REST API best practices are being adhered to in the creation of this documentation, specifically adhering to http://github.com/Microsoft/api-guidelines/blob/vNext/Guidelines.md except where explicitly listed in this documentation.
\nIDAPI references - https://bravurasecuritydocs.com/release127/content/en/api.pdf
\nBravura Security's REST API version will be incremented if a backwards incompatible change is introduced. if a backwards compatibility item is introduced everything possible will be done to preserve the past definition of the API for the period of time the Security Fabric versions are in support. A breaking change on the API that violates this will only be considered if a security concern or data loss issue is flagged in the API in question that would warrant a break.
\nTo authenticate to a request, add a bearer token to the Authorization HTTP header.
\nTo get a bearer token, the REST API has an IdentityServer established to mint tokens. To authenticate, follow the Resource owner password grant type for IdentityServer4.
\nFor external authentication to the REST API, the client ID is passwordclient. There is no client secret. For a user to be able to authenticate externally, they must be members of the _EXPLICIT_REST_API_USERS_ user class.
POST {{scheme}}://{{hostname}}/{{instancename}}/identity/connect/token\nContent-Type: application/x-www-form-urlencoded\n client_id=passwordclient&\n grant_type=password&\n username={{username}}&\n password={{password}}\n\nThe resulting response will provide an access_token which is the bearer token used for the Authorization HTTP header in the REST API requests. The response also includes a refresh_token which can be used to extend the lifetime of the authenticated user's session.
Example response:
\n{\n \"access_token\": \"FB1A619D121BA73B52B5BF2FD96D3669075A158918A66FC6E5D4845CEA035F29\",\n \"expires_in\": 3600,\n \"token_type\": \"Bearer\",\n \"refresh_token\": \"D2FE60948CA91B61C8EC82BD9D2183FC1F5B7E7A41A47D1F0BE749A00F3E0F4E\",\n \"scope\": \"api.read api.write offline_access\"\n}\n\nFor authorization to endpoints, policy-based access control (PBAC) has been implemented into the REST API using Open Policy Agent (OPA). Each endpoint is protected by one or more policies, and the policies are written using OPA's native query language Rego. For more information on Rego, see here.
\nEach policy can be modified using the REST API; Bravura Security Fabric offers a few custom functions that can be used in Rego, and all data referenced in the policies follow the REST API models.
\nIn the diagram below, an example workflow for a REST API request is shown. When a request is submitted to the REST API, we send a query object to the Open Policy Agent SDK; OPA reaches out to our product database for data, as well as our authorization policies, and uses custom functions (eg. CheckUserclassMembership) to check for more complex access. When the policy decision is returned to the REST API, the queryable is modified to contain the required filters to ensure the authorized data is returned as the response. If no access has been granted, a 404 Not Found response will be returned.
\nN.B. Some endpoints will check multiple policies, due to the nested nature of the endpoint. In those cases, if access is denied at any point, the entire request is denied, and a 404 Not Found response will be returned. Policies will be evaluated in the order they are found in the ordered list of the documentation.
\nEndpoint: GET /users({key})/attributes
Policies:
\nusers_get
\nusers_attributes_get_list
\nThe users_get policy will be evaluated first; if denied, a 404 Not Found response is returned, else users_attributes_get_list is evaluated.
To improve the capabilities of Rego, some custom functions have been developed into Rego to allow for more complex product queries to be done.
