Appendix
Migration From v1 or v2
Any script or application written for v1 or v2 of the API needs some minor modifications to work with v3, namely the Authorization header and URL endpoints.
Authorization Header
In v1 and v2, the authorization header was used solely for the API application key. Now it is used to communicate the API application key as well as the RunAs username.
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Add("Authorization", "PS-Auth key=C9AB26FB-B322- ED97-A34C-215CA4D9630C; runas=doe-main\johndoe;");$headers = @{ Authorization="PS-Auth key=C9AB26FB-B322-ED97-A34C-215CA4D9630C; runas=doe-main\johndoe;"; };Endpoint Comparison
Note the use of https/SSL and removal of PasswordSafe segment in v3:
- v1 base endpoint: http://the-server/BeyondTrust/api/public/v1/PasswordSafe
- v2 base endpoint: http://the-server/BeyondTrust/api/public/v2/PasswordSafe
- v3 base endpoint: https://the-server/BeyondTrust/api/public/v3
Endpoint Mapping
Migration from v1
| V1 | V3 | ||
|---|---|---|---|
|
Method |
Endpoint |
Method |
Endpoint |
|
GET |
/v1/PasswordSafe/GetPublicKey |
<deprecated> |
|
|
GET |
/v1/PasswordSafe/SignIn |
<deprecated> |
|
|
GET |
/v1/PasswordSafe/Signout |
POST |
/v3/Auth/Signout |
|
GET |
/v1/PasswordSafe/SignAppIn |
POST |
/v3/Auth/SignAppin |
|
GET |
/v1/PasswordSafe/SecureSignAppIn |
<deprecated> |
|
|
GET |
/v1/PasswordSafe/GetManagedAccountsList |
GET |
/v3/ManagedAccounts |
|
POST |
/v1/PasswordSafe/ImmediatePasswordRequest |
POST |
/v3/Requests |
|
GET |
/v1/PasswordSafe/GetPendingRequests |
GET |
/v3/Requests?status=pending |
|
GET |
/v1/PasswordSafe/GetActiveRequests |
GET |
/v3/Requests?status=active |
|
POST |
/v1/PasswordSafe/RetrievePassword |
GET |
/v3/Credentials/{requestId} |
|
POST |
/v1/PasswordSafe/RetrieveSecurePassword |
<deprecated> |
|
|
POST |
/v1/PasswordSafe/ReleasePassword |
PUT |
/v3/Requests/{requestId}/Checkin |
Migration from v2
| v2 | v3 | ||
|---|---|---|---|
| Method | Endpoint | Method | Endpoint |
|
GET |
/v2/PasswordSafe/GetPublicKey |
<deprecated> |
|
|
GET |
/v2/PasswordSafe/SignIn |
<deprecated> |
|
|
POST |
/v2/PasswordSafe/Signout |
POST |
/v3/Auth/Signout |
|
POST |
/v2/PasswordSafe/SignAppIn |
POST |
/v3/Auth/SignAppin |
|
POST |
/v2/PasswordSafe/SecureSignAppIn |
<deprecated> |
|
|
GET |
/v2/PasswordSafe/GetManagedAccountsList |
GET |
/v3/ManagedAccounts |
|
POST |
/v2/PasswordSafe/ImmediatePasswordRequest |
POST |
/v3/Requests |
|
GET |
/v2/PasswordSafe/GetPendingRequests |
GET |
/v3/Requests?status=pending |
|
GET |
/v2/PasswordSafe/GetActiveRequests |
GET |
/v3/Requests?status=active |
|
POST |
/v2/PasswordSafe/RetrievePassword |
GET |
/v3/Credentials/{requestId} |
|
POST |
/v2/PasswordSafe/RetrieveSecurePassword |
<deprecated> |
|
|
POST |
/v2/PasswordSafe/ReleasePassword |
PUT |
/v3/Requests/{requestId}/Checkin |
|
GET |
/v2/PasswordSafe/GetWorkgroups |
GET |
/v3/Workgroups |
|
POST |
/v2/PasswordSafe/QueueImport |
POST |
/v3/Imports |
