8Do6ok+BTORrll1b2mAk6bom/TRuIWfW5cvQEGcTwmJCeUKNUxOC7k0bf2SYTE7+leBBBMpSeSyEtUufOS7AEgd1M3wkJY3qOXD4on72K0XvbAaMOZ00PaQ3u8CAwEAAaOCAskwggLFMA4GA1UdDwEB/wQEAwIE8DBEBgkqhkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYFKw4DAgcwCgYIKoZIhvcNAwcwHQYDVR0OBBYEFGvB7pNz2hOZQmpl+q0aIjjK6JczMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB8GA1UdIwQYMBaAFL3QKUfimtnb+i/QR11oWjynsUxEMIH+BgNVHR8EgfYwgfMwgfCgge2ggeqGNGh0dHA6Ly9tc3Jvb3RjYS5hc3FhY2VydC5jb20vQ2VydEVucm9sbC9tc3Jvb3RjYS5jcmyGgbFsZGFwOi8vL0NOPW1zcm9vdGNhLENOPW1zcm9vdGNhLENOPUNEUCxDTj1QdWJsaWMlMjBLZXklMjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWFzcWFjZXJ0LERDPWNvbT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnQwggEVBggrBgEFBQcBAQSCAQcwggEDMIGoBggrBgEFBQcwAoaBm2xkYXA6Ly8vQ049bXNyb290Y2EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9YXNxYWNlcnQsREM9Y29tP2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MFYGCCsGAQUFBzAChkpodHRwOi8vbXNyb290Y2EuYXNxYWNlcnQuY29tL0NlcnRFbnJvbGwvbXNyb290Y2EuYXNxYWNlcnQuY29tX21zcm9vdGNhLmNydDANBgkqhkiG9w0BAQUFAAOCAQEAORCkx8rgmRPIuAnEDud1V/H4oxyg9bbrs6Li09eesnkYLy546zXtdDXpCS9tsZzN+b1+Ij6Gxz3TrlmwDiggdSp3ck19i7RIK51ibvJ52t/b/TRzN65pUlwlB5qwEJuz120dJTwJoZyaFsSMWLay62blqy2gbGFbcPOMMNv3ykv7eBkT1/MmHdGeTdf918aqVlCD6BlDgsLK1JyhWFxGYAomVInSbYxWkZ8a2CVGkTGCIQuM3xC4JoIiJ+ULlfMjbnsfl6eDTQEUQp/qlHZMtfWFkzbvlIOBMQG6x5y8t3yO3CPJixxWTfFe4L4dWIbh3iuj7BaXmNLVzZUjbX31/zEA",
"keyFile": "HvG1sAAAAAACAAAAAQAAABAAAACUBAAAa512TmRLpT+M8vBukkmmKwcCAAAAJAAA1dUEDpQkBrr/YIIEJdCsWozc8vlv0l9VcbygWaMhiJYHIOM+ZJXnwUIwtaOOTc9Grt7BSZp05OuyeBJMUW0pJegLUjx4mRYFToculPWvUDw/FrYXu4ls14y+QEPNYuehbHhvfw1lO01vUNOOXFi1cmfjiAALpXQ9iIrA+ZcZlPZBvyNsn49kYalnUNC/V6/Uf5XoBwUS8l7qyHjsZLTY/vwggrwcicyYGn3uwKUVxpjzc8/PoDpbwt52uLzYNiXlae3d3hv55MU0ER9lYSJBzd0r4KKQ/TtTa8y6WbK/RiXH3gIoSE/lZ309f+Fwat/kvfAWxP4BcGEMPz/TQhLK3M1gjJQakeGiRJuLJsvr92L7AyzPnTqzzMcRFUOpaz80174Z9mcTCjTUdSjE2IrygddLtZzIzXkPK75gWma4CfxErnTInit+Wj/oRsID+vZrNKd1s6QxTWeQDkkqiKEmLEaUTs1Ufg+TvktKzbLp6B9R8GIgYcF1xf0dbvX7qnQxy5yiR2ATsvN3tpzsIEtVVJ8kRs74HhJLe6oxX6g8i8dL83R37DKC5LA0uPMo2f6OZJv3sPIU56B1nVyuceHcX78gVCExhC+EiA9raNA4R5SR73oFZe8f3i72Ih7sFseR4ly6Qu/APL5acabJ9y1jrKk72M6QMr0iueq92kM9UyqPK4LQ/6zkWhPgiq+SIewIwKi6Yp8z3TYUi0dpMx0IYpVOTXrUg/Dht1u/iB0WMlGvEJqe3yO2qSmeZJ2ZW3TXDiTOSChYaHi9JAcepdV7T5yBh15b2cDkGOxGlERKOr60hjbMWsrWWcdeEN9DgMuiOiM+t8f3dMP0O6Ca+StJm9ls0SbV6MbZGjBsq/tCV+PpZb20yZu9YmOhsMtFoFZNUdQCm+CVAiLnIHg4OVtC/eiWGocCjJa7jy8AkwqLO/c4j/d+zItWbSkPYsbH5AtIsCJ20qjk2ROuV4y6Jw0kIDfu04gnl0TUUZViI6gI13mh4I64AdDWXYlFbFq9lvHOw2qni+Zqo+KUshCUgS0akUO62L+t7uycMXuHGWus8HAvPXL2q35BlLvdTPUILpR5eIm1WeaN6lmnqGexpcsRKrBIJeGKGqVHa+9fU3bSVrrgBT5/q0UI4AnD8upIzyfFLpB/qn4+2NJAa4F9K9+bTP6DpGPJEumEs/lwxO5klUBirhpOFKjkIY7C2EGwxdlco1QpoZyzMAYfvg23DTQwAnk1nNgnPOt3GY9yuOn52us116NUE97gRjuLRmtGeYNFGQiaTDtpAVZU/LWYxXDpGSCxOTaxcmcIDBQGfsuar2IX0JuZgVZjMnEuLmbknNkh/A7jQHgUPE+YZG0Mx1jGkMl0AVLNgJH3mBw25zLS4SkxF5xRewo+6gG6BsBcokHKk+x7MRm8sltBVUts7D8yi0tAEsZTCOg/CqZnxis3I4GVNaWQpNeuKsHCdogtVT6Qh00ew4BOPt04FDnsnzbU+Jz9wZ6IvS33mNyYYlIcmMhnik8bCtu3cD609lQz17m+Uoha+1n+HnM5CKSJ",
"password": "neoteris"
}
Responses
{
"result": {
"info": [
{
"message": "Import of ms Certificates is successful"
}
]
}
}
Updating Client Certificate
To trigger Update Now for CRL in Client Certificate.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/certificates/crl?operation=updateNow' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"clientca": "ca-common-name"
}'
Response
{
"result": {
"info": [
{
"message": "Successfully initiated CRL download: ca-common-name"
}
]
}
}
Fetch Domain for HTML Resource Profile Bookmarks
To fetch domain operation.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/users/resource-profile/Test?operation=fetchdomain' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"username": "<USER>"
}'
Response
{
"result": {
"info": [
{
"message": "AGENT1\\<USER>"
}
]
}
}
Removing IF MAP Imported Sessions
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/system/ifmap/imported-sessions/test' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"result": {
"errors": [
{
"message": "Successfully deleted IF Map Sessions"
}
]
}
}
To Delete all IF-MAP imported sessions.
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/system/ifmap/imported-sessions' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"result": {
"errors": [
{
"message": "Successfully deleted IF Map Sessions"
}
]
}
}
Import, Renew and Reset Certificates
To Import, Renew or Reset the specified certificate.
