Credentials APIs

Credentials APIs

APIs for managing Credentials

Table of Contents

1. Get the Credentials

This API is used to fetch all credentials known to the system.

1.1. Prerequisites API

The following data is required

  • Resource type, resource name (FQDN), resource IP address (deprecated), account type or the domain name associated with the resource is required to filter the results. For allowable resource type values, refer : Get the Credentials API

  • "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.

Get All Credentials in Page

1.2. Steps API

  • Invoke the API by specifying the "pageNumber" and "pageSize" filters.

Tip : Other filters like "resourceName" , "resourceIp" (deprecated), "resourceType" and "domainName" can be additionally used as search criteria.

Tip : If no value for "pageNumber" and "pageSize" filters is specified, the API returns all known records in a single page.

Tip : Page number starts with 0.

Tip : A page size value equal to 0 will return all known records in a single page.

Note : The "resourceIp" parameter and "resourceIp" in response body are deprecated and will be removed. Please use "resourceName" (FQDN) field instead.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?pageNumber=0&pageSize=15' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials?pageNumber=0&pageSize=15 HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 8381

{
  "elements" : [ {
    "id" : "5064e116-91a6-4bf3-8006-c579ce06d4c9",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "2253388c-8e02-410c-9803-5ac652673801",
      "resourceName" : "sfo01-m01-esx01.rainpole.io",
      "resourceIp" : "10.0.0.100",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "0dc221c4-4beb-45a5-9ce1-460df98fcc8d",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "b87aef78-b40a-4744-b5dc-b7a7abcd15d4",
      "resourceName" : "sfo01-m01-esx03.rainpole.io",
      "resourceIp" : "10.0.0.102",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "9faab809-2c74-44ab-93a0-fdade52fb7da",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "e40a0f9d-a6c8-4cbd-a092-4170c093f8a8",
      "resourceName" : "sfo01-m01-esx04.rainpole.io",
      "resourceIp" : "10.0.0.103",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "fa163616-f4f5-4ce1-bef4-642d06930b9c",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "c134584c-b443-4e54-9dd4-2816cf40f188",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "14a478e3-aa07-48d6-b544-2f9806eacc5f",
    "credentialType" : "SSO",
    "accountType" : "USER",
    "username" : "[email protected]",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "2a53f605-5770-4882-99de-8ad2d0894bfe",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "PSC",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "b7f36f25-c504-4d1e-b61f-bed6aac9a178",
    "credentialType" : "SSO",
    "accountType" : "SERVICE",
    "username" : "[email protected]",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "5fb4edfa-6030-412a-b06d-218f7290f286",
      "resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "804deb0a-e48d-4787-a68d-e2a24adeb6c1",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "e6c2104d-592e-4459-9d07-62b80081cf0b",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "8dd2e597-9114-4cad-a268-e622ec252ae7",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "a923b46d-9c03-4f71-a9cd-fc825eef6d72",
      "resourceName" : "sfo-vrli01.rainpole.io",
      "resourceIp" : "10.0.0.15",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "a7ed09b8-8ed3-4658-8572-45b4ae2ecf79",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "15d78784-11d3-4cb6-a15f-0d6b66a0a4f0",
      "resourceName" : "sfo-vrli01b.rainpole.io",
      "resourceIp" : "10.0.0.16",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "f117179c-5ddf-4920-bc30-77d5b3011b76",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "4dd4663c-f736-40b8-8852-8198e38871c9",
      "resourceName" : "xreg-vrops01a.rainpole.io",
      "resourceIp" : "10.0.1.33",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "60dd35ef-035b-4dad-b226-b8ca2ffbfcc3",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "92da1947-ba61-4499-8432-363b1edb8c36",
      "resourceName" : "xreg-vrops01.rainpole.io",
      "resourceIp" : "10.0.0.31",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "86c092df-8c44-4640-a2df-9426f1cbd8ef",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "0121e046-9466-4893-80bd-fda9fe395a88",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "a4cb1632-cbea-485b-a02b-58ec7113b20c",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin@localhost",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.296Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.296Z",
    "resource" : {
      "resourceId" : "eb853e81-6c70-4440-8f1a-5ad316142edb",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 15,
    "totalElements" : 15,
    "totalPages" : 1
  }
}

Get All Credentials

1.3. Steps API

  • Invoke the API.

Tip : For a scaled environment, it is always recommended to provide "resourceType" filter for avoiding timeouts.

Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 8381

{
  "elements" : [ {
    "id" : "8d579afc-539b-47d1-b9c5-ef933c0c7aa5",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.819Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.819Z",
    "resource" : {
      "resourceId" : "7c57e223-6621-46f8-8c6a-5bc531d51b38",
      "resourceName" : "sfo01-m01-esx01.rainpole.io",
      "resourceIp" : "10.0.0.100",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.819Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.819Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "26120b04-a4c6-4a55-a131-cf38a3848b02",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.819Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.819Z",
    "resource" : {
      "resourceId" : "852333a3-ff10-49c6-81d9-377877f83f15",
      "resourceName" : "sfo01-m01-esx03.rainpole.io",
      "resourceIp" : "10.0.0.102",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "f58e1375-10ac-44a4-8829-5dcd4a776387",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.819Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.819Z",
    "resource" : {
      "resourceId" : "1a9093f6-fdfb-497a-880e-6da4c2544cce",
      "resourceName" : "sfo01-m01-esx04.rainpole.io",
      "resourceIp" : "10.0.0.103",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "9ac94a5f-8bf3-49be-9962-1e9b2325a125",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.819Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.819Z",
    "resource" : {
      "resourceId" : "c134584c-b443-4e54-9dd4-2816cf40f188",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "b82d1f5b-57f6-4636-a805-b58a67dcc885",
    "credentialType" : "SSO",
    "accountType" : "USER",
    "username" : "[email protected]",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "ac114c26-fdd5-470a-8397-49aba9830e93",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "PSC",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "bc0e30bd-99b9-46b0-b19b-9bfd69f312ae",
    "credentialType" : "SSO",
    "accountType" : "SERVICE",
    "username" : "[email protected]",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "9a4a5be4-fe98-4c71-ae67-820dd1f5db1a",
      "resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "804deb0a-e48d-4787-a68d-e2a24adeb6c1",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "e6c2104d-592e-4459-9d07-62b80081cf0b",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "d4adfb2d-3e44-47ad-b3d4-769e9322d6aa",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "ca055fbf-9db0-4b79-8407-2dbc4afa98c6",
      "resourceName" : "sfo-vrli01.rainpole.io",
      "resourceIp" : "10.0.0.15",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "49406a57-d135-42bc-a88c-44f86c533d23",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "d4b82105-dcef-479c-802f-fd8bdb307406",
      "resourceName" : "sfo-vrli01b.rainpole.io",
      "resourceIp" : "10.0.0.16",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "b65cdf68-3cb9-44e7-899f-0288ccdb4ad7",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "38b9982d-b290-4cd4-8a2c-406dd44f16c5",
      "resourceName" : "xreg-vrops01a.rainpole.io",
      "resourceIp" : "10.0.1.33",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "c973b5d7-24bb-4cd5-b253-6a2ac19a58af",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "0464d7db-2b7b-4453-ab59-386b1a5dd138",
      "resourceName" : "xreg-vrops01.rainpole.io",
      "resourceIp" : "10.0.0.31",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "56154b06-1041-44a8-8648-208ef5b47c66",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "45c8663c-d75a-4380-a3e4-56846585b8b8",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "541124a4-20e1-4001-8cde-a01eea5c21d5",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin@localhost",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.820Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.820Z",
    "resource" : {
      "resourceId" : "7b348eba-6e70-4b5f-a3b7-136f6dc80cc8",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 15,
    "totalElements" : 15,
    "totalPages" : 1
  }
}

Get Credentials by "resourceName"
This API can be used to fetch the credentials associated with a resource with a specific name.

1.4. Steps API

  • Invoke the API by specifying the "resourceName".

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceName=sfo01-mo1-esx02.rainpole.io' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials?resourceName=sfo01-mo1-esx02.rainpole.io HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682

{
  "elements" : [ {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.159Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.159Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 1,
    "totalElements" : 1,
    "totalPages" : 1
  }
}

Get Credentials by "resourceIp" (Deprecated)
This API can be used to fetch the credentials associated with a resource with a specific IP address.

1.5. Steps API

  • Invoke the API by specifying the "resourceIp".

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceIp=10.0.0.101' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials?resourceIp=10.0.0.101 HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 682

{
  "elements" : [ {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:00.479Z",
    "modificationTimestamp" : "2024-06-21T02:40:00.479Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 1,
    "totalElements" : 1,
    "totalPages" : 1
  }
}

Get Credentials by "resourceType"
This API can be used to fetch the credentials associated with all the resources with a specific resource type.

1.6. Steps API

  • Invoke the API by specifying the "resourceType".

Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?resourceType=ESXI' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials?resourceType=ESXI HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2323

{
  "elements" : [ {
    "id" : "1d97eacc-3d00-4917-bf4c-61cac1116020",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.587Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.587Z",
    "resource" : {
      "resourceId" : "87bae06c-4fea-4ea6-96d4-eb1d6f3766ac",
      "resourceName" : "sfo01-m01-esx01.rainpole.io",
      "resourceIp" : "10.0.0.100",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.587Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.587Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "2086d45b-4972-4d36-8ae4-d35efbcd0672",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.587Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.587Z",
    "resource" : {
      "resourceId" : "d7a9e4a1-a21a-41ee-a999-c4de6933f11f",
      "resourceName" : "sfo01-m01-esx03.rainpole.io",
      "resourceIp" : "10.0.0.102",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "8bff7185-b5e3-499b-8c31-51a4d9a8076a",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:39:59.587Z",
    "modificationTimestamp" : "2024-06-21T02:39:59.587Z",
    "resource" : {
      "resourceId" : "6fddda43-147c-4f14-b5bd-4746af8015e6",
      "resourceName" : "sfo01-m01-esx04.rainpole.io",
      "resourceIp" : "10.0.0.103",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 4,
    "totalElements" : 4,
    "totalPages" : 1
  }
}

Get Credentials by "domainName"
This API can be used to fetch the credentials associated with all the resources belonging to a specific domain.

