Skip to main content

Thales SafeNet Trusted Access

This Integration is part of the Thales SafeNet Trusted Access Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

This integration enables you to process alerts from SafeNet Trusted Access (STA) indicating security risks to end user accounts, and apply security remediation actions on SafeNet Trusted Access through security orchestration playbooks. For information about the configuration steps, visit our Help Documentation.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

NOTE : Perform create, update and delete operations using commands only for internal users or groups. Such operations aren't recommended for synchronized users or groups.

sta-get-user-list#


Get list of users in the tenant.

Base Command#

sta-get-user-list

Input#

Argument NameDescriptionRequired
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERnumberMobile number of the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.ALIAS3stringAdditional alias for the user.
STA.USER.ALIAS4stringAdditional alias for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEnumberPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs the user synchronized.

Command Example#

!sta-get-user-list

Context Example#

{
"STA": {
"USER": [
{
"email": "demo.user@demisto.com",
"firstName": "Demo",
"id": "CNlM6Pyq3nADXA4rWyUAAAAc",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"userName": "demouser"
},
{
"email": "test.user@demisto.com",
"firstName": "Hello",
"id": "CNlM6rvB0uQDXA4rWyUAAAAc",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"userName": "hellouser"
}
]
}
}

Human Readable Output#

List of users in the tenant :#

IdSchema Version NumberUser NameFirst NameLast NameEmailIs Synchronized
CNlM6Pyq3nADXA4rWyUAAAAc1.0demouserDemoUserdemo.user@demisto.comfalse
CNlM6rvB0uQDXA4rWyUAAAAc1.0hellouserHelloUsertest.user@demisto.comfalse

sta-get-user-info#


Get the profile information for a specific user.

Base Command#

sta-get-user-info

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Required

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERstringMobile number of the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.ALIAS3stringAdditional alias for the user.
STA.USER.ALIAS4stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEstringPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.

Command Example#

!sta-get-user-info userName="demouser"

Context Example#

{
"STA": {
"USER": {
"email": "demo.user@demisto.com",
"firstName": "Demo",
"id": "CNlM6Pyq3nADXA4rWyUAAAAc",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"userName": "demouser"
}
}
}

Human Readable Output#

Information for user - demouser :#

IdSchema Version NumberUser NameFirst NameLast NameEmailIs Synchronized
CNlM6Pyq3nADXA4rWyUAAAAc1.0demouserDemoUserdemo.user@demisto.comfalse

sta-create-user#


Create a new user in the tenant.

Base Command#

sta-create-user

Input#

Argument NameDescriptionRequired
userNameUser ID of the user.Required
first_nameFirst name of the user.Required
last_nameLast name of the user.Required
emailEmail ID of the user.Required
mobile_numberMobile number of the user.Optional
alias1Alias for the user.Optional
alias2Additional alias for the user.Optional
custom1Custom value for the user.Optional
custom2Additional custom value for the user.Optional
custom3Additional custom value for the user.Optional
addressAddress of the user.Optional
cityCity of the user.Optional
stateState of the user.Optional
countryCountry of the user.Optional
postal_codePostal Code of the user.Optional
synchronizedIs user synchronized.Optional

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERstringMobile number of the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEstringPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.

Command Example#

!sta-create-user email="test.user@demisto.com" first_name="User" last_name="Test" userName="usertest123"

Context Example#

{
"STA": {
"USER": {
"email": "test.user@demisto.com",
"firstName": "User",
"id": "iNlsjym+x1MLesvCSusAAAAc",
"isSynchronized": false,
"lastName": "Test",
"schemaVersionNumber": "1.0",
"userName": "usertest123"
}
}
}

Human Readable Output#

STA user successfully created :#

IdSchema Version NumberUser NameFirst NameLast NameEmailIs Synchronized
iNlsjym+x1MLesvCSusAAAAc1.0usertest123UserTesttest.user@demisto.comfalse

sta-update-user-info#


Update the profile for a specific user.

