Trusted Contributor.
Trusted Contributor.

Additional session request PAM Users | IDM | RestAPI


Hello All,.

Use case:-  PAM Users When Required any additional session (any specific server ) with normal or Super privileges they should able to request for this by using IDM workflow.

We are creating a workflow using the rest API for PAM users.


PAM command control User session prerequisite required for the session :-


  • Command (RDP or ssh rule)     
  • 2 groups
  1. The user group  (user name whom the policy will assign)
  2. Session group (what are the user privileges session will show to the user)
  •   Host group ( Host IP address )


Issue what we facing:-

Whenever users required additional session we need to modify 2 things.

  • Session Group (Additional User name )
  • Host group (additional servers Ip address)

With the help of Rest API when we trying to modify the group details is overwatering.

Old details are deleting.


Ex. Before API request group details       IDM/l1admin


    Sending new data                                    IDM/l3admin

           After api request group                  IDM/l3admin


Same issue we are facing host group also.

Kindly provide a solution if any way to achieve this use case.

2 Replies
Trusted Contributor.
Trusted Contributor.

Yes because for this use case  We are using IDM Workflow and PAM so.

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.