1.7. Steps API

  • Invoke the API by specifying the "domainName".

Tip : "pageNumber" and "pageSize" filters are recommended to be additionally used for limiting response content and also improving response time.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials?domainName=MGMT' -i -X GET \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials?domainName=MGMT HTTP/1.1
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 8381

{
  "elements" : [ {
    "id" : "5d236e5e-14e8-4d16-9fe9-2366846b469a",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "0a7c2d59-4599-4363-a43b-8cef6dac8baa",
      "resourceName" : "sfo01-m01-esx01.rainpole.io",
      "resourceIp" : "10.0.0.100",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
      "resourceName" : "sfo01-m01-esx02.rainpole.io",
      "resourceIp" : "10.0.0.101",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "14eceb75-c290-4d35-a07f-ebe29caa4483",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "a7790a99-fc13-4bd7-a8cd-d053efb05d86",
      "resourceName" : "sfo01-m01-esx03.rainpole.io",
      "resourceIp" : "10.0.0.102",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "a366db57-1820-4390-95f7-91b86c6019b9",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "9ff2a06d-5331-4952-a1af-46266829ce10",
      "resourceName" : "sfo01-m01-esx04.rainpole.io",
      "resourceIp" : "10.0.0.103",
      "resourceType" : "ESXI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "ed52afbb-940c-4dc1-83b2-53b62fb401ac",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "c134584c-b443-4e54-9dd4-2816cf40f188",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "c7573ceb-450c-4fa1-b088-4154aac6aecb",
    "credentialType" : "SSO",
    "accountType" : "USER",
    "username" : "[email protected]",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "6c4c991d-ed61-4cb7-8e44-8468ccb9733d",
      "resourceName" : "sfo01-m01-vc01.rainpole.io",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "PSC",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "fb52f196-10b2-433a-89ee-ac96d9af85e0",
    "credentialType" : "SSO",
    "accountType" : "SERVICE",
    "username" : "[email protected]",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "3a5e0763-1461-4cd4-a0d3-6f185c024d26",
      "resourceName" : "sfo01m01vcenter01.sfo01.rainpole.local",
      "resourceIp" : "10.0.0.6",
      "resourceType" : "VCENTER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "804deb0a-e48d-4787-a68d-e2a24adeb6c1",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "e6c2104d-592e-4459-9d07-62b80081cf0b",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceIp" : "10.0.0.9",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "99f8ff9d-71fe-4a80-b44b-9add8417e76d",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.046Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.046Z",
    "resource" : {
      "resourceId" : "b6e0690d-3ed4-4853-b5d6-1cc5bd6b21e7",
      "resourceName" : "sfo-vrli01.rainpole.io",
      "resourceIp" : "10.0.0.15",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "14674ce5-9661-4bef-b9e7-ccb2af7dc78f",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.047Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.047Z",
    "resource" : {
      "resourceId" : "e808b8df-10cf-422f-a095-bc8f396d5a2e",
      "resourceName" : "sfo-vrli01b.rainpole.io",
      "resourceIp" : "10.0.0.16",
      "resourceType" : "VRLI",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "659309ee-cf19-465b-974f-580a44f216ea",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.047Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.047Z",
    "resource" : {
      "resourceId" : "fc6dccb4-9f21-47bc-bf5a-fc39acb9d426",
      "resourceName" : "xreg-vrops01a.rainpole.io",
      "resourceIp" : "10.0.1.33",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "5eea24a1-19a4-4e13-b652-9a83ec1e7856",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.047Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.047Z",
    "resource" : {
      "resourceId" : "5485e7e4-23a9-4d62-92bc-d3ece65f4f6a",
      "resourceName" : "xreg-vrops01.rainpole.io",
      "resourceIp" : "10.0.0.31",
      "resourceType" : "VROPS",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "5b145eae-1fc3-46a4-99bf-9e45858e4c4d",
    "credentialType" : "SSH",
    "accountType" : "USER",
    "username" : "root",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.047Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.047Z",
    "resource" : {
      "resourceId" : "1058d8d4-6014-4a4c-a463-a191dc43a2f9",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  }, {
    "id" : "184d0494-b99c-4b75-ab7a-7a8a0a34f201",
    "credentialType" : "API",
    "accountType" : "USER",
    "username" : "admin@localhost",
    "password" : "xxxxx",
    "creationTimestamp" : "2024-06-21T02:40:02.047Z",
    "modificationTimestamp" : "2024-06-21T02:40:02.047Z",
    "resource" : {
      "resourceId" : "8ae95526-41ab-4626-97d8-3b6cf87da736",
      "resourceName" : "xreg-vrslcm01.rainpole.io",
      "resourceIp" : "10.0.0.32",
      "resourceType" : "VRSLCM",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    }
  } ],
  "pageMetadata" : {
    "pageNumber" : 0,
    "pageSize" : 15,
    "totalElements" : 15,
    "totalPages" : 1
  }
}

Note : SSH services might be disabled for a few accounts. The user needs to enable SSH service in the product in order to use SSH credentials. In order to connect to the "enable" user of NSX_MANAGER, firstly enable SSH services using API credentials, connect to the API user and then enter enable mode using "enable" user credentials.