Base Command#

sta-update-user-info

Input#

Argument NameDescriptionRequired
userNameUser ID of the user.Required
first_nameFirst name of the user.Optional
last_nameLast name of the user.Optional
emailEmail ID of the user.Optional
mobile_numberMobile number of the user.Optional
alias1Alias for the user.Optional
alias2Additional alias for the user.Optional
addressAddress of the user.Optional
cityCity of the user.Optional
stateState of the user.Optional
countryCountry of the user.Optional
postal_codePostal Code of the user.Optional
userName_newNew userName to be updated.Optional

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERnumberMobile number for the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEnumberPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.

Command Example#

!sta-update-user-info userName="usertest123" userName_new="testuser1" first_name="Demo" last_name="Name"

Context Example#

{
"STA": {
"USER": {
"email": "test.user@demisto.com",
"firstName": "Demo",
"id": "iNlsjym+x1MLesvCSusAAAAc",
"isSynchronized": false,
"lastName": "Name",
"schemaVersionNumber": "1.0",
"userName": "testuser1"
}
}
}

Human Readable Output#

STA user successfully updated:#

IdSchema Version NumberUser NameFirst NameLast NameEmailIs Synchronized
iNlsjym+x1MLesvCSusAAAAc1.0testuser1DemoNametest.user@demisto.comfalse

sta-delete-user#


Delete a user from the tenant.

Base Command#

sta-delete-user

Input#

Argument NameDescriptionRequired
userNameUsername of the user to be deleted.Required

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user to be deleted from the tenant.
STA.USER.USERNAMEstringUsername of the user to be deleted from the tenant.
STA.USER.DELETEDbooleanReturns true, if the user is deleted from the tenant.

Command Example#

!sta-delete-user userName="testuser1"

Context Example#

{
"STA": {
"USER": {
"Deleted": true,
"id": "iNlsjym+x1MLesvCSusAAAAc",
"userName": "testuser1"
}
}
}

Human Readable Output#

STA user - testuser1 successfully deleted.#

sta-get-user-groups#


Return all the groups associated with a specific user.

Base Command#

sta-get-user-groups

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Required
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERnumberMobile number for the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEnumberPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.
STA.USER.GROUP.IDstringGroup ID of the group.
STA.USER.GROUP.SCHEMAstringSchema version for the group.
STA.USER.GROUP.NAMEstringName of the group.
STA.USER.GROUP.DESCRIPTIONstringDescription of the group.
STA.USER.GROUP.SYNCHRONIZEDbooleanIs group synchronized.

Command Example#

!sta-get-user-groups userName="hellouser"

Context Example#

{
"STA": {
"USER": {
"email": "test.user@demisto.com",
"firstName": "Hello",
"groups": [
{
"description": "User would be added to unusual activity group on denying Push Notification.",
"id": "50331650",
"isSynchronized": false,
"name": "TestUnusualActivityGroup",
"schemaVersionNumber": "1.0"
},
{
"description": "Group for testing.",
"id": "50331652",
"isSynchronized": false,
"name": "TestGroup0",
"schemaVersionNumber": "1.0"
}
],
"id": "CNlM6rvB0uQDXA4rWyUAAAAc",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"userName": "hellouser"
}
}
}

Human Readable Output#

Groups associated with user - hellouser :#

IdSchema Version NumberNameDescriptionIs Synchronized
503316501.0TestUnusualActivityGroupGroup for testing.false
503316521.0TestGroup0Group for testing.false

sta-get-group-list#


Get list of groups in the tenant.

Base Command#

sta-get-group-list

Input#

Argument NameDescriptionRequired
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group.
STA.GROUP.SCHEMAstringSchema version for the group.
STA.GROUP.NAMEstringName of the group.
STA.GROUP.DESCRIPTIONstringDescription of the group.
STA.GROUP.SYNCHRONIZEDbooleanIs group synchronized.