Copy
Request
curl -X 'POST' \
'https://10.10.10.10/api/v1/system/certificates/device-certificate?operation=<import/renew/Reset' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"certificate": "MIIbHgIBAzCCGtoGCSqGSIb3DQEHAaCCGssEghrHMIIawzCCBgwGCSqGSIb3DQEHAaCCBf0EggX5MIIF9TCCBfEGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAiNu2gCY3sl9wICB9AEggTYGZTG+EFl+xYqTAkAn2amovWxHvlWs6ZPZYkeuIsF5qvifsBcPvouFqwkroqFQOeJPPh9lIreN1nEGa+4USjFeQwjQOK8EvsxxcLvz2sSO7IJRVhOB4abkYVp2TEwWCGVEwJfClxVsGehHDe+/WnQfuuCqDjyJTvOJCOPcMn85kalf5jFRHbdFZz5HVs6Dbqq0zUhArHOkksbbn82kAIzjdTG1jQjWgkUBiHXVLGgvYvzEsEILUzMP9GzjmQLxH2F7ghi78kb2Gam3JqJBbrd3816BONQ6VBHYaHBzFHxUG3WpxP4Bq1xgRgaJvw3lStSqjHIpLWaX3OTFpN5PdS+tH2/g62nQr2HSs/POHLbHJsVzYZ1x0Sy4hw9bkhJpWJ1pe+VBVeJK9ZZ0/ZJHiiu9NVJ+iVQo11Erb7eYPrnA50n0Yc+Mcmxq8bmaEnafocCOlPM9BDktEpDazMBNITBCu9gyWhvbqFSbBqxPaeJpJwmBztHIHTcYMg1iTVkJCEyAgfXDii7Kg6AU2HnSUUwXtDFSUDQIC654Hp2yHc+FRuAURDMLg3oEjHKaqTIVr+zVA0q47OauBjE2nW/0qybGGddTRtHr0/A4tnUROrMapSEFOW7CvWD9EUFW9DiOTF/iDkenv+lQ1kRNHIEob/bSLGFs8lyg171TwlF647ky6B1XqDO7i+HgEcDlMwIs9w3+Nt3OGUIq0OTGfqtHbQENOBuOSRU7aAYgdAcAjtLxEOeu9noGqK3sXvuEwsCOZHuWo65Ayb4voUnrvLdeibGeNpswBNT9y3ZdTqhpomPYzZFqFVmVqWxbUc3iqAzh8PXFkxxJt54RjW09AckvFQTULXWSFiOBJ25wT+HLuzmOErlukT+w0uE3rK9D2YxqbHqHX8YBW9oyNpMxzaEgts711/Wp37S/tcMQX+XOYrCpy+Ip6eQ/xuOAQ2xPtB8LO7AO7bHQQWw7VfgLG8rSpwWq4B+mc7Gl4UBgO9qI+Vf2GqDMTk7Is8fEKnSKt3HqpsCZzwlV1EFP/sxlHrkp5eYjbrbin/GSbpyy8PcfOHSsjF0K29/4m15iWEj1TQ7o89m7E0hpK8I1iZ4BpGFE8f+JvNLFrgdxKfX10+eJ01kWxmI7MvO1WNWeo0lJKvNmaW9tC1qvCrVtJUst+8NmzldLEAE76oQBAuJBq9ptDGKLAtoeDSEGjrwXFGcO2+DJHnlJL1COXdczpX5q5IxHNgI7LI8mAUaittPxTVjdUaovu4kTDq9AxBanHYReb4IISQ0uPkrNPyj1vdApuqiHwdUq0Y4Q9wbpbtzqp6BFDjnljrxFbWm2GbDsDzKnvx4FPj3AhoQXz8ryPzWaYsPowU5in7ezxEmmMGTRKBqg7bwiVjUnNgkdlcUO7lNQ1OamY/AMP+8txJUoDZtahMQqTL9afn1+C1BGQWjC3WTqakNnnTUmKE4i6eUQTwSagwWxi0yrtmTHB0H0ocrlN3e5RdASEjNWe8AkYQjTiuYgKLDeVD8tLNoqQ7fcZxA/mQAoAUJmFocUf9aTMgH4kClSBeEC6WxScWtj8/VG6q6phbar1Wmtl2GSYRcOsHnCPVAYvjImNi5ETbKwemMiEshWwLY8XJakqbT/4C0vZJ0HlyhlcSgyOiIp6yd0zGB3zATBgkqhkiG9w0BCRUxBgQEAQAAADBbBgkqhkiG9w0BCRQxTh5MAHsANgA1AEYAMgAwAEUAMQAyAC0AMgA0AEEANwAtADQAQQAyADMALQBBADUAMQAwAC0ANAA0AEEANwAzADYANgBDADUAMwA2ADQAfTBrBgkrBgEEAYI3EQExXh5cAE0AaQBjAHIAbwBzAG8AZgB0ACAARQBuAGgAYQBuAGMAZQBkACAAQwByAHkAcAB0AG8AZwByAGEAcABoAGkAYwAgAFAAcgBvAHYAaQBkAGUAcgAgAHYAMQAuADAwghSvBgkqhkiG9w0BBwagghSgMIIUnAIBADCCFJUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEGMA4ECFoa6COVlEb1AgIH0ICCFGi6T89IhdROnyJmDh2xUOhP3hc65CIUZvNcD65CbFq3qQjSSAnNBdFDRRFvg9vLiAxmcPdKEL9c5z6YkgDi+RnL447lfDBFhCZKyXrMKfoV+ZdGz5BxKeCSnAGueWdxQkeXFWSU8GuSaiQeC0pdq5FDJ0lJvlBbm898fPy5XfjulY6t8JKKG9jGk5a4v1HZr719in2cd1qpPtuTb3uLrg6rve+yxNEdKW2lNEx+9xVsiKY703zQ9QkQIRA/7EqFuMVcpaLO4CFioC6h8gVOebN0Kp/Xd1L1OyhcPx38Fv/c+fs3i8y2bJfgHwlz1T8WtfyCG+ibF3FmagXdPNq9fohgDc1TX/X/7EpuKhgi1Y0x29qcxsL7qU35t0EZuFcZE8/yJLsC82SeFXyIZ11YQA2cFDU9CqPLaCRooulTT4VubUqx7gwDMfNErXbF6ypWSMG+ps1sZ5N/wtXM1xdJWXmTbR4XpmjmF7+Dq8OgYaxTnQefrFkc8p3AeaQIAMsjhfTp0rm6eo/+e+9hLtOYRJOVoEGAZ081I7uUoZOccAQSv/CuZX9QFDmH8G4O/V+9A3w3uMs9oHW1Y8TBSIN4xwmXcgujalI1sSjFcTGtQOkWfMBXrENjPv1ats9+9H5mTP5rObo2D8if6i/Is9P2bsmL8He9qrOUHK/uKTLz1VBeT5EsJ3I0KH2qYbX3fT2HUKLAtoZ3F5ayl8ueSZwTwXKoDLgprIh9pP9eWTyFfLAB3UOs7rcnkNMEPNq+0GbgoAaU/6bLcjITD6lpA6rhX3eIN6dZ4EYu1Sbq87p1BLf7Rnsq34od99Z/EZQrxbMf6UxA3TWE9mFGb3XcXwDnaPHJq4rBSLCBa9gYx5mDpsW4RS2Lq7IDq0cWJJGW89J2GUC87IegYBjs+SNnFS5s3NPH2CP1dQGaHhk/U9G00tU7ozB2OnoCzh12/0qZAHqtzqC2phv+/5YXoJZr/khGlZsmUrPWGYLE2kmCX7HD3d1r6ChDk85XcfkJZvZr+I61r2S2E28+nFCECncMuLKwsCJ1sWGndseIG22Bn1/HIjM8HCaQhLi77IHqK+FlT+7NfzWunHoCot5d+LPKw4nfm2VM+IcYOlswgLhyYG0TO3/SgGPUV+IP9K4ZlvyeHJQCTmn141NOx8XqjS0adUi5J6Gqs6mxakdXMejMjEFGsOUs/qam9E/Diy2Zve3AYZbmEtrRb0OGsZlwA+u55VmAR8R+ei22+AtLm5nmhy4DkoccWN5ZtvIOHEnVL+EeqyjhkiboDXYqttIVhhH7AUfWg2einI+ieRimxQaMmxLZCDEcdeAYkO7aOBDZOXDj+usvw0GW1Gd9k++6D+CScZlX/L8lzw9l7JDb19BxIJMcLt07oL0PhFr1z0SFPgcSUDW+QbeL9yZAbAzNTX0Sr8kTQvVdq2UZ4HxtM6A2nDR7J5Ivu9A/Pcvx5cMRf5fNdVV0/F4WU5oqi5V2UGqGsdJL4g4tXDsHywtteXo0n8qYp7+vkD8MHTC4u6VB1mH5kfsfjkWnv9kMTNsrhJd0KZ2gOcePWMaPHt7XWVz9If2S8YybEBnHmU/SINoS94oR2IvJW/BLtosGtaBFXNGYsJA7oxakMaR+UgoK0INy3ZJbBC4nfShwSYMgcqNpSYPITbOhdMeAU/qNK7vDJ2tyMxdatD6tHs7bVIXiGVyPhcEaQyGnTPN34GQHre2T7YRuT1nDzv0XCleu6hQa3dam84qd/jbd4hTQKiWZjtvE0pOZA6qZGFfggVBYDViui0o0ofjTlv9sLenbxp19oZwezhvBm5Vj7O/SZzbbJH8jrg0XXQ1ybHo7johTg5vZPuWiLvipsXzlaMkCCdwzwm530zYlZEDDoBS9zQz1Xc74pQQBjO/I+ibw/l9+edeOAHJEp9oFMSfGOWE6HqXWKyh/nmy5x7Gv3g4X7hyNuF4RUI+6uYvswHaGfzGs+ByTURc9TQmgz7Vc5cOPeVF1sMm2mknnzG8VJ+O+WKZbItwhjUedFOvDa4A7IZAG7sq49YWrfsSwJ1o3u2j+9gJzEoO00hmzk1rBgVqzubns94bkZchyJVWHukodx9I9c4+TiCcj8Y/S8E71Hg/y0n7tAto7qUfa6VFXX7uSVHZFOi/46ABJjgsuZBxhW4Lmm5fgfOtL95gEzsckWI3SSXuGiFOkKkP7GkV8RIZV4ixsdHz9uFb2MBRw3d9BvWevmqYynQq9nmKpG2vDg/pIsHS6VxSCLTt5uNzFT3zhlrsFWgScVsrM64GYJiYOxlcfXEGrorfzUIuDu+qvxcBPFy9XsmmMHVxXl64e3YVLwrZe0b2Nwc1+kNmxupzhVm3Qc4hmfz72hMpGpP+5umS+VYW+XkZ4d9uzkICe5WX2tLlvuR9JHqdM87R79NlijAVn7i+ujEQ8CU8uggPJM74vsuib4rX4FyIOuY3T4/YcrFHaQFYNZ1mdUaYcoU1Rauw4VPEIuY7YcsElnXPRpktowv60icI/UoRPH627b4I9ae95IZV7h8rDTRbvrWyxxV1a+CzfeUUZ/tt/Zn+1WcBmdtRxBPGvAB13DI2ge0U9o2RFqMBnhLCacqJpG1t+uC6rF35qaDOVizXGyD28NjyQP/CfQFFwO0tRNHAGkHKdyrjRSZij5Zu7B7t+Q/End4gKigMRwsC2OsjF/OdCImrUYYFUI6sStqBOdty45KlJL6EhoJO61kgmsx+voB8qHy2d0iFvEVDy7Hur1XS8YtjfJVtlLnWnFwaArWZlg87KeqmDicNVbloF+gpj5naonXpz7aEIDyNfm+d8IT7PgZlOroVK6uB3I93bGLyJMPiP5znxGDYCUVHTnTbJfNUAw4wr54tgvik7qTLE+/KEoMz00S0Ll9QUrWa4k5mJO9AVw9M1IMNX1qNVaMMUE6gK4XHVztH2kHO+HtOUhLqOqaWSBgYF363jgU1xz8pHBuQl+MY/RESZOzcUdmG9ReM1CON1VEBpdu6k2tnoW5UXD9xDIh+meLSYdKxf8mkdDiJJAlpQzZPSR1rj9k8U8fgV5ODtL9DTHlBygmEu+/rqNfa8Y0/fG/3Xf3F0LHg+mM6yhbP2CRWGlmmpGsjOJiwWtfjP8crtxtOn5oA4Yma/EV8H8mz6vnJxN+CqhU7QLbn7svEsau4/b9hqwN0jx8jlV/l4m6Qu/0yQ+twfNVioroUyViRpUIAQxeusJLS/f7YxCbCTXedlDMnbfoL8IWk5SYLiHwtfaSayDmHZtHWPNaf16R76ttkIyJaIHpdABUcVyYA2mnZPxyDDFwrEEazsXe2FGd/TT1wRExIPj53G6pzbyyoGsp+9hxwHR69quySIYurPmdvU2LlmEHw/ssyETZH+cECs7lqHp7H/g8IHKZN7U93WaChUju26Xk/DkpR6deUywZZYBpd+AZocVjq85WM8e7xM8b3PAodFbFoaMynkHNSX8upiihfSEOL1o0R9RN4eCzZAQP1xeRRv7ZV2eB9zBcQ9xYuE+IEszLXcqFRKKGOWZqZpWGUB7YnY9e1b0GgHDljaQZcBcLrYjGvXPp4Uw9vzDZQVgXg6zle+L1823Z23645XZOJW9ketBEY7G3un/SNTiOkzNZAZC7X86lXMazGJUNVrKSXGpFyKvYd8ahnpl6qnqXEn7mhpHXIysYqR3j2Yrvrnz2CYsA0R+KEH8cXvzPErc4/GqFGmZetw/c+FPfzXRUlrn9G8dOfWmiGw34eTzEREB4zix0XjWHgo2l8OHXwLtpZEuQBT6NIpm54bTE6GKMvYnoN9Y7blFCfP97dtRclXojp7GPToGivawq6XsUBxlS15z5AmhigvNWB363FS/WfqtRQQG9LNjheNDAb3qas39TjeyL0a4QNm+6+NU1Rf906NaM+qFopGd0hFoDezwDYzjofoW0SRzDe4asjM5YcfOGxlbBgfVoMoZ+fyneBEec6HOrNkU830th7rCk/lfud0+xE4C2WBRhnqe3RpdvXtJHaNZ3qpGHawz/PCFYPCmtlCxasaKgoxMUc1fwNXIXVbWbcA1hs4ckYg1P/tSeQEVMEtgOEIM59y5EhAjcVFnCH8wssQxa3FPvSOhqujHveSbLX9MDlqaNiAE7rConj2QgKgKj1PKxAdieNVahDubEmJwa+TXRayWq4U2mo0U+xkS5gkOw6/ZVFmMSSvwzjy1dncKXxn13UKH2FpZE7KEWlwXKReu9lGN1YCNEgdyqJ39FJkiVyZzXzmA03PNV99FW7D7qvVZu7OkapUb239J2SbQl60pmX1nQ7yj3jUeTbFpFebZqgPVZaV3Co2z/X9CFIIr2b/br4bduw7lXy0VE63GIeAJXamv4+38Au8M9Pnn+zMsO0+o8mBVkrqgY4DWd0dlkTqAYgCODtZTcE8qCh2M+M7nV1lGj9pV4RAFDanOAAvbVBgxQGfTdW55qvLF/tBerOOMgnldnBMspkib7c1kLGMO2vimwVkOhnY9gpS2R+r2dKgfL9wzZ8EZV5JJE1WqVMfXXZjOFNREKC6ImBbpbJrNSh54bzxfIzoUL3QaYtVAojTDDnbH8HutNXMXp5gpRG4KW3UPh0kGfdHPJpW2BQf5xCMlRj0qlXYL+y7yCsKJKOFFCKZHVe8TLwQl9F1qdRBIPBsHXpQvCuV7hqZ3+xqN+oH8l2Urc1LYpGoaz7KVGhRecR8BiBZ33VLqFEhu2GjAHHB/N8pdD6a0KA9Fqoyz6OEtfA7ZBewIyZnVy39adYQ3P0201iNMCQUnMQI99XNa+XknFaRrv/OaMDaCjRjV1/cNxq54igkhuhwch8+pNzrBtxHsmGsUZ4sRGbTBtPg4o8FXAgs6DCOqJuq6AIwuySRButs2zxWhAdHb3pktLh1YreDLHQqkrsoS/5zkKsSrMZ5+FBy3iuBNTcIllQibVigc4lLl32pDbauPzdPQVmaAd/P48Qm7sIh7Kz0YsVJnHeJzHaUTdes4c6KxO9ITCN0JlmJedijwBEZKSgQteFVTnY3YLr0WY2FhmADoZ7BIzsQlxZWzn4F1SRmKaJ13Sx+4LjtIyur31D+jZaBc580xAB1B3DJudbDuuK7XigyhmSLAaVc5Blyl2aAGFYAJrpZMQLsUCnm8NSFGUVIINL/a4HvPsXql4gRZyDpKUyxwPI7HpuDpSvT20+fR6PGx/XobPWilHSe0AqSl4ifuc1nFPkUPm51mOyMM4gz0t67Hc3482EpwpzOqCFOTZHz8bHr/5pEJJ6/0j+SXnK2Cl0exajVLSCDITlSUOzcQMK67sLrEAEo0fxVNpHo01kqDWrBcO+rkDb7jAg46FXUNq3A8L8y0yz6/3WHfBJuDHsrx19hr4O4bL0TDrgk0eaOFVClgnUiVcnFBeZOhd4NVPX//Ngc3qCWNJsorbaDtecQ/q2fqwKiU0xQwMkjE/uMOtGjqOVbvE11SbWPFdkKWdhBfhhJzQM07QExz7MzC83nIu/qpAn9jhHezhRnTcXS6aQSkEDn9j1bqzMlROccZp/0mxmuO4c9DjQOxZ60pF+ljAGjo787I4pKVy5IhLmvCeK28QR8WqvTlTm99cPe4xqGZtQUbMWxKDZHrp7juFink7YUFrCY82dFeVMjmbqJUelBdYTT+vDtia5jLcjRcAJQhMAeuXxm37Q4qLNm3TNZCacTQOxdwIa8c/plFnWql8ljityM9UFbHgG4yX0MJFJnTkoIny2uivOOiVPGQzEWnngCZnWH5mCropKjkrJhrfUQ7q+FGjl5q945PpzwUiNA0pyoLGUqfCn5OuCvKIWGK6vQfnNmJ+p1YGvj9BZ2ux+ePBRLUP9KGxeXyHJkt2dz8chqrTjM7y/kvZqkur6vSwSkk0uMWLfjBC75QwJYUoYJxedoDR+kk3/mEXSDHOaMSEQ20bOvRFoeXRfpxabETx4sqaur3LstXNhAtx37dD1zEPNvB8K7dkDETAqZY5JzIwC8gVmaTLNQcHzSh6z6qbcvi1bIUoJ9yuCgGF2qd8tJ1+0TNkJRIylLCM79AJn3IsqdJEVoZv3gQpC89wahtnA9AV7JelUnS8C4N+wCD5S8wRz8UlNvAvngU08UGS8UGddp7Zz+YmZv1QmacPWN29534Y1iW/IAjgYc+eq1u3r6CjGmv9TFWexfEH/qGVyeCCnPrnwpdrkTiu1qW5Ln5O+rIHQmB0BQh5O9mE/32SI4AsHXGdLjqo+ISijCFE2BvTiiMIEu/0xWE7qzxsbmwgOJvr4XnJgLctQX1D+2KwYAfo0dxOhHmk6ayBVdEJebmpbe1VesAkD4lRRM/muy+mq6UdRK4xw0vkhd16hgoQYLBJ8iEDoFPVkC8KBql+iVpWUilxamjooMhy7Jwjp3bbfom3eq8hN73YpX292p4hFm48pUsczpI+bgEBFLyJH3PUyWQx+uizRuyom30GMRcXnA7d5dT8eCvK8CTjm+b1lUyJmQSCOKSAUXf9o5cQgoxW/QqXXab5BgXm+njkl745y10uaQ5+z/us1wxEST3oILzEa4YVaYZBBDgSC3MSi995v2IMJ9NcCprBhFRNyhfGhpJjRrinX/GXXbAvVAC2ywXdUUKsY03yAREShKlSjYLUTTrCozn6l+YJNidqtYJ06Kr8mWerMaZH7NbyId0NfukGpva5/pF3SUv902Ssl5S6zbjEcONBxXKP/iFV1B9LiSPm3dlyVFrTiSKh4uiECjulQhhA2BXSOSr6kyLfADju17PDcW5mP63ZpYmVjf6H9faX0ZIBCkVJFp4Oj/IGIEMUsC3Y2k3DOs3xbFn5wDWvXXGVfzVzqFrfu/Mk7HmoIrCbb8/wNrSJY3CPDwrDjfsYFoBUSgUsAAu7sVj1xKcHVmCE9cHvyVdTCkFplV5vwCNVtV1aqEDTcei+8eGVbdIp4CFoUsPGBYeKZVKunmVBRp+aYHHQz9qf59w6mKdcik6XGFMDswHzAHBgUrDgMCGgQUQgX8SJJ8LP0O36tK3oDzR7Zxh1QEFPLOagogbH/W4/W4uIN3R7JuR7g6AgIH0A==",