\n","schema":"https://schema.getpostman.com/json/collection/v2.0.0/collection.json","toc":[],"owner":"20302012","collectionId":"e7204baa-4846-408d-97ff-2efcc496dbcf","publishedId":"2sA3Qv9WrQ","public":true,"customColor":{"top-bar":"FFFFFF","right-sidebar":"303030","highlight":"FF6C37"},"publishDate":"2025-04-01T19:48:19.000Z"},"item":[{"name":"Accounts","item":[{"name":"/accounts","event":[{"listen":"test","script":{"id":"51d4e51d-b57e-45ba-b7c1-57b05bc8359f","exec":["pm.test(\"Response status code is 200\", function () {"," pm.response.to.have.status(200);","});","","","pm.test(\"id is a valid GUID\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array');"," responseData.value.forEach(function(account) {"," pm.expect(account.id).to.match(/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i);"," });","});","","","pm.test(\"displayName is a non-empty string\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array').that.is.not.empty;"," "," responseData.value.forEach(function(account) {"," pm.expect(account.displayName).to.be.a('string').and.to.have.lengthOf.at.least(1, \"displayName should not be empty\");"," });","});","","pm.test(\"stableId is a non-empty string\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array').that.is.not.empty;"," "," responseData.value.forEach(function(account) {"," pm.expect(account.stableId).to.be.a('string').and.to.have.lengthOf.at.least(1, \"stableId should not be empty\");"," });","});","","pm.test(\"shortId is a non-empty string\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array').that.is.not.empty;"," "," responseData.value.forEach(function(account) {"," pm.expect(account.shortId).to.be.a('string').and.to.have.lengthOf.at.least(1, \"shortId should not be empty\");"," });","});","","pm.test(\"longId is a non-empty string\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array').that.is.not.empty;"," "," responseData.value.forEach(function(account) {"," pm.expect(account.longId).to.be.a('string').and.to.have.lengthOf.at.least(1, \"longId should not be empty\");"," });","});","","pm.test(\"valid is a boolean\", function () {"," const responseData = pm.response.json();",""," pm.expect(responseData.value).to.be.an('array').that.is.not.empty;"," "," responseData.value.forEach(function(account) {"," pm.expect(account.valid).to.be.a('boolean');"," });","});"],"type":"text/javascript"}}],"id":"40923920-ff2d-49fd-8543-6a1fb6558683","protocolProfileBehavior":{"disabledSystemHeaders":{},"disableBodyPruning":true},"request":{"method":"GET","header":[],"url":"{{scheme}}://{{hostname}}/{{instancename}}/api/rest/v2/accounts","description":"GET /api/rest/v2/accounts
This endpoint retrieves a list of Account objects based on the given OData query options.
Filter, sort, and paginate the data returned by this endpoint using standard OData query parameters.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http://[hostname]/[instancename]/api/rest/v2/$metadata#accounts\",\n \"value\": [\n {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean,\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the AccountList function from our base product, which was a SOAP API function. The transition to REST API provides a more modern and efficient way to retrieve account data.
POST /api/rest/v2/accounts
This endpoint creates a new Account object.
The request body should contain the details of the account to be created.
\nIn addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X POST \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '{\n \"shortId\": \"userone\",\n \"templateId\": \"template1\",\n \"password\": \"password1\",\n \"userId\": \"11111111-1111-1111-1111-111111111111\",\n \"attributes\": [{...}, {...}]\n }'\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_post_createThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/accounts({accountKey})
This endpoint retrieves an Account object based on the given accountKey.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts(accountKey)\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#accounts/$entity\",\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the AccountGetByGuid function from our base product, which was a SOAP API function. The transition to REST API provides a more modern and efficient way to retrieve account data.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"POST /api/rest/v2/accounts({accountKey})
This endpoint performs a specific action on an Account object identified by its accountKey. The action to be performed is specified in the request body.
This action retrieves a response from a target based on a user-specified challenge string.
\nThis action generates passwords that meet specified criteria.
\nIn addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X POST \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '{\n \"action\": \"some-action\",\n ...\n }'\n\nThis endpoint requires authorization. The following Open Policy Agent (OPA) policies need to be satisfied:
\naccounts_postaccounts_post_generate_passwordaccounts_post_hddchallengeresponseThis REST API request replaces the following SOAP API calls from our base product:
\nThe transition to REST API provides a more modern and efficient way to perform actions on accounts.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"PATCH /api/rest/v2/accounts({accountKey})
This endpoint applies partial modifications to a specific Account object based on the provided accountKey. The operations supported are add, remove, replace, and test. This endpoint can be used to perform a variety of actions including unlocking an account, checking if an account is locked, changing the password, validating the password, renaming an account, modifying account attributes, modifying group memberships, enabling/disabling an account, and checking if an account is enabled.