Command Example#

!sta-get-group-list

Context Example#

{
"STA": {
"GROUP": [
{
"description": "Description has been updated.",
"id": "50331649",
"isSynchronized": false,
"name": "TestGroup1",
"schemaVersionNumber": "1.0"
},
{
"description": "Unusual Activity Group for Testing",
"id": "50331650",
"isSynchronized": false,
"name": "TestUnusualActivityGroup",
"schemaVersionNumber": "1.0"
},
{
"description": "Group for testing.",
"id": "50331652",
"isSynchronized": false,
"name": "TestGroup0",
"schemaVersionNumber": "1.0"
}
]
}
}

Human Readable Output#

STA groups in the tenant :#

IdSchema Version NumberNameDescriptionIs Synchronized
503316491.0TestGroup1Description has been updated.false
503316501.0TestUnusualActivityGroupUnusual Activity Group for Testingfalse
503316521.0TestGroup0Group for testing.false

sta-get-group-info#


Get information for a specific group.

Base Command#

sta-get-group-info

Input#

Argument NameDescriptionRequired
groupNameName of the group.Required

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group.
STA.GROUP.SCHEMAstringSchema version for the group.
STA.GROUP.NAMEstringName of the group.
STA.GROUP.DESCRIPTIONstringDescription of the group.
STA.GROUP.SYNCHRONIZEDbooleanIs group synchronized.

Command Example#

!sta-get-group-info groupName="TestGroup1"

Context Example#

{
"STA": {
"GROUP": {
"description": "Description has been updated.",
"id": "50331649",
"isSynchronized": false,
"name": "TestGroup1",
"schemaVersionNumber": "1.0"
}
}
}

Human Readable Output#

Group - TestGroup1 :#

IdSchema Version NumberNameDescriptionIs Synchronized
503316491.0TestGroup1Description has been updated.false

sta-get-group-members#


Get list of users in a specific group.

Base Command#

sta-get-group-members

Input#

Argument NameDescriptionRequired
groupNameName of the group.Required
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group.
STA.GROUP.SCHEMAstringSchema version for the group.
STA.GROUP.NAMEstringName of the group.
STA.GROUP.DESCRIPTIONstringDescription of the group.
STA.GROUP.SYNCHRONIZEDbooleanIs group synchronized.
STA.GROUP.USER.IDstringUser ID of the user.
STA.GROUP.USER.NAMEstringUsername of the user.
STA.GROUP.USER.TYPEstringType of the user.
STA.GROUP.USER.LINKS.SELFstringLink for the user details.

Command Example#

!sta-get-group-members groupName="TestGroup0"

Context Example#

{
"STA": {
"GROUP": {
"description": "Group for testing.",
"id": "50331652",
"isSynchronized": false,
"name": "TestGroup0",
"schemaVersionNumber": "1.0",
"users": [
{
"id": "CNlM6Pyq3nADXA4rWyUAAAAc",
"links": {
"self": "https://api.stademo.com/api/v1/tenants/HNISOUTHA4/users/CNlM6Pyq7nADXA4rWyUAAATc?isUid=true"
},
"name": "demouser",
"type": "User"
},
{
"id": "CNlM6rvB0uQDXA4rWyUAAAAc",
"links": {
"self": "https://api.stademo.com/api/v1/tenants/HNISOUTHA4/users/CNlM6rvB9uQDXA4rWyUAAATc?isUid=true"
},
"name": "hellouser",
"type": "User"
}
]
}
}
}

Human Readable Output#

Members of group - TestGroup0 :#

IdNameType
CNlM6Pyq3nADXA4rWyUAAAAcdemouserUser
CNlM6rvB0uQDXA4rWyUAAAAchellouserUser

sta-create-group#


Create a new group in the tenant.

Base Command#

sta-create-group

Input#

Argument NameDescriptionRequired
groupNameName of the group.Required
descriptionDescription of the group.Optional
synchronizedIs group synchronized.Optional

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group.
STA.GROUP.SCHEMAstringSchema version for the group.
STA.GROUP.NAMEstringName of the group.
STA.GROUP.DESCRIPTIONstringDescription of the group.
STA.GROUP.SYNCHRONIZEDbooleanIs group synchronized.

