managed accounts

Download Spec

get /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts

Get all managed accounts in a target domain

sortkey

string

sortdir

string

Enum
  • asc
  • desc

limit

int

offset

int

Response

ExamplesSchema

Success

{
  "count": 123,
  "items": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "username": "string",
      "email": "string",
      "full_name": "string",
      "sam_account_name": "string",
      "source_id": "string",
      "security_id": "string",
      "additional_data": {},
      "target_domain": {
        "id": "5bf77342-221c-11ee-be56-0242ac120002",
        "name": "string",
        "deleted": true
      },
      "password_policy": {
        "id": "5bf77342-221c-11ee-be56-0242ac120002",
        "name": "string"
      },
      "enabled": true,
      "rotation_enabled": true,
      "explicit_checkout": true,
      "state": "MANAGED",
      "comment": "string",
      "locked": true,
      "locked_timestamp": "2023-06-07T17:32:28Z",
      "rotation_history": [
        {
          "version": 123,
          "rotated": "2023-06-07T17:32:28Z",
          "trigger": "ONRELEASE",
          "status": "SUCCESS"
        }
      ],
      "checkouts": [
        {
          "id": "5bf77342-221c-11ee-be56-0242ac120002",
          "type": "TARGET_DOMAIN_SECRET",
          "user_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "expires": "2023-06-07T17:32:28Z",
          "created": "2023-06-07T17:32:28Z",
          "explicit_checkout": true,
          "secrets": [
            {
              "version": 123,
              "secret": "string",
              "created": "2023-06-07T17:32:28Z"
            }
          ],
          "username": "string",
          "email": "string",
          "full_name": "string",
          "target_domain_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "managed_account_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "host_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "secret_name": "string",
          "meta": {}
        }
      ],
      "created": "2023-06-07T17:32:28Z",
      "author": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated_by": "2023-06-07T17:32:28Z",
      "disable_rdp_cert_auth": true
    }
  ]
}

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts

Create a managed account

id

string

uuid

username

string

Username must be unique with a target domain

email

string

full_name

string

sam_account_name

string

source_id

string

security_id

string

additional_data

object (additional_data)

target_domain

object (target_domain)

password_policy

object (password_policy)

enabled

boolean

Managed account enabled/disabled in PrivX

rotation_enabled

boolean

Password rotation enabled/disabled

explicit_checkout

boolean

Explicit checkout of account password allowed/disallowed

state

string

Enum
  • MANAGED
  • UNMANAGED
  • NEW
  • REMOVED

comment

string

locked

boolean

Account locked in PrivX for ongoing password rotation

locked_timestamp

string

date-time

rotation_history

array[object]

checkouts

array[object]

created

string

date-time

author

string

uuid

updated

string

uuid

updated_by

string

date-time

disable_rdp_cert_auth

boolean

disable RDP cert authorization for this user

password

string

Initial password stored to PrivX vault

rotate

boolean

Trigger initial password rotation after create

Request

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002",
  "username": "string",
  "email": "string",
  "full_name": "string",
  "sam_account_name": "string",
  "source_id": "string",
  "security_id": "string",
  "additional_data": {},
  "target_domain": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string",
    "deleted": true
  },
  "password_policy": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string"
  },
  "enabled": true,
  "rotation_enabled": true,
  "explicit_checkout": true,
  "state": "MANAGED",
  "comment": "string",
  "locked": true,
  "locked_timestamp": "2023-06-07T17:32:28Z",
  "rotation_history": [
    {
      "version": 123,
      "rotated": "2023-06-07T17:32:28Z",
      "trigger": "ONRELEASE",
      "status": "SUCCESS"
    }
  ],
  "checkouts": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "type": "TARGET_DOMAIN_SECRET",
      "user_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "expires": "2023-06-07T17:32:28Z",
      "created": "2023-06-07T17:32:28Z",
      "explicit_checkout": true,
      "secrets": [
        {
          "version": 123,
          "secret": "string",
          "created": "2023-06-07T17:32:28Z"
        }
      ],
      "username": "string",
      "email": "string",
      "full_name": "string",
      "target_domain_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "managed_account_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "host_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "secret_name": "string",
      "meta": {}
    }
  ],
  "created": "2023-06-07T17:32:28Z",
  "author": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated_by": "2023-06-07T17:32:28Z",
  "disable_rdp_cert_auth": true,
  "password": "string",
  "rotate": true
}