The request should include the operation (op), the path (path), and the value (value). The from field is optional and can be included if necessary.
In addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X PATCH \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '[\n { \"op\": \"{op}\", \"path\": \"{path}\", \"value\": \"{value}\" }\n ]'\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. The general policy for this endpoint is accounts_patch. However, depending on the op and path parameters, additional policies may need to be satisfied. Refer to the table below for details:
This REST API request replaces several SOAP API calls including AccountPasswordSet, UserAccountsUnlock, AccountRename, AccountAttrSet, AccountAttrDelete, AccountGroupMemberTest, AccountIsEnabled.
DELETE /accounts({accountKey})
This endpoint deletes an Account object with the provided accountKey.
Delete an account using the provided accountKey.
In addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X DELETE \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\naccountKey.This endpoint requires authorization. The following policy needs to be satisfied:
\naccounts_deleteThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the AccountDelete function from our base product, which was a SOAP API function. The transition to REST API provides a more modern and efficient way to delete account data by accountKey.
GET /api/rest/v2/accounts({accountKey})/attributes
This endpoint retrieves a list of AttributeData objects associated with the Account object that has the provided accountKey.
Use the accountKey parameter to get attributes of a specific account. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/attributes\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v1/$metadata#attributedata\",\n \"value\": [\n {\n \"id\": \"String\",\n \"data\": [\n {\n \"ref\": \"String\",\n \"filename\": \"String\",\n \"value\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\"\n }\n }\n ]\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\naccounts_getaccounts_attributes_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})
This endpoint fetches a specific AttributeData object associated with an Account object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#attributedata/$entity\",\n \"id\": \"String\",\n \"data\": [\n {\n \"id\": \"String\",\n \"ref\": \"String\",\n \"filename\": \"String\",\n \"value\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\"\n }\n }\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_attributes_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the AttributeGetByKey function from our base product, which was a SOAP API function. The transition to REST API provides a more modern and efficient way to retrieve attribute data.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeDataKey})/value
This endpoint fetches a specific value of a file attribute in Base64-encoding associated with an Account object.
This request is only valid for file attributes. Non-file attributes will result in a 400 Bad Request status code.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeDataKey})/value\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"value\": \"String\"\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_attributes_data_value_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis endpoint specifically handles retrieving values for file attributes associated with an account. Non-file attributes will result in a 400 Bad Request status code.
GET /api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeDataKey})/value/$value
This endpoint fetches a specific raw value of a file attribute associated with an Account object.
This request is only valid for file attributes. Non-file attributes will result in a 400 Bad Request status code.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeDataKey})/value/$value\" \\\n -H \"Authorization: Bearer {token}\"\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_attributes_data_value_value_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis endpoint specifically handles retrieving values for file attributes associated with an account. Non-file attributes will result in a 400 Bad Request status code.
GET /api/rest/v2/accounts({accountKey})/groupmemberships
This endpoint retrieves a list of GroupMembership objects associated with the Account object that has the provided accountKey.
Use the key parameter to get group memberships of a specific account. Additionally, OData query options can be used to customize the data returned by this endpoint.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/groupmemberships\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#accounts({accountKey}/groupMemberships(group())\"\n \"value\": [\n {\n \"id\": \"Guid\",\n \"group\": {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean\n }\n }\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\naccounts_getaccounts_groupmemberships_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/accounts({accountKey})/groupmemberships({groupKey})
This endpoint fetches a specific GroupMmembership objects associated with a specific Account object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/groupmemberships({groupKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#accounts($accountKey)/groupMemberships(group())/$entity\",\n \"id\": \"Guid\",\n \"group\": {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean\n }\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_groupmemberships_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the equivalent function from our base product, which was a SOAP API function. The transition to REST API provides a more modern and efficient way to retrieve group membership data.
\nFor further guidance on querying resources using OData with ASP.NET Core, you can refer to Microsoft's documentation on building web APIs with OData support.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/accounts({accountKey})/managedAccount
This endpoint retrieves a ManagedAccount object associated with the Account object that has the provided accountKey.