Command Example#

!sta-create-group groupName="TestGroup2" description="Group description." synchronized=False

Context Example#

{
"STA": {
"GROUP": {
"description": "Group description.",
"id": "16777228",
"isSynchronized": false,
"name": "TestGroup2",
"schemaVersionNumber": "1.0"
}
}
}

Human Readable Output#

STA group - TestGroup2 successfully created:#

IdSchema Version NumberNameDescriptionIs Synchronized
167772281.0TestGroup2Group description.false

sta-delete-group#


Delete group from the tenant.

Base Command#

sta-delete-group

Input#

Argument NameDescriptionRequired
groupNameName of the group to be deleted.Required

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group to be deleted.
STA.GROUP.GROUPNAMEstringName of the group to be deleted.
STA.GROUP.DELETEDbooleanReturns true, if the group is deleted from the tenant.

Command Example#

!sta-delete-group groupName="TestGroup2"

Context Example#

{
"STA": {
"GROUP": {
"Deleted": true,
"groupName": "TestGroup2",
"id": "16777228"
}
}
}

Human Readable Output#

STA group - TestGroup2 successfully deleted.#

sta-update-group-info#


Update information for a specific group.

Base Command#

sta-update-group-info

Input#

Argument NameDescriptionRequired
groupNameName of the group to be updated.Required
descriptionDescription of the group.Optional
groupName_newNew name in case you want to update the group name.Optional

Context Output#

PathTypeDescription
STA.GROUP.IDstringGroup ID of the group.
STA.GROUP.SCHEMAstringSchema version for the group.
STA.GROUP.NAMEstringName of the group.
STA.GROUP.DESCRIPTIONstringDescription of the group.
STA.GROUP.SYNCHRONIZEDbooleanIs group synchronized.

Command Example#

!sta-update-group-info groupName="TestGroup1" description="Description has been updated."

Context Example#

{
"STA": {
"GROUP": {
"description": "Description has been updated.",
"id": "50331649",
"isSynchronized": false,
"name": "TestGroup1",
"schemaVersionNumber": "1.0"
}
}
}

Human Readable Output#

STA user successfully updated :#

IdSchema Version NumberNameDescriptionIs Synchronized
503316491.0TestGroup1Description has been updated.false

sta-user-exist-group#


Check if user exists in a specific group.

Base Command#

sta-user-exist-group

Input#

Argument NameDescriptionRequired
userNameUsername of the user to be checked.Required
groupNameGroup name in which you want to search for the user.Required

Context Output#

PathTypeDescription
STA.EXIST.USER.GROUPbooleanCheck if user exists in group. Returns true, if the user is a member of the group.

Command Example#

!sta-user-exist-group groupName="TestGroup1" userName="hellouser"

Context Example#

{
"STA": {
"EXIST": {
"USER": {
"GROUP": true
}
}
}
}

Human Readable Output#

Yes, user - hellouser is a member of group - TestGroup1.#

sta-add-user-group#


Add user to a specific group.

Base Command#

sta-add-user-group

Input#

Argument NameDescriptionRequired
userNameUser name of the user to be added.Required
groupNameName of the group in which the user needs to be added.Required

Context Output#

PathTypeDescription
STA.UPDATE.USER.GROUP.USERIDstringUser ID of the user.
STA.UPDATE.USER.GROUP.USERNAMEstringUsername of the user.
STA.UPDATE.USER.GROUP.GROUPIDstringGroup ID of the group.
STA.UPDATE.USER.GROUP.GROUPNAMEstringGroupname of the group.
STA.UPDATE.USER.GROUP.STATUSbooleanReturns true, if the user successfully added to the group.

Command Example#

!sta-add-user-group groupName="TestGroup1" userName="hellouser"

Context Example#

{
"STA": {
"UPDATE": {
"USER": {
"GROUP": {
"groupName": "TestGroup1",
"group_id": "50331649",
"status": true,
"userName": "hellouser",
"user_id": "CNlM6rvB0uQDXA4rWyUAAAAc"
}
}
}
}
}

Human Readable Output#

User - hellouser successfully added to the group - TestGroup1.#

sta-remove-user-group#


Remove user from a group.

