Highlighted
Super Contributor.
Super Contributor.
239 views

Adding vault entry via REST API in 3.6

Jump to solution

We have successfully used /rest/prvcrdvlt/Vault to add vault entries using the REST API with PAM 3.2 and 3.5. However, with 3.6, we are seeing some odd behavior. First, the "PUT /rest/prvcrdvlt/Vault" succeeds. However, when visiting https://<pam>/pam->Credential Vault, we are seeing the following:

clipboard_image_2.png

This is expected after adding the vault entry. However, when we then click on this icon, we see:

clipboard_image_3.png

Note only 6 entries appear. So, why does the overview indicate 7 vault entries? This was not the case with PAM 3.3/3.5.

We are passing the following to the PUT request:

{
  "Vault": {
    "CFG": {
      "SSH": {
        "host": "test-server",
        "port": "22"
      }
    },
    "type": "ssh",
    "name": "test-server",
    "ACL": {
      "Role": {
      }
    }
  }
}
0 Likes
1 Solution

Accepted Solutions
Highlighted
Super Contributor.
Super Contributor.

Re: Adding vault entry via REST API in 3.6

Jump to solution

We modified the PUT request to add "profile": "101" and our vault entry is now visible in the credential vault. This was not necessary with PAM 3.2/3.5 so either this is a bug or a new requirement. The "profile" attribute is not documented in the REST API PDF guide.

{
  "Vault": {
    "CFG": {
      "SSH": {
        "host": "test-server",
        "port": "22"
      }
    },
    "type": "ssh",
    "name": "test-server",
    "profile": "101",
    "ACL": {
      "Role": {
      }
    }
  }
}  

 

View solution in original post

0 Likes
2 Replies
Highlighted
Super Contributor.
Super Contributor.

Re: Adding vault entry via REST API in 3.6

Jump to solution

We modified the PUT request to add "profile": "101" and our vault entry is now visible in the credential vault. This was not necessary with PAM 3.2/3.5 so either this is a bug or a new requirement. The "profile" attribute is not documented in the REST API PDF guide.

{
  "Vault": {
    "CFG": {
      "SSH": {
        "host": "test-server",
        "port": "22"
      }
    },
    "type": "ssh",
    "name": "test-server",
    "profile": "101",
    "ACL": {
      "Role": {
      }
    }
  }
}  

 

View solution in original post

0 Likes
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: Adding vault entry via REST API in 3.6

Jump to solution
Yes, this is correct. I have provided this feedback to the Engineering team so that the doc can be corrected. Profile id is necessary for the UI to render the resources. It is something that was added since 3.2 and has not been appropriately documented.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.