Synced accounts
Synced accounts are managed accounts subscribed/synced to another managed account.
Quick navigation
- GET ManagedAccounts/{id}/SyncedAccounts
- POST ManagedAccounts/{id}/SyncedAccounts/{syncedAccountID}
- DELETE ManagedAccounts/{id}/SyncedAccounts
- DELETE ManagedAccounts/{id}/SyncedAccounts/{syncedAccountID}
GET ManagedAccounts/{id}/SyncedAccounts
Purpose
Returns a list of subscribed/synced managed accounts by managed account ID.
Required permissions
Password Safe Account Management (Read).
URL parameters
id: ID of the parent managed account.
Request body
None.
Response body
Content-Type: application/json
[ { ManagedAccountID : int, ManagedSystemID : int, DomainName : string, AccountName : string, DistinguishedName : string, PasswordFallbackFlag : bool, LoginAccountFlag : bool, Description : string, PasswordRuleID : int, ApiEnabled : bool, ReleaseNotificationEmail : string, ChangeServicesFlag : bool, RestartServicesFlag : bool, ReleaseDuration : int, MaxReleaseDuration : int, ISAReleaseDuration : int, MaxConcurrentRequests : int, AutoManagementFlag : bool, DSSAutoManagementFlag : bool, CheckPasswordFlag : bool, ResetPasswordOnMismatchFlag : bool, ChangePasswordAfterAnyReleaseFlag : bool, ChangeFrequencyType : string, ChangeFrequencyDays : int, ChangeTime : string, ParentAccountID : int, // can be null IsSubscribedAccount : bool, LastChangeDate : datetime, // can be null NextChangeDate : datetime, // can be null IsChanging : bool, ChangeState : int, UseOwnCredentials : bool, ChangeIISAppPoolFlag : bool, RestartIISAppPoolFlag : bool, WorkgroupID : int, // can be null ChangeWindowsAutoLogonFlag : bool, ChangeComPlusFlag : bool, ChangeDComFlag : bool, ChangeSComFlag : bool, }, … ]
Response body details
- DomainName: The domain name for a domain-type account.
- AccountName: The name of the account.
- DistinguishedName: The distinguished name of an LDAP managed account.
- PasswordFallbackFlag: True if failed DSS authentication can fall back to password authentication, otherwise false.
- LoginAccountFlag: True if the account should use the managed system login account for SSH sessions, otherwise false.
- Description: A description of the account.
- PasswordRuleID: ID of the password rule assigned to this managed account.
- ApiEnabled: True if the account can be requested through the API, otherwise false.
- ReleaseNotificationEmail: Email address used for notification emails related to this managed account.
- ChangeServicesFlag: True if services run as this user should be updated with the new password after a password change, otherwise false.
- RestartServicesFlag: True if services should be restarted after the run as password is changed (ChangeServicesFlag), otherwise false.
- ReleaseDuration: (minutes: 1-525600) Default release duration.
- MaxReleaseDuration: (minutes: 1-525600) Default maximum release duration.
- ISAReleaseDuration: (minutes: 1-525600) Default Information Systems Administrator (ISA) release duration.
- MaxConcurrentRequests: (0-999, 0 is unlimited) Maximum number of concurrent password requests for this account.
- AutoManagementFlag: True if password auto-management is enabled, otherwise false.
- DSSAutoManagementFlag: True if DSS key auto-management is enabled, otherwise false.
- CheckPasswordFlag: True to enable password testing, otherwise false.
- ChangePasswordAfterAnyReleaseFlag: True to change passwords on release of a request, otherwise false.
- ResetPasswordOnMismatchFlag: True to queue a password change when scheduled password test fails, otherwise false.
- ChangeFrequencyType: The change frequency for scheduled password changes:
- first: Changes scheduled for the first day of the month.
- last: Changes scheduled for the last day of the month.
- xdays: Changes scheduled every x days (ChangeFrequencyDays).
- ChangeFrequencyDays: (days: 1-999) When ChangeFrequencyType is xdays, password changes take place this configured number of days.
- ChangeTime: (24hr format: 00:00-23:59) UTC time of day scheduled password changes take place.
- ParentAccountID: If this is a subscribed account (IsSubscribedAccount), this is the ID of the parent managed account.
- IsSubscribedAccount: True if the account is a synced or subscribed account, otherwise false.
- LastChangeDate: The date and time of the last password change.
- NextChangeDate: The date and time of the next scheduled password change.
- IsChanging: True if the account credentials are in the process of changing, otherwise false.
- ChangeState: The change state of the account credentials:
- 0: Idle / no change taking place or scheduled within 5 minutes.
- 1: Changing / managed account credential currently changing.
- 2: Queued / managed account credential is queued to change or scheduled to change within 5 minutes.
For more information, please see Configure Subscriber Accounts.
Response codes
200 – Request successful. Linked Managed Account in the response body.
For more information, please see Common response codes.
POST ManagedAccounts/{id}/SyncedAccounts/{syncedAccountID}
Purpose
Subscribes/syncs a managed account to the managed account referenced by ID.
Required permissions
Password Safe Account Management (Read/Write).