Base Command#

sta-remove-user-group

Input#

Argument NameDescriptionRequired
userNameUser name of the user to be deleted from the group.Required
groupNameGroup name from which the user needs to be deleted.Required

Context Output#

PathTypeDescription
STA.UPDATE.USER.GROUP.USERIDstringUser ID of the user.
STA.UPDATE.USER.GROUP.USERNAMEstringUsername of the user.
STA.UPDATE.USER.GROUP.GROUPIDstringGroup ID of the group.
STA.UPDATE.USER.GROUP.GROUPNAMEstringGroupname of the group.
STA.UPDATE.USER.GROUP.STATUSbooleanReturns false, if the user successfully removed from the group.

Command Example#

!sta-remove-user-group groupName="TestGroup1" userName="hellouser"

Context Example#

{
"STA": {
"UPDATE": {
"USER": {
"GROUP": {
"groupName": "TestGroup1",
"group_id": "50331649",
"status": false,
"userName": "hellouser",
"user_id": "CNlM6rvB0uQDXA4rWyUAAAAc"
}
}
}
}
}

Human Readable Output#

User - hellouser successfully removed from the group - TestGroup1.#

sta-get-logs#


Get access, authentication, and audit logs.

Base Command#

sta-get-logs

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Optional
sinceFilter logs since the specified date and time in Universal Time Coordinated time zone. Format : yyyy-mm-ddTHH:mm:ss.fffZ .Example : 2021-06-03T06:27:00.000ZOptional
untilFilter logs until the specified date and time in Universal Time Coordinated time zone. Format : yyyy-mm-ddTHH:mm:ss.fffZ .Example : 2021-06-03T07:40:00.000ZOptional
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.LOGS.TIMESTAMPstringTimestamp of event.
STA.LOGS.USERNAMEstringUsername of the user.
STA.LOGS.TYPEstringType of event log.
STA.LOGS.CREDENTIALstringCredential type of the event.
STA.LOGS.ACTIONstringAuthentication action.
STA.LOGS.RESULTstringAuthentication Action Result.
STA.LOGS.MESSAGEstringMessage or description of the event.
STA.LOGS.APPLICATIONstringApplication name.
STA.LOGS.POLICYstringPolicy applied for the application.
STA.LOGS.STATEstringState of the access request.
STA.LOGS.OPERATIONTYPEstringOperation type.
STA.LOGS.OPERATIONOBJECTstringOperation object type.
STA.LOGS.OPERATIONNAMEstringOperation object name.
STA.LOGS.SERIALstringSerial number of authentication.
STA.LOGS.IPstringIP address of the user.

Command Example#

!sta-get-logs userName="demouser" since="2021-07-21T12:22:16.718Z"

Context Example#

{
"STA": {
"LOGS": [
{
"actionText": "AUTH_ATTEMPT",
"applicationName": "",
"credentialType": "MobilePASS",
"ip": "8.8.8.8",
"logType": "AUTHENTICATION",
"message": "Login from SafeNet Authentication Service Console.",
"operationObjectName": "",
"operationObjectType": "",
"operationType": "",
"policyName": "",
"resultText": "CHALLENGE",
"serial": "1000014514",
"state": "",
"timeStamp": "2021-07-22T08:19:05.5905986Z",
"userName": "demouser"
},
{
"actionText": "AUTH_ATTEMPT",
"applicationName": "",
"credentialType": "MobilePASS",
"ip": "8.8.8.8",
"logType": "AUTHENTICATION",
"message": "Login from SafeNet Authentication Service Console.",
"operationObjectName": "",
"operationObjectType": "",
"operationType": "",
"policyName": "",
"resultText": "AUTH_SUCCESS",
"serial": "1000014514",
"state": "",
"timeStamp": "2021-07-22T08:20:45.5326006Z",
"userName": "demouser"
},
{
"actionText": "",
"applicationName": "",
"credentialType": "otp",
"ip": "8.8.8.8",
"logType": "OPERATOR_LOGIN",
"message": "",
"operationObjectName": "",
"operationObjectType": "",
"operationType": "",
"policyName": "",
"resultText": "",
"serial": "",
"state": "Accepted",
"timeStamp": "2021-07-22T08:20:45.638Z",
"userName": "demouser"
}
]
}
}