Use the key parameter to get the managed account of a specific account. Additionally, OData query options can be used to customize the data returned by this endpoint.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or none
odata.streaming can be either true or false
This indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/accounts({accountKey})/managedAccount\" \\\n -H \"Authorization: Bearer {token}\"\n\nManagedAccount object associated with the Account object.Account object was found with the provided accountKey.{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#managedAccounts/$entity\",\n \"id\": \"Guid\"\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_managedaccount_getThe endpoint uses the authorization service to evaluate this policy against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/account({accountKey})/targetSystem
This endpoint retrieves a TargetSystem object associated with the Account object that has the provided accountKey.
Use the key parameter to get TargetSystem of a specific Account. Additionally, OData query options can be used to customize the data returned by this endpoint.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/account({accountKey})/targetSystem\" \\\n -H \"Authorization: Bearer {token}\"\n\n200 OK: This status code indicates that the request was successful. The response body will contain a TargetSystem object associated with the Account object.
\n400 Bad Request: This status code indicates that the request could not be understood or was missing required parameters.
\n401 Unauthorized: This status code indicates that the request failed due to insufficient permissions.
\n404 Not Found: This status code indicates that no Account object was found with the provided accountKey.
\n500 Internal Server Error: This status code indicates that the request failed due to an internal server error.
\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#targetSystems/$entity\",\n \"id\": \"String\",\n \"type\": \"String\",\n \"description\": \"String\",\n \"address\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\"\n }\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\naccounts_targetsystem_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/account({accountKey})/user
This endpoint retrieves the User object associated with the Account object that has the provided accountKey.
Use the key parameter to get the User associated with a specific Account. Additionally, OData query options can be used to customize the data returned by this endpoint.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/account({accountKey})/user\" \\\n -H \"Authorization: Bearer {token}\"\n\n200 OK: This status code indicates that the request was successful. The response body will contain the User object associated with the Account object.
\n400 Bad Request: This status code indicates that the request could not be understood or was missing required parameters.
\n401 Unauthorized: This status code indicates that the request failed due to insufficient permissions.
\n404 Not Found: This status code indicates that no Account object was found with the provided accountKey or the User is not associated with the Account.
\n500 Internal Server Error: This status code indicates that the request failed due to an internal server error.
\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#users/$entity\",\n \"id\": \"Guid\",\n \"signInName\": \"String\",\n \"displayName\": \"String\",\n \"enabled\": Boolean,\n \"locked\": Boolean,\n \"archived\": Boolean,\n \"admin\": Boolean\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\naccounts_user_getThe endpoint uses the authorization service to evaluate this policy against the current user's attributes. If the policy condition is satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"The Account resource represents a user account in the system. Below is a detailed description of all the properties of this resource.
\nGET /v2/accounts - Retrieves a list of all accounts.
GET /v2/accounts({accountKey}) - Retrieves a specific account using the account key.
GET /v2/accounts({accountKey})/user - Retrieves the user associated with the given accountKey.
GET /v2/accounts({accountKey})/targetSystem - Retrieves the target system associated with the given accountKey.
GET /v2/accounts({accountKey})/managedAccount - Retrieves the managed account associated with the given accountKey.
POST /v2/accounts - Creates a new account.
POST /v2/accounts({accountKey}) - Performs operations on an existing account using the given accountKey.
PATCH /v2/accounts({accountKey}) - Partially updates an existing account using the given accountKey.
DELETE /v2/accounts({accountKey}) - Deletes an existing account using the given accountKey.
GET /v2/accounts({accountKey})/groupMemberships - Retrieves a list of all group memberships associated with a specific accountKey.
GET /v2/accounts({accountKey})/groupMemberships({accountGroupMembershipKey}) - Retrieves a specific group membership using the given keys.
GET /v2/accounts({accountKey})/attributes - Retrieves a list of all attributes associated with a specific accountKey.
GET /v2/accounts({accountKey})/attributes({accountAttributeKey}) - Retrieves a specific attribute using the given keys.
GET /v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeValueKey})/value - Retrieves the base-64 value of an attribute using the given keys.