[_getcredentials] API [_getcredential] API

2. Get a Credential

This API is used to fetch credential for an ID.

2.1. Prerequisites API

The following data is required

  • ID of the credential

2.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/540d8fd9-d248-4e62-8572-ac3dcf18f521' -i -X GET \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/540d8fd9-d248-4e62-8572-ac3dcf18f521 HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 513

{
  "id" : "540d8fd9-d248-4e62-8572-ac3dcf18f521",
  "credentialType" : "SSH",
  "accountType" : "USER",
  "username" : "root",
  "password" : "xxxxx",
  "creationTimestamp" : "2024-06-21T02:40:01.631Z",
  "modificationTimestamp" : "2024-06-21T02:40:01.631Z",
  "resource" : {
    "resourceId" : "9e0037e8-955d-4e74-9730-6a4bcae12f2b",
    "resourceName" : "sfo01-m01-esx02.rainpole.io",
    "resourceIp" : "10.0.0.101",
    "resourceType" : "ESXI",
    "domainNames" : [ "MGMT" ],
    "domainName" : "MGMT"
  }
}

[_getcredentials] API [_getcredential] API

3. Update the Passwords

This API is used to update passwords for list of resources by supplying new passwords.

3.1. Prerequisites API

  • The following data is required

    • Name or ID of the resource

    • Type of the resource

    • Credential type of the resource

    • Username of the resource

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.

  • New password must be in compliance with these password policies.

    Password requirements:

Note : Although individual VMware Cloud Foundation accounts support different password requirements, it is recommended that you set passwords following a common set of requirements across all accounts.

  • Length: 12-20 characters

  • Allowed special characters: ! @ # $ ^ *

  • At least 1 small letter, capital letter, number and special character should be present

  • Cannot include:

    • A dictionary word

    • A palindrome

    • More than four monotonic character sequences

    • Three same consecutive characters

3.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "UPDATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}'

HTTP Request

PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 257
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "UPDATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/779a5fe6-e175-4447-b8e2-cd19246d265b
Content-Type: application/json
Content-Length: 152

{
  "id" : "779a5fe6-e175-4447-b8e2-cd19246d265b",
  "name" : "UPDATE",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the status of the task using the task API with the ID from the response of the previous API.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry the Update Passwords Task.

Warning : The password once updated cannot be rolled back.

Note : The password is updated in the order of the input.

Note : The passwords of the dependent resources of the requested resources will also get updated.

[_updateorrotatepasswords] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_retrycredentialstask] API [_cancelcredentialstask] API

4. Rotate the Passwords

This API is used to rotate passwords for list of resources using system generated passwords.

4.1. Prerequisites API

The following data is required

  • Name or ID of the resource

  • Type of the resource

  • Credential type of the resource

  • Username of the resource

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.

4.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "ROTATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ]
}'

HTTP Request

PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 229
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "ROTATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/c1f2c65a-a0c6-4089-8566-402d31d3e459
Content-Type: application/json
Content-Length: 152

{
  "id" : "c1f2c65a-a0c6-4089-8566-402d31d3e459",
  "name" : "ROTATE",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the status of the task using the task API with the ID from the response of the previous API.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry the Rotate Passwords Task.

Warning : The password once rotated cannot be rolled back.

Note : The password is rotated in the order of the input.

Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.

Note : The passwords of the dependent resources of the requested resources will also get rotated.

[_updateorrotatepasswords] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_retrycredentialstask] API [_cancelcredentialstask] API

5. Retry the Update Passwords Task

This API is used to retry a failed update passwords task.

5.1. Prerequisites API

  • The following data is required

    • ID of the last triggered failed update passwords task

    • Name or ID of the resource

    • Type of the resource

    • Credential type of the resource

    • Username of the resource

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource and ID of the failed task.

  • New password must be in compliance with the password policies.

Tip : Refer to: Password Compliance Guide.

5.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/489340ee-6a51-4f74-87da-a70ea22d79b3' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "UPDATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}'

HTTP Request

PATCH /v1/credentials/tasks/489340ee-6a51-4f74-87da-a70ea22d79b3 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 257
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "UPDATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/489340ee-6a51-4f74-87da-a70ea22d79b3
Content-Type: application/json
Content-Length: 152

{
  "id" : "489340ee-6a51-4f74-87da-a70ea22d79b3",
  "name" : "UPDATE",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed by providing previous credentials rotate specification or by amending the credentials rotate specification for FAILED resources.

Tip : Refer to: Retry the Update Passwords Task.

  • The failed task can be cancelled.

Tip : Refer to: Cancel the Update/Rotate Passwords Task.

Warning : The password once updated cannot be rolled back.

Note : The password is updated in the order of the input.

Note : Retry should be performed if updating passwords task has failed.

Note : Retry should be performed on the same list of resources as in the failed operation specification.