Human Readable Output#

Logs :#

Time StampUser NameLog TypeCredential TypeAction TextResult TextMessageStateSerialIp
2021-07-22T08:19:05.5905986ZdemouserAUTHENTICATIONMobilePASSAUTH_ATTEMPTCHALLENGELogin from SafeNet Authentication Service Console.10000145148.8.8.8
2021-07-22T08:20:45.5326006ZdemouserAUTHENTICATIONMobilePASSAUTH_ATTEMPTAUTH_SUCCESSLogin from SafeNet Authentication Service Console.10000145148.8.8.8
2021-07-22T08:20:45.638ZdemouserOPERATOR_LOGINotpAccepted8.8.8.8

sta-validate-tenant#


Checks if you have permission to access the requested tenant.

Base Command#

sta-validate-tenant

Input#

Argument NameDescriptionRequired

Context Output#

PathTypeDescription
STA.VALIDATE.TENANTbooleanChecks if you have permission to access the requested tenant.

Command Example#

!sta-validate-tenant

Context Example#

{
"STA": {
"VALIDATE": {
"TENANT": true
}
}
}

Human Readable Output#

The requested tenant is accessible.#

sta-get-application-list#


Get the list of the applications in the tenant.

Base Command#

sta-get-application-list

Input#

Argument NameDescriptionRequired
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.APPLICATION.IDstringID of the application.
STA.APPLICATION.NAMEstringName of the application.
STA.APPLICATION.STATUSstringStatus of the application.

Command Example#

!sta-get-application-list

Context Example#

{
"STA": {
"APPLICATION": [
{
"id": "g444faf1-6d7a-44t2-98c1-43572422b409",
"name": "Application1",
"status": "Active"
},
{
"id": "k0de1afc-59ef-66bc-9abd-dacca890a390",
"name": "Application2",
"status": "Active"
}
]
}
}

Human Readable Output#

List of applications in the tenant :#

IdNameStatus
g444faf1-6d7a-44t2-98c1-43572422b409Application1Active
k0de1afc-59ef-66bc-9abd-dacca890a390Application2Active

sta-get-application-info#


Get the information for a specific application in the tenant.

Base Command#

sta-get-application-info

Input#

Argument NameDescriptionRequired
applicationNameName of the application.Required

Context Output#

PathTypeDescription
STA.APPLICATION.IDstringID of the application.
STA.APPLICATION.NAMEstringName of the application.
STA.APPLICATION.STATUSstringStatus of the application.
STA.APPLICATION.TYPEstringStatus of the application.
STA.APPLICATION.TEMPLATEstringName of the template.
STA.APPICATION.ASSIGNMENTstringGroups or users authorized to access an application.
STA.APPICATION.SCHEMAstringSchema version number.
STA.APPICATION.LASTMODIFIEDstringLast modified date and time of application.

Command Example#

!sta-get-application-info applicationName="Application1"

Context Example#

{
"STA": {
"APPLICATION": {
"applicationType": "Saml",
"assignment": {
"everyone": true
},
"id": "9ccbad94-06c2-4af2-bb9b-af9f811ccfdb",
"lastModified": "2021-08-27T12:25:47.998Z",
"name": "Application1",
"schemaVersionNumber": "1.0",
"status": "Active",
"templateName": "Template1"
}
}
}

Human Readable Output#

Information of application - Application1 :#

IdNameStatusApplication TypeTemplate NameAssignmentSchema Version NumberLast Modified
9ccbad94-06c2-4af2-bb9b-af9f811ccfdbApplication1ActiveSamlTemplate1All1.02021-08-27T12:25:47.998Z

sta-get-user-applications#


Get the list of the applications assigned to a specific user.

Base Command#

sta-get-user-applications

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Required
limitThe maximum number of results to return.Optional

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERnumberMobile number for the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEnumberPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.
STA.USER.APPLICATION.IDstringID of the application.
STA.USER.APPLICATION.NAMEstringName of the application.
STA.USER.APPLICATION.STATUSstringStatus of the application.