URL parameters
- id: ID of the parent managed account.
- syncedAccountID: ID of the synced managed account.
Request body
None.
Response body
Content-type: application/json
{ ManagedAccountID : int, ManagedSystemID : int, DomainName : string, AccountName : string, DistinguishedName : string, PasswordFallbackFlag : bool, LoginAccountFlag : bool, Description : string, PasswordRuleID : int, ApiEnabled : bool, ReleaseNotificationEmail : string, ChangeServicesFlag : bool, RestartServicesFlag : bool, ReleaseDuration : int, MaxReleaseDuration : int, ISAReleaseDuration : int, MaxConcurrentRequests : int, AutoManagementFlag : bool, DSSAutoManagementFlag : bool, CheckPasswordFlag : bool, ResetPasswordOnMismatchFlag : bool, ChangePasswordAfterAnyReleaseFlag : bool, ChangeFrequencyType : string, ChangeFrequencyDays : int, ChangeTime : string, ParentAccountID : int, // can be null IsSubscribedAccount : bool, LastChangeDate : datetime, // can be null NextChangeDate : datetime, // can be null IsChanging : bool, ChangeState : int, UseOwnCredentials : bool, ChangeIISAppPoolFlag : bool, RestartIISAppPoolFlag : bool, WorkgroupID : int, // can be null ChangeWindowsAutoLogonFlag : bool, ChangeComPlusFlag : bool, ChangeDComFlag : bool, ChangeSComFlag : bool, }
Response body details
- AccountName: The name of the account.
- PasswordFallbackFlag: True if failed DSS authentication can fall back to password authentication, otherwise false.
- LoginAccountFlag: True if the account should use the managed system login account for SSH sessions, otherwise false.
- Description: A description of the account.
- PasswordRuleID: ID of the password rule assigned to this managed account.
- ApiEnabled:True if the account can be requested through the API, otherwise false.
- ReleaseNotificationEmail: Email address used for notification emails related to this managed account.
- ChangeServicesFlag: True if services run as this user should be updated with the new password after a password change, otherwise false.
- RestartServicesFlag: True if services should be restarted after the run as password is changed (ChangeServicesFlag), otherwise false.
- ReleaseDuration: (minutes: 1-525600) Default release duration.
- MaxReleaseDuration: (minutes: 1-525600) Default maximum release duration.
- ISAReleaseDuration: (minutes: 1-525600) Default Information Systems Administrator (ISA) release duration.
- MaxConcurrentRequests: (0-999, 0 means unlimited) Maximum number of concurrent password requests for this account.
- AutoManagementFlag: True if password auto-management is enabled, otherwise false.
- DSSAutoManagementFlag: True if DSS key auto-management is enabled, otherwise false.
- CheckPasswordFlag: True to enable password testing, otherwise false.
- ChangePasswordAfterAnyReleaseFlag: True to change passwords on release of a request, otherwise false.
- ResetPasswordOnMismatchFlag: True to queue a password change when scheduled password test fails, otherwise false.
- ChangeFrequencyType: The change frequency for scheduled password changes:
- first: Changes scheduled for the first day of the month.
- last: Changes scheduled for the last day of the month.
- xdays: Changes scheduled every x days (ChangeFrequencyDays).
- ChangeFrequencyDays: (days: 1-999) When ChangeFrequencyType is xdays, password changes take place this configured number of days.
- ChangeTime: (24hr format: 00:00-23:59) UTC time of day scheduled password changes take place.
- ParentAccountID: If this is a subscribed account (IsSubscribedAccount), this is the ID of the parent managed account.
- IsSubscribedAccount: True if the account is a synced or subscribed account, otherwise false.
- LastChangeDate: The date and time of the last password change.
- NextChangeDate: The date and time of the next scheduled password change.
- IsChanging: True if the account credentials are in the process of changing, otherwise false.
- ChangeState: The change state of the account credentials:
- 0: Idle / no change taking place or scheduled within 5 minutes.
- 1: Changing / managed account credential currently changing.
- 2: Queued / managed account credential is queued to change or scheduled to change within 5 minutes.
For more information, please see Configure Subscriber Accounts.
Response codes
- 200 – Account was already synced. Managed Account in the response body.
- 201 – Account was synced successfully. Managed Account in the response body.
For more information, please see Common response codes.
DELETE ManagedAccounts/{id}/SyncedAccounts
Purpose
Unsubscribes/unsyncs all managed accounts from the parent managed account by ID.
Required permissions
Password Safe Account Management (Read/Write).
URL parameters
id: ID of the parent managed account.
Request body
None.
Response body
None.
Response codes
200 – Request successful.
For more information, please see Common response codes.
DELETE ManagedAccounts/{id}/SyncedAccounts/{syncedAccountID}
Purpose
Unsubscribes/unsyncs a managed account from the managed account by ID.
Required permissions
Password Safe Account Management (Read/Write).
URL parameters
- id: ID of the parent managed account.
- syncedAccountID: ID of the synced managed account.
Request body
None.
Response body
None.
Response codes
200 – Request successful.
For more information, please see Common response codes.