GET /v2/accounts({accountKey})/attributes({accountAttributeKey})/data({accountAttributeValueKey})/value/$value - Retrieves the raw value of an attribute using the given keys.
GET /api/rest/v2/groups
This endpoint retrieves a list of Group objects based on the given OData query options.
Filter, sort, and paginate the data returned by this endpoint using standard OData query parameters.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"https://[hostname]/[instancename]/api/rest/v2/$metadata#groups\",\n \"value\": [\n {\n \"id\": \"Guid\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"displayName\": \"String\",\n \"valid\": Boolean\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"POST /api/rest/v2/groups
This endpoint creates a new Group object.
The request body should contain the details of the Group object to be created.
In addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X POST \"http(s)://[hostname]/[instancename]/api/rest/v2/groups\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '{\n \"shortId\": \"String\",\n \"displayName\": \"String\",\n \"targetSystemId\": \"String\",\n \"ou\": \"String\"\n }'\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroup_post_createThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to perform the request; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups({groupKey})
This endpoint retrieves a Group object based on the given groupKey.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n200 OK: This status code indicates that the request was successful. The response body will contain the Group object that matches the given groupKey.
\n400 Bad Request: This status code indicates that the request could not be understood by the server due to malformed syntax. The client SHOULD NOT repeat the request without modifications.
\n401 Unauthorized: This status code indicates that the request failed due to insufficient permissions.
\n404 Not Found: This status code indicates that the groupKey does not correspond to an existing group.
\n500 Internal Server Error: This status code indicates that the request failed due to an internal server error.
\n{\n \"@odata.context\": \"http://[hostname]/[instancename]/api/rest/v2/$metadata#groups/$entity\",\n \"id\": \"Guid\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"displayName\": \"String\",\n \"valid\": Boolean\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"PATCH /api/rest/v2/groups({groupKey})
This endpoint applies partial modifications to a specific Group object based on the provided groupKey. The operations supported include add, remove, replace, and test. The specific actions that can be performed with these operations include changing display names, modifying attributes, adding or removing members, owners, and parents, as well as testing the existence of members, owners, and parents.
The request must include the operation (op), the path (path), and depending on the operation, the value (value) and/or from (from).
In addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X PATCH \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '[\n { \"op\": \"replace\", \"path\": \"/displayName\", \"value\": \"New Group Name\" }\n ]'\n\nThis endpoint requires authorization. Authorization is implemented through the use of Open Policy Agent (OPA) policies. The general policy for this endpoint is groups_patch. Depending on the operation (op) and the path (path) parameters, additional specific policies may need to be satisfied.
This REST API request consolidates several equivalent calls from the base product, streamlining group management processes. The use of the REST API offers a more modern approach and aligns with current best practices for system integration and automation.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"DELETE /groups({groupKey})
This endpoint deletes a Group object with the provided groupKey.
Delete a group using the provided groupKey.
\nIn addition to any standard headers, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X DELETE \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\ngroupKey.This endpoint requires authorization. The following policy needs to be satisfied:
\ngroups_deleteThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"StartFragment
\nGET /api/rest/v2/groups({groupKey})/attributes
This endpoint retrieves a list of Attribute objects associated with the Group object that has the provided groupKey.
Use the groupKey parameter to get attributes of a specific Group object. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/attributes\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#groups({groupKey})/attributes\",\n \"value\": [\n {\n \"id\": \"String\",\n \"data\": [\n {\n \"id\": \"String\",\n \"ref\": \"String\",\n \"filename\": \"String\",\n \"value\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\" }\n }\n ]\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\ngroups_getgroups_attributes_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups({groupKey})/attributes({groupAttributeKey})
This endpoint fetches a specific Attribute object associated with a specific Group object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"https://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/attributes({groupAttributeKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\nAttribute objects were found with the provided keys. {\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#groups({groupKey})/attributes/$entity\",\n \"id\": \"String\",\n \"data\": [\n {\n \"id\": \"String\",\n \"ref\": \"String\",\n \"filename\": \"String\",\n \"value\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\"\n }\n }\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_attributes_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups({groupKey})/members
This endpoint retrieves a list of GroupMember objects associated with the Group object that has the provided groupKey.