Tip : Refer to: Get the Resource Credentials for Credentials Task for the list of resources in the failed task.

Note : The passwords of the dependent resources of the requested resources will also get updated.

[_retrycredentialstask] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_getcredentialtaskbyresourceid] API [_cancelcredentialstask] API

6. Retry the Rotate Passwords Task

This API is used to retry a failed rotate passwords task.

6.1. Prerequisites API

The following data is required

  • ID of the last triggered failed rotate passwords task

  • Name or ID of the resource

  • Type of the resource

  • Credential type of the resource

  • Username of the resource

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource and ID of the failed task.

6.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/374e6f15-af48-4798-bc7e-ea8b1e99fe09' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "ROTATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ]
}'

HTTP Request

PATCH /v1/credentials/tasks/374e6f15-af48-4798-bc7e-ea8b1e99fe09 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 229
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "ROTATE",
  "elements" : [ {
    "resourceName" : "sfo01-mo1-esx02.rainpole.io",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/374e6f15-af48-4798-bc7e-ea8b1e99fe09
Content-Type: application/json
Content-Length: 152

{
  "id" : "374e6f15-af48-4798-bc7e-ea8b1e99fe09",
  "name" : "ROTATE",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed by providing previous credentials rotate specification or by amending the credentials rotate specification for FAILED resources.

Tip : Refer to: Retry the Rotate Passwords Task.

  • The failed task can be cancelled.

Tip : Refer to: Cancel the Update/Rotate Passwords Task.

Warning : The password once rotated cannot be rolled back.

Note : The password is rotated in the order of the input.

Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.

Note : Retry should be performed if some password rotation task has failed.

Note : Retry should be performed on the same list of resources as in the failed operation specification.

Tip : Refer to: Get the Resource Credentials for Credentials Task for the list of resources in the failed task.

Note : The passwords of the dependent resources of the requested resources will also get rotated.

[_retrycredentialstask] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_getcredentialtaskbyresourceid] API [_cancelcredentialstask] API

7. Cancel the Update/Rotate Passwords Task

  • This API is used to cancel a failed update or rotate passwords task.

7.1. Prerequisites API

The following data is required

  • ID of the last triggered failed update/rotate passwords task

Tip : Refer to: Get the Credentials Tasks section to get the ID of the failed task.

7.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/fe379669-5b5b-46c2-96f8-cf7c4d431b59' -i -X DELETE \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

DELETE /v1/credentials/tasks/fe379669-5b5b-46c2-96f8-cf7c4d431b59 HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 202 Accepted
Content-Type: application/json
Content-Length: 126

{
  "id" : "fe379669-5b5b-46c2-96f8-cf7c4d431b59",
  "status" : "FAILED",
  "isCancellable" : false,
  "isRetryable" : false
}

Warning : The password once updated or rotated cannot be rolled back.

Note : The password is updated or rotated in the order of the input.

Note : Cancel should be performed to release the internal global lock held at VCF instance level if some password updation or rotation task has failed after several retries.

[_cancelcredentialstask] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API

8. Get the Credentials Tasks

This API is used to fetch all credentials tasks in reverse chronological order.

Note : "oldPassword " and "newPassword " fields won't be listed and will come as empty string. Refer Get a Credentials Subtask for fetching passwords details.

8.1. Prerequisites API

None

8.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/tasks HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1597

{
  "elements" : [ {
    "id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
    "name" : "Credentials rotate operation",
    "type" : "ROTATE",
    "creationTimestamp" : "2018-11-05T05:15:32.864Z",
    "status" : "SUCCESSFUL",
    "subTasks" : [ {
      "id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
      "resourceName" : "vra01svr01a.rainpole.io",
      "name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
      "creationTimestamp" : "2018-11-05T05:15:32.864Z",
      "status" : "SUCCESSFUL",
      "oldPassword" : "",
      "newPassword" : "",
      "entityType" : "VRA",
      "username" : "root",
      "credentialType" : "SSH"
    }, {
      "id" : "900e8ce0-4ff4-4a76-a7e0-8e44748aa46e",
      "resourceName" : "vra01svr01b.rainpole.io",
      "name" : "Password rotate for resource : vra01svr01b.rainpole.io, user : root and credential type : SSH",
      "creationTimestamp" : "2018-11-05T05:15:32.864Z",
      "status" : "SUCCESSFUL",
      "oldPassword" : "",
      "newPassword" : "",
      "entityType" : "VRA",
      "username" : "root",
      "credentialType" : "SSH"
    }, {
      "id" : "1b3b962d-fff7-4dcc-98ed-0a15b495afa5",
      "resourceName" : "vra01svr01c.rainpole.io",
      "name" : "Password rotate for resource : vra01svr01c.rainpole.io, user : root and credential type : SSH",
      "creationTimestamp" : "2018-11-05T05:15:32.864Z",
      "status" : "SUCCESSFUL",
      "oldPassword" : "",
      "newPassword" : "",
      "entityType" : "VRA",
      "username" : "root",
      "credentialType" : "SSH"
    } ]
  } ]
}

[_getcredentialstasks] API [_getcredentialstask] API

9. Get a Credentials Task

This API is used to fetch a credentials task for an ID.

