Jump to Content
Guides
API Reference
GitHub
Home
Guides
API Reference
Changelog
Guides
API Reference
GitHub
Community Forums
Twitter
API Reference
Community Forums
Twitter
API Reference
Reapply device policies (Mobile + OSX)
Search
JUMP TO
Centrify Identity Platform API
Core Services
Deletes an authentication profile.
post
Gets an authentication profile.
post
Gets a list of Authentication profiles.
post
Saves an authentication profile.
post
The tenant brand information.
post
The tenant brand.
post
Fetch technical support user.
post
Grant portal access to technical support.
post
Create a dynamic set.
post
Create a manual set.
post
Delete a set.
post
Gets the contents of a bucket.
post
Gets a set based on the ID.
post
Gets the references to a set.
post
Gets the rights on a set.
post
Gets a set template based on ObjectType and SubObjectType.
post
Gets the members with access to the set.
post
Gets the objects set.
post
Gets a set of ObjectType.
post
Gets the members with access to the set.
post
Update a set.
post
Updates the set members.
post
Adds a Blocked IP Range.
post
Adds an IP Range local to the customer network.
post
Requests a heath check from a specific cloud connector or from all cloud connectors.
post
Create a directory.
post
Creates a Reports directory in Path for the tenant.
post
Creates a Reports directory in the tenant for the current user.
post
Deletes a Blocked IP Range.
post
Removes a suffix.
post
Removes multiple suffixes.
post
Delete a set of certificates.
post
Deletes a directory.
post
Deletes a file.
post
Deletes a set of files.
post
Deletes a list of proxies.
post
Remove a connector referred to by proxyUuid.
post
Deletes a connector registration code.
post
Deletes a list of connector registration codes.
post
Deletes the tenant configuration key.
post
Deletes an IP Range local to the customer network.
post
Check for the existence of a directory.
post
Downloads a certificate.
post
Download the contents of a file.
post
Check for the existence of a file.
post
Generates a new connector registration code.
post
Generates a password.
post
Get a list of domains in the forest.
post
Gets the active directory topology for the directory service Uuid or the domain name.
post
Get the tenant suffixes.
post
Gets the blocked IP Ranges.
post
Gets the certificate authority certificate chain.
post
Get the tenant suffixes excluding 'legacy' versions.
post
Gets the public part of the cloud certificate authority certificate.
post
Gets the connector log4net config for the connector.
post
Gets the current Iwa Json Url.
post
Gets the current Iwa Url.
post
Gets the public part of the default global app signing certificate.
post
List the directory contents of a directory.
post
Get a list of directory contents.
post
Gets directory information for the path.
post
Gets the directory services.
post
Gets a list of domain controllers for the directory service Uuid in domain name.
post
Gets download urls.
post
Get metadata and information about a file, as well as the file contents.
post
Get the Iwa trust root certificate.
post
Gets the localized value of the tag.
post
Get domains and organizational units.
post
Gets the IP Ranges local to the customer network.
post
Gets list of connectors.
post
Fetchs a connector registration code along with its settings.
post
Fetchs a standard UI report that contains all of the connector registration codes.
post
Get the connector Iwa host certificate file.
post
Gets the Iwa settings for the connector Uuid.
post
Retrieves a list of product licenses for this tenant, from Salesforce.
post
DEPRECATION WARNING - This API is no longer supported; please use /Report/GetReports.
post
Get supported cultures, returning their code and native name.
post
Gets the public part of the tenant CA certificate.
post
Gets the tenant's config value for a key.
post
Returns a file name that is unique in the directory.
post
Gets all user settings of setting type.
post
Gets the Zso certificate
post
Gets the Zso host information.
post
This is a callback used by the twilio service.
post
Issues a user certificate. (Deprecated, please use OAuth2 instead.)
post
Issues a Zso user certificate
post
List the file contents of a directory.
post
Return given text as a file.
post
Move directory 'path' to 'toPath'.
post
Calls the NotifyEnvironment method on the connector.
post
Redirect to the targetUrl.
post
Read the contents of a file.
post
Re issue the certificate for the connector.
post
Rename certificate with thumbprint to newName.
post
Sets the connector Log4Net config for a connector.
post
Sets the default certificate for the current tenant.
