Get Security Settings V4

Get Security Settings V4

All the listed privileges are required -

Privileges Description
GLOBAL_CONFIG_VIEW Caller should have permission to this privilege, to read settings.
Request
URI
GET
https://{api_host}/rest/config/v4/settings/security
COPY
Authentication
This operation uses the following authentication methods.
Responses
200

OK

Returns SecuritySettingsV4 of type(s) */*
{
    "cert_auth_mapping": [
        "x509:<I>%issuer_dn%<S>%subject_dn%<SKI>%subject_key_id%",
        "x509:<I>%issuer_dn%<SR>%serial%"
    ],
    "cert_auth_mapping_control": [
        "CUSTOM",
        "SID"
    ],
    "cert_auth_mapping_names": [
        "issuer_dn",
        "subject_dn",
        "san_dns"
    ],
    "cluster_public_key": "3d43f005bfd5ade4c6853bd337f4d205e189c28793063087d1c0aeb58931e02c",
    "cluster_public_key_id": "cluster key",
    "crl_distribution_points": [
        "http://www.cdpexample.com/file.crl",
        "http://crls.pki.goog/gts1c3/file1.pem"
    ],
    "crl_file_max_size_kb": 1024,
    "crl_refresh_period_minutes": 100,
    "data_recovery_password_configured": true,
    "getdisallowEnhancedSecurityMode": true,
    "message_security_mode": "ENABLED",
    "message_security_status": "NOTSET",
    "re_auth_secure_tunnel_after_interruption": true
}
array of string
cert_auth_mapping
Optional

Indicates the certificate authentication mapping, which will be used to validate against (objectClass=user,altSecurityIdentities=) in Active directory.

array of string
cert_auth_mapping_control
Optional

Indicates the type of search for validating the smart card.

Possible values are : SID, CUSTOM, LEGACY,
array of string
cert_auth_mapping_names
Optional

List of all supported certificate properties.

string
cluster_public_key
Optional

The Base 64 encoded public key of the cluster in PEM format.

string
cluster_public_key_id
Optional

Key Id to identify the cluster's active key pair.

array of string
crl_distribution_points
Optional

List of CRL distribution point urls, from where CRLs will be fetched by crl prefetch service.

integer As int32 As int32
crl_file_max_size_kb
Optional

Maximum allowed size in kb for CRL file that can be downloaded by crl prefetch service.

integer As int32 As int32
crl_refresh_period_minutes
Optional

Refresh time period in minutes for CRL prefetch.

boolean
data_recovery_password_configured
Optional

Indicates whether the backup recovery password has been configured.

boolean
getdisallowEnhancedSecurityMode
Optional

If true, Enhanced message security mode is disallowed (FIPS mode only). If set when Enhanced message security mode is in force, this will cause an automatic transition to Enabled mode.

string
message_security_mode
Optional

Determines if signing and verification of the JMS messages passed between Horizon components takes place.

  • DISABLED: Message security mode is disabled.
  • ENABLED: Message security mode is enabled. Unsigned messages are rejected by Horizon components.
  • ENHANCED: Message Security mode is Enhanced. Message signing and validation is performed based on the current Security Level and desktop Message Security mode.
  • MIXED: Message security mode is enabled but not enforced.
Possible values are : DISABLED, ENABLED, ENHANCED, MIXED,
string
message_security_status
Optional

The status of the JMS message security. This tracks the application of changes to messageSecurityMode.

  • NOTSET: The cluster is performing at the specified message security mode.
  • ENHANCED: The Cluster is in Enhanced message security mode.
  • WAITING_FOR_BUS_RESTARTS: The cluster is waiting for the bus restart The cluster is waiting for a bus restart to transition to ENHANCED messagesecurity mode or from ENHANCED message security mode .
  • PENDING_ENHANCED: The cluster is propagating the change to ENHANCED message security mode to all nodes.
  • LEAVING_ENHANCED: The cluster is leaving the ENHANCED message security mode.
  • PREPARING_ENHANCED: The cluster is preparing to go in Enhanced mode.
  • DISABLED: Message security mode is disabled.
  • MIXED: Message security mode is enabled but not enforced.
  • ENABLED: Message security mode is enabled. Unsigned messages are rejected by Horizon components.
Possible values are : NOTSET, ENHANCED, WAITING_FOR_BUS_RESTARTS, PENDING_ENHANCED, LEAVING_ENHANCED, PREPARING_ENHANCED, DISABLED, MIXED, ENABLED,
boolean
re_auth_secure_tunnel_after_interruption
Optional