"password": "password"
}'
Response
{
"result": {
"info": [
{
"message": "Import Certificates is successful"
}
]
}
}
Delete S/MIME Certificate
To Delete S/MIME certificate. Query parameter 'certificate-type' must be 'smime-certificate'.
Copy
Request
curl -X 'DELETE' \
'https://10.10.10.10/api/v1/system/certificates/device-certificate?operation=import' \
--header 'Authorization: Basic K3I0UzFSOWk0dmxMZHYzU0tiWXVzSTNsL1Vxd1JlVGpGbGsxWWI3K243WT06' \
-H 'accept: application/json'
Response
{
"result": {
"info": [
{
"message": "Import Certificates is successful"
}
]
}
}
Importing XML Configuration
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/import-xml' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: multipart/form-data' \
-F 'file='
Response
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Archiving Local Backup
Retrieves the list of local backups for system configurations and user accounts
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/maintenance/archiving/localbackup?config-type=system/user/ivs' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"result": [
{
"identifier": 1692987215,
"time": "2023/08/25 18:13:35"
},
{
"identifier": 1692987216,
"time": "2023/08/25 18:13:36"
}
]
}
Save/Restore/delete local backup for system configurations or user accounts.
Copy
Request save
curl -X 'POST' \
'https://<ics-IP>/api/v1/system/maintenance/archiving/localbackup' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"config-type": "system",
"operation": "save"
}'
Request restore
curl -X 'POST' \
'https://10.10.10.10/api/v1/system/maintenance/archiving/localbackup' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"config-type": "system",
"operation": "restore",
"identifier": 1637076447,
"restoreCertificate": 1,
"restoreIpAddressAndNetworkSettings": 1,
"restoreNetworkSettings": 1
}'
Request delete
curl -X 'POST' \
'https://10.10.10.10/api/v1/system/maintenance/archiving/localbackup' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"config-type": "user",
"operation": "delete",
"identifier": [
1639043345,
1639043307
]
}'
Response
{
"identifier": 1637076447,
"time": "2021/11/16 15:27:27",
"overwritten": true
}
Delete nSA Named User License
Deletes selected licensed named users from cache
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/license/nsalicense/delete-named-user' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"users": [
"user1",
"user2"
],
"device_names": [
"device1",
"device2"
]
}'
Response
{
"success": "Successfully deleted all users."
}
Snapshots Operations
To Fetch, Save, Delete or Generate snapshots
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/snapshots' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action": "fetch-details",
"file": "string",
"file-list": [
"string"
]
}'
Response
{
"result": {
"snapshots": [
{
"date": "2023-04-28 00:37:34",
"file": "CORE.saml-metadata-s.6329.tgz",
"size": 13034638,
"snapshot": "Process snapshot for saml-metadata-s"
},
{
"date": "2023-04-27 23:25:24",
"file": "pulsesecure-state-integrityscanner-admin-scanner-20230427-232524.encrypted",
"size": 343867,
"snapshot": "Integrity scanner generated snapshot "
},
{
"date": "2023-04-27 21:29:53",
"file": "pulsesecure-state-admin-localhost2-7-20230427-212509.encrypted",
"size": 3514751,
"snapshot": "Admin generated snapshot (with debuglog, config)"
}
]
}
}
Enable Terminal Console
To Enable virtual terminal console
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/options' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"enable-virtual-terminal-console": true,
"clear-all-configuration-data": true
}'
Response
{
"result": {
"info": [
{
"message": "Successfully updated the virtual terminal console"
}
]
}
}
To get virtual terminal console status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/maintenance/options' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"current-persistent-user-records": 14,
"enable-virtual-terminal-console": true
}
Uploading UEBA\ ESAP Package
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/upload/<ueba or esap>' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: multipart/form-data' \
-F 'fileName=' \
-F 'activate='
Response
{
"result": {
"info": [
{
"message": "Successfully installed and activated UEBA/ESAP package."
