ICS/ IPS Configurations Using REST APIs
Session Management
Getting Active Sessions
To Get details of up to 200 active users. To fetch next set of 200 active users use 'https://<ics-ip>/api/v1/system/active-users?number=200&start=201'.
By default, the gateway retrieves a maximum of 200 users per request.
The field is-last-recordcan be used in script to get the list of all the active users in a loop. Is-last-record set to false, if there are more users. It sets to true, when the gateway returned the last list of users.
Copy
Request
curl -X 'GET' \
'https://<ics-ip>/api/v1/system/active-users?number=200&start=0' \
--header 'Authorization: Basic dmt5M3ZjZmNpcWZqejd0ZCt1eWsveXRJYlM4VkIzK0kwdHhlVUpZUGRyRT06'
-H 'accept: application/json'
Response
{
"active-users": {
"active-user-records": {
"active-user-record": [
{
"active-secondary-user-name": null,
"active-user-name": "admindb",
"agent-type": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/118.0",
"authentication-realm": "Admin Users",
"browser-id": "2b420cd0c4fee298c621793205950c9c",
"device-id": null,
"endpoint-security-status": "Not Applicable\nPassed Policies: \nFailed Policies: \nEliminated Roles: ",
"events": 0,
"hc-failed-reasons": null,
"login-node": "localhost2",
"mac-address": null,
"network-connect-ip": null,
"network-connect-ipv6": null,
"network-connect-transport-mode": null,
"ngp-session-id": "8a1a7a0a7e",
"primary-auth-server-name": "Administrators",
"primary-auth-server-type": "Local Authentication",
"pulse-client-version": null,
"secondary-auth-server-name": null,
"secondary-auth-server-type": null,
"session-id": "sid1d84203295b2db0f880820e5435de02e775c2cab00000000",
"sign-in-time-micro": "1699317427.743783",
"source-ip": "10.97.4.153",
"user-roles": ".Administrators",
"user-sign-in-time": "2023/11/07 06:07:09"
},
{
"active-secondary-user-name": null,
"active-user-name": "user1",
"agent-type": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36",
"authentication-realm": "Users",
"browser-id": "c02a789746114cb426183cae3ade8513",
"device-id": null,
"endpoint-security-status": "Not Applicable\nPassed Policies: \nFailed Policies: \nEliminated Roles: ",
"events": 0,
"hc-failed-reasons": null,
"login-node": "localhost2",
"mac-address": null,
"network-connect-ip": null,
"network-connect-ipv6": null,
"network-connect-transport-mode": null,
"ngp-session-id": "173a229e9a",
"primary-auth-server-name": "System Local",
"primary-auth-server-type": "Local Authentication",
"pulse-client-version": null,
"secondary-auth-server-name": null,
"secondary-auth-server-type": null,
"session-id": "sid8d40db34996df948e870fb097b2b07c20555e8dc00000000",
"sign-in-time-micro": "1699327095.643966",
"source-ip": "10.96.224.53",
"user-roles": "Users",
"user-sign-in-time": "2023/11/07 08:48:15"
}
]
},
"total-matched-record-number": 2,
"total-returned-record-number": 2,
"user-login-permission": true
}
}Getting Particular Active Session Details
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/system/active-users?name=user2
Example:
curl -k -u K7Z7xA54AKnv1++kcViamCCiUrEBgMSP+sHKar4EcKY=: https://<ip address>/api/v1/system/active-users?name=user2
Response
Content-Type: application/json
{
"active-users": {
"active-user-records": {
"active-user-record": [
{
"active-user-name": "user2",
"agent-type": "Windows 7 Google Chrome",
"authentication-realm": "localrealm",
"endpoint-security-status": "Not Applicable\nPassed Policies: \nFailed Policies: \nEliminated Roles: ",
"events": 0,
"login-node": "localhost2",
"network-connect-ip": null,
"network-connect-transport-mode": null,
"session-id": "sid68377b6249d24784edfdd07edfe61ee9934b556100000000",
"user-roles": "localrealm",