Response

ExamplesSchema

Managed account was successfully created

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002"
}

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/search

Search managed accounts in a target domain

keywords

string

Space or comma separated list of search keywords

enabled

boolean

created_after

string

date-time

created_before

string

date-time

updated_after

string

date-time

updated_before

string

date-time

state

string

Enum
  • MANAGED
  • UNMANAGED
  • NEW
  • REMOVED

rotation_enabled

boolean

explicit_checkout

boolean

Request

{
  "keywords": "string",
  "enabled": true,
  "created_after": "2023-06-07T17:32:28Z",
  "created_before": "2023-06-07T17:32:28Z",
  "updated_after": "2023-06-07T17:32:28Z",
  "updated_before": "2023-06-07T17:32:28Z",
  "state": "MANAGED",
  "rotation_enabled": true,
  "explicit_checkout": true
}

Response

ExamplesSchema

Success

{
  "count": 123,
  "items": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "username": "string",
      "email": "string",
      "full_name": "string",
      "sam_account_name": "string",
      "source_id": "string",
      "security_id": "string",
      "additional_data": {},
      "target_domain": {
        "id": "5bf77342-221c-11ee-be56-0242ac120002",
        "name": "string",
        "deleted": true
      },
      "password_policy": {
        "id": "5bf77342-221c-11ee-be56-0242ac120002",
        "name": "string"
      },
      "enabled": true,
      "rotation_enabled": true,
      "explicit_checkout": true,
      "state": "MANAGED",
      "comment": "string",
      "locked": true,
      "locked_timestamp": "2023-06-07T17:32:28Z",
      "rotation_history": [
        {
          "version": 123,
          "rotated": "2023-06-07T17:32:28Z",
          "trigger": "ONRELEASE",
          "status": "SUCCESS"
        }
      ],
      "checkouts": [
        {
          "id": "5bf77342-221c-11ee-be56-0242ac120002",
          "type": "TARGET_DOMAIN_SECRET",
          "user_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "expires": "2023-06-07T17:32:28Z",
          "created": "2023-06-07T17:32:28Z",
          "explicit_checkout": true,
          "secrets": [
            {
              "version": 123,
              "secret": "string",
              "created": "2023-06-07T17:32:28Z"
            }
          ],
          "username": "string",
          "email": "string",
          "full_name": "string",
          "target_domain_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "managed_account_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "host_id": "5bf77342-221c-11ee-be56-0242ac120002",
          "secret_name": "string",
          "meta": {}
        }
      ],
      "created": "2023-06-07T17:32:28Z",
      "author": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated_by": "2023-06-07T17:32:28Z",
      "disable_rdp_cert_auth": true
    }
  ]
}

get /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/{managedAccountID}

Get managed account

targetDomainID

string

uuid

required

managedAccountID

string

uuid

required

Response

ExamplesSchema

Success

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002",
  "username": "string",
  "email": "string",
  "full_name": "string",
  "sam_account_name": "string",
  "source_id": "string",
  "security_id": "string",
  "additional_data": {},
  "target_domain": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string",
    "deleted": true
  },
  "password_policy": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string"
  },
  "enabled": true,
  "rotation_enabled": true,
  "explicit_checkout": true,
  "state": "MANAGED",
  "comment": "string",
  "locked": true,
  "locked_timestamp": "2023-06-07T17:32:28Z",
  "rotation_history": [
    {
      "version": 123,
      "rotated": "2023-06-07T17:32:28Z",
      "trigger": "ONRELEASE",
      "status": "SUCCESS"
    }
  ],
  "checkouts": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "type": "TARGET_DOMAIN_SECRET",
      "user_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "expires": "2023-06-07T17:32:28Z",
      "created": "2023-06-07T17:32:28Z",
      "explicit_checkout": true,
      "secrets": [
        {
          "version": 123,
          "secret": "string",
          "created": "2023-06-07T17:32:28Z"
        }
      ],
      "username": "string",
      "email": "string",
      "full_name": "string",
      "target_domain_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "managed_account_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "host_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "secret_name": "string",
      "meta": {}
    }
  ],
  "created": "2023-06-07T17:32:28Z",
  "author": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated_by": "2023-06-07T17:32:28Z",
  "disable_rdp_cert_auth": true
}

put /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/{managedAccountID}

Modify a managed account

id

string

uuid

username

string

Username must be unique with a target domain

email

string

full_name

string

sam_account_name

string

source_id

string

security_id

string

additional_data

object (additional_data)

target_domain

object (target_domain)

password_policy

object (password_policy)

