Status | ||||
---|---|---|---|---|
|
Table of Contents |
---|
In a VFC system numerous entities exist containing credential type data. The endpoints covered in this articles allow to change the credentials programmatically. With the following functionality custom integrator application can be implemented to rotate passwords of the different entities from a common password vault solution. With this approach the common technical account password leakage or sharing can be prevented. This article introduces how these credentials can be managed via the v1 REST API in the following sections.
Table of Contents |
---|
The applications that manages credentials in the system the following actions are required:
...
Info |
---|
The following examples require a valid access token. To acquire an access token, use the Authentication endpoint. The different examples may require different permissions. Please, be aware to always use an access token that was acquired by a user with the right permissions. |
User credentials
The non AD synchronized user entities have an updateable password field that can be modified with the API. Note: the login name is not modifiable. The new password must match with the configured password criteria i.e.: complexity or password history.
...
Code Block |
---|
POST https://VFC_MR_DOMAIN//verba/restapi/v1/users/16/password/verify new plain password |
Active Directory Synchronization Profile credentials
The Active Directory Synchronization Profile entities contain credential data to be able to connect to an LDAP server or an Azure AD tenant. The updateable properties are various and depend on the type of the AD Synchronization Profile entity.
...
Code Block |
---|
POST https://VFC_MR_DOMAIN/verba/restapi/v1/adSyncProfiles/13F72189-2EEB-425F-885B-7D1BBA83DDEB/password/verify Content-Type: application/json Accept: application/json { "property": "ldapPassword", "value": "new plain password" } |
Storage Target credentials
The VFC has numerous different Storage Target integrations which have different entity object schemas. These different schemas have different editable properties.
...
Code Block |
---|
POST https://VFC_MR_DOMAIN/verba/restapi/v1/storageTargets/11/password/verify Content-Type: application/json Accept: application/json { "property": "secretAccessKey", "value": "new plain password" } |
Import Source credentials
Similar to Storage Targets the different Import Source types have different object schema representations in the REST API. The modifiable properties are depend on the specific type.
...