"user-sign-in-time": "2018/08/23 11:46:15"
}
]
},
"total-matched-record-number": 1,
"total-returned-record-number": 1,
"user-login-permission": true
}
}
Deleting a Particular Active Session
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/system/active-users/session/sid6dc167193b66fef812ef3fdba62729e53f8499f0c25df3be -X DELETE
Example:
curl -k -u K7Z7xA54AKnv1++kcViamCCiUrEBgMSP+sHKar4EcKY=: https://<IP Address>/api/v1/system/active-users/session/sid6dc167193b66fef812ef3fdba62729e53f8499f0c25df3be -X DELETE
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/jsonDeleting All Active Sessions
Copy
Request
curl -k -u <api-key>: https://<ics-ip>/api/v1/system/active-users?all -X DELETE
Example:
curl -k -u K7Z7xA54AKnv1++kcViamCCiUrEBgMSP+sHKar4EcKY=: https://<IP Address>/api/v1/system/active-users?all -X DELETE
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
License Management
Querying Set of Leased Licenses in the License Server System
Copy
Request
GET /api/v1/license/license-server-lease-information HTTP/1.1
Host: <IP Address>
Authorization: Basic
c2czWUJmc1lyUjcwN2daSFh6RHdqME1YSnNhdDZmcXlaOVZKNFNSdStaZz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 2210
Content-Type: application/json
{
"leased-license-counts": {
"features": {
"feature": [
{
"clients": {
"client-info": [
{ "leased-count": 0,
"name": "client1"
}
]
},
"name": "Advanced Mobile License - Onboarding",
"total-count": 0
},
{
"clients": {
"client-info": [
{
"leased-count": 0,
"name": "client1"
}
]
},
"name": "Cloud Secure feature",
"total-count": 0
},
{
"clients": {
"client-info": [
{
"leased-count": 0,
"name": "client1"
}
]
},
"name": "Concurrent Meeting Users",
"total-count": 0
},
{
"clients": {
"client-info": [
{
"leased-count": 200,
"name": "client1"
},
{
"leased-count": 0,
"name": "client2"
}
]
],
"name": "Concurrent Users",
"total-count": 200
},
{
"clients": {
"client-info": [
{
"leased-count": 0,
"name": "client1"
}
]
},
"name": "Named Users",
"total-count": 0
},
{
"clients": {
"client-info": [
{
"leased-count": 0,
"name": "client1"
}
]
},
"name": "Premier Java Remote Desktop Applet",
"total-count": 0
}
]
},
"machine-id": "VASPMVKIT1NJNFPPS",
"query-summary": {},
"release-info": {
"build-number": "10124",
"version": "9.0"
},
"serial-number": null,
"signature":
"HMx/W0VhDAABAAAApoB/uSUYcwJSlk7HeXVMXK6+KsIPTrJnjXrUciJEef2EKWyqgbDGoXhzYaGDl6Ye29oOw2KRQlyCM/HRpIpujA==",
"time-stamp": "Fri Aug 24 14:43:00 2018"
}
}
Pulling State from a License Server on a License Client
Copy
Request
PUT /api/v1/license/license-client-lease-state HTTP/1.1
Host: <IP Address>
Authorization: Basic
OWZBcVNKUkRCcEdjSEVQY3A0aDZ2UnFwdjhXbExIYzUxRS91TVU1VnBnMD06
Content-Type: application/json
{
}
While using above URL (i.e., license-client-lease-state) by PUT operation, we provide empty JSON body as input, because PUT operation expects JSON body.
Response
HTTP/1.1 200 OK
Content-Length: 86
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Success"
}
]
}
}Certificate Management
Configuring Certificates based on CSR Workflow
Copy
Request
POST /api/v1/system/certificates/device-certificates HTTP/1.1
Host: <IP Address>
Authorization: Basic aWZuM2VmZVZTRU9YNVZkVVZ3eFpiYWdob3VCTndxZEkyaExubUcyVU5ibz06
Content-Type: application/json
{