post
Set the certificate for the Iwa connector.
post
Set the connector Iwa Settings for proxyUuid.
post
Sets the value of a tenant configuration key.
post
Starts the named service on the connector.
post
Stops the named service on the connector.
post
Store a suffix.
post
Saves the user information.
post
Stores the user settings.
post
Updates the directory services stack for a tenant.
post
Updates an existing connector registration code.
post
Updates the Iwa connector settings.
post
Uploads a certificate.
post
Write string content to a file.
post
Gets the value of an extended column.
post
Gets the value of all extended columns for a row.
post
Gets the tables extended columnar schema.
post
Sets the value of an extended column.
post
Sets the value of an extended column.
post
Updates a table's extended columnar schema.
post
Add a certificate authority.
post
Downloads the certificate authority public key file.
post
Get certificate authorities for the tenant.
post
Remove a certificate authority.
post
Update a certificate authority.
post
Add global group assertion mapping.
post
Create federation.
post
Delete a federation.
post
Delete global group assertion mapping.
post
Get the federation metadata.
post
Get a federation.
post
Get federation group assertion mappings.
post
Gets a list of federations.
post
Gets a list of federation signature types
post
Gets a list of federation types.
post
Get global federation settings.
post
Get global group assertion mappings.
post
Gets a list of federated groups.
post
Gets the public part of the Service Provider signing certificate.
post
Gets the public part of the Service Provider signing certificate authority.
post
Update a federation.
post
Update federation group assertion mappings.
post
Update the global group assertion mappings.
post
Call back for the google directory service.
post
Gets the IDP authorization state for the pollingToken.
post
Gets the directory service configuration.
post
Gets the state id and the service login url.
post
Updates the directory service configuration.
post
Updates the directory service configuration.
post
Simple health check for load balancers: Is this node active?
post
Returns a report of deployment history, schema upgrade history, current nodes, for support.
post
Returns a report of deployment history, schema upgrade history, current nodes, for support.
post
Returns login Data configurement.
post
Query and read the config for the one Safenet kmip box for this tenant.
post
Delete the Kmip configuration.
post
Get the Kmip configuration
post
Stores the Kmip remote password.
post
Adds a service to the Lightweight Directory Access Protocol (LDAP) config.
post
Remove a service from the Lightweight Directory Access Protocol (LDAP).
post
Get a list of cloud connectors that have the LDAP module enabled.
post
Gets the directory service version for an LDAP directory service specified by UUID.
post
Get the Lightweight Directory Access Protocol (LDAP) config.
post
Get the Directory Service UUID for a specific LDAP, using the name assigned by the user.
post
Gets the list of mappable LDAP attributes.
post
Gets a property to attribute mapping on an LDAP enabled directory service.
post
Gets the scripting property to attribute mapping from an LDAP enabled directory service.
post
Modify a service in the Lightweight Directory Access Protocol (LDAP) config.
post
Sets a property to attribute mapping on an LDAP enabled directory service.
post
Sets the scripting property to attribute mapping on an LDAP enabled directory service.
post
Gets the results of the specified mappings by looking up a user by name.
post
Verify the Lightweight Directory Access Protocol (LDAP) directory service config.
post
Retrieves the file from the virtual file system.
post
Add a single OATH profile to a specific user.
post
Delete a list of profiles.
post
Gets data from a csv file.
post
Get import profile list.
post
Gets the profile list for the user.
post
Gets the oath profile list for a device.
post
Resets the Centrify OATH profile.
post
Resynchronize a TOTP or HOTP token.
post
Save or update the default Centrify profile.
post
Process a previously uploaded csv file.
post
Update the oath profile counter.
post
Validate the otp code.
post
Creates a client token.
post
Login
post
Add an authentication policy modifier.
post
Delete an authentication policy modifier.
post
Delete a policy block.
post
Get the authentication policy modifiers.
post
Gets a list of policy links.
post
Get policy block.
post
Gets the oath otp name for the user.
post
Get the password complexity requirements for the user.
post
Gets a list of policy links.
post
Get policy block.
post
Retrieves a boolean policy value.
post
Retrieves an integer policy value.
post
Get the policy meta data.
post
Retrieves a string policy value.
post
Get the rsop policy for the user and device.