Note : "oldPassword " and "newPassword " fields won't be listed and will come as empty string. Refer Get a Credentials Subtask for fetching passwords details.

9.1. Prerequisites API

The following data is required

  • ID of the credentials task

9.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1494

{
  "id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
  "name" : "Credentials rotate operation",
  "type" : "ROTATE",
  "creationTimestamp" : "2018-11-05T05:15:32.864Z",
  "status" : "SUCCESSFUL",
  "subTasks" : [ {
    "id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
    "resourceName" : "vra01svr01a.rainpole.io",
    "name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
    "creationTimestamp" : "2018-11-05T05:15:32.864Z",
    "status" : "SUCCESSFUL",
    "oldPassword" : "",
    "newPassword" : "",
    "entityType" : "VRA",
    "username" : "root",
    "credentialType" : "SSH"
  }, {
    "id" : "900e8ce0-4ff4-4a76-a7e0-8e44748aa46e",
    "resourceName" : "vra01svr01b.rainpole.io",
    "name" : "Password rotate for resource : vra01svr01b.rainpole.io, user : root and credential type : SSH",
    "creationTimestamp" : "2018-11-05T05:15:32.864Z",
    "status" : "SUCCESSFUL",
    "oldPassword" : "",
    "newPassword" : "",
    "entityType" : "VRA",
    "username" : "root",
    "credentialType" : "SSH"
  }, {
    "id" : "1b3b962d-fff7-4dcc-98ed-0a15b495afa5",
    "resourceName" : "vra01svr01c.rainpole.io",
    "name" : "Password rotate for resource : vra01svr01c.rainpole.io, user : root and credential type : SSH",
    "creationTimestamp" : "2018-11-05T05:15:32.864Z",
    "status" : "SUCCESSFUL",
    "oldPassword" : "",
    "newPassword" : "",
    "entityType" : "VRA",
    "username" : "root",
    "credentialType" : "SSH"
  } ]
}

[_getcredentialstasks] API [_getcredentialstask] API

10. Get the Resource Credentials for Credentials Task

This API is used to fetch resource credentials for a credentials task ID.

10.1. Prerequisites API

The following data is required

  • ID of the credentials task

Tip : Refer to: Get the Credentials Tasks to get the ID of credentials tasks.

10.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/resource-credentials' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/resource-credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 557

[ {
  "resourceName" : "vra01svr01a.rainpole.io",
  "resourceType" : "VRA",
  "credentials" : [ {
    "credentialType" : "SSH",
    "username" : "root",
    "password" : "yyyyy"
  } ]
}, {
  "resourceName" : "vra01svr01b.rainpole.io",
  "resourceType" : "VRA",
  "credentials" : [ {
    "credentialType" : "SSH",
    "username" : "root",
    "password" : "yyyyy"
  } ]
}, {
  "resourceName" : "vra01svr01c.rainpole.io",
  "resourceType" : "VRA",
  "credentials" : [ {
    "credentialType" : "SSH",
    "username" : "root",
    "password" : "yyyyy"
  } ]
} ]

[_getcredentialtaskbyresourceid] API [_getcredentialstasks] API [_getcredentialstask] API

11. Get a Credentials Subtask

This API is used to fetch details of a subtask corresponding to a credentials task ID and subtask ID.

11.1. Prerequisites API

The following data is required

  • ID of the credentials task

  • ID of the credentials subtask

11.2. Steps API

  • Invoke the API.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/subtasks/acb6fa7b-a81b-41d8-bb53-0c1611609dd7' -i -X GET \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/tasks/186d891f-aac3-4501-ae52-afb89eb7e32f/subtasks/acb6fa7b-a81b-41d8-bb53-0c1611609dd7 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 650

{
  "id" : "186d891f-aac3-4501-ae52-afb89eb7e32f",
  "name" : "Credentials rotate operation",
  "type" : "ROTATE",
  "creationTimestamp" : "2018-11-05T05:15:32.864Z",
  "status" : "SUCCESSFUL",
  "subTasks" : [ {
    "id" : "acb6fa7b-a81b-41d8-bb53-0c1611609dd7",
    "resourceName" : "vra01svr01a.rainpole.io",
    "name" : "Password rotate for resource : vra01svr01a.rainpole.io, user : root and credential type : SSH",
    "creationTimestamp" : "2018-11-05T05:15:32.864Z",
    "status" : "SUCCESSFUL",
    "oldPassword" : "xxxxx",
    "newPassword" : "yyyyy",
    "entityType" : "VRA",
    "username" : "root",
    "credentialType" : "SSH"
  } ]
}

[_getcredentialstasks] API [_getcredentialstask] API [_getcredentialssubtask] API

12. Remediate expired Passwords

If the password is expired, then the customer requires to manually reset the account in the product and then reach out to GSS to sync credentials store of VCF with new password for the product.
Hence this new API will accept the new password from the client, validates by testing the connectivity and then performs credentials store update. This API is generalized so that the same API can be used for both service accounts and user accounts.
For service accounts, Password will be auto rotated post rememdiaton with correct password.
Please note: Credentials store sync is irreversible operation, ie when credentials store sync is successful and password rotation failed due to other issues, then we wont be reverting credentials store with older non working password.