Command Example#

!sta-get-user-applications userName="hellouser"

Context Example#

{
"STA": {
"USER": {
"applications": [
{
"id": "9570b825-961e-4ed3-aa51-e53b732b16ec",
"name": "Application1",
"status": "Active"
},
{
"id": "66df07af-7c95-42e7-b0cd-2e97b6827d59",
"name": "Application2",
"status": "Active"
}
],
"email": "test.user@demisto.com",
"firstName": "Hello",
"id": "ONksETu5i8cDs0k67bQAAAD9",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"userName": "hellouser"
}
}
}

Human Readable Output#

Applications associated with user - hellouser :#

IdNameStatus
9570b825-961e-4ed3-aa51-e53b732b16ecApplication1Active
66df07af-7c95-42e7-b0cd-2e97b6827d59Application2Active

sta-get-user-sessions#


Get sessions for a specific user.

Base Command#

sta-get-user-sessions

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Required

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.SCHEMAstringSchema version number.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.FIRSTNAMEstringFirst name of the user.
STA.USER.LASTNAMEstringLast name of the user.
STA.USER.EMAILstringEmail ID of the user.
STA.USER.MOBILENUMBERnumberMobile number for the user.
STA.USER.ALIAS1stringAlias for the user.
STA.USER.ALIAS2stringAdditional alias for the user.
STA.USER.CUSTOM1stringCustom value for the user.
STA.USER.CUSTOM2stringAdditional custom value for the user.
STA.USER.CUSTOM3stringAdditional custom value for the user.
STA.USER.ADDRESSstringAddress of the user.
STA.USER.CITYstringCity of the user.
STA.USER.STATEstringState of the user.
STA.USER.COUNTRYstringCountry of the user.
STA.USER.POSTALCODEnumberPostal Code of the user.
STA.USER.SYNCHRONIZEDbooleanIs user synchronized.
STA.USER.SESSION.IDstringSession ID for the user.
STA.USER.SESSION.STARTstringSession start timestamp.
STA.USER.SESSION.EXPIRYstringSession end timestamp.
STA.USER.SESSION.APPLICATION.IDstringName of the application.
STA.USER.SESSION.APPLICATION.NAMEbooleanReturns true, if the user session is deleted for an application.

Command Example#

!sta-get-user-sessions userName="hellouser"

Context Example#

{
"STA": {
"USER": {
"email": "test.user@demisto.com",
"firstName": "Hello",
"id": "ONksETu5i8cDs0k67bQAAAD9",
"isSynchronized": false,
"lastName": "User",
"schemaVersionNumber": "1.0",
"sessions": [
{
"applications": [
{
"id": "entity-id1",
"name": "Application1"
},
{
"id": "entity-id2",
"name": "Application2"
}
],
"expiry": 1633086960,
"id": "86f4593d-fb8a-4f62-byd9-ceb833a8090b",
"start": 1633079752
}
],
"userName": "hellouser"
}
}
}

Human Readable Output#

Sessions associated with user - hellouser :#

IdStartExpiryApplications
86f4593d-fb8a-4f62-byd9-ceb833a8090b16330797521633086960Application1, Application2

sta-delete-user-sessions#


Delete all the active SSO sessions for a specific user from STA.

Base Command#

sta-delete-user-sessions

Input#

Argument NameDescriptionRequired
userNameUsername of the user.Required

Context Output#

PathTypeDescription
STA.USER.IDstringUser ID of the user.
STA.USER.USERNAMEstringUsername of the user.
STA.USER.SESSION.DELETEDbooleanReturns true, if all the user SSO sessions are deleted successfully.

Command Example#

!sta-delete-user-sessions userName="hellouser"

Context Example#

{
"STA": {
"USER": {
"id": "",
"sessions": {
"Deleted": true
},
"userName": "hellouser"
}
}
}

Human Readable Output#

IDP Sessions for the user - hellouser successfully deleted.#