post
Gets the oath u2f name for the user.
post
Get using cloud mobile group policy.
post
Get a list of policies for a device.
post
Deprecated; use SavePolicyBlock3.
post
Save a new or updated policy.
post
Saves a list of policy links.
post
Saves a list of policy links.
post
Sets the using cloud mobile group policy.
post
Get all radius clients.
post
Fetch Radius config for a specified connector
post
Get the list of RADIUS servers
post
Get the user identifier attribute types.
post
Remove one or more radius clients if they exist.
post
Remove radius servers.
post
Add or update a radius client.
post
Change radius config for a connector.
post
Configures a Radius server.
post
Gets a list of tenants for the customer.
post
Register a new tenant.
post
Delete job history.
post
Make a job report.
post
Deprecated -- Am I authenticated.
post
Deprecated -- Checks for user execute rights on the Application Role Management task.
post
Begin the process of recovering a lost or forgotten user name.
post
Gets a list of risk levels.
post
Deprecated -- Multi factor authentication login for user.
post
Add an enrollment code
post
Check user permissions.
post
Enable or disable CSS Extension functionality for the agent computer
post
Delete an enrollment code
post
Disables zero or more features for an enrolled machine.
post
Deprecated -- EnableFeatures
post
Enables zero or more features for an enrolled machine.
post
Get all enrollment codes
post
Returns specified configuration settings for the enrolled machine
post
Get effective local groups.
post
Get group by id.
post
Get group by name.
post
Get group members.
post
Get information concerning which roles are allowed to be made visible as groups.
post
Get the group visibility scopes's valid names for a given role.
post
Get the group visibility scopes for a given role.
post
Get the group visibility scopes for a given type and effective scope.
post
Gets a set of agent settings.
post
Get user by Id.
post
Get user by name.
post
Get user groups.
post
Set feature state on an enrolled machine.
post
Update group scopes.
post
Update information about the agent computer.
post
Update settings.
post
Check to validate the agent computer.
post
Verify username and password.
post
Verify password.
post
Verify user can login.
post
Deprecated -- Add computer.
post
Gets all visible accounts for a database
post
Check if a database exists or not
post
Refresh health status of a host, domain or database.
post
Grant permissions on a database collection
post
For social authentication, this is the Facebook call back.
post
For social authentication, this is the Google call back.
post
For social authentication, this is the LinkedIn call back.
post
For social authentication, this is the Microsoft call back.
post
For social authentication, this is the Twitter call back.
post
Gets the social configurations for all identity providers.
post
Get the application client secret.
post
Gets the social user authentication configuration.
post
Gets the social configuration for the requested identity provider.
post
Resets the social user authentication configuration.
post
Sets the social user authentication configuration.
post
Set custom configuration.
post
Describe the system.
post
Dummy
post
Retrieve a session id.
post
Get the system version.
post
Request the cancellation of a job.
post
Create a one time job.
post
DEPRECATION WARNING - This API is no longer supported; please use /Report/EmailReport.
post
Returns streaming job history data via a redrock style interface.
post
Gets the history of a single job.
post
Retrieve simple job metrics from the persistent job system.
post
List the cnames assigned for the tenant.
post
Gets the domain of tenant urls
post
Creates a cname with prefix specified for the tenant.
post
Sets the tenant cname to preferred as cname
post
Gets the tenant cnames.
post
Deletes the cname for the tenant. Full cname is expected, e.g. 'company.my.centrify.net'.
post
Deletes a single key record from the config table.
post
Returns tenant's configuration values.
post
Get tenant configuration.
post
Deprecated -- Get editable mail templates.
post
Get editable message template.
post
Get editable message templates.
post
Gets the google key for the tenant.
post
Gets the tenant mobile configuration data.
post
Get the tenant Simple Mail Transport Protocol configuration.
post
Get the tenant Twilio configuration.
post
Reset portal configuration.
post
Send a test message template.
post
Set the tenant configuration.
post
Set a tenant configuration.
post
Sets the google key for the tenant.
post
Sets the tenant mobile configuration.
post
Set password persistance. i.e. do we save your password.
post
Set the tenant Simple Mail Transport Protocol configuration.
post
Set the tenant Twilio configuration.