12.1. Prerequisites API

The following data is required

  • Name or ID of the resource

  • Type of the resource

  • Username of the resource

  • Working password of the resource

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.

12.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "REMEDIATE",
  "elements" : [ {
    "resourceName" : "sfo01m01esx02.sfo01.rainpole.local",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}'

HTTP Request

PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 235
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "REMEDIATE",
  "elements" : [ {
    "resourceName" : "sfo01m01esx02.sfo01.rainpole.local",
    "resourceType" : "ESXI",
    "credentials" : [ {
      "username" : "root",
      "password" : "xxxxx"
    } ]
  } ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/cd0e22ae-3808-4a1e-9c44-ce6a7e7102f1
Content-Type: application/json
Content-Length: 155

{
  "id" : "cd0e22ae-3808-4a1e-9c44-ce6a7e7102f1",
  "name" : "REMEDIATE",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the status of the task using the task API with the ID from the response of the previous API.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry the Rotate Passwords Task.

Warning : The password once rotated cannot be rolled back.

Note : Currently we support only one credential at a time for remediation.

Note : The password is rotated in the order of the input.

Note : The generated password adheres to the password compliance. Refer to: Password Compliance Guide.

Note : The passwords of the dependent resources of the requested resources will also get rotated.

[_updateorrotatepasswords] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_retrycredentialstask] API [_cancelcredentialstask] API

13. Configure auto-rotate schedule for Credentials

This API is used to configure schedule for auto-rotate of the passwords for the list of selected credentials.

13.1. Prerequisites API

The following data is required

  • Name or ID of the resource

  • Type of the resource

  • Credential type of the resource

  • Username of the resource

  • enableAutoRotatePolicy refers to property for enable/disable the auto-rotate schedule

  • frequencyInDays refers to frequency in number of days for auto-rotate schedule

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.

13.2. Steps API

  • Trigger the task using the valid input specification. set enableAutoRotatePolicy to True set frequencyInDays to number of days auto-rotate schedule should execute.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "UPDATE_AUTO_ROTATE_POLICY",
  "elements" : [ {
    "resourceName" : "sfo01-m01-vc01.rainpole.io",
    "resourceType" : "VCENTER",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ],
  "autoRotatePolicy" : {
    "frequencyInDays" : 30,
    "enableAutoRotatePolicy" : true
  }
}'

HTTP Request

PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 344
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "UPDATE_AUTO_ROTATE_POLICY",
  "elements" : [ {
    "resourceName" : "sfo01-m01-vc01.rainpole.io",
    "resourceType" : "VCENTER",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ],
  "autoRotatePolicy" : {
    "frequencyInDays" : 30,
    "enableAutoRotatePolicy" : true
  }
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/0696cb82-9248-4d8d-9d32-3c3eacf40677
Content-Type: application/json
Content-Length: 171

{
  "id" : "0696cb82-9248-4d8d-9d32-3c3eacf40677",
  "name" : "UPDATE_AUTO_ROTATE_POLICY",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the status of the task using the task API with the ID from the response of the previous API.

Tip : Refer to: Get a Task or Get a Credentials Task.

  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry the Rotate Passwords Task.

[_updateorrotatepasswords] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_retrycredentialstask] API [_cancelcredentialstask] API

14. Disable auto-rotate schedule for credentials

This API is used to disable configured schedule for auto-rotate of passwords for the list of selected credentials.

14.1. Prerequisites API

The following data is required

  • Name or ID of the resource

  • Type of the resource

  • Credential type of the resource

  • Username of the resource

  • enableAutoRotatePolicy refers to property for enable/disable the auto-rotate schedule

Tip : Refer to: Get the Credentials to get the credential type, username, name, ID and type of the resource.

14.2. Steps API

  • Trigger the task using the valid input specification. set enableAutoRotatePolicy to True

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials' -i -X PATCH \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "operationType" : "UPDATE_AUTO_ROTATE_POLICY",
  "elements" : [ {
    "resourceName" : "sfo01-m01-vc01.rainpole.io",
    "resourceType" : "VCENTER",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ],
  "autoRotatePolicy" : {
    "enableAutoRotatePolicy" : false
  }
}'

HTTP Request

PATCH /v1/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 317
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "operationType" : "UPDATE_AUTO_ROTATE_POLICY",
  "elements" : [ {
    "resourceName" : "sfo01-m01-vc01.rainpole.io",
    "resourceType" : "VCENTER",
    "credentials" : [ {
      "credentialType" : "SSH",
      "username" : "root"
    } ]
  } ],
  "autoRotatePolicy" : {
    "enableAutoRotatePolicy" : false
  }
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/tasks/8beecba9-11e7-46be-a86d-74f1c7a690cf
Content-Type: application/json
Content-Length: 171

{
  "id" : "8beecba9-11e7-46be-a86d-74f1c7a690cf",
  "name" : "UPDATE_AUTO_ROTATE_POLICY",
  "status" : "IN_PROGRESS",
  "isCancellable" : false,
  "isRetryable" : false
}
  • Poll the status of the task using the task API with the ID from the response of the previous API.

