Appendix

Migration from v1 or v2

Any script or application written for v1 or v2 of the API will need some minor modifications to work with v3, namely the Authorization header and URL endpoints.

Authorization Header

In v1 and v2 the authorization header was used solely for the API Application Key. Now it is used to communicate the API Application Key as well as the RunAs username.

 

C#
HttpClient client = new HttpClient();

client.DefaultRequestHeaders.Add("Authorization", "PS-Auth key=C9AB26FB-B322- ED97-A34C-215CA4D9630C; runas=doe-main\johndoe;");
Powershell
$headers = @{ Authorization="PS-Auth key=C9AB26FB-B322-ED97-A34C-215CA4D9630C; runas=doe-main\johndoe;"; };

Endpoint Comparison

Note the use of https/SSL and removal of PasswordSafe segment in v3:

  • v1 base endpoint: http://the-server/BeyondTrust/api/public/v1/PasswordSafe
  • v2 base endpoint: http://the-server/BeyondTrust/api/public/v2/PasswordSafe
  • v3 base endpoint: https://the-server/BeyondTrust/api/public/v3

Endpoint Mapping

Migration from v1

V1 V3

Method

Endpoint

Method

Endpoint

GET

/v1/PasswordSafe/GetPublicKey

<deprecated>

GET

/v1/PasswordSafe/SignIn

<deprecated>

GET

/v1/PasswordSafe/Signout

POST

/v3/Auth/Signout

GET

/v1/PasswordSafe/SignAppIn

POST

/v3/Auth/SignAppin

GET

/v1/PasswordSafe/SecureSignAppIn

<deprecated>

GET

/v1/PasswordSafe/GetManagedAccountsList

GET

/v3/ManagedAccounts

POST

/v1/PasswordSafe/ImmediatePasswordRequest

POST

/v3/Requests

GET

/v1/PasswordSafe/GetPendingRequests

GET

/v3/Requests?status=pending

GET

/v1/PasswordSafe/GetActiveRequests

GET

/v3/Requests?status=active

POST

/v1/PasswordSafe/RetrievePassword

GET

/v3/Credentials/{requestId}

POST

/v1/PasswordSafe/RetrieveSecurePassword

<deprecated>

POST

/v1/PasswordSafe/ReleasePassword

PUT

/v3/Requests/{requestId}/Checkin

Migration from v2

v2 v3
Method Endpoint Method Endpoint

GET

/v2/PasswordSafe/GetPublicKey

<deprecated>

GET

/v2/PasswordSafe/SignIn

<deprecated>

POST

/v2/PasswordSafe/Signout

POST

/v3/Auth/Signout

POST

/v2/PasswordSafe/SignAppIn

POST

/v3/Auth/SignAppin

POST

/v2/PasswordSafe/SecureSignAppIn

<deprecated>

GET

/v2/PasswordSafe/GetManagedAccountsList

GET

/v3/ManagedAccounts

POST

/v2/PasswordSafe/ImmediatePasswordRequest

POST

/v3/Requests

GET

/v2/PasswordSafe/GetPendingRequests

GET

/v3/Requests?status=pending

GET

/v2/PasswordSafe/GetActiveRequests

GET

/v3/Requests?status=active

POST

/v2/PasswordSafe/RetrievePassword

GET

/v3/Credentials/{requestId}

POST

/v2/PasswordSafe/RetrieveSecurePassword

<deprecated>

POST

/v2/PasswordSafe/ReleasePassword

PUT

/v3/Requests/{requestId}/Checkin

GET

/v2/PasswordSafe/GetWorkgroups

GET

/v3/Workgroups

POST

/v2/PasswordSafe/QueueImport

POST

/v3/Imports