post
Test the tenant Simple Mail Transport Protocol configuration.
post
Test the tenant Twilio configuration.
post
Evaluate a shortened URL key, redirecting to its long URL if valid.
post
Get the file.
post
Get lower case file name.
post
Authenticate the ZSO session.
post
Login using a tenant Certificate authority certificate.
post
Clears the Mac Safari Zso cookie.
post
Is the Mac Safari Zso cookie set.
post
Checks to see if sessionId is authenticated.
post
Sets the Mac Safari Zso cookie.
post
Authentication
Check row ACLs.
post
Gets a users access rights.
post
Get a collection of access rights.
post
Retrieves a list of who has what rights for the directory.
post
Gets a list of directory rights.
post
Gets a list of file rights.
post
Gets ACLs on a file.
post
Gets the access rights for a row.
post
Authenticates a request.
post
Confirm
post
https://openid.net/specs/openid-connect-session-1_0.html#RPLogout
post
Introspect.
post
Keys
post
Revoke.
post
Gets a token based on grant type.
post
This returns the contents of the bearer token used.
post
Attempt to advance the state of an authentication session.
post
Advances a forgot username session (similar to MFA advance authentication).
post
Terminate an incomplete session started with StartAuthentication or StartChallenge.
post
Allows OAuth2 clients to perform on-demand step-up authentication challenges.
post
Continues user authentication.
post
Starts a user authentication session.
post
Starts a step-up authentication challenge session.
post
Starts a forgot username session that looks similar to an MFA authentication session.
post
Submit OATH OTP code for the specify user
post
Answer registration challenge.
post
Deletes the U2f device.
post
Delete a list of U2f devices.
post
Get the trusted facet list for the tenant.
post
Get registration challenge.
post
Gets a list of U2f devices.
post
Gets a list of U2f devices for the current user.
post
Directory Services
Bulk imports users from csv file.
post
Performs the action after confirming permission to do so.
post
Reports
Add a report.
post
Add an array of reports.
post
Copy a report by Name or UUID.
post
Delete a report.
post
Delete an array of reports by UUID.
post
Run a report and email the results to a recipient.
post
Gets the default categories for reports
post
Get a report by Name or UUID.
post
Gets list of grants associated with a collection of Reports
post
Get list of permissions associated with a Report.
post
Gets the rights on a Report.
post
Get report objects.
post
Grant permissions on a Report collection.
post
Grant permissions on a Report
post
Update an existing report.
post
User Management
Gets a list of row rights.
post
Deprecated -- Delete a list of users with permission check.
post
Create new users in the Cloud Directory Service based on data read from files.
post
Delete user after permission check (DEPRECATED)
post
Exempt a specified user from MFA login for a period of time.
post
Get details for the current user.
post
Reads users from a csv file(s) for bulk user import.
post
Refresh a user's cached identity.
post
Create a Bulk User Import scheduled task to process an uploaded file.
post
Retreives a list of users that are members of a specific federated group.
post
Retrieves the Federated Group Memberships for a specfic user.
post
Revokes federated group membership from a specific group for a specific user.
post
Refresh current user's cached identity.
post
Delete admin security question.
post
Get a specific admin security question
post
Get admin security questions
post
Add admin security question.
post
Get the unix profile info for cloud role/group.
post
Get the unix profile info for cloud user.
post
Reads user profiles from csv file(s) for bulk user unix profiles import.
post
Set unix profile for cloud group/role
post
Set unix profile for cloud user
post
Create a Bulk User Profile Import scheduled task to process an uploaded file.
post
Add a user favorite.
post
Runs a risk check for the current user.
post
Check to see if a user can edit attributes.
post
Update user attributes
post
Change the password for the current user.
post
Query all directory services for users, groups, and/or roles using a json query string.
post
Get the cached entity.
post
Get the cached user.
post
Get a list of the user's favorites.
post
Get security questions for the current user
post
Fetch attributes for a specified user.
post
Get certificate info for a given user.
post
Fetch the reporting hierarchy for a specified user.
post
Get additional info for a specified user.
post
Fetch a cloud user's picture.
post
Gets user roles and administrative rights.
post
Invite one or more users to the cloud portal.
post
Checks to see if a given user is cloud locked.