}
]
}
}
Generate HTML File
To generate HTML file for the specified Java applet.
Copy
Request
curl -X 'POST' \
'https://<ics-IP>/api/v1/system/resource-profiles/web-profile/test' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"sub-type": "Windows Terminal Service",
"vdi-type": "vdi-type:0",
"use-default-html": "use-default-html:1"
}'
Response
{
"result": "<html><head><title>Premier java RDP Applet</title></head></html>"
}
Fetch System Information
To get system hardware and software details
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/system-information' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"rollback-partition-information": {
"build": "948",
"os-name": "ive-sa",
"os-version": "22.7R2"
},
"software-inventory": {
"software": {
"build": "1056",
"name": "IVE-OS",
"type": "operating-system",
"version": "22.7R2"
}
},
"system-information": {
"cpu-cores": {
"active": 12,
"licensed": 4
},
"hardware-model": "ISA4000-V",
"host-name": "localhost2",
"hypervisor": "VMware",
"machine-id": "VASPH327I49SO7WCS",
"os-name": "ive-sa",
"os-version": "22.7R2",
"serial-number": "VASPH327I49SO7WCS"
}
}
Fetch Active Users
To Get details of up to 200 active users
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/active-users?number=200&start=0' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"active-users": {
"active-user-records": {
"active-user-record": [
{
"active-secondary-user-name": null,
"active-user-name": "admindb",
"agent-type": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0",
"authentication-realm": "Admin Users",
"browser-id": "2b420cd0c4fee298c621793205950c9c",
"device-id": null,
"endpoint-security-status": "Not Applicable\nPassed Policies: \nFailed Policies: \nEliminated Roles: ",
"events": 0,
"hc-failed-reasons": null,
"login-node": "localhost2",
"mac-address": null,
"network-connect-ip": null,
"network-connect-ipv6": null,
"network-connect-transport-mode": null,
"ngp-session-id": "8a1a7a0a7e",
"primary-auth-server-name": "Administrators",
"primary-auth-server-type": "Local Authentication",
"pulse-client-version": null,
"secondary-auth-server-name": null,
"secondary-auth-server-type": null,
"session-id": "sid1d84203295b2db0f880820e5435de02e775c2cab00000000",
"sign-in-time-micro": "1699317427.743783",
"source-ip": "10.97.4.153",
"user-roles": ".Administrators",
"user-sign-in-time": "2023/11/07 06:07:09"
},
{
"active-secondary-user-name": null,
"active-user-name": "user1",
"agent-type": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36",
"authentication-realm": "Users",
"browser-id": "c02a789746114cb426183cae3ade8513",
"device-id": null,
"endpoint-security-status": "Not Applicable\nPassed Policies: \nFailed Policies: \nEliminated Roles: ",
"events": 0,
"hc-failed-reasons": null,
"login-node": "localhost2",
"mac-address": null,
"network-connect-ip": null,
"network-connect-ipv6": null,
"network-connect-transport-mode": null,
"ngp-session-id": "173a229e9a",
"primary-auth-server-name": "System Local",
"primary-auth-server-type": "Local Authentication",
"pulse-client-version": null,
"secondary-auth-server-name": null,
"secondary-auth-server-type": null,
"session-id": "sid8d40db34996df948e870fb097b2b07c20555e8dc00000000",
"sign-in-time-micro": "1699327095.643966",
"source-ip": "10.96.224.53",
"user-roles": "Users",
"user-sign-in-time": "2023/11/07 08:48:15"
}
]
},
"total-matched-record-number": 2,
"total-returned-record-number": 2,
"user-login-permission": true
}
}Refresh Dynamic Policy
To Refresh Dynamic Policy Evaluation for single or all Auth Realms
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/active-users?number=200&start=0' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
'https://<ics-ip>/api/v1/system/active-users?operation=refreshnow' \
-H 'accept: application/json' \
-d ''
Response
{
"result": {
"info": [
{
"message": "Refresh Roles for active-users is successful"
}
]
}
}
Delete All Active User
To Delete all active user sessions
Copy
Request
curl -X 'DELETE' \
'https://10.10.10.10/api/v1/system/active-users?all=all' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: */*'
Response
{
"result": {
"errors": [
{
"message": "Unsupported API."
}
]
}
}
Delete Active User Sessions
To Delete a list of user sessions based on their SID or session Unique Id
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/active-users/delete-sessions' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"sessions": [
"sid26a79db9e2beca93d70025cc37abaa7c42b1e810085ffcbd",
"sessionUniqueId28d11ff39a"
]
}'
Resoponse
{
"result": {
"errors": [
{
"message": "Missing required param 'sessions', an array of session ids corresponding to the sessions to be deleted."
}
]
}
}
Fetch AAA ports
To fetch the configuration of all the supported AAA ports.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/auth/aaa-ports-list' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"cluster": [
{
"name": "localhost2",
"nics": [
{
"internal": {
"device": "int0",
"interface-number": 0,
"interface-type": "physical",
"ip-address": "10.97.8.21",
"physical-interface": "internal",
"vlan-id": "not_set"
}
},
{
"external": {
"device": "ext0",
"interface-number": 1,
"interface-type": "physical",
"ip-address": "192.168.5.86",
"physical-interface": "external",
"vlan-id": "not_set"
}
},
{
"management": {
"device": "mgt0",
"interface-number": 7,
"interface-type": "physical",
"ip-address": "10.96.3.91",
"physical-interface": "management",
"vlan-id": "not_set"
}
},
{
"DFS-INT-PORT-VLAN-3": {
"device": "int0.3",
"interface-number": 11,
"interface-type": "vlan",
"ip-address": "10.97.4.51",
"physical-interface": "internal",
"vlan-id": "3"
}
},
{
"DFS-INT-PORT-VLAN-3-VP": {
"device": "vlan_11_vport_11_4",
"interface-number": "11_4",
"interface-type": "admin",
"ip-address": "10.97.4.53",
"physical-interface": "internal",
"vlan-id": "3"
}
}
]
}
]
}
Fetch Host ID and Secure ID
To fetch Host ID and Secure ID File creation time for all nodes
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/configuration/auth/ace-server/log-table' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"node_1": {
"host": "this node",
"time": "2023-11-01 14:16:42 UTC"
}
}
Fetch Expiry Dates for Certificates
To fetch expiry dates for certificates of given types.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/certificates/expiring-certificates' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"cert_types": [
"device cert",
"trusted client ca",
"trusted server ca",
"code signing cert",
"client auth cert"
],
"expiry_duration": 100
}'
Response
{
"result": [
{
"Certificate": "Trustis FPS Root CA",
"Certificate Type": "Trusted Server CA",
"Expiry Date": "Sun 2024-01-21 11:36:54 GMT"
},
{
"Certificate": "VRK Gov. Root CA",
"Certificate Type": "Trusted Server CA",
"Expiry Date": "Mon 2023-12-18 13:51:08 GMT"
}
]
}
Download Installer Configuration
To download installer configuration for Ivanti Secure Access Client component sets
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/pulse-client/component-settings/download-installer-config' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"configs": [
"Default",
"CompSet1"
],
"url": "10.204.52.75",
"user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36"
}'
Response
{