Determines if user credentials must be re-authenticated after a network interruption when Horizon clients use secure tunnel connections to Horizon resources. When you select this setting, if a secure tunnel connection ends during a session, Horizon Client requires the user to re-authenticate before reconnecting.


401

User is not authenticated

Operation doesn't return any data structure

403

Access to the resource is forbidden

Operation doesn't return any data structure

Config Operations
POST
Add App Volumes Manager
POST
Add App Volumes Manager V2
POST
Assign Farms
POST
Clean
POST
Clear Event Database
POST
Collect
POST
Create Federation Access Group
POST
Create Gateway Access User Or Group
POST
Create GSSAPI Authenticator
POST
Create IC Domain Account
POST
Create IM Asset
POST
Create IM Assets
POST
Create IM Stream
POST
Create IM Streams
POST
Create IM Tag
POST
Create IM Tags
POST
Create IM Version
POST
Create IM Versions
POST
Create JWT Authenticator
POST
Create Local Access Group
POST
Create Message Client
POST
Create Permissions
POST
Create Permissions V2
POST
Create RADIUS Authenticator
POST
Create Role
POST
Create SAML Authenticator
POST
Create Secondary Credential
POST
Create True SSO Connector
POST
Create Unauthenticated Access User
POST
Create Virtual Center
POST
Create Virtual Center V4
POST
Create Virtual Center V5
DELETE
Delete App Volumes Manager
DELETE
Delete App Volumes Manager V2
DELETE
Delete Certificate
DELETE
Delete Federation Access Group
DELETE
Delete Gateway Access User Or Group
DELETE
Delete GSSAPI Authenticator
DELETE
Delete IC Domain Account
DELETE
Delete IM Asset
DELETE
Delete IM Stream
DELETE
Delete IM Tag
DELETE
Delete IM Version
DELETE
Delete JWT Authenticator
DELETE
Delete Local Access Group
DELETE
Delete Message Client
DELETE
Delete Permissions
DELETE
Delete Permissions V2
DELETE
Delete RADIUS Authenticator
DELETE
Delete Role
DELETE
Delete SAML Authenticator
DELETE
Delete Secondary Credential
DELETE
Delete True SSO Connector
DELETE
Delete Unauthenticated Access User
POST
Disable Connection Servers
POST
Enable Connection Servers
POST
Export Certificate
POST
Generate CSR
GET
Get Admin Users Or Groups Permissions
GET
Get AD Sites Info
GET
Get Agent Restriction Settings
GET
Get App Volumes Manager
GET
Get App Volumes Manager V2
GET
Get CEIP Info
GET
Get Client Settings
GET
Get Connection Server
GET
Get Connection Server V2
GET
Get Enrollment Server
GET
Get Environment
GET
Get Environment V2
GET
Get Event Database
GET
Get Feature Settings
GET
Get Federation Access Group
GET
Get Federation Access Group V2
GET
Get Gateway
GET
Get General Settings
GET
Get General Settings V2
GET
Get General Settings V3
GET
Get General Settings V4
GET
Get Global Policies
GET
Get GSSAPI Authenticator
GET
Get IC Domain Account
GET
Get IM Asset
GET
Get IM Stream
GET
Get IM Tag
GET
Get IM Version
GET
Get JWT Authenticator
GET
Get Local Access Group
GET
Get Local Access Group V2
GET
Get Message Client
GET
Get Permission
GET
Get Permission V2
GET
Get Preferences
GET
Get Preferences V2
GET
Get Pre Logon Settings
GET
Get RADIUS Authenticator
GET
Get Role
GET
Get SAML Authenticator
GET
Get Secondary Credentials
GET
Get Security Configuration Info
GET
Get Security Settings
GET
Get Security Settings V2
GET