post
Determine if the current user can (or cannot...) satisfy the requisite MFA challenges.
post
Checks to see if a given user is subject to cloud locks.
post
Remove a user favorite.
post
Remove a user from the cloud.
post
Remove one or more certificates for a given user.
post
Remove one or more users.
post
Resets (clears) security questions for a user.
post
Reset the password for a specified user.
post
Send email invitation to a specified user.
post
Send invitation emails to one or more users.
post
Send SMS invitation to a specified user.
post
Applies or clears a cloud lock for a given user.
post
Set the phone pin for a user.
post
Updates security questions for a user.
post
Updates various user preferences for the currently logged in user.
post
Cloud User Management
Change cloud user properties.
post
Create a new user in the Cloud Directory Service.
post
Create a new user in the Cloud Directory Service using minimal user information.
post
Create new users in the Cloud Directory Service.
post
Delete a cloud user. (DEPRECATED)
post
Get details for a specified cloud user.
post
Get details for a specified user by name.
post
Get all cloud users.
post
Removes AuthSource for list of users
post
Removes AuthSource from all users for a given Federation
post
Set a cloud user's picture file.
post
Set user State (locked, disabled, expired) for a specified cloud user.
post
MultiFactor Auth support: answer out of band challenge.
post
Determines if user needs step-up authentication.
post
Fetches a one-time passcode for the specified use.
post
Deprecated -- User login.
post
Logout current user.
post
Start social authentication.
post
Checks to see if user has execute rights on the task.
post
Checks to see if user has execute rights on a list of tasks.
post
Looks for the multi auth customer response.
post
Looks for the multi auth customer response.
post
Confirms user authentication state.
post
Check if a user profile challenge is required for the current user.
post
Get the user preferences.
post
DEPRECATED -- This API is deprecated and should not be used.
post
Uncache the user preferences.
post
Role Management
Assigns directoryfile rights to roles.
post
Assigns directory rights to roles.
post
Assigns file rights to roles.
post
Get list of administrative rights associated with a role.
post
List the roles and rights to a directoryfile.
post
List the roles and rights of a directory.
post
List the roles and rights of a file.
post
List the Dashboard roles and rights.
post
List the Report roles and rights.
post
Get the users for the specfied role id and return the paged results.
post
Update specific attributes of a Role, leaving the rest unchanged.
post
Add principals to role.
post
Assigns a set of rights (super rights) to a role.
post
Delete a role.
post
Delete a list of Roles.
post
Fetch a Role.
post
Fetch a Role's principals.
post
Remove principals from role.
post
Set policy on the role (pre-created).
post
Create a Principal List role.
post
Removes a set of rights (super rights) from a role.
post
Deprecated -- Update a Role.
post
Device Management
Delete a device (Mobile + OSX)
post
Disable SSO on device (Mobile + OSX)
post
Enable SSO on device (Mobile + OSX)
post
Lock client app (Mobile)
post
Ping a device (Mobile + OSX)
post
Reapply device policies (Mobile + OSX)
post
Reset client app lock pin (Mobile)
post
Grant permissions on devices
post
Set a device as primary (Mobile)
post
Update device policies (Mobile + OSX)
post
Grant permissions on applicationss
post
Resource Management
Add an AWS Access Key and Secret.
post
Deletes an access key for an IAM user.
post
Launch an Ec2 instance and install a connector registered to this tenant.
post
Gets Access Keys for an IAM user.
post
Get a List of all AWS availability zones in a given region.
post
Get the Centrify AWS Account ID and External ID for the tenant.
post
Get a list of VPC's along with information about connector(s) servicing the VPC.
post
Get a list of all roles for EC2 instances.
post
Get a List of all ssh keypairs in a given region.
post
Get region names.
post
Get a List of all aws regions
post
Get a list of all security groups in a region.
post
Get a list of all subnets in a given VPC.
post
Get a list of all subnets in a specified list of regions.
post
Get a list of all VPC's in a given region.
post
Import AWS Access Key and Secret.
post
Retrieve an access key ID and secret access key for an IAM user.
post
Verify an AWS Access Key and Secret
post
Verify an AWS Access Key and Secret for an IAM User name and Cloud Provider.
post
Verify assume role configuration.
post
Verify SQS queue configuration.