"cert":"MIINzgIBAzCCDYoGCSqGSIb3DQEHAaCCDXsEgg13MIINczCCBgQGCSqGSIb3DQEHAaCCBfUEggXxMIIF7TCCBekGCyqGSIb3DQEMCgECoIIE9jCCBPIwHAYKKoZIhvcNAQwBAzAOBAjpYgwUOJOweAICB9AEggTQFjak4T3ftSlkdoiOtc/xvhSfrrkezsl09tN6tqyuVYWFQUZkpUIg4v2pU1zOvFOTPplnoVCmeiL2HX7OzuLPALcnSvGmaq61I+Y5dBWMmXMo+bs8sU36p6YS4D9Bq3VIMecAHwzc/30hPf+gaaoYSQiMuLa34CnNeFxPfxMlH0sXi1QeqaLAtMno5AMQW1/nHSAyJPwa5OWrJ5mkfHKh4kog893diYwo1mlIqlp7Qseza4+uosWAthih/jac1iDmlb03kjR+OQAukXFQ19ejvyrmMhcjhozARqwMgEj6I+JpdJPUxvwVytQ20Nj4lNDRnAb5sp1oAi0u5aN49afY6kRjNuKUeUkEmrpmumNJJufkDkKx1eqYOBOqQ50K1w9qFhEOaOLivGQa1IjzNyc+Bbs2TMw8RJWDsA7TVJhQKBcVjtIOSFzsVjyWJeI9VzB+iUbi+XCHYRQP0W6el6HWg2b31iNhMID5Lt2GWQOzT6iUVNlsZFoofyfXsZBY0JC6nsbvZVMRNBGXE2fEFA/qIga8Gn5E9zcIqibnXXW0jAOa+m3d+KRR49XaoAjgzpJ3ErqLVz1l/nGTix9W3H4mSHd9xX43h6Pbz0tGmu6l9nnWP/52y6/TMQQB5v0RHe0klj+uX00ZuezmmeYEapX+SObQrMqmnvTgWApf7FzulcvAIHomQ184MJzarNnhOpO1AQGESaa6tABtk2Yzpbm+g5SAgnjwxH0IjeF/kwapQttIYc1TM3qQ9EsPKqbpaQna4qETIRLI3R6GVNTBnG/g9M9MQh2MtnvonSOlpjDs+TtLoO+BtY9J2XSMK0wtXyONb67xjTRRsC1u1fAvP4RdyHpmM4JO3+VW1F4n8Vzl+RYrRj0sKja/jHm1ElZvhxJHbwEMFDSvFIqAVfQGQKy1iJWSjalNeO2TEPVJOf2o+TofnYDq4hk0tABVdWLRfmn3byi91+xioIOLputEGG8ZtoAdlPkag/lKBnWa37z3eHnfQC9qWU8dcONBQo/HFxupj482jQa7lUg3fp7apM4CuDQEgJWYNS4/Z+5+zEqq9q+/w9ke5Y/a/5ukeP9HRS3xpeEe56qb98qPx3dXSSDgXtD1L6r48Dl+4ISYmLEl0yFwXtJ3vuYk5NiUjmZsuI1tnLQoxim5z6NUZ5/7G04mG/BzAX3qT74MlRzVDa7uZdJPyJLyTGUtidn562HvYnrGtO9P+08OH6c2Dp4eOgNQCrhPP51ZHd9VNo0nyqtZmZ0E4oHN4G7ud+6fwIvaSF9gpw1iTWAF5122dr1llAe3ZFPs5bzv7jrfY7LGuTh+l003MshmtYZAiw8nM1ODm4HstQsSxHWVb+WK4uiorvhq2cplJ+71rGQI/kCM8hdZJOUYzsrnQXQUn/rS1O0w9VAP88SG9mJiQynoX4+BKYtnn4XE4D3tEFUygD2RmG2GdeGBjOeHh/KeMrXk2z9oLEn7CaDeZQCp/7wGdDLfb/nAkmyiO6DWkPZzDAzGdSDd0gRTkY4LdtyjPTkeADN+wXvjh6tutjgWgHEHI3xnvMan1/rzZV80SGpbqWFEcLCk158YuprYqVRN2CmJCILoVbUaay6Vq9jaHkIkT3lxzU6UkNTKxqo3Rhad9StfxCRqlrYxgd8wEwYJKoZIhvcNAQkVMQYEBAEAAAAwXQYJKoZIhvcNAQkUMVAeTgBsAGUALQA2AGMANQA0AGUAMABjADQALQAyAGYANQBkAC0ANABjAGYAMAAtAGEAYwBiAGUALQBhADAAYgBjAGUAZgA4AGIAYgA4AGEAMzBpBgkrBgEEAYI3EQExXB5aAE0AaQBjAHIAbwBzAG8AZgB0ACAAUgBTAEEAIABTAEMAaABhAG4AbgBlAGwAIABDAHIAeQBwAHQAbwBnAHIAYQBwAGgAaQBjACAAUAByAG8AdgBpAGQAZQByMIIHZwYJKoZIhvcNAQcGoIIHWDCCB1QCAQAwggdNBgkqhkiG9w0BBwEwHAYKKoZIhvcNAQwBBjAOBAgQOOB7+SpClQICB9CAggcgKOhImrEmUqPOG8XR59tFV0HOdvnlfzxI7aM6PnAgwPiMSxa6e69kZ/DCeY5V5XZkfW+nYAZvgGuZw26oLgVz14T/j0Z3kYTKcn1Mx+gvj5coadwfR21HirvwyndeXKJ6w1Yh4omK/x4891AFgvKizeeOewczIGmWCqQh81HUgiR8aAfLU2neKxcLoGOfhQnN5k/SSKsBTuUBQ80zGiXh+48xS4CTzE8vEyDXyQqE09sqxoDtWTw7U5cV8qXwpgy+FSb4c/Y/RCggTqmCL+NwSMCvhEGfKSq9ZwJvniEpsQ1mHzK/e4ZRQH/C+eNCccV/6zR5onNbZ0fpVTGDCCG0Z9705zzGur5z83CGy53fcHS2fdoQP6kqps7VeKbym2NBBT6tx9ZD4Ue988EQwkM0dw/7/9resv6VnL+T9prJJq7pEPKyl8ocTSTPbINsSJ8f6z+R01/cxOnpyZ3pe2kWneC0xVUeTCsfip5DEbOfgaCy4omJstlx57Z5GQrVfsO1V21NjY6i0Ev7e2AGyn+Kq2ZcrTBzijQpoA0djljaFodkBVPwROkXCEjScfV/YjURTSgVcv1F1k/OyVf3EDcTXzjtOEuvkLrYsBANzAtcchE7tMlJdVlDv4lA5nudd1plgQkwp911LOM5AieKMGuaSFLCq0RNTho61AFTeEOCgK1uDoRtac+TtgzrAyQGpUwQ/j/CFzy2yhQzSg2+nOFDA4D2I2Bw3SyMVAw45NtPPYnoplY9j0iRPfSOUzbHqULI8PvRyICY3EhIv7MVzG812TMD1WOvZzaNonSB4plj+rq+aL6YHl5O3/AQ5v/n3b/ebrKDSSTYROC1nVfxxwF+nLTMeCPumAfb8JWdAmOvsUmyd8j8b6CgE2fMsR6yzZMmTcdispYe1r+at4hd7v57K2JKcTKffS23zU9QZ6w30+soSr4dKhXVKoFny8pGZkgA5Dd5ksytKJgKJHM5Z6yRij8cc0WwPrqK9jZvFxq0+t8rAFUA1QRbM6nnwF4g6z2vMdEtUYtnNXIZIWe5E6YJ1mxzn26dFAt2AnM8MelPSNVaxVqhoCZAZOdRmhYXg4uT+4rMazBXJ7txtCNsQd/sW4WpOp9jzRoANfhxK2uKkfRS62216u6hCoVCMj5D7UjB/4S80NZIwa67cikY/89t4vEZbwvS0dLQ2CMiQVeeUFTo4Hq32RaVRPhIJql0MH/fyMIvSfqEoMUnY/D/26rKnivVp9XZdyd2ZKMV5nNFtbwC6UhhQ76PwKRg5GsOuDjUxHzy0DXIgTcSuZWUeuDNM0iyVZ2LVCRPyTWAiur0nepcn1nVcehlxddqGSu1AWSqmOODMmwymtm6mDKAvLnN8qjpL742bTIHkmxtUvoNxrgT4i+0jwGWlGNy6sx3JAXIYZv85xt+cV5KDvmF822w6CtUs5l8lWvBdAC6WD+wmnQzGsqvSbj9jLLKFxOtLYs863dDDtENdZIytrCKjEKNloY8X0flN1fczguZ8ssBa6XWQ4hjgwanpjBsvReJZcWogUFqYuXtZUB/mIUSZyNSIFwCO4cWa4vqE4P1Pjl56jnIdpqwgqaljHTm7WsCEIbgdBfyJp75/vJR/A4PAJcsZmFfIayNwM/zePFhZp0UdxrnoptZfsF4XspgZEPbHyxmfQG7f8sfAQq0iQlH0kpaBD3VuTrudgOfFbVfrjim8UXUNhKpYSgy3GWeHXadrOHsOZ0Yj0a/AY5Wwny7RJAZO00UCMLGRVFxYjj9RQvCPphejNVmhLNqlT3dqEczH3TptR4xILuoXC6sQkViBhV7dEp0nVzA6jUzCGOnYmCWi7/N6+bD1XHC6dg76igIUHHiJz0jqHfIoxqAak+72Iv706QtVMyI+Cpe4FLRqhoNUJpHAT7+5EOq2WqWXB+KXk5/Wh7/CIo6pZsAuEAU0elDDz/mex2oUfigYvtywFPBo0fWzTqkWvP7Pl8E5wudKl9Q+JYoNZVaapChTDJF9/OoVE1g0rrQ5nxzKQRrTbtekZSJ5j66p107ux2R+Q7MpRsmwT8ERgW8CexPHOAIKAWSBpWaT6ogh1MletHIK++ShXSIRa3NbDjrwkU8q0E9wlCUyAfXnQv4pTQaGHadF/j2F2foMBAW2Jgh1KP9UgB54K+KLRjoIFcEUqqh+j42bh2/c0jAppJtWNgn2jFQzuK2I3E0MVVNOEPJmEvpDXM1DZZhFNxeL8D+LfMn1B4zNTdngE0arUOspr72Rm0Rx43OcU0w/nkL6DckhvIZdco4PSLLXJeBW/fBc2Ws04/qxEKwreGwCr3fM17X4HZtCRJOsVj0Bg6JAp3f30Os55bjQanFubM9YFZrC6rGnKshyiUIFutMPwzbuIWCWQP29TnlSJWk91C0jb2oy6/2O9o7U78grLvGllSyynqehN8TLxP9MDswHzAHBgUrDgMCGgQU9XDxDBt/loGEHzU/DE0xAa6823YEFFmEIfAiPtILVXcDNuDn0rU1xc24AgIH0A==",
"password": <certifcicate_password>,
"internal-interfaces": { "internal-interface" : ["<Internal Port>", "vport1"] },
"external-interfaces": { "external-interface" : ["<External Port>"] },
"management-interface": true
}
Response
HTTP/1.1 201 CREATED
Content-Length: 112
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
]
}
}
Creating a CSR for a Device Certificate
Copy
Request
POST /api/v1/system/certificates/device-certificate-csrs HTTP/1.1
Host: <IP Address>
Authorization: Basic aWZuM2VmZVZTRU9YNVZkVVZ3eFpiYWdob3VCTndxZEkyaExubUcyVU5ibz06
Content-Type: application/json
{
"subject-common-name": "QA.pcs.company.com",
"key-type": "ECDSA",
"ecc-curve": "P-384"
}
Response
HTTP/1.1 201 OK
Content-Length: 266
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Created CSR 'CSR_164' successfully"
},
{
"message": "Use POST /api/v1/system/certificates/device-certificate-csrs/CSR_164/certificate to upload the signed certificate"
}
]
}
}
Deleting Device Certificate by Its Subject Name
Copy
Request
DELETE /api/v1/system/certificates/device-certificates/srikrsa.test.saqacertserv.com HTTP/1.1
Host: <IP Address>
Authorization: Basic aWZuM2VmZVZTRU9YNVZkVVZ3eFpiYWdob3VCTndxZEkyaExubUcyVU5ibz06
Content-Type: application/json
Response
HTTP/1.1 204 NO CONTENT
Content-Length: 0
Content-Type: application/json
System Information and Operations
Getting System Information
Copy
Request
GET /api/v1/system/system-information HTTP/1.1
Host: <IP Address>
Authorization: Basic aWZuM2VmZVZTRU9YNVZkVVZ3eFpiYWdob3VCTndxZEkyaExubUcyVU5ibz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 193
Content-Type: application/json
{
"rollback-partition-information": {
"build": "2330",
"os-name": "ive-sa",
"os-version": "9.1R2"
},
"software-inventory": {
"software": {
"build": "4520",
"name": "IVE-OS",
"type": "operating-system",
"version": "9.1R4"
}
},
"system-information": {
"hardware-model": "ISA4000-V",
"host-name": "localhost2",
"os-name": "ive-sa",
"os-version": "9.1R4",
"serial-number": "VASPHJPEG824R1U0S"
}
}Retrieving Serial Number and Machine ID
Copy
Request
GET /api/v1/system/system-information HTTP/1.1
Host: <IP Address>
Authorization: Basic czM3MzVDTFVYbnFObFR5NHdNSTFES3piSDhrMTVwR0pLV2gwOTlMYmxhYz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 193
Content-Type: application/json
{
"rollback-partition-information": {
"build": "5801",
"os-name": "ive-sa",
"os-version": "9.1R6"
},
"software-inventory": {
"software": {
"build": "6087",
"name": "IVE-OS",
"type": "operating-system",
"version": "9.1R7"
}
},
"system-information": {
"cluster-node": {},
"hardware-model": "ISA-4000",
"host-name": "node1",
"machine-id": "0312MB24A0EZ504VS",
"os-name": "ive-sa",
"os-version": "9.1R7",
"serial-number": "0312022017100103"
}
}
Getting Health Check Status
Enable Additional Information via health_check.cgi under Configuration > Security > Health Check Options. You also need to add the IP address from which the request will originate to the allowed list.
Copy
Request
GET /api/v1/system/healthcheck
Host: <IP Address>