"config_data": "schema version { version: \"1\"}machine settings { version: \"3\" guid: \"58e2cd0f-fc22-4b73-bacf-8ca282f1b600\" connection-source: \"preconfig\" server-id: \"VASPH327I49SO7WCS\" connection-set-owner: \"\" connection-set-name: \"Default\" connection-set-last-modified: \"2023-10-30 21:22:20 UTC\" connection-set-download-host: \"\" lock-down: \"false\" block-traffic-on-vpn-disconnect: \"false\" allow-save: \"true\" user-connection: \"true\" splashscreen-display: \"true\" dynamic-trust: \"false\" dynamic-connection: \"true\" eap-fragment-size: \"1400\" captive-portal-detection: \"false\" enable-browser: \"true\" captive-portal-engine: \"Edge\" embedded-browser-saml: \"false\" embedded-browser-engine: \"Edge\" embedded-cef-browser-saml: \"false\" FIPSClient: \"false\" wireless-suppression: \"false\" clear-smart-card-pin-cache: \"false\" lockdown-exceptions-configured: \"false\"}ive \"823f2c43-bd2a-4e95-8369-1f3871a32c8c\" { friendly-name: \"SA\" version: \"3\" guid: \"823f2c43-bd2a-4e95-8369-1f3871a32c8c\" client-certificate-selection-rule: \"AUTO\" client-certificate-matching-rule-smartcard-logon-enabled: \"true\" client-certificate-matching-rule-eku-oid: \"\" client-certificate-matching-rule-eku-text: \"\" server-id: \"VASPH327I49SO7WCS\" connection-source: \"preconfig\" factory-default: \"true\" uri: \"10.204.52.75\" connection-policy-override: \"true\" connection-lock-down: \"false\" enable-stealth-mode: \"false\" show-stealth-connection: \"false\" use-for-connect: \"true\" uri-list-use-last-connected: \"false\" uri-list-randomize: \"false\" sso-cached-credential: \"false\" connection-identity: \"user\" connection-policy: \"automatic\" client-certificate-location-system: \"false\" reconnect-at-session-timeout: \"true\"}"
}
Fetch Device CSR
To fetch details of a particular CSR based on the csr-id provided.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/certificates/device-certificate-csrs/CSR_396' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"csr": {
"country": "US",
"creation-time": "11/07/2023 05:22:14",
"csr-id": "CSR_396",
"email-address": "[email protected]",
"key-size": 2048,
"locality": "Locality",
"organization-name": "Ivanti",
"organization-unit-name": "Org Unit Name",
"pem": "-----BEGIN CERTIFICATE REQUEST-----\nMIIDGDCCAgACAQAwgZYxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVTdGF0ZTERMA8G\nA1UEBwwITG9jYWxpdHkxDzANBgNVBAoMBkl2YW50aTEWMBQGA1UECwwNT3JnIFVu\naXQgTmFtZTEhMB8GCSqGSIb3DQEJARYSZW1haWxAcHJvdmlkZXIuY29tMRgwFgYD\nVQQDDA9wdWxzZXNlY3VyZS5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\nAoIBAQC4lwdIJMpeljyCzjnX7h7k5P2KH5nUtaQGeLmcDIJlp+MBch0XG+XtwNc/\nr1JVcGD7RESleJ5VzJQUPz77AWO6IBr8mlWE9EsB5pcB2ajsO04JnrmsPPKcKVic\n19xmXukxKVf1cke6EhPYuC8DWTt7k+qrVXSqWYHdXnEF97pY+XefoHiIejyySiMz\nT73PURRdfThI6nESsQWMGZubpyKeR64G7fERNygqSDH0nkqsGvzEhWjTfUdS+iYy\n7Jo2bHe5cGMcNQH629dFKv7aO8Il1EuCT7wTr6efIzzkcmf908kFOuhvq+jiTRDz\nt7UE1f/IwFsEGS+n3xQVZ7LGYDZPAgMBAAGgPDA6BgkqhkiG9w0BCQ4xLTArMAkG\nA1UdEwQCMAAwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIF4DANBgkqhkiG\n9w0BAQsFAAOCAQEALhO9UzluJXsVJAYX6Z8A1SoQZgfbd1YjuJNKx4yKJO9gjNr0\nbmEBv/KJU1+ZL1b/lf4ACln3C+XmvGuXRB4PGCmmLhdkwjqHJNgjn/1jOiQX5BJM\n3g5q5P9SPtPj763pQP3CVA/7Wgz2ATmkbYkzrS2RkTzve2/P5DiS7LGuSKsD/vpi\nLpLksziA6N4+17ELuWkFqDYtkJXnjjsFKrLOPa9GjkDYvvtJl4zgjfTN7LdFI78n\nfsSaYkJ3J5hU12c4tcPtpoIR1mhjU+96Zq78q0evP4KJeyZLUxm7s/csa6MbaKfB\nrrpefqtODxHjWRFnLyGJiihI8PHg2MrNSptRiQ==\n-----END CERTIFICATE REQUEST-----\n",
"state": "State",
"subject-common-name": "Subject Common Name"
}
}
Delete Device CSR
To delete a particular CSR based on the csr-id provided.
Copy
Response
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/system/certificates/device-certificate-csrs/CSR_396' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Request
{
"result": {
"info": [
{
"message": "CSR id: 'CSR_396' deleted successfully"
}
]
}
}
Create Device CSR
To create a new CSR.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/certificates/device-certificate-csrs' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"subject-common-name": "Subject Common Name",
"organization-name": "Ivanti",
"organization-unit": "Organization Unit",
"locality-name": "Locality",
"state": "State",
"country": "US",
"email": "[email protected]",
"key-type": "RSA",
"key-length": 1024,
"random-data": "randomcharacters"
}'
Response
{
"result": {
"info": [
{
"message": "Created CSR 'CSR_408' successfully"
},
{
"message": "Use POST /api/v1/system/certificates/device-certificate-csrs/CSR_408/certificate to upload the signed certificate"
}
]
}
}
Import Device CSR
Import the signed certificate based on a particular CSR.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/certificates/client-auth-certificate-csrs/CSR_396/certificate' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"certificate": "string"
}'
Response
{
"result": {
"info": [
{
"message": "Imported certificate for CSR 'CSR_396' successfully"
}
]
}
}
Fetch the Current Time
To fetch the current time (epoch time), ISO date time (yyyy-MM-ddTHH:mm:ss) and time-zone.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/date-time' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"current_time": 1698873402,
"iso-date-time": "2023-11-01T14:16:42",
"time-zone": "(GMT-08:00) Pacific Time (US & Canada); Tijuana"
}
Set System Date and Time
To set the system date and time
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/date-time' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"iso-date-time": "2000-01-15T12:57:00"
}'
Response
{
"result": {
"info": [
{
"message": "Updated time successfully"
}
]
}
}
Fetch Virtual Desktops List
To fetch virtual desktops list for Citrix XenDesktop or VMware View Manager.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/users/resource-profile/virtual-desktops-list' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"type": "VMware View Manager",
"user-name": "vdiadmin",
"password": "Pulse_123",
"domain": "pcsauto.com",
"server-name": "10.96.224.70",
"use-ssl": 1
}'
Response
{
"desktop-list": [
"DisplayName1 (AS4D89F)",
"DisplayName2 (M9N456H)"
]
}
Export XML Configuration
Export XML configuration data that can be imported by either Ivanti Connect Secure to a file in the device's /tmp directory.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/export-universal-xml' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"endpoint.hc.general-options": "true",
"endpoint.hc.virus-signature-list": "true",
"endpoint.hc.policies": [
"Policy1",
"Policy2"
],
"endpoint.hc.remote-imv": "true",
"endpoint.hc.esaps": "true",
"endpoint.hc.ignore-list": "true",
"system.behavioural-analytics-status": "true",
"system.behavioural-analytics-adaptive-authentication": "true",
"client.connections-all": "true",
"client.components-all": "true",
"client.versions": "true"
}'
Response
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error! file = /tmp/ive- export.vc0.xml"
}
]
}
}
Export Selected Configuration
To export selected configuration data as XML.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/maintenance/export-xml' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"system.date-and-time": "true",
"auth.roles.all-user": "true",
"profiles.web": [
"Web1",
"Web2",
"Web3"
],
"signin.pages": [
"Page1"
],
"endpoint.hc.policies": [
"Policy1",
"Policy2"
]
}'
Response
{
"result": {
"info": [
{
"message": "Operation succeed without warning or error! file = /tmp/ive-export.vc0.xml"
}
]
}
}
Enable Auto-Update for Hostchecker
To enable Auto-Update for Hostchecker Virus Signature Version Monitoring and then download and import the latest Virus Signatures File.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/host-checker/live-update/validate-credentials' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"av-liveupdate": {
"enabled": "true",
"portal-password-cleartext": "password",
"portal-user-name": "username",
"proxy-address": "1.1.1.1",
"proxy-enabled": "true",
"proxy-password-cleartext": "password",
"proxy-port": 80,
"proxy-user-name": "username",
"update-freq": 30,
"update-url": "https://download.pulsesecure.net/software/av/uac/epupdate_hist.xml"
}
}'
Response
{
"result":
{"info": [
{
"message":"Download successful"
}
]
}
}
MDM Auth Server Configuration
To test the connection for a potential MDM auth server configuration or for an already configured one.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/auth-server/mdm?operation=testconnection' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"mdm_type": "Microsoft Intune",
"tenant_id": "25f4343b-ced7-4135-af22-d3a8a04b0b57",
"client_id": "test4b32-0c13-47e7-aca1-3fcb3e5d1e7b",
"client_secret": "test1234567789efgd_feghf_ffegdhf"
}'
Response
{
"result": {
"info": [
{
"message": "Connection OK."
