Manage Web Service Accounts with API

this section describes how to integrate with kron pam using all api methods restful api or soap api is used to integrate with kron pam requests sent in both methods are prepared according to kron pam's guidelines, and the functioning of these methods should be determined according to kron pam login api method the credentials that kron pam will access in the login phase must be provided the user that is provided for access must be defined under sapm, and then a secure access request must be sent through this user the post method is used during the login phase the url information to be sent by the provider must be transmitted the token, which is accessed after the request, is saved to be used in other api methods login user and password values should not be included in the login url this information should be written in the body part parameter name description http login url https //server ip/loginuserurl http login method post http login headers post, host, content type http login body username, password the login user’s password value is stored encrypted in kron pam request / response example request method url post api/login/ type params values head content type application/json body username ${authusername} body password ${authpassword} response status response 200 ok 401 {"error" "unauthorized "} 500 {"error" "something went wrong please try again later "} authentication data matcher authentication data matcher allows using variables in different methods to do so, you define the key values ​​as well as the key sources by default, authentication data matcher takes source body values parameter name value http login auth data matcher \[{"key" "key1", "pattern" "key1 \\\s( +?),", "source" "header"},{"key" "key2", "pattern" "key2 \\\s( +?),", "source" "body"}] change password api method access token value responded from the login api method is taken and used in the body part of the change password api parameter name value http change password url https //server ip/chngpasswdurl http change password method post / put http change password headers post, host, content type http change password body access token and other information the user information whose password will be changed is defined on the sapm screens, and these values ​​are added to the body for the change password api the passwords of the accounts defined in sapm are automatically reset in the specified periods if the relevant url access permissions are given, all user passwords can be changed with the superuser, so users won’t need to change their passwords parameter name description super user privileged user who resets other users’ passwords super user password privileged user password change password with super user parameter that must be set to true to use superuser check password api method account passwords defined in sapm are checked at specified periods as a result of these checks, the password's validity becomes final access token value responded from the login api method is taken and used in the body part of the check password api parameter name value http check password url https //server ip/chckpasswdurl http check password method post / put http check password headers post, host, content type http check password body access token and other information account discovery api method the account discovery api allows discovering accounts in the app and observing any changes kron pam can track the discovered accounts, and through apis, you can take action when necessary parameter name value http user list url https //server ip/discoveruserurl http user list method get http user list headers get, content type http user list body access token and other information delete account api method kron pam uses delete account api to delete the accounts discovered with the account discovery api parameter name value http delete user url https //server ip/deleteaccnturl http delete user method delete http delete user headers delete, content type http delete user body access token and other information status code status code acceptance in api response is set by the following parameter parameter name value http accepted status codes standard http status codes all status codes are standard http status codes, and the following codes are used in this api 2xx success of some kind 4xx error occurred on the client side 5xx error occurred on the server side status code description 200 ok 201 created 202 accepted (request accepted, and queued for execution) 400 bad request 401 authentication failure 403 forbidden 404 resource not found 405 method not allowed 409 conflict 412 precondition failed 413 request entity too large 500 internal server error 501 not implemented 503 service unavailable importing certificate from gui the usage status of the certificate can be parametrically set while accessing the web service the certificate can be ignored, or the current certificate and password are entered in the gui and saved to the database since the certificate value is kept in the database, it works smoothly in systems with replication parameter name value http ignore certificate errors true/false http keystore path select certificate file http keystore password certificate password