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"message": "Security Gateway is accessible."
}
Request
GET /api/v1/system/healthcheck?status=all HTTP/1.1
Host: <IP Address>
Content-Type: application/json
Response
Content-Type: application/json
{
"CPU-UTILIZATION4": 8,
"SSL-CONNECTION-COUNT": 0,
"MAX-LICENSED-USERS-REACHED": "NO",
"SWAP-UTILIZATION": 1,
"DISK-UTILIZATION": -1,
"USER-COUNT": 0,
"VPN-TUNNEL-COUNT": 0
}
User Realms
Realm-based Administrator User Using Administrator Local Authentication Server
Copy
Request
POST /api/v1/realm_auth HTTP/1.1
Host: <IP Address>
Authorization: Basic YWRtaW4xOmRhbmExMjM=
Content-Type: application/json
{
"realm": "<realm-name>"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"api_key": "MjUwOGQyNzAyOWU3MWQ2MzNiMTM2Njg2MzAwNDg3MjU="
}
Realm-based Administrator User Using AD Authentication Server
Copy
Request
POST /api/v1/realm_auth HTTP/1.1
Host: <IP Address>
Authorization: Basic bmF6ZWVyOlBzZWN1cmUxMjMk
Content-Type: application/json
{
"realm": "AdminADRealm"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"api_key": "ODRjOTcxOTY5ZTlmYTcwY2QwYzk1ZDBjMWQ5N2RmN2Q="
}
Realm-based Administrator User Using LDAP Authentication Server
Copy
Request
POST /api/v1/realm_auth HTTP/1.1
Host: <IP Address>
Authorization: Basic bmF6ZWVyOlBzZWN1cmUxMjMk
Content-Type: application/json
{
"realm": "LDAPRealm"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"api_key": "ZTQxNTIxOTJhNmUwMjg3MWI5MjZkYmE1MGM0MzdiMDI="
}
Realm-based Administrator User Using Radius Authentication Server
Copy
Request
POST /api/v1/realm_auth HTTP/1.1
Host: <IP Address>
Authorization: Basic amFjazpqdW5pcGVy
Content-Type: application/json
{
"realm": "RadiusAdminRealm"
}
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"api_key": "MGMzZjJkZDZlYmRlYzg0MDE5NzkwYzE1ZGM5MmQyYTQ="
}
Realm-based Administrator User from a Particular Source IP
Copy
Request
PUT /api/v1/configuration/administrators/admin-realms/realm/AdminLocalAuthRealm/authentication-policy/source-ip/customized HTTP/1.1
Host: <IP Address>
Authorization: Basic T1dFM056VTBPVEl5T0dFeU16WXpOakU0WVRFek9EWXhOamRoTVdVNFpqYz06
Content-Type: application/json
{
"customized": "selected-ip"
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type →application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Request
POST /api/v1/configuration/administrators/admin-realms/realm/AdminLocalAuthRealm/authentication-policy/source-ip/ips/ip HTTP/1.1
Host: <IP Address>
Authorization: Basic T1dFM056VTBPVEl5T0dFeU16WXpOakU0WVRFek9EWXhOamRoTVdVNFpqYz06
Content-Type: application/json
{
"access": "allow",
"address": "<IP Address>",
"netmask": "255.255.255.255"
}
Response
HTTP/1.1 201 CREATED
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Realm-based Administrator Authorization Role Mapping to Administrator Role
Copy
Request
PUT /api/v1/configuration/administrators/admin-realms/realm/AdminADRealm/role-mapping-rules HTTP/1.1
Host: <IP Address>
Authorization: Basic TldVNFl6TmtOVEZqTkRFek1EUXdPVGRoTlRrMk9UWTBaR0l3TkRnM1ptST06
Content-Type: application/json
{
"user-selects-role": "false",
"rule": [
{
"roles": [
".Administrators"
],
"stop-rules-processing": "true",
"group": {
"group-names": [
"PCS-QA/systems"
]
},
"name": "AdminADRoleMapping"
}
],
"user-selects-roleset": "false"
}
Response
HTTP/1.1 200 OKContent-Length: 124Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Specifying Session Validity for REST Admin Session
Copy
Request
PUT /api/v1/configuration/administrators/admin-roles/admin-role/%2EAdministrators/general/session-options HTTP/1.1
Host: <IP Address>
Authorization: Basic TldVNFl6TmtOVEZqTkRFek1EUXdPVGRoTlRrMk9UWTBaR0l3TkRnM1ptST06
Content-Type: application/json