Use the groupKey parameter to get members of a specific group. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/members\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#groups(08866cc1-1d2f-4999-80c3-f5f061ec543d)/members(account(),group())\",\n \"value\": [\n {\n \"id\": \"Guid\",\n \"account\": {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean\n },\n \"group\": Group }\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\ngroups_getgroups_members_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups(groupKey)/members(groupMemberKey)
This endpoint fetches a specific GroupMember object associated with a specific Group object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups(groupKey)/members(groupMemberKey)\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#groups($groupKey)/members(account(),group())/$entity\",\n \"id\": \"Guid\",\n \"account\": {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean },\n \"group\": Group\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_members_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups({groupKey})/owners
This endpoint retrieves a list of GroupOwner objects associated with the Group object that has the provided groupKey.
Use the groupKey parameter to get owners of a specific group. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/owners\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#groups({groupKey})/owners(account(),group())\",\n \"value\": [\n {\n \"id\": \"Guid\",\n \"account\": {\n \"id\": \"Guid\",\n \"displayName\": \"String\",\n \"stableId\": \"String\",\n \"shortId\": \"String\",\n \"longId\": \"String\",\n \"valid\": Boolean\n },\n \"group\": Group\n }\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\ngroups_getgroups_owners_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups(groupKey)/owners(groupOwnerKey)
This endpoint fetches a specific GroupOwner associated with a specific Group object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/owners({groupOwnerKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#owners/$entity\",\n \"id\": \"String\",\n \"account\": {\n // Account details\n },\n \"group\": {\n // Group details\n }\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_owners_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups(groupKey)/parents
This endpoint retrieves a list of GroupParent objects objects associated with the Group object that has the provided groupKey.
Use the groupKey parameter to get parents of a specific group. Additionally, OData query options can be used to customize the data returned by this endpoint.
\nThe Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"https://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/parents\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#parents\",\n \"value\": [\n {\n \"id\": \"String\",\n \"group\": {\n // Group details\n }\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\ngroups_getgroups_parents_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups(groupKey)/parents(groupParentKey)
This endpoint fetches a specific GroupParent object associated with a specific Group object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/parents({groupParentKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"/api/rest/v2/$metadata#parents/$entity\",\n \"id\": \"Guid\",\n \"group\": {\n // Group details\n }\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\ngroups_parents_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/groups(groupKey)/targetSystem
This endpoint retrieves the TargetSystem object associated with the Group object that has the provided groupKey.
Use the groupKey parameter to get the target system of a specific group. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
minimal, full, or nonetrue or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/groups({groupKey})/targetSystem\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#targetSystem\",\n \"id\": \"String\",\n \"description\": \"String\",\n \"address\": \"String\",\n \"type\": \"String\",\n \"metadata\": {\n \"createdDateTime\": \"DateTime\",\n \"lastUpdatedDateTime\": \"DateTime\",\n \"lastUpdatedBy\": \"Guid\"\n }\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\ngroups_targetsystem_getThe endpoint uses the authorization service to evaluate these policies against
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"The Group resource represents a collection of user rights that are assigned a name and can be assigned as a unit to one or more users in the system. Below is a detailed description of all the properties of this resource.
GET /v2/groups - Retrieves a list of all groups.
GET /v2/groups({groupKey}) - Retrieves a specific group using the unique key.
POST /v2/groups - Creates a new group.
PATCH /v2/groups({groupKey}) - Partially updates an existing group using the unique key.
DELETE /v2/groups({groupKey}) - Deletes an existing group using the unique key.
GET /v2/groups({groupKey})/attributes - Retrieves a list of all attributes associated with a specific groupKey.
GET /v2/groups({groupKey})/attributes({groupAttributeKey}) - Retrieves a specific attribute using the given keys.
GET /v2/groups({groupKey})/members - Retrieves a list of all members associated with a specific groupKey.
GET /v2/groups({groupKey})/members({groupMemberKey}) - Retrieves a specific member using the given keys.