Get Security Settings V3
GET
Get Security Settings V4
GET
Get Settings
GET
Get Settings V2
GET
Get Settings V3
GET
Get Settings V4
GET
Get Settings V5
POST
Get Storage Details
GET
Get Syslog
GET
Get True SSO Connector
GET
Get Unauthenticated Access User
GET
Get Users Or Group Local Summary V2
GET
Get Users Or Group Local Summary V3
GET
Get Users Or Groups Global Summary
GET
Get Virtual Center
GET
Get Virtual Center V4
GET
Get Virtual Center V5
POST
Import Certificate
GET
List App Volumes Managers
GET
List App Volumes Managers V2
GET
List Certificate Infos
GET
List Certificate Infos V2
GET
List Connection Servers
GET
List Connection Servers V2
GET
List Enrollment Servers
GET
List Federation Access Groups
GET
List Federation Access Groups V2
GET
List Gateway Access User Or Group
GET
List Gateways
GET
List GSSAPI Authenticators
GET
List IC Domain Accounts
GET
List IM Assets
GET
List IM Streams
GET
List IM Tags
GET
List IM Versions
GET
List JWT Authenticators
GET
List Licenses
GET
List Licenses V2
GET
List Local Access Groups
GET
List Local Access Groups V2
GET
List Log Collector Tasks
GET
List Message Clients
GET
List Permissions
GET
List Permissions V2
GET
List RADIUS Authenticators
GET
List RCX Servers
GET
List Roles
GET
List SAML Authenticators
GET
List Secondary Credentials
GET
List Selectable Privileges
GET
List True SSO Connectors
GET
List Unauthenticated Access Users
GET
List Users Or Groups Global Summary
GET
List Users Or Groups Local Summary
GET
List Users Or Groups Local Summary V2
GET
List Users Or Groups Local Summary V3
GET
List VC Info
GET
List VC Info V2
GET
List VC Info V3
GET
List VC Info V4
GET
List VC Info V5
POST
Mark Datastores For Archival
POST
Override Certificate
POST
Purge
POST
Push Certificates
POST
Recover Certificates
POST
Register Gateway
POST
Register RCX Client
DELETE
Remove Virtual Center
DELETE
Remove Virtual Center V5
POST
Reset Highest Usage Metrics
POST
Reset Named User Metrics
POST
Set License Key
POST
Set License Mode
POST
Unassign Farms
DELETE
Unregister Gateway
DELETE
Unregister RCX Client
PUT
Update Agent Restriction Settings
PUT
Update App Volumes Manager
PUT
Update App Volumes Manager V2
PUT
Update CEIP Info
PUT
Update Client Settings
PUT
Update Connection Server
PUT
Update Connection Server V2
PUT
Update Event Database
PUT
Update Feature Settings
PUT
Update General Settings
PUT
Update General Settings V2
PUT
Update General Settings V3
PUT
Update General Settings V4
PUT
Update Global Policies
PUT
Update GSSAPI Authenticator
PUT
Update IC Domain Account
PUT
Update IM Asset
PUT
Update IM Stream
PUT
Update IM Tag
PUT
Update IM Version
PUT
Update JWT Authenticator
PUT
Update Message Client
POST
Updatepassword
PUT
Update Preferences
PUT
Update Preferences V2
PUT
Update RADIUS Authenticator
PUT
Update RCX Client
PUT
Update Role
PUT
Update SAML Authenticator
PUT
Update Security Settings
PUT
Update Security Settings V3
PUT
Update Security Settings V4
PUT
Update Settings
PUT
Update Settings V2
PUT
Update Settings V3
PUT
Update Settings V4
PUT
Update Settings V5
PUT
Update Syslog
PUT
Update True SSO Connector
PUT
Update Virtual Center
PUT
Update Virtual Center V4
PUT
Update Virtual Center V5
POST
Validate AVM Certificate
POST
Validate SAML Certificate
POST
Validate Virtual Center Certificate