post
AddCloudProvider - Adds a cloud provider.
post
DeleteCloudProvider - Deletes a cloud provider.
post
Creates a asynchronous operation which will delete all cloud providers.
post
GetAllCloudProviders - Gets all cloud providers.
post
GetCloudProvider - Gets a cloud provider.
post
Gets list of grants associated with a set of cloud providers.
post
Gets list of grants associated with a cloud provider.
post
Grant permissions on cloud provider sets.
post
Grant permissions on cloud providers
post
UpdateCloudProvider - Updates a cloud provider
post
Get list of permissions associated with a set.
post
Grant permissions on a set
post
Execute the Dzdo authentication challenge.
post
Get the Dzdo and the Mfa challenge profile ids.
post
Execute the Mfa authentication challenge.
post
Sets the Dzdo and the Mfa challenge profile id.
post
Adds an alternate account discovery profile.
post
Cancel all running Alternate Account Discovery jobs.
post
Clear owner account set on the alternate account.
post
Commit a discovered alternate account.
post
Commit a list of discovered alternate accounts.
post
Deletes a list of alternate account discovery profiles.
post
Delete an alternate account discovery profile.
post
Gets an alternate account discovery profile.
post
Gets a list of alternate account discovery profiles.
post
Get the current user's dash A accounts that they can checkout
post
Gets the current user rights of the alternate account discovery profile.
post
Starts a job for each of the alternate account discovery profile ids provided.
post
Set alternate account discovery profile permissions.
post
Changes the discovery account.
post
Update an alternate account discovery profile.
post
Add a discovery account.
post
Are any discovery accounts referenced.
post
Delete a blacklisted computer.
post
Delete a discovery account.
post
Delete a host from the excluded discovery list.
post
Get discovery profile permissions.
post
Get a list of hosts excluded from discovery.
post
Get discovery job history.
post
Gets list of referenced VPC's.
post
Get the name of a VPC.
post
Set discovery profile permissions.
post
Update a discovery account.
post
Check if requester can Manage Assignment
post
Enumerate all privilege elevation assignments that are effective for a specific scope
post
Get Challenges for privilege elevation to a System
post
Returns list of allowed privilege elevation commands for a specific user on a system
post
Initiate a privilege elevation workflow request
post
Create a new privilege elevation command
post
Grant privilege elevation command to user/role/group
post
Delete a privilege elevation command
post
Delete privilege elevation assignment
post
Get privilege elevation assignments that are explicitly granted
post
Gets list of grants associated with a set of Privilege Elevation Commands.
post
Gets list of grants associated with a Privilege Elevation Command.
post
Enumerate privilege elevation assignments associated with a command
post
Grant permissions on Privilege Elevation Command sets.
post
Grant permissions on Privilege Elevation Commands
post
Update a privilege elevation command
post
Update privilege elevation assignment
post
Get the quick start state.
post
Manage accounts.
post
Run the quick start discovery job.
post
Verify the administrator account.
post
AddResourceProfile - Adds a resource profile.
post
DeleteResourceProfile - Deletes a resource profile.
post
ExportResourceProfilePackage - zips a resource profile into a package.
post
GetAllResourceProfiles - Gets all resource profiles.
post
GetResourceProfile - Gets a resource profile.
post
Gets list of grants associated with a set of resource profiles.
post
Gets list of grants associated with a resource profile.
post
OpenResourceProfilePackage - unzips and validates a resource profile package.
post
Grant permissions on resource profile sets.
post
Grant permissions on resource profiles
post
UpdateResourceProfile - Updates a resource profile
post
Add/Upload a config file to Cloud
post
Convert current agent from using machine cert to using OAuth.
post
Delete config file from Cloud
post
Deprecated -- Enroll
post
Enrolls a machine to the CIP using user credentials.
post
Enrolls a machine to the CIP using user credentials.
post
Returns a list of all the config files pushed to systems
post
Returns a machine certificate.
post
Gets a DirectAudit configuration.
post
Returns offline OTP settings for the enrolled machine
post
Push config files to agent asynchronously
post
Register
post
Enrolls a machine to the CIP using an enrollment code.
post
Enrolls a machine to the CIP using an enrollment code.
post
Unenroll an enrolled Agent.
