Creates an authenticated URL to start a remote session in PAM Core.
Requirements
- Authorization with read and write access permission for web proxy sessions in PAM Core.
Request
POST api/pam/remote/session
Request Parameters
| Parameter | Type | Required | Description | Note |
|---|---|---|---|---|
user |
String | Yes | Username used for authentication. | Must be a registered user in the system. |
credential |
String | Yes | Username of the credential used in this web proxy session. | |
device |
String | Yes | Hostname or IP address of the target device. | |
protocol |
String | Yes | Network protocol (SSH, RDP, HTTPS, among others). | |
remotedevice |
String | No | Device ID, IP address, or hostname for the web proxy session. | Required only if the session uses domain credentials. |
remoteAddr |
String | No | User's IP address. | This IP address will be used throughout the session. |
port |
Integer | No | Port used throughout the session. | By default, uses the chosen device's port unless specified. |
remoteapp |
Integer | No | RemoteApp ID. | Only for RemoteApp sessions. |
screensize |
String | No | Screen resolution. | Example: 1900x1200 |
Request Example
{
"user": "usuario",
"credential": "credencial",
"device": "192.168.1.1",
"protocol": "SSH",
"remotedevice": "192.168.1.2",
"remoteAddr": "192.168.1.3",
"port": 22,
"remoteapp": 1,
"screensize": "1920x1080"
}
Response
{
"code": 200,
"response": {
"status": 200,
"message": "Session created successfully",
"error": false,
"error_code": 0,
"detail": "",
"mensagem": "Session created successfully",
"erro": false,
"cod_erro": 0
},
"tenant": "Segura",
"session": {
"session_url": "https://<Platform URL>/modulos/auth?_sr=cmJzOi8vTmJQOG1GckRWeHFFY1FkNi8wRUF5bHoweWw3cUdyUk5JbE1oaXZ3TytLak5sUGsydUZ2YnRQaUdhU3YwaUl0TVRILzZHWWtPWjdZdXNKeE01NHFsaVlFdkRqMGZtOG5vbXNDc0d5bUNDdUt2YWFSclJjTG1scUIxSnBUTXdq",
"token": "6a3afbb1************b32262"
}
}
Response Body Fields
| Field | Type | Description |
|---|---|---|
session |
Object | Data of the created session. |
session_url |
String | URL to start the authenticated web proxy session. |
token |
String | Authentication token associated with the web proxy session. |
Attention
The token value is sensitive and must be kept confidential.
Common Errors
| Status/Error Code | Message | Possible Cause | Solution |
|---|---|---|---|
| 400 – Bad Request | "Username not specified" | The required username parameter for the session was not provided. | Provide a username already registered in Segura and resend the request. |
| 400 – Bad Request | "Credential not specified" | The required credential parameter for the session was not provided. | Provide the credential and resend the request. |
| 400 – Bad Request | "Credential device not specified" | The required device parameter for the session was not provided. | Provide the device of the target device and resend the request. |
| 400 – Bad Request | "Invalid protocol" | The required protocol parameter for the session was not provided. | Provide a value for the protocol parameter and resend the request. |
| 404 – Not Found | "Resource sub not found" | The URL or requested resource is incorrect. | Check the URL and ensure all parameters are correct. |
| 500 – Internal Server Error | "Unexpected error." | The error is on the Segura server. | Contact the support team for more information. |
| 500 – Internal Server Error | "You are not authorized to access this resource." | You do not have authorization to access this resource. | Ask the administrator to verify your access permission to Web Proxy Session resources in A2A. |
| Client authentication failed | "Client authentication failed." | Authentication failure of your application with the Segura server. | Check authentication parameters such as Access Token URL, Client ID, and Client secret, and request a new token. |
| Invalid signature | "Invalid signature" | Failure to recognize the client application URL. | Verify the client application URL and resend the request. |
| No route matched with those values | "No route matched with those values." | Missing authorization header in the API request. | Request a new access token. |
| Request timed out | "Request timed out." | The request time expired. | Check connectivity between the request origin and the Segura server. |