Managed Accounts

There are two different ways to interact with managed accounts:

  1. Role-based:Requestor, Requestor/Approver, or ISA role assigned for requesting access to a specific managed account.
  2. Permission-based: A user with appropriate Password Safe Account Management permission for provisioning accounts and viewing the definition of a managed account.

Role-based Access

Quick Navigation

For more information on related topics, please see:

GET ManagedAccounts

Returns a list of managed accounts (or a single managed account depending on the query parameters provided) that can be requested by the current user.

Requestor, Requestor/Approver, or ISA role

Only managed accounts with the Enable for API Access setting enabled will be returned.

  • systemName: (optional) Name of the managed system.
  • accountName: (optional) Name of the managed account.
  • workgroupName: (optional) Name of the Workgroup.
  • applicationDisplayName: (optional, when given, type must be application) Display name of the application.
  • ipAddress: (optional, when given type must be one of system, domainlinked, or database) IP Address of the managed asset.
  • type: (optional/recommended) Type of the managed account to return.
    • system: Returns local accounts.
    • domainlinked: Returns domain accounts linked to systems.
    • database: Returns database accounts.
    • cloud: Returns cloud system accounts.
    • application: Returns application accounts
  • limit: (optional) (default: 1000) Number of records to return
  • offset: (optional) (default: 0) Number of records to skip before returning <limit> records

None

Content-Type: application/json

{
    PlatformID: int,
    SystemId: int,
    SystemName: string,
    DomainName: string,
    AccountId: int,
    AccountName: string,
    InstanceName: string,
    ApplicationID: int,
    ApplicationDisplayName: string,
    DefaultReleaseDuration: int,
    MaximumReleaseDuration: int,
    LastChangeDate: datetime,
    NextChangeDate: datetime,
    IsChanging: bool,
    IsISAAccess: bool,
    PreferredNodeID: string
}

Content-Type: application/json

[
    {
        PlatformID: int,
        SystemId: int,
        SystemName: string,
        DomainName: string,
        AccountId: int,
        AccountName: string,
        InstanceName: string,
        ApplicationID: int,
        ApplicationDisplayName: string,
        DefaultReleaseDuration: int,
        MaximumReleaseDuration: int,
        LastChangeDate: datetime,
        NextChangeDate: datetime,
        IsChanging: bool,
        IsISAAccess: bool,
        PreferredNodeID: string
    },
    …
]
  • PlatformID: ID of the managed system Platform.
  • SystemId: ID of the managed system.
  • SystemName: Name of the managed system.
  • DomainName: The domain name for a domain-type account.
  • AccountId: ID of the managed account.
  • AccountName: Name of the managed account.
  • InstanceName: Database instance name of a database-type managed system, or empty for the default instance.
  • ApplicationID: ID of the application for application-based access

For more information, please see the query parameter type in the Query Parameters.

  • ApplicationDisplayName: Display name of the application for application-based access
  • DefaultReleaseDuration (minutes): Default release duration.
  • MaximumReleaseDuration (minutes): Maximum release duration.
  • LastChangeDate: The date and time of the last password change.
  • NextChangeDate: The date and time of the next scheduled password change.
  • IsChanging: True if the account credentials are in the process of changing, otherwise false.
  • IsISAAccess: True if the account is for Information Systems Administrator (ISA) access, otherwise false.

For more information, please see the query parameter type in the Query Parameters.

If true, credential access is through POST ISA Requests and session access is through POST ISA Sessions.

If false, credential access is through POST Requests and GET Credentials; session access is through POST Requests and POST Requests/{requestID}/Sessions.

  • PreferredNodeID: ID of the node that is preferred for establishing Sessions. If no node is preferred, returns the local node ID.

200 - Request successful. Requestable Account(s) in the response body.

For more information, please see Common Response Codes.

GET ManagedAccounts?systemName={systemName}&accountName={accountName}

This API has been replaced by optional query parameters on GET ManagedAccounts.