}
]
}
}
Fetch Status of Tenant
To get status of tenant and check if user login requests are being allowed or blocked
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/tenant/status' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"code": 200,
"status": "active"
}
Fetch Port Status
To get status of all ports
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/network/ports/status' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"external": {
"connected": "yes",
"duplex": "full",
"name": "external",
"rxdrop": "48449",
"rxerror": "0",
"rxmulticast": "158218",
"rxpacket": "130181285",
"speed": "10000Mb/s",
"txdrop": "0",
"txerror": "0",
"txmulticast": "0",
"txpacket": "435254"
},
"internal": {
"connected": "yes",
"duplex": "full",
"name": "internal",
"rxdrop": "48504",
"rxerror": "0",
"rxmulticast": "158218",
"rxpacket": "141565698",
"speed": "10000Mb/s",
"txdrop": "0",
"txerror": "0",
"txmulticast": "0",
"txpacket": "9842276"
},
"management": {
"connected": "yes",
"duplex": "full",
"name": "management",
"rxdrop": "48450",
"rxerror": "0",
"rxmulticast": "158218",
"rxpacket": "130183315",
"speed": "10000Mb/s",
"txdrop": "0",
"txerror": "0",
"txmulticast": "0",
"txpacket": "439559"
},
"vlan-port-int-1": {
"connected": "yes",
"duplex": "full",
"name": "vlan-port-int-1",
"rxdrop": "0",
"rxerror": "0",
"rxmulticast": "0",
"rxpacket": "0",
"speed": "10000Mb/s",
"txdrop": "0",
"txerror": "0",
"txmulticast": "0",
"txpacket": "3"
}
}
To get status of a specific port
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/network/ports/test/status' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"connected": "yes",
"duplex": "full",
"name": "internal",
"rxdrop": "48541",
"rxerror": "0",
"rxmulticast": "158440",
"rxpacket": "141770609",
"speed": "10000Mb/s",
"txdrop": "0",
"txerror": "0",
"txmulticast": "0",
"txpacket": "9855017"
}
Collect ARP Cache
Trigger update to collect ARP cache entries for specific port.
Copy
Request
curl -X 'POST' \
'https://10.10.10.10/api/v1/network/arp-cache?port=20' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-d ''
Response
{
"result": {
"info": [
{
"message": "Successfully triggered an update to collect all the internal port ARP entries"
}
]
}
}
Collect NDP Cache
Trigger update to collect NDP cache entries
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/network/ndp-cache?operation=triggerUpdate' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-d ''
Response
{
"result": {
"info": [
{
"message": "Successfully triggered an update to collect all the NDP entries"
}
]
}
}
Delete all ARP Cache
To delete all ARP cache entries for a specific port
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/network/arp-cache/ports/test' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"result": {
"info": [
{
"message": "Successfully deleted arp cache from 'internal' port"
}
]
}
}
Delete all NDP Cache
Delete all NDP cache entries for a specific port
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/network/ndp-cache/ports/Test' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"result": {
"info": [
{
"message": "Successfully deleted ndp cache from 'internal' port"
}
]
}
}
Delete NDP Cache of Specific Port
Flush NDP cache entries for a specific port
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/network/ndp-cache/ports/test/flush-ndp-entries' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"result": {
"info": [
{
"message": "Successfully flushed ndp entries from 'internal' port"
}
]
}
}
Fetch nSA Registration Status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/nsa/register' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"gateway-id": "21477b2c3b694194bfceaa4124e7206a",
"notification-status": "success",
"notification-status-message": "The Notification Channel is Connected.",
"notification-url": "wss://tenant.e.cluster.pzt.dev.perfsec.com/api/v1/notifications",
"reg-status": "success",
"reg-status-message": ""
}
Register with nSA
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/nsa/register' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"reg-host-fqdn": "tenant.cluster.pzt.dev.perfsec.com",
"reg-code": "Hx7eZVvvzT",
"nw-interface": "internal"
}'
Response
{
"success": "Successfully triggered registration"
}
Delete nSA registration
Copy
Request
curl -X 'DELETE' \
'https://<ics-ip>/api/v1/nsa/register' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"success": "Successfully Cleared Ivanti Neurons for Secure Access Configuration"
}
Test Connectivity of a Cluster Node
Tests connectivity for configured auth-servers, node IP and DNS.
Copy
Request
curl -X 'POST' \
'https://10.10.10.10/api/v1/system/platform?operation=testConnectivity' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"node": "test1"
}'
Response
{
"result": [
"Destination host 10.204.63.254 used as Gateway Address is responding",
"Destination host 10.64.0.10 used as DNS Server is responding",
"Destination host 10.20.20.20 used as Radius Server is not responding",
"Destination host 10.30.30.30 used as NIS Server is not responding",
"Destination host 10.40.40.40 used as LDAP Server is not responding",
"Destination host a.com used as MDM Server is not responding"
]
}
Client Configuration
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/pulse-client?operation=assume-ownership' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"configs": [
"Default",
"ISAOne"
]
}'
Response
{
"result": {
"info": [
{
"message": "Client configuration table updated successfully."
}
]
}
}
Retrieve Pulse One Status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/pulse-one' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"credentials-exchange-time": "2023-12-21T12:34:56",
"hashing-algorithm": "sha256",
"client-device-id": "abc123",
"notification-url": "https://example.com/notification",
"registration-status": "connected",
"notification-channel-status": "in-progress"
}
Actions on Pulse One
Perform actions on Pulse One
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/pulse-one' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"action": "renegotiate-credentials"
}'
Response
{
"result": {
"info": [
"Successfully triggered action with Pulse One"
]
}
}
Fetch SNMP Details
Fetch the content of MIB File
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/snmp/download-mib' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"snmp-mib-log": "UFVMU0VTRUNVUkUtUFNHLU1JQiBERUZJTklUSU9OUyA6Oj0gQkVHSU4KICAgICAgICBJTVBPUlRTIAogICAgICAgIAlOT1RJRklDQVRJT04tVFlQRSwgTU9EVUxFLUlERU5US VRZLCBlbnRlcnByaXNlcwogICAgICAgIAkJRlJPTSBTTk1QdjItU01JCiAgICAgICAgCU5ldHdvcmtBZGRyZXNzCiAgICAgICAgCQlGUk9NIFJGQzExNTUtU01JCiAgICAgIC AgCUlwQWRkcmVzcwogICAgICAgIAkJRlJPTSBSRkMxMTU1LVNNSTsKICAgICAgICAKcHVsc2VzZWN1cmUtZ2F0ZXdheSBNT0RVTEUtSURFTlRJVFkKICAgIExBU1QtVVBEQVR FRCAiMjAyMjA1MDkxNjMzWiIKICAgIE9SR0FOSVpBVElPTiAiUHVsc2UgU2VjdXJlIgogICAgQ09OVEFDVC1JTkZPICAgIAoJICJJbnRlcm5ldDogaHR0cHM6Ly93d3cucHVs c2VzZWN1cmUubmV0IgogICAgREVTQ1JJUFRJT04KCSJUaGlzIGZpbGUgZGVmaW5lcyB0aGUgcHJpdm...."