Tip : Refer to: Get a Task. or Get a Credentials Task.

  • Poll the task until "status" is not "IN_PROGRESS" with the ID from the previous response.

Tip : Refer to: Get a Task.

  • If the "status" is "SUCCESSFUL", the task is completed successfully.

  • If the "status" is "FAILED", the task can be re-executed.

Tip : Refer to: Retry the Rotate Passwords Task.

[_updateorrotatepasswords] API [_gettasks] API [_gettask] API [_getcredentialstasks] API [_getcredentialstask] API [_retrycredentialstask] API [_cancelcredentialstask] API

15. Fetch password expiration details

This API is used to get password expiration details for a list of credentials.

15.1. Prerequisites API

  • The following data is required

    • Type of the resource
  • The following data is optional

    • Domain name associated with the resource

    • Credential id of the resource

Tip : Refer to: Get the Credentials to get the credential id, domain name and type of the resource.

15.2. Steps API

  • Trigger the task using the valid input specification.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/expirations' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Accept: application/json' \
    -H 'Authorization: Bearer etYWRta....' \
    -d '{
  "domainName" : "MGMT",
  "resourceType" : "NSX_MANAGER",
  "credentialIds" : [ "e6c2104d-592e-4459-9d07-62b80081cf0b", "804deb0a-e48d-4787-a68d-e2a24adeb6c1" ]
}'

HTTP Request

POST /v1/credentials/expirations HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 165
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

{
  "domainName" : "MGMT",
  "resourceType" : "NSX_MANAGER",
  "credentialIds" : [ "e6c2104d-592e-4459-9d07-62b80081cf0b", "804deb0a-e48d-4787-a68d-e2a24adeb6c1" ]
}

HTTP Response

HTTP/1.1 202 Accepted
Location: /v1/credentials/expirations/5185037e-4391-4b1c-8a0d-19cc093d193d
Content-Type: application/json
Content-Length: 79

{
  "id" : "5185037e-4391-4b1c-8a0d-19cc093d193d",
  "status" : "IN_PROGRESS"
}
  • Poll the status of the task using the get expiration API with the ID from the response of the previous API. Continue polling until "status" is not "IN_PROGRESS".

    • If the "status" is "COMPLETED", the task is completed and expiration details of credentials can be obtained from the list elements in the response. If the expiration fetch fails for any credential, check the error response of that element in the response.

    • If the "status" is "FAILED", the task can be re-executed.

cURL Request

$ curl 'https://sfo-vcf01.rainpole.io/v1/credentials/expirations/5185037e-4391-4b1c-8a0d-19cc093d193d' -i -X GET \
    -H 'Authorization: Bearer etYWRta....'

HTTP Request

GET /v1/credentials/expirations/5185037e-4391-4b1c-8a0d-19cc093d193d HTTP/1.1
Host: sfo-vcf01.rainpole.io
Authorization: Bearer etYWRta....

HTTP Response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 941

{
  "id" : "5185037e-4391-4b1c-8a0d-19cc093d193d",
  "status" : "COMPLETED",
  "elements" : [ {
    "id" : "e6c2104d-592e-4459-9d07-62b80081cf0b",
    "username" : "root",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    },
    "expiry" : {
      "expiryDate" : "2024-09-19T02:40:00.550Z",
      "status" : "ACTIVE"
    }
  }, {
    "id" : "804deb0a-e48d-4787-a68d-e2a24adeb6c1",
    "username" : "admin",
    "resource" : {
      "resourceId" : "5eebbaf4-33b4-49be-afbe-6c983154b250",
      "resourceName" : "sfo01-m01-nsx01.rainpole.io",
      "resourceType" : "NSX_MANAGER",
      "domainNames" : [ "MGMT" ],
      "domainName" : "MGMT"
    },
    "expiry" : {
      "expiryDate" : "2024-09-19T02:40:00.550Z",
      "status" : "ACTIVE"
    }
  } ]
}

[_getcredentials] API [_getpasswordexpiration] API [_getpasswordexpirationbytaskid] API
Last updated 2024-06-21 01:22:12 -0700

Operations
DELETE
Cancel Credentials Task
Cancel a failed credential task by its ID
GET
Get Credential
Retrieve a credential by its ID
GET
Get Credentials
Retrieve a list of credentials
GET
Get Credentials Sub Task
Retrieve a credential sub task by its ID
GET
Get Credentials Task
Retrieve a credential task by ID
GET
Get Credentials Tasks
Retrieve a list of credential tasks
GET
Get Credential Task By Resource ID
Retriece a credential taks by resource ID
POST
Get Password Expiration
Fetch expiration details of passwords for a list of credentials
GET
Get Password Expiration By Task ID
Retrive a password expiration task by ID
PATCH
Retry Credentials Task
Retry a failed credentials task for a given ID
PATCH
Update Or Rotate Passwords
Update or rotate passwords for a list of resources