Security
The following Security operations can be performed:
| • | GET /backup_encryption_settings |
| • | GET /systemEncryption |
| • | GET /domains |
| • | GET /domains/groups |
| • | POST/domains/groups/sync |
| • | GET /backup_encryption_settings |
| • | GET /domains/domain_users |
| • | GET /generateUUID |
| • | GET /systemEncryption |
| • | PUT /systemEncryption |
GET /backup_encryption_settings
This API is used to backup the encryption settings to a password protected file for server recovery in case of emergency.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
encryptionPassword |
Encryption Password |
query |
string |
Example to backup the encryption settings
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/backup_encryption_settings?encryptionPassword=testPassword" -o backup_encryption_settings.txt
POST /import_encryption_settings
This API is used to restore the encryption settings from the backup file. You must know the password that was used to protect the backup file.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
file |
Name of the file to be imported |
query |
object |
|
encryptionPassword |
Encryption Password |
query |
string |
Example to restore the encryption settings
curl -u "admin:admin" -i -F "encryptionPassword=testPassword" -F "file=@backup_encryption_settings.txt" -X POST "http://localhost:9400/rest/security/v1/import_encryption_settings"
GET /domains
This API is used to get all domains.
Parameters:
None
Example to get all domains
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/domains"
GET /domains/groups
This API is used to get all domain groups.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
domain |
The name of the domain |
path |
string |
Example to get all “composite” domain groups
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/domains/composite/groups"
POST/domains/groups/sync
This API is used to synchronize the given users in all external ldap domain groups for an external ldap domain.
Parameters
|
Name |
Description |
Parameter Type |
Data Type |
|
domain |
The name of domain |
path |
string |
Request Body
Example Value - Schema
[
"string"
]
Example to synchronize the groups of "ldap" domain users "user1" and "user2"
curl -X POST "https://localhost:9402/rest/security/v1/domains/ldap/groups/sync" -H "accept: */*" -H "Content-Type: application/json" -d "[\"user1\",\"user2\"]"
GET /domains/domain_users
This API is used to get all domain users.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
domain |
The name of the domain |
path |
string |
Example to get all “composite” domain users
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/domains/composite/users"
GET /generateUUID
This API is used to get the randomly generated system UUID.
Parameters:
None
Example to get the system randomly generated UUID.
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/generateUUID"
GET /systemEncryption
This API is used to get the system encryption settings.
Parameters:
None
Example to get the system encryption settings.
curl -X GET -u admin:admin "http://localhost:9400/rest/security/v1/systemEncryption"
PUT /systemEncryption
This API is used to update the system encryption settings. Can take a long time in large database to re-encrypt data.
Parameters:
|
Name |
Description |
Parameter Type |
Data Type |
|
body |
Encryption settings (algorithm, password, uuid, key size |
body |
Model schema |
Request Body
Example Value - Schema
{
“algorithm”: "string",
“password”: “string”,
“uuid”: “string”,
“keySize”: “string”
]
Example to update the system encryption settings
curl -X PUT -u admin:admin "http://localhost:9400/rest/security/v1/systemEncryption" -H "Content-Type:application/json" -d "{\"password\":\"MyTestEncryptionPassword\",\"uuid\":\"0b352e1e-ab56-4271-a813-31183df63788\"}"