Versions Compared

Old Version 8

changes.mady.by.user Krisztian Papp

Saved on

compared with

New Version 9

changes.mady.by.user Krisztian Papp

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Status
colourGreen
titleAVAILABLE IN 9.8.0 AND LATER

Table of Contents

In a VFC system numerous entities exist containing credential type data. The endpoints covered in this articles allow to change the credentials programmatically. With the following functionality custom integrator application can be implemented to rotate passwords of the different entities from a common password vault solution. With this approach the common technical account password leakage or sharing can be prevented. This article introduces how these credentials can be managed via the v1 REST API in the following sections.

Table of Contents

The applications that manages credentials in the system the following actions are required:

...

Info

The following examples require a valid access token. To acquire an access token, use the Authentication endpoint. The different examples may require different permissions. Please, be aware to always use an access token that was acquired by a user with the right permissions.

User credentials

The non AD synchronized user entities have an updateable password field that can be modified with the API. Note: the login name is not modifiable. The new password must match with the configured password criteria i.e.: complexity or password history.

...

Code Block
POST https://VFC_MR_DOMAIN//verba/restapi/v1/users/16/password/verify

new plain password

Active Directory Synchronization Profile credentials

The Active Directory Synchronization Profile entities contain credential data to be able to connect to an LDAP server or an Azure AD tenant. The updateable properties are various and depend on the type of the AD Synchronization Profile entity.

...

Code Block
POST https://VFC_MR_DOMAIN/verba/restapi/v1/adSyncProfiles/13F72189-2EEB-425F-885B-7D1BBA83DDEB/password/verify
Content-Type: application/json
Accept: application/json

{
  "property": "ldapPassword",
  "value": "new plain password"
}

Storage Target credentials

The VFC has numerous different Storage Target integrations which have different entity object schemas. These different schemas have different editable properties.

...

Code Block
POST https://VFC_MR_DOMAIN/verba/restapi/v1/storageTargets/11/password/verify
Content-Type: application/json
Accept: application/json

{
  "property": "secretAccessKey",
  "value": "new plain password"
}

Import Source credentials

Similar to Storage Targets the different Import Source types have different object schema representations in the REST API. The modifiable properties are depend on the specific type.

...