manage secrets
Download Spechost_id
string
required
Authorization
string
required
OAuth2 token
- Default
- "Bearer a-proper-token-goes-here"
oauth
Required Scopes:
service Read host secret metadata for all accounts
All Scopes
-
admin· Admin scope - used for built-in PrivX admin account -
hostsManage· Clients with hosts-manage scope -
hostsProvisioning· Deploy script users -
hostsView· Clients with hosts-view scope -
service· Microservice scope - used for communication between PrivX microservices -
user· Normal users
- Flow Type:
- authorization_code
- Auth URL:
- https://api.x.com/v1/auth/auth
- Token URL:
- https://api.x.com/v1/auth/auth
Response
Returns array of metadata of secrets for host
{
"metadata": {
"host_id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"address": "string",
"port": 123,
"operating_system": "windows",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"use_main_account": true,
"main_account": "string",
"winrm_main_account_password": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"accounts": [
{
"account": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string",
"initial_password": "string"
}
]
}Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Error
{
"error_code": "GENERAL_ERROR",
"error_message": "string",
"property": "string",
"details": [
null
]
}error_code
string
required
Standard error code denoting the error type
- Enum
-
- GENERAL_ERROR
- BAD_REQUEST
- PERMISSION_DENIED
- INVALID_REQUEST_DATA
- REQUIRED_VALUE_MISSING
- VALUE_OUT_OF_BOUNDS
- VALUE_INCORRECT_TYPE
- VALUE_INCORRECT_FORMAT
- VALUE_DUPLICATE
- CONFIGURATION_ERROR
- OUT_OF_RESOURCES
- MAX_LOAD
- TOO_MANY_CONNECTIONS
- DATABASE_ERROR
- CACHE_ERROR
- INTRA_SERVICE_COMMUNICATION_ERROR
error_message
string
Textual, human readable error message
property
string
The property name causing the error
details
array[]
An array of errors describing the error in more detail
reference (error)
recursivemetadata
object (metadata)
required
rotating password object
host_id
string
uuid
required
once host object saved, added by backend
access_group_id
string
uuid
Specify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
address
string
required
address of server
port
int
required
operating_system
string
required
- Enum
-
- windows
- linux
certificate_validation_options
string
required
Disable or enable password rotation certificate validation
- Enum
-
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchors
string
WinRM host certificate trust anchors in PEM format
use_main_account
boolean
required
rotate passwords of all accounts in host through one account
main_account
string
required
rotate passwords of all accounts in host through this account
winrm_main_account_password
string
if protocol winrm and main account set, this password is stored to vault-v2
password_policy_id
string
uuid
required
password policy to be applied
script_template_id
string
uuid
required
script template to be run in host
created
string
date-time
When the object was created. Added by backend
- Example
- "2017-01-01T15:05:05Z"
updated
string
date-time
When the object was updated. Added by backend
- Example
- "2017-01-01T15:05:05Z"
created_by
string
added by backend
updated_by
string
added by backend
accounts
array[object]
object
account
string
required
username
last_rotated
string
date-time
When last successful rotation. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error
string
date-time
When last rotation error. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error_details
string
Last rotation error details. Added by backend
initial_password
string
initial password to store in vault to start rotation
metadata
object (metadata)
required
rotating password object
host_id
string
uuid
required
once host object saved, added by backend
access_group_id
string
uuid
Specify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
address
string
required
address of server
port
int
required
operating_system
string
required
- Enum
-
- windows
- linux
certificate_validation_options
string
required
Disable or enable password rotation certificate validation
- Enum
-
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchors
string
WinRM host certificate trust anchors in PEM format
use_main_account
boolean
required
rotate passwords of all accounts in host through one account
main_account
string
required
rotate passwords of all accounts in host through this account
winrm_main_account_password
string
if protocol winrm and main account set, this password is stored to vault-v2
password_policy_id
string
uuid
required
password policy to be applied
script_template_id
string
uuid
required
script template to be run in host
created
string
date-time
When the object was created. Added by backend
- Example
- "2017-01-01T15:05:05Z"
updated
string
date-time
When the object was updated. Added by backend
- Example
- "2017-01-01T15:05:05Z"
created_by
string
added by backend
updated_by
string
added by backend
accounts
array[object]
object
account
string
required
username
last_rotated
string
date-time
When last successful rotation. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error
string
date-time
When last rotation error. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error_details
string
Last rotation error details. Added by backend
initial_password
string
initial password to store in vault to start rotation
host_id
string
required
Authorization
string
required
OAuth2 token
- Default
- "Bearer a-proper-token-goes-here"
oauth
Required Scopes:
service secret definitions from admin via host store
All Scopes
-
admin· Admin scope - used for built-in PrivX admin account -
hostsManage· Clients with hosts-manage scope -
hostsProvisioning· Deploy script users -