{
"idle-timeout": "5"
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Auth Servers
Getting Active Directory Search Groups
Copy
Request
GET /api/v1/configuration/authentication/auth-servers/auth-server/ADServer/ad/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 294
Content-Type: application/json
{
"ad-group": [
{
"group": "ICS-QA/core",
"name": "ICS-QA/core",
"sid": "S-1-5-21-3875260349-1888520165-453808128-1112"
},
{
"group": "ICS-QA/systems",
"name": "ICS-QA/systems",
"sid": "S-1-5-21-3875260349-1888520165-453808128-1108"
}
]
}Adding Search Group to Active Directory
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/ADServer/ad/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic
RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"ad-group": [
{
"group": "ICS-QA/systems",
"name": "ICS-QA/systems"
},
{
"group": "ICS-QA/core",
"name": "ICS-QA/core"
}
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Updating Active Directory Group
To update a group, first get already available list using GET operation and append new group to it before PUT.
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/ADServer/ad/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic
RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"ad-group": [
{
"group": "ICS-QA/core",
"name": "ICS-QA/core",
"sid": "S-1-5-21-3875260349-1888520165-453808128-1112"
},
{
"group": "ICS-QA/systems",
"name": "ICS-QA/systems",
"sid": "S-1-5-21-3875260349-1888520165-453808128-1108"
},
{
"group": "PCS-QA/client",
"name": "PCS-QA/client",
"sid": "S-1-5-21-3875260349-1888520165-453808128-1113"
}
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting Active Directory Groups
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/ADServer/ad/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic
RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"ad-group": [
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Getting All LDAP Group List
Copy
Request
GET /api/v1/configuration/authentication/auth-servers/auth-server/LDAPServer/ldap/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
Adding Groups to LDAP
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/LDAPServer/ldap/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"user-group": [
{
"dn": "CN=Administrators,CN=Builtin,DC=pcs-qa,DC=blrlab,DC=net",
"group-type": "static",
"name": "Administrators"
},
{
"dn": "CN=Users,CN=Builtin,DC=pcs-qa,DC=blrlab,DC=net",
"group-type": "static",
"name": "Users"
}
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Updating LDAP Source Group
To update a group, first get already available list using GET operation and append new group to it and then perform PUT operation.
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/LDAPServer/ldap/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"user-group": [
{
"dn": "CN=Administrators,CN=Builtin,DC=pcs-qa,DC=blrlab,DC=net",
"group-type": "static",
"name": "Administrators"
},
{
"dn": "CN=Users,CN=Builtin,DC=pcs-qa,DC=blrlab,DC=net",
"group-type": "static",
"name": "Users"
},
{
"dn": "CN=Guests,CN=Builtin,DC=pcs-qa,DC=blrlab,DC=net",
"group-type": "static",
"name": "Guests"
}
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Deleting LDAP Source Group
Copy
Request
PUT /api/v1/configuration/authentication/auth-servers/auth-server/LDAPServer/ldap/server-catalog/groups HTTP/1.1
Host: <IP Address>
Authorization: Basic RU9jaHYwdmlqVnJibDBqeE9obTlYZDVOdHhVS2FMeSttVzBqL1pKUXh6bz06
Content-Type: application/json
{
"user-group": [
]
}
Response
HTTP/1.1 200 OK
Content-Length: 124
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Operation succeeded without warning or error!"