GET /v2/groups({groupKey})/owners - Retrieves a list of all owners associated with a specific groupKey.
GET /v2/groups({groupKey})/owners({groupOwnerKey}) - Retrieves a specific owner using the given keys.
GET /v2/groups({groupKey})/parents - Retrieves a list of all parent groups associated with a specific groupKey.
GET /v2/groups({groupKey})/parents({groupParentKey}) - Retrieves a specific parent group using the given keys.
GET /v2/groups({groupKey})/targetSystem - Retrieves the target system information associated with a specific group.
GET /api/rest/v2/managedAccounts({managedAccountKey})/secrets
This endpoint retrieves a list of Secret objects associated with the ManagedAccount object that has the provided managedAccountKey.
Use the managedAccountKey parameter to get secrets of a specific managedAccount. Additionally, OData query options can be used to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets\" \\\n -H \"Authorization: Bearer {token}\"\n\nSecret objects associated with the ManagedAccount object.Secret objects were found with the provided keys.{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#secrets\",\n \"value\": [\n {\n \"id\": \"String\",\n \"managed\": Boolean,\n \"kind\": \"String\",\n \"createdDateTime\": \"DateTime\",\n \"value\": null\n },\n ...\n ]\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policies need to be satisfied in the given order:
\nmanagedaccounts_getmanagedaccounts_secrets_get_listThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})
This endpoint fetches a specific Secret object associated with a specific ManagedAccount object.
You can use OData $expand and $select query options to customize the data returned by this endpoint.
The Content-Type request header field indicates the media type of the resource in the request body. For this endpoint, the Content-Type can either be text/json or take the following form:
application/json[;odata.metadata=][;odata.streaming=]
odata.metadata can be one of minimal, full, or noneodata.streaming can be either true or falseThis indicates that both the odata.metadata and odata.streaming options are optional. If not provided, the server will use its default values.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({ManagedAccountSecretKey})\" \\\n -H \"Authorization: Bearer {token}\" \\\n -H \"Content-Type: application/json\"\n\n200 OK: This status code indicates that the request was successful. The response body will contain the secret.
\n400 Bad Request: This status code indicates that the request could not be understood or was missing required parameters.
\n401 Unauthorized: This status code indicates that the request failed due to insufficient permissions.
\n404 Not Found: This status code indicates that no Secret objects were found using the provided keys.
\n500 Internal Server Error: This status code indicates that the request failed due to an internal server error.
\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#secrets/$entity\",\n \"id\": \"String\",\n \"managed\": Boolean,\n \"kind\": \"String\",\n \"createdDateTime\": \"DateTime\",\n \"value\": null\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\nmanagedaccounts_getmanagedaccounts_secrets_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\nThis REST API request replaces the equivalent function from our base product, which was a SOAP API function named LargeCredentialsGet. The transition to REST API provides a more modern and efficient way to retrieve secret data associated with managed accounts.
POST /api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})
This endpoint performs a specific action on a Secret object identified by its managedAccountSecretKey within a managedAccount object. The action to be performed is specified in the request body.
This action triggers the randomization of the secret's password.
\nIn addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
curl -X POST \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({key})\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '{\n \"action\": \"randomize-password\"\n }'\n\nThis endpoint requires authorization. The following Open Policy Agent (OPA) policies need to be satisfied:
\nmanagedaccounts_secret_postmanagedaccounts_secret_post_passwordrandomizemanagedaccounts_secret_post_passwordoverrideThis REST API request replaces the following SOAP API calls from our base product:
\nManagedAccountRandomizePasswordManagedAccountOverridePasswordThe transition to REST API provides a more modern and efficient way to perform actions on secrets within managed accounts.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"DELETE /managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})
This endpoint deletes a Secret object object within a ManagedAccount object using the provided managedAccountKey and managedAccountSecretKey.
Delete a secret within a managed account using the provided managedAccountKey and managedAccountSecretKey.
In addition to any standard headers, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
curl -X DELETE \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})\" \\\n -H \"Authorization: Bearer {token}\"\n\n202 Accepted: This status code indicates that the request to delete the secret was accepted. The Location header with the operation will be included in the response.