hostsView· Clients with hosts-view scope -
service· Microservice scope - used for communication between PrivX microservices -
user· Normal users
- Flow Type:
- authorization_code
- Auth URL:
- https://api.x.com/v1/auth/auth
- Token URL:
- https://api.x.com/v1/auth/auth
Request
{
"metadata": {
"host_id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"address": "string",
"port": 123,
"operating_system": "windows",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"use_main_account": true,
"main_account": "string",
"winrm_main_account_password": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"accounts": [
{
"account": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string",
"initial_password": "string"
}
]
}Response
Returns stored metadata + account array of secret for host
{
"metadata": {
"host_id": "5bf77342-221c-11ee-be56-0242ac120002",
"access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
"address": "string",
"port": 123,
"operating_system": "windows",
"certificate_validation_options": "DISABLED",
"winrm_host_certificate_trust_anchors": "string",
"use_main_account": true,
"main_account": "string",
"winrm_main_account_password": "string",
"password_policy_id": "5bf77342-221c-11ee-be56-0242ac120002",
"script_template_id": "5bf77342-221c-11ee-be56-0242ac120002",
"created": "2017-01-01T15:05:05Z",
"updated": "2017-01-01T15:05:05Z",
"created_by": "string",
"updated_by": "string"
},
"accounts": [
{
"account": "string",
"last_rotated": "2017-01-01T15:05:05Z",
"last_error": "2017-01-01T15:05:05Z",
"last_error_details": "string",
"initial_password": "string"
}
]
}Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Error
{
"error_code": "GENERAL_ERROR",
"error_message": "string",
"property": "string",
"details": [
null
]
}error_code
string
required
Standard error code denoting the error type
- Enum
-
- GENERAL_ERROR
- BAD_REQUEST
- PERMISSION_DENIED
- INVALID_REQUEST_DATA
- REQUIRED_VALUE_MISSING
- VALUE_OUT_OF_BOUNDS
- VALUE_INCORRECT_TYPE
- VALUE_INCORRECT_FORMAT
- VALUE_DUPLICATE
- CONFIGURATION_ERROR
- OUT_OF_RESOURCES
- MAX_LOAD
- TOO_MANY_CONNECTIONS
- DATABASE_ERROR
- CACHE_ERROR
- INTRA_SERVICE_COMMUNICATION_ERROR
error_message
string
Textual, human readable error message
property
string
The property name causing the error
details
array[]
An array of errors describing the error in more detail
reference (error)
recursivemetadata
object (metadata)
required
rotating password object
host_id
string
uuid
required
once host object saved, added by backend
access_group_id
string
uuid
Specify ID of access group, default access group will be used if ID is not specified. Access group will be checked for WinRM trust anchors if certificate validation option is set to enabled.
address
string
required
address of server
port
int
required
operating_system
string
required
- Enum
-
- windows
- linux
certificate_validation_options
string
required
Disable or enable password rotation certificate validation
- Enum
-
- DISABLED
- ENABLED
winrm_host_certificate_trust_anchors
string
WinRM host certificate trust anchors in PEM format
use_main_account
boolean
required
rotate passwords of all accounts in host through one account
main_account
string
required
rotate passwords of all accounts in host through this account
winrm_main_account_password
string
if protocol winrm and main account set, this password is stored to vault-v2
password_policy_id
string
uuid
required
password policy to be applied
script_template_id
string
uuid
required
script template to be run in host
created
string
date-time
When the object was created. Added by backend
- Example
- "2017-01-01T15:05:05Z"
updated
string
date-time
When the object was updated. Added by backend
- Example
- "2017-01-01T15:05:05Z"
created_by
string
added by backend
updated_by
string
added by backend
accounts
array[object]
object
account
string
required
username
last_rotated
string
date-time
When last successful rotation. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error
string
date-time
When last rotation error. Added by backend
- Example
- "2017-01-01T15:05:05Z"
last_error_details
string
Last rotation error details. Added by backend
initial_password
string
initial password to store in vault to start rotation
host_id
string
required
Authorization
string
required
OAuth2 token
- Default
- "Bearer a-proper-token-goes-here"
oauth
Required Scopes:
service delete secret from admin via host store
All Scopes
-
admin· Admin scope - used for built-in PrivX admin account -
hostsManage· Clients with hosts-manage scope -
hostsProvisioning· Deploy script users -
hostsView· Clients with hosts-view scope -
service· Microservice scope - used for communication between PrivX microservices -
user· Normal users
- Flow Type:
- authorization_code
- Auth URL:
- https://api.x.com/v1/auth/auth
- Token URL:
- https://api.x.com/v1/auth/auth
Response
Host secret deleted
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
Empty response
No schema
Error
{
"error_code": "GENERAL_ERROR",
"error_message": "string",
"property": "string",
"details": [
null
]
}error_code
string
required
Standard error code denoting the error type
- Enum
-
- GENERAL_ERROR
- BAD_REQUEST
- PERMISSION_DENIED
- INVALID_REQUEST_DATA
- REQUIRED_VALUE_MISSING
- VALUE_OUT_OF_BOUNDS
- VALUE_INCORRECT_TYPE
- VALUE_INCORRECT_FORMAT
- VALUE_DUPLICATE
- CONFIGURATION_ERROR
- OUT_OF_RESOURCES
- MAX_LOAD
- TOO_MANY_CONNECTIONS
- DATABASE_ERROR
- CACHE_ERROR
- INTRA_SERVICE_COMMUNICATION_ERROR
error_message
string
Textual, human readable error message
property
string
The property name causing the error
details
array[]
An array of errors describing the error in more detail
reference (error)
recursiveWas this page helpful?