post
Aysnchronous operation for unenrolling agents.
post
Add an account for a resource
post
Add a list of accounts.
post
Add a database
post
Add a list of databases.
post
Add a domain
post
Add a list of domains.
post
Add a system
post
Add a list of system resources.
post
AddSecret - Adds a secret
post
Adds a secret folder.
post
Add an SSH key as a JSON string.
post
Add an SSH key as a file in multipart/form-data.
post
Checks if an SSH key can be deleted. Currently just looks for any accounts using this key.
post
Checks in an account password
post
Check whether offline OTP is available for the computer
post
Checks out an account password
post
Create a Discovery Profile
post
Delete an account
post
Delete multiple accounts in background job.
post
Delete a database
post
Delete a domain
post
Delete a resource
post
Creates a asynchronous operation which will delete all resources and associate accounts in the background.
post
DeleteSecret - Deletes a secret
post
Deletes a secret folder.
post
Delete an SSH key.
post
Delete one or more SSH Keys. SSH keys in the set that require an MFA challenge to delete will fail to delete. The exception is if RunSync is true and a single ssh key is included in the Ids array. That case will follow Centrify's standard MFA challenge pattern for API requests.
post
Downloads a secret file in data chunks.
post
Extend checkout time for a password
post
Generate an SSH key based on given parameters
post
Generate an SSH key based on given parameters
post
Gets list of grants associated with collection of accounts
post
Gets list of permissions associated with an account
post
Retrieves Accounts for Login
post
Gets all visible accounts for a resource
post
Get's agent profile (if there is one) for a resource
post
Returns the auditing and monitoring service configuration for the tenant.
post
Get Challenges for login to a System
post
Get Rights on Computer for current user.
post
Get computer for ssh key accounts.
post
Gets list of grants associated with collection of databases
post
Get list of permissions associated with a database
post
Gets a list of discovery profiles.
post
Gets list of grants associated with collection of domains
post
Gets list of grants associated with a domain
post
Retrieve token for an account
post
Retrieve token settings for an account
post
Gets any ongoing Rdp or ssh sessions for a given user.
post
Gets a list of accounts that the user has workspace login permission.
post
Returns an offline OTP for the computer
post
Gets list of grants associated with collection of resources
post
Gets list of grants associated with resource
post
Get a retired password of an account
post
Get the rsop policy for the user and entity. If no user is passed in then the rsop will be for the current user.
post
GetSecret - Gets secret metadata
post
Fetch the workflow settings associated with a secret
post
Gets list of grants associated with a collection of secrets
post
Gets a secret folder.
post
Get secret folders can move to.
post
Fetch the rights and authentication challenges associated with a secret.
post
Gets a folder and its contents (secrets, sub-folders)
post
Gets the permissions for a folder.
post
Gets the rights and challenges for a secret folder.
post
Get secret to be replaced.
post
Gets all active sessions
post
Gets list of grants associated with collection of SSH keys
post
Gets an SSH key without any of the sensitive fields (PrivateKey, PublicKey, Passphrase)
post
Gets list of permissions associated with a SSH key
post
Fetch the rights and authentication challenges associated with an SSH Key
post
Fetch the SSH keys available for login.
post
Get ssh key usage.
post
Log event for entering justification for login and password checkout
post
Creates a asynchronous operation which will attempt to put all accounts under management.
post
Moves a secret folder
post
Moves a secret (between folders)
post
Delete multiple accounts at once
post
Rotate multiple accounts at once
post
Partial update a system. ID is required.
post
Check a domain exists or not
post
Pre Checkout call to get info for Checkout.
post
Provision reconciliation service account to resources.
post
Retrieve TOTP token for an account
post
Request secret download url.
post
Request secret upload url.
post
Retrieves the secret entity
post
Retrieves the secret entity.
post
Retrieve an SSH key.
post
Rotate password of a managed account
post
Rotate multiple accounts at once
post
Grant permissions on account collections
post
Grants permissions on accounts
post
Sets the system association for a connector.
post
Grant permissions on a database
post
Grant permissions on a domain collection.
post
Grant permissions on domains
post
Set escrow key from file.
post
Sets an mfa token on an account
post
Grant permissions on resource collections
post
Grant permissions on resources
post
Sets a list of grants associated with a collection of secrets.