enabled

boolean

Managed account enabled/disabled in PrivX

rotation_enabled

boolean

Password rotation enabled/disabled

explicit_checkout

boolean

Explicit checkout of account password allowed/disallowed

state

string

Enum
  • MANAGED
  • UNMANAGED
  • NEW
  • REMOVED

comment

string

locked

boolean

Account locked in PrivX for ongoing password rotation

locked_timestamp

string

date-time

rotation_history

array[object]

checkouts

array[object]

created

string

date-time

author

string

uuid

updated

string

uuid

updated_by

string

date-time

disable_rdp_cert_auth

boolean

disable RDP cert authorization for this user

Request

{
  "id": "5bf77342-221c-11ee-be56-0242ac120002",
  "username": "string",
  "email": "string",
  "full_name": "string",
  "sam_account_name": "string",
  "source_id": "string",
  "security_id": "string",
  "additional_data": {},
  "target_domain": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string",
    "deleted": true
  },
  "password_policy": {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string"
  },
  "enabled": true,
  "rotation_enabled": true,
  "explicit_checkout": true,
  "state": "MANAGED",
  "comment": "string",
  "locked": true,
  "locked_timestamp": "2023-06-07T17:32:28Z",
  "rotation_history": [
    {
      "version": 123,
      "rotated": "2023-06-07T17:32:28Z",
      "trigger": "ONRELEASE",
      "status": "SUCCESS"
    }
  ],
  "checkouts": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "type": "TARGET_DOMAIN_SECRET",
      "user_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "expires": "2023-06-07T17:32:28Z",
      "created": "2023-06-07T17:32:28Z",
      "explicit_checkout": true,
      "secrets": [
        {
          "version": 123,
          "secret": "string",
          "created": "2023-06-07T17:32:28Z"
        }
      ],
      "username": "string",
      "email": "string",
      "full_name": "string",
      "target_domain_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "managed_account_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "host_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "secret_name": "string",
      "meta": {}
    }
  ],
  "created": "2023-06-07T17:32:28Z",
  "author": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated": "5bf77342-221c-11ee-be56-0242ac120002",
  "updated_by": "2023-06-07T17:32:28Z",
  "disable_rdp_cert_auth": true
}

Response

ExamplesSchema

Managed account was successfully modified

Empty response

delete /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/{managedAccountID}

Delete a managed account

targetDomainID

string

uuid

required

managedAccountID

string

uuid

required

Response

ExamplesSchema

Managed account was successfully deleted

Empty response

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/{managedAccountID}/rotate

Trigger managed account password rotation

targetDomainID

string

uuid

required

managedAccountID

string

uuid

required

Response

ExamplesSchema

Managed account password rotation was successfully triggered

Empty response

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/{managedAccountID}/password

Provide password for managed account

password

string

Request

{
  "password": "string"
}

Response

ExamplesSchema

Password was stored as new managed account secret version

{
  "version": 123,
  "created": "2023-06-07T17:32:28Z"
}

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/batch/create

Create a batch of managed accounts

ids

array[string]

data

object (data)

Request

{
  "ids": [
    "5bf77342-221c-11ee-be56-0242ac120002"
  ],
  "data": {
    "enabled": true,
    "rotation_enabled": true,
    "rotate": true,
    "explicit_checkout": true,
    "password_policy": {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "string"
    },
    "comment": "string",
    "disable_rdp_cert_auth": true
  }
}

Response

ExamplesSchema

Managed account batch was successfully created

{
  "ids": [
    "5bf77342-221c-11ee-be56-0242ac120002"
  ]
}

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/batch/edit

Modify a batch of managed accounts

ids

array[string]

changes

object (changes)

Request

{
  "ids": [
    "5bf77342-221c-11ee-be56-0242ac120002"
  ],
  "changes": {
    "enabled": true,
    "rotation_enabled": true,
    "explicit_checkout": true,
    "password_policy": {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "string"
    },
    "comment": "string",
    "disable_rdp_cert_auth": true
  }
}

Response

ExamplesSchema

Managed account batch was successfully modified

Empty response

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/batch/delete

Delete a batch of managed accounts

ids

array[string]

Request

{
  "ids": [
    "5bf77342-221c-11ee-be56-0242ac120002"
  ]
}

Response

ExamplesSchema

Managed account batch was successfully deleted

Empty response

post /secrets-manager/api/v1/targetdomains/{targetDomainID}/managedaccounts/batch/rotate

Trigger password rotation for a batch of managed accounts

ids

array[string]

Request

{
  "ids": [
    "5bf77342-221c-11ee-be56-0242ac120002"
  ]
}

Response

ExamplesSchema

Rotation was successfully triggered for a managed account batch

Empty response

Was this page helpful?