\n400 Bad Request: This status code indicates that the request was malformed or invalid.
\n401 Unauthorized: This status code indicates that the request failed due to insufficient permissions or invalid authentication.
\n404 Not Found: This status code indicates that no Secret object was found using the provided keys.
\n500 Internal Server Error: This status code indicates that the request failed due to an internal server error.
\nThis endpoint requires authorization. The following policy needs to be satisfied:
\nmanagedaccounts_secrets_deleteThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to delete the secret; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"GET /api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value
This endpoint fetches a specific value of a Secret object in Base64-encoding associated with a ManagedAccount object.
The Content-Type request header field can either be text/json or take the following form: application/json.
In addition to the Content-Type header, all requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({mangedAccountSecretKey})/value\" \\\n -H \"Content-Type: application/json\" \\\n -H \"Authorization: Bearer {token}\"\n\n{\n \"@odata.context\": \"http(s)://[hostname]/[instancename]/api/rest/v2/$metadata#managedAccounts({managedACcountKey})/secrets({managedAccountSecretKey})/value\",\n \"value\": \"String\"\n}\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\nmanagedaccounts_secrets_value_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"PUT /api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value
This endpoint replaces the value of a Secret object identified by its managedAccountSecretKey within a ManagedAccount object. The new secret value is specified in the request body.
In addition to any standard headers, all requests to this endpoint must include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
curl -X PUT \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value\" \\\n -H \"File-Name: secret.txt\" \\\n -H \"Content-Type: text/plain\" \\\n -H \"Authorization: Bearer {token}\" \\\n -d '@secret.txt'\n\ncurl -X PUT \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value\" \\\n -H \"Authorization: Bearer {token}\" \\\n --data-raw 'new_secret_value'\n\nThis endpoint requires authorization. The following Open Policy Agent (OPA) policies need to be satisfied:
\nmanagedaccounts_secrets_value_putGET /api/rest/v2/managedAccounts({manageAccountKey})/secrets({managedAccountSecretKey})/value/$value
This endpoint fetches a specific raw value of a Secret object associated with a ManagedAccount object.
All requests to this endpoint must also include an Authorization header with a Bearer token:
\nAuthorization: Bearer {token}
The {token} placeholder should be replaced with the actual token value. This Bearer token is used for authentication and authorization of the request.
\ncurl -X GET \"http(s)://[hostname]/[instancename]/api/rest/v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value/$value\" \\\n -H \"Authorization: Bearer {token}\"\n\nThis endpoint requires authorization. Authorization is implemented through the use of one or more Open Policy Agent (OPA) policies. For this endpoint, the following policy needs to be satisfied:
\nmanagedaccounts_secrets_value_value_getThe endpoint uses the authorization service to evaluate these policies against the current user's attributes. If the policy conditions are satisfied, the user is authorized to access the data; if not, the request is denied.
\n","auth":{"type":"oauth2","oauth2":{"basicConfig":[],"advancedConfig":[{"key":"username","value":"{{username}}"},{"key":"password","value":"{{password}}"},{"key":"client_authentication","value":"The Secret resource represents a secured and confidential piece of information, such as a password or file, in the system. Below is a detailed description of all the properties of this resource.
GET /v2/managedAccounts({managedAccountKey})/secrets - Retrieves a list of all secrets associated with a specific managed account.
GET /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey}) - Retrieves a specific secret by its unique identifier.
POST /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey}) - Performs operations on an existing secret using the given keys.
DELETE /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey}) - Deletes a secret by its unique identifier (file only).
GET /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value - Retrieves the value of a specific secret.
PUT /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value - Replaces the value of a specific secret.
GET /v2/managedAccounts({managedAccountKey})/secrets({managedAccountSecretKey})/value/$value - Retrieves the raw value of a specific secret.
GET /api/rest/v2/managedAccounts
This endpoint retrieves a list of ManagedAccount objects.
\nFilter, sort, and paginate the data returned by this endpoint using standard OData query parameters.
\n