post
Sets permissions on a secret
post
Sets the permissions on a folder.
post
Grant permissions on SSH keys collection
post
Grants permissions on SSH keys
post
Terminate an active session
post
Update an account
post
Update a database
post
Updates a domain
post
Updates password of an account
post
Update a system
post
UpdateSecret - Updates a secret
post
Updates a secret folder.
post
Update server settings
post
Update fields on an SSH key.
post
Upload secret file in chunks.
post
Walks thru a checklist of items to verify a domain administrative account can help manage local accounts on a domain joined system
post
Get login url.
post
Add a subscription.
post
Create a multiplexed account.
post
Delete a multiplexed account.
post
Delete a subscription.
post
Get all delayed multiplexed accounts.
post
Get multiplexed account.
post
Get list of permissions associated with a multiplexed account
post
Get multiplexed account rights.
post
Get all multiplexed accounts.
post
Get a subscription.
post
Gets list of grants associated with collection of subscriptions
post
Get list of permissions associated with a subscription
post
Get subscription rights.
post
Push a subscription.
post
Grant permissions on a multiplexed account
post
Grant permissions on a subscription collection
post
Grant permissions on a subscription
post
Sync my subscriptions.
post
Update a multiplexed account.
post
Update a subscription.
post
Add a vault.
post
Delete a vault.
post
Get all vaults.
post
Get all sites in a vault.
post
Get all templates in a vault.
post
Get vault sync job history.
post
Get information of a specific vault sync job.
post
Get a vault.
post
Get a site in a vault.
post
Grant permissions on vault collection.
post
Grant permissions on vaults.
post
Sync systems and accounts from a vault.
post
Update vault information
post
Verify connectivity to a vault.
post
Create assignment.
post
Delete expired assignments.
post
Get all roles.
post
Get workflow approvers.
post
Get the domain configuration.
post
Get resource roles.
post
Refresh the resource's "zone joined" status.
post
Validate user role request.
post
Application Management
Get meta
post
Check if the apps are up to latest which is the template version in the app catalog.
post
Delete an application.
post
Returns a list of all apps that can be updated.
post
Returns credentials required to launch the app.
post
Gets the ID of an app from its service name
post
Get information for an application.
post
Returns a list of apps that are no longer supported.
post
Get information for application templates.
post
Create an application.
post
Checks if Application is still available in the catalog.
post
Refresh the file metadata in case the file has been changed by direct upload to distributed FS. This API needs to be called in AWS after the distributed file is commited to the S3 storage from the browser.
post
Retrieve a publicly uploadable, SAS key secured URL (for Azure) or presigned URL (for AWS) for the app binary.
post
Update an application.
post
Get an application's data.
post
Return a user's portal applications and how the user has access to each application.
post
Get the list of application tags for the current user.
post
Gets all available data for the user portal in one call.
post
Set user credentials for an application.
post
Add and update application tags for the current user.
post
Workflow Management
Deletes a workflow job
post
Sends a workflow event to a workflow
post
Gets a workflow job
post
Gets list of workflow jobs
post
Gets list of workflow jobs associated with the current user
post
Starts a workflow job
post
Server Management
Run Discovery
post
Get Discovery Status
post
Get Discovery Profiles
post
Role Management
/SaasManage/GetRoleApps
post
Server Session
/serversession/jumpterm
get
Server Agent
/ServerAgent/AddEnrollmentCode
post
uprest
HandleAppClick
get
getSSOToken
get
Application Management
/saasManage/GetScript
post
/SaaSManage/SetApplicationPermissions
post
Analytics
/rules/webhook
post
/rules/webhook/test
post
/rules/{id}/status
post
/rules
get
/file/export/rules/webhook/{name}
post
/file/import/rules/webhook
post
/rules/{id}
delete
/apis/access_tokens
post
/apis/access_tokens
get
/apis/scopes
get
/apis/access_tokens/{id}/activate
put
/apis/access_tokens/{id}/inactivate
put
/apis/access_tokens/{id}
delete
/dataset/system/models
get
Reapply device policies (Mobile + OSX)
post
https://example.com/MobilePas/ReapplyDevicePolicy
Language
Shell
Node
Ruby
PHP
Python