}
]
}
}
Clustering and High Availability
Creating a Cluster
Copy
Request
PUT /api/v1/cluster HTTP/1.1
Host: <IP Address>
Authorization: Basic TldVNFl6TmtOVEZqTkRFek1EUXdPVGRoTlRrMk9UWTBaR0l3TkRnM1ptST06
Content-Type: application/json
{
"cluster-name": "cluster1",
"cluster-password": "dana123",
"member-name": "nodeA",
"action": "create"
}
Response
HTTP/1.1 200 OK
Content-Length: 118
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Created cluster 'cluster1' successfully"
}
]
}
}
Adding a Member to Cluster
Copy
Request
POST /api/v1/cluster/members HTTP/1.1
Host: <IP Address>
Authorization: Basic THI5bmxreU50UE04MWJ6OHRhbjhFMW1PYTVuV3V5MG5XN0oyNmNWcTRhbz06
Content-Type: application/json
{
"member-name" : "node225",
"member-ip" : "<IP Address>",
"member-netmask" : "<IP Address>",
"member-gateway" : "<IP Address>",
"member-external-ip" : "<IP Address>",
"member-external-netmask" : "<IP Address>",
"member-external-gateway" : "<IP Address>"
}
Response
HTTP/1.1 200 OK
Content-Length: 125
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Added member 'node225' to cluster successfully"
}
]
}
}
Getting Cluster Status
Copy
Request
GET /api/v1/cluster HTTP/1.1
Host: 10.209.114.228
Authorization: Basic TWN2cUEzbFRYQXcySjBSbGpKWTAzdk1oa2RiTDFLUVJDUjNNdlQ0UlRJdz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 619
Content-Type: application/json
{
"members": [
{
"enabled": true,
"external-ip": "",
"external-network": "",
"internal-ip": "<IP Address>",
"internal-netmask": "<IP Address>",
"name": "node225",
"notes": "Enabled, Unreachable",
"status-code": "0x18"
},
{
"enabled": true,
"external-ip": "<IP Address>",
"external-network": "<IP Address>",
"internal-ip": "<IP Address>",
"internal-netmask": "<IP Address>",
"name": "nodeA",
"notes": "Leader",
"status-code": "0x19004"
}
],
"mode": "Active/Active",
"name": "cluster1"
}
{
"external-vip-ipv4": "<IP Address>",
"external-vip-owner": "node-51-39",
"internal-vip-ipv4": "<IP Address>",
"internal-vip-owner": "node-51-39",
"members": [
{
"enabled": true,
"external-ip": "<IP Address>",
"external-netmask": "<IP Address>",
"internal-ip": "<IP Address>",
"internal-netmask": "<IP Address>",
"name": "node-51-39",
"notes": "Leader",
"status-code": "0x1b004"
},
{
"enabled": true,
"external-ip": "<IP Address>",
"external-netmask": "<IP Address>",
"internal-ip": "<IP Address>",
"internal-netmask": "<IP Address>",
"name": "Node-something",
"notes": "Enabled, Unreachable",
"status-code": "0x18"
}
],
"mode": "Active/Passive",
"name": "TEST-CLUSTER"
}
Deleting Cluster Member
Copy
Request
DELETE /api/v1/cluster/members/node225 HTTP/1.1
Host: <IP Address>
Authorization: Basic TWN2cUEzbFRYQXcySjBSbGpKWTAzdk1oa2RiTDFLUVJDUjNNdlQ0UlRJdz06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 129
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Removed member 'node225' from cluster successfully"
}
]
}
}
Joining a Cluster
Copy
Request
PUT /api/v1/cluster HTTP/1.1
Host: <IP Address>
Authorization: Basic SkUyV1BaVjRjcGxleElRMnNiZXpYajE2dEVIUm9Oa05WWDdRWHh3MmpJZz06
Content-Type: application/json
{
"cluster-name": "cluster",
"cluster-password": "xxxxx",
"member-address": "<IP Address>",
"action": "join"
}
Response
HTTP/1.1 200 OK
Content-Length: 116
Content-Type: application/json
{
"result": {
"info": [
{
"message": "Joined cluster 'cluster' successfully"
}
]
}
}
VIP Failover
Copy
Request
PUT /api/v1/cluster
Host: <IP Address>
Authorization: Basic SkUyV1BaVjRjcGxleElRMnNiZXpYajE2dEVIUm9Oa05WWDdRWHh3MmpJZz06
Content-Type: application/json
{
"action": "vip-failover"
}
Response
In case of active-passive cluster:
{
"result": {
"info": [
{
"message": "VIP fail-over initiated"
}
]
}
}
In case of active-active cluster:
{
"result": {
"info": [
{
"message": "Node not part of an Active-Passive cluster. Invalid operation."
}
]
}
}
Config Management
Backing Up Binary Configuration
Exports system and user configurations into one file as shown in the code snippet. To export them individually use the following, Password is optional in 22.7Rx.:
Export using GET in 22.7Rx
To export only system config use GET api/v1/system/binary-configuration?export=system_config&password=<password>
To export only user config use GET api/v1/system/binary-configuration?export=user_config&password=<password>
Copy
Request
curl --location 'https://{{ics_ip}}/api/v1/system/binary-configuration' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...
With Password
Request
curl --location 'https://{{ics_ip}}/api/v1/system/binary-configuration?password={{strong_password}}' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...Export system config only
Copy
Request
curl --location 'https://<ics-ip>/api/v1/system/binary-configuration?export=system_config' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...
With password
Request
curl --location --globoff 'https://<ics-ip>/api/v1/system/binary-configuration?export=system_config&password={{strong_password}}' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...Export user config only
Copy
Request
curl --location 'https://<ics-ip>/api/v1/system/binary-configuration?export=user_config' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...
With Password
Request
curl --location 'https://{{ics_ip}}/api/v1/system/binary-configuration?export=user_config&password={{strong_password}}' \
--header 'Authorization: ••••••'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...Export using POST in 22.8Rx/25.x
GET method for this API is no longer supported in ICS versions 22.8x/25.x. Please use POST instead.