}
Fetch SNMPv3 Details
To fetch the agent engine id and trap engine id details.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/snmpv3' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"agent-engine-id": "0x800030f405a927fbb86f048665",
"trap-engine-id": "0x800030f405a927fbb86f048665"
}
Fetch System Overview Status and NTP Status
To fetch the System Overview page details
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/status/overview' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"active-sync-connections": 0,
"cluster-member-status": [
{
"enabled": false,
"name": "localhost2",
"notes": "Disabled",
"status-code": "0x8001"
}
],
"concurrent-connections-for-authorization-only-access": 1,
"last-config-update": {
"device": "Sat Dec 23 05:06:21 2023"
},
"logging-disk": "0% Full",
"max-licensed-users": 2,
"signed-in-users": {
"default-network": 1,
"device": 1
},
"system-date-and-time": "Fri Dec 22 15:15:41 2023",
"uptime": {
"days": 9,
"hours": 14,
"minutes": 47,
"seconds": 4
}
}
To Fetch the NTP Status
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/status/ntp' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"ntp-server-status": {
"216.239.35.0": {
"delay": "93.425",
"jitter": "2188.68",
"offset": "-9852.2",
"pool": "8",
"reach": "377",
"refid": ".GOOG.",
"remote NTP Server": "216.239.35.0",
"stratum": "1",
"type": "u",
"when": "5"
}
}
}
Restore Factory Defaults for User Role UI Options
To restore UI Options factory defaults for given user role.
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/user-roles/Test?operation=restoreFactoryDefaults' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-d ''
Response
{
"result": {
"info": [
{
"message": "Successfully restored factory defaults: Users"
}
]
}
}
Delete User Records
Delete user records using REST API
Copy
Request
curl -X 'POST' \
'https://<ics-ip>/api/v1/system/delete-records' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"cleanup-limit": 2,
"max-limit": 2
}'
Response
{
"result": {
"info": [
{
"message": "Successfully deleted user records."
}
]
}
}
Fetch Source IP of Interfaces
Fetch the source IPv4 and IPv6 addresses of VLAN
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/user-roles/vlansourceip' \
-header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06
-H 'accept: application/json'
Response
{
"Internal Port IP": "Interface IP (10.204.62.218|fd70:1889:79fb:63::acc:3eda)",
"vlan0-int0": "Interface IP (10.204.62.118)"
}
Sample Error Responses
400 BAD REQUEST
Copy
Request
PUT /api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/rule1 HTTP/1.1
Host: <IP Address>
Authorization: Basic Y1VPZE1XZ1ZubVEvVnIrcWwrd3lJY3F0Y05WTGhDVkx1M0wrdk5YR3hzVT06
Content-Type: application/json
{
"name": "rule1",
"roles": [
"Users"
],
"stop-rules-processing": "false",
"user-name": {
"test": "is",
"user-names": [
"*",
]
}
}
Response
HTTP/1.1 400 BAD REQUEST
content-length: 92
content-type: application/json
{
"message": "The browser (or proxy) sent a request that this server could not understand."
}
Solution: Invalid JSON body content in Request. Please check if JSON is valid.
Copy
Request
PUT /api/v1/configuration/users/user-roles/user-role/rest-userrole-1 HTTP/1.1
Host: <IP Address>
Authorization: Basic MVhDbDJTSUhkV3ZjUkd6WXM1T1V3MU5wbHNmemJPbTJxSHI2NVZCdXp5bz06
{
"name": "rest-userrole-1",
"web": {
"web-bookmarks": {
"bookmark": [
{
"auto-allow": "disable",
"description": "",
"name": "web-bm-1",
"new-window": "false",
"no-address-bar": "false",
"no-tool-bar": "false",
"parent": "--none--",
"standard": {
"url": "http://www.yahoo.com"
}
}
]
},
"web-options": {
"browsing-untrusted-sslsites": "true",
"flash-content": "false",
"hpxproxy-connection-timeout": "1800",
"http-connection-timeout": "240",
"java-applets": "true",
"mask-hostname": "false",
"persistent-cookies": "false",
"rewrite-file-urls": "false",
"rewrite-links-pdf": "false",
"unrewritten-page-newwindow": "false",
"user-add-bookmarks": "false",
"user-enter-url": "false",
"users-bypass-warnings": "false",
"warn-certificate-issues": "true",
"websocket-connection-timeout": "900"
}
}
}
Response
HTTP/1.1 400 BAD REQUEST
Content-Length: 99
Content-Type: application/json
{
"result": {
"errors": [
{
"message": "Accepts only JSON."
}
]
}
}
Include the “Content-Type” header in the request with a value “application/json” as used in the examples above.
403 Forbidden
Copy
Request
GET /api/v1/auth HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW5kYjpkYW5hMTIz
Content-Type: application/json
Response
HTTP/1.1 403 Forbidden
cache-control: no-store
connection: Keep-Alive
content-type: text/html; charset=utf-8
expires:-1
keep-alive: timeout=15
strict-transport-security →max-age=31536000
transfer-encoding: chunkedSolutions:
1.Make sure admin user used for authentication has "Allow access to REST APIs" option enabled frm admin UI
2.Admin Username and Password passed in Authorization header are correct
3.If api_key is available, use api_key value as username and password as empty in authorization header
404 NOT FOUND
Copy
Request
GET /api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule HTTP/1.1
Host: <IP Address>
Authorization: Basic Y1VPZE1XZ1ZubVEvVnIrcWwrd3lJY3F0Y05WTGhDVkx1M0wrdk5YR3hzVT06
Response
HTTP/1.1 404 NOT FOUND
content-length: 213
content-type: application/json
{
"result": {
"errors": [
{
"message": "Invalid resource path; use \"users/user-realms/realm/testRealm/role-mapping-rules/rule/<resource-id>\" to access a specific resource"
}
]
}
}
Solution: Resource-id should be passed in Resource path as shown in example below.
Copy
Request
GET /api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/rule1 HTTP/1.1
Host: <IP Address>
Authorization: Basic Y1VPZE1XZ1ZubVEvVnIrcWwrd3lJY3F0Y05WTGhDVkx1M0wrdk5YR3hzVT06
Response
HTTP/1.1 200 OK
content-length: 167
content-type: application/json
{
"name": "rule1",
"roles": [
"Users"
],
"stop-rules-processing": "false",
"user-name": {
"test": "is",
"user-names": [
"*"
]
}
}
Solution: Invalid JSON body content in Request. Please check if JSON is valid.
422 UNPROCESSABLE ENTITY
Copy
Request
POST /api/v1/configuration/users/user-realms/realm/testRealm/role-mapping-rules/rule/ HTTP/1.1
Host: <IP Address>
Authorization: Basic Y1VPZE1XZ1ZubVEvVnIrcWwrd3lJY3F0Y05WTGhDVkx1M0wrdk5YR3hzVT06
Content-Type: application/json
{
"name": "rule2",
"roles": [
"Users",
"testRole1"
],
"stop-rules-processing": "false",
"user-name": {
"test": "is",
"user-names": [
"user1"
]
}
}
Response
HTTP/1.1 422 UNPROCESSABLE ENTITY
content-length: 368
content-type: application/json
{
"result": {
"errors": [
{
"message": "[/users/user-realms/realm[name=testRealm]/role-mapping-rules/rule[name=rule2]/roles] Invalid reference: no 'User Roles' object found with identifier 'testRole1'."
},
{
"message": "Failed to resolve path references"
},
{
"message": "Commit failed"
}
]
}
}
Solution: Make sure to have all the referenced resources are created first using POST call and then repeat.
Limitations
1.Configuration of large data objects is not qualified- ESAP, Client package, Custom Sign-in page, applets, and so on.
2.Resource names similar to resource tags e.g. vlans, roles, etc. should be avoided while creating new resources.