PAM Core APIs

About PAM Core APIs

This article contains information about what PAM Core APIs are, how they work, and their main use cases.

What are PAM Core APIs?

PAM Core APIs are part of senhasegura's A2A module. They are a REST-based solution for consulting, creating, updating, activating, and deactivating devices, credentials, protected information, proxy sessions, and SSH keys.

Functionalities

PAM Core APIs functionalities include:

• Devices API: retrieve one or a list of registered devices, create, update, activate, and deactivate a device.

• Credentials API: retrieve one or a list of registered credentials; create, activate, and deactivate a credential; and release the custody of a credential.

• Protected information API: retrieve, create, and deactivate privileged information data.

• Proxy API: create an authenticated URL for a web session and terminate a proxy session.

• SSH keys API: get a list of SSH keys registered as credentials, create or update a credential registered as an SSH key, and deactivate an SSH key.

Applicabilities

PAM Core APIs can be used in various scenarios, such as:

Integration with CMDB tools

Automate device and credential management in senhasegura by seamlessly integrating with Configuration Management Database (CMDB) tools. Our APIs enable CMDB tools to automatically create and manage devices in senhasegura, eliminating the need for manual configuration.

Integration with automation tools (RPA)

Leverage Robotic Process Automation (RPA) tools like Zapier to automate specific workflow actions. The APIs facilitate the interaction with senhasegura, enabling information modification based on specific workflow triggers.

Integration with custom applications

Support clients with in-house development teams by enabling custom applications to interact with senhasegura, streamlining daily operations. senhasegura's APIs empower custom applications to perform essential actions on the client's behalf within the Privileged Access Management (PAM) system.

PAM Core APIs configuration and use

To use the APIs effectively, it’s important to understand the aspects of authorization and authentication, as well as recommended practices for requests, responses, and potential errors.

Authorization

To get started, make sure PAM Core is listed under Authorized resources in your A2A module.

For more information on the authorization of an application, access How to create an authorization for an application.

Authentication

Following senhasegura’s recommendation to use OAuth 2.0 as your authentication method, each request in the APIs must use the Client ID and the Client secret to request a new Access token.

For more information on authentication, access How to authenticate an application.

Requests and responses

Requests are made using HTTP methods such as

GET, POST, PUT, DELETE

Parameters include id, name, username, among others, and depending on the endpoint, they can be sent as body, path or query.

For example, to query a device listed in PAM Core and accessible to your authorization, you should send a  GET request to the following endpoint:

/iso/pam/devices/[id]

Responses are returned in JSON format, making it easier for applications to parse and work with the data provided by the API.

Errors

The API returns standard HTTP status codes and includes error messages in the response body for easy understanding and troubleshooting.

Refer to the documentation of each API for detailed error code descriptions.

PAM Core APIs documentation links

For in-depth details and examples, please refer to the following documents:

• Devices API

• Credentials API

• Protected information API

• Proxy API

• SSH keys API