To export only system config use POST api/v1/system/binary-configuration?export=system_config
To export only user config use POST api/v1/system/binary-configuration?export=user_config>
Copy
Request
POST
curl --location --globoff 'https://{{pcs_ip}}/api/v1/system/binary-configuration' \
--header 'Content-Type: application/json' \
--header 'Authorization: ••••••' \
--data '{
"password" : "{{strong_password}}"
}'
Response
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
W8hY3PLQ9CJHMrFSBFtgyTX2at85MGCsupxd2gOQQ9e138KrI2hBoywDzCJiRUSU
...Restoring Binary Configuration (import=normal)
The import normal mode will import the binary configuration excluding the IP, network configurations and cluster configuration. The normal mode is similar to default option in binary import.
Import config in 22.7Rx
Copy
Request
curl --location --request PUT 'https://<ics-ip>/api/v1/system/binary-configuration?import=normal' \
--header 'Content-Type: text/plain' \
--header 'Authorization: ••••••' \
--data '<output from GET request>'
'
With Password
curl --location --request PUT 'https://{{pcs_ip}}/api/v1/system/binary-configuration?import=normal&password={{strong_password}}' \
--header 'Content-Type: text/plain' \
--header 'Authorization: ••••••' \
--data '<data from GET request>'
'
Response
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
]
}
}
Import config in 22.8Rx/25.x
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/system/binary-configuration?import=normal' \
--header 'Authorization: Basic WVRVeFltVXpZalF6TkRNME4yUmtaREkzWmpJMFpHTXpaVFJtWTJZME1ERT06' \
--form 'file=@"<path>"' \
--form 'password="1234"'
Response
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
]
}
}
Restoring Binary Configuration (import=full)
The import full mode will import everything from the binary configuration provided in the body.
Import full config in 22.7Rx
Copy
Request
curl --location --request PUT 'https://<ics-ip>/api/v1/system/binary-configuration?import=full' \
--header 'Content-Type: text/plain' \
--header 'Authorization: ••••••' \
--data '<output from GET request>'
Base64 configuration string as received in GET request
With Password
curl --location --request PUT 'https://{{pcs_ip}}/api/v1/system/binary-configuration?import=full&password={{strong_password}}' \
--header 'Content-Type: text/plain' \
--header 'Authorization: ••••••' \
--data '<data from GET request>'
Base64 configuration string as received in GET request
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
……
Response
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
"errors": [
]
}
}
Import full in 22.8Rx/25.x
Copy
Request
curl -X 'PUT' \
'https://<ics-ip>/api/v1/system/binary-configuration?import=full' \
--header 'Authorization: Basic WVRVeFltVXpZalF6TkRNME4yUmtaREkzWmpJMFpHTXpaVFJtWTJZME1ERT06' \
--form 'file=@"<path>"' \
--form 'password="1234"'
file should contaion Base64 configuration string as received in GET request
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
……
Response
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
"errors": [
]
}
}
Import only device certificates in 22.8Rx/25,x
Copy
Request
curl -X 'PUT' \
'https://{{pcs_ip}}/api/v1/system/binary-configuration?other_import=onlycertificate&device_certificate=yes' \
--header 'Authorization: Basic WVRVeFltVXpZalF6TkRNME4yUmtaREkzWmpJMFpHTXpaVFJtWTJZME1ERT06' \
--form 'file=@"<path>"' \
--form 'password="1234"'
file should contaion Base64 configuration string as received in GET request
UEsDBBQAAAAIAE9VmU4J1asqz3cDAKx3AwAKABwAc3lzdGVtLmNmZ1VUCQADvUHB
XL1BwVx1eAsAAQQAAAAABAAAAAAAC4D0fwnTMa1OLV2XgACOdwMAINEfP2AuIVXV
B1FhtptLC259gyNPT7WwhtQKbp2Y2+d1h1MTflQis8wbHytXP19D+SM+amX5UKeO
GDUggxgbrEQMXmwOSv8YBrvXIBShmGO5BVqfUemvdNK3OB+S/g8+LIPG5i2c3LVm
……
Response
{
"result": {
"info": [
{
"message": "Operation successfully completed."
}
"errors": [
]
}
}
Getting Config Without Ivanti Packages (ESAP and Client Packages)
Copy
Request
GET /api/v1/configuration/authentication/endpoint/host-checker/esaps?expand&&excludePulsePackages HTTP/1.1
Host: <IP Address>
Authorization: Basic
dS9UOURJRWswZzVyMTdieUJqVnhaQnExZUpTTW9ndCtIdGZzMnczMmlzRT06
Content-Type: application/json
Response
HTTP/1.1 200 OK
Content-Length: 561
Content-Type: application/json
{
"active-version": "3.3.5",
"default-version": "3.3.5",
"esap": [
{
"esap-version": "3.3.5",
"last-activated-time": "Sun 17 Mar 2019 23:54:12 PDT",
"upload-time": "Sun 17 Mar 2019 23:53:35 PDT"
},
{
"esap-version": "3.3.6",
"last-activated-time": "Never",
"upload-time": "Mon 18 Mar 2019 21:45:31 PDT"
},
{
"esap-version": "3.3.7",
"last-activated-time": "Never",
"upload-time": "Mon 18 Mar 2019 21:46:12 PDT"
}
],
"force-same-esap": "false",
"opswat-sdk-version": "4"
}