Skip to main content

WALLIX Bastion

This Integration is part of the WALLIX Bastion Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.5.0 and later.

Bastion integration for Cortex XSOAR#

Centralized Control and Monitoring of Privileged Access to Sensitive Assets

Configure WALLIX Bastion on Cortex XSOAR#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for WALLIX Bastion.

  3. Click Add instance to create and configure a new integration instance.

    ParameterRequired
    Server URL (e.g. localhost)True
    API Auth UserTrue
    API Auth KeyTrue
    Trust any certificate (not secure)False
    Use system proxy settingsFalse
    API version to use. Leave the field empty to use the latest API version available.False

  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

wab-add-account-in-global-domain#

Add an account in a global domain

Base Command#

wab-add-account-in-global-domain

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
domain_account_post_account_loginThe account login.Required
domain_account_post_account_nameThe account name. /: ?" |@ and space are forbidden.Required
domain_account_post_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
domain_account_post_auto_change_ssh_keyAutomatically change the ssh key. It is enabled by default on a new account.Optional
domain_account_post_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
domain_account_post_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
domain_account_post_checkout_policyThe account checkout policy.Required
domain_account_post_descriptionThe account description.Optional
domain_account_post_resourcesThe account resources.Optional

Context Output#

There is no context output for this command.

wab-add-account-to-local-domain-of-application#

Add an account to a local domain of an application

Base Command#

wab-add-account-to-local-domain-of-application

Input#

Argument NameDescriptionRequired
application_idThe application id or name.Required
domain_idThe local domain id or name.Required
app_account_post_account_loginThe account login.Required
app_account_post_account_nameThe account name. /: ?" |@ and space are forbidden.Required
app_account_post_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
app_account_post_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
app_account_post_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
app_account_post_checkout_policyThe account checkout policy.Required
app_account_post_descriptionThe account description.Optional

Context Output#

There is no context output for this command.

wab-add-account-to-local-domain-on-device#

Add an account to a local domain on a device

Base Command#

wab-add-account-to-local-domain-on-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
domain_idThe local domain id or name.Required
device_account_post_account_loginThe account login.Required
device_account_post_account_nameThe account name. /: ?" |@ and space are forbidden.Required
device_account_post_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
device_account_post_auto_change_ssh_keyAutomatically change the ssh key. It is enabled by default on a new account.Optional
device_account_post_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
device_account_post_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
device_account_post_checkout_policyThe account checkout policy.Required
device_account_post_descriptionThe account description.Optional
device_account_post_servicesThe account services.Optional

Context Output#

There is no context output for this command.

wab-add-authorization#

Add an authorization

Base Command#

wab-add-authorization

Input#

Argument NameDescriptionRequired
authorization_post_active_quorumThe quorum for active periods (-1: approval workflow with automatic approval, 0: no approval workflow (direct connection), 0: quorum to reach).Optional
authorization_post_approval_requiredApproval is required to connect to targets.Optional
authorization_post_approval_timeoutSet a timeout in minutes after which the approval will be automatically closed if no connection has been initiated (i.e. the user won't be able to connect). 0: no timeout.Optional
authorization_post_approversThe approvers user groups.Optional
authorization_post_authorization_nameThe authorization name. \ /: ?" |@& and space are forbidden.Required
authorization_post_authorize_password_retrievalAuthorize password retrieval. Enabled by default.Optional
authorization_post_authorize_session_sharingEnable Session Sharing.Optional
authorization_post_authorize_sessionsAuthorize sessions via proxies. Enabled by default.Optional
authorization_post_descriptionThe authorization description.Optional
authorization_post_has_commentComment is allowed in approval.Optional
authorization_post_has_ticketTicket is allowed in approval.Optional
authorization_post_inactive_quorumThe quorum for inactive periods (-1: approval workflow with automatic approval, 0: no connection allowed, 0: quorum to reach).Optional
authorization_post_is_criticalDefine if it's critical.Optional
authorization_post_is_recordedDefine if it's recorded.Optional
authorization_post_mandatory_commentComment is mandatory in approval.Optional
authorization_post_mandatory_ticketTicket is mandatory in approval.Optional
authorization_post_session_sharing_modeThe Session Sharing Mode. Possible values are: view_only, view_control.Optional
authorization_post_single_connectionLimit to one single connection during the approval period (i.e. if the user disconnects, he will not be allowed to start a new session during the original requested time).Optional
authorization_post_subprotocolsThe authorization subprotocols. It is mandatory if "authorize_sessions" is enabled (default).Optional
authorization_post_target_groupThe target group.Required
authorization_post_user_groupThe user group.Required

Context Output#

There is no context output for this command.

wab-add-device#

Add a device

Base Command#

wab-add-device

Input#

Argument NameDescriptionRequired
device_post_hostThe device host address.Required
device_post_aliasThe device alias. \ /: ?" |@ and space are forbidden.Optional
device_post_descriptionThe device description.Optional
device_post_device_nameThe device name. \ /: ?" |@ and space are forbidden.Required

Context Output#

There is no context output for this command.

wab-add-notification#

Add a notification

Base Command#

wab-add-notification

Input#

Argument NameDescriptionRequired
notification_post_descriptionThe notification description.Optional
notification_post_destinationDestination for notification; for the type "email", this is a list of recipient emails se ted by ";".Required
notification_post_enabledNotification is enabled.Required
notification_post_eventsThe list of events that will trigger a notification.Optional
notification_post_languageThe notification language (in email). Possible values are: de, en, es, fr, ru.Required
notification_post_notification_nameThe notification name.Required
notification_post_typeNotification type. Possible values are: email.Required

Context Output#

There is no context output for this command.

wab-add-user#

Add a user

Base Command#

wab-add-user

Input#

Argument NameDescriptionRequired
password_hashSet password hash if true. In Configuration Options menu REST API then Advanced options, you should set User password hash and change the default Data encryption key.Optional
user_post_certificate_dnThe certificate DN (for X509 authentication).Optional
user_post_display_nameThe displayed name.Optional
user_post_emailThe email address.Required
user_post_expiration_dateAccount expiration date/time (format: "yyyy-mm-dd hh:mm").Optional
user_post_force_change_pwdForce password change.Optional
user_post_gpg_public_keyThe GPG public key (ascii output from the command: 'gpg --armor --export [USER_ID]').Optional
user_post_groupsThe groups containing this user.Optional
user_post_ip_sourceThe source IP to limit access. Format is a comma-se ted list of IPv4 or IPV6 addresses, subnets, ranges or domain, for example: 1.2.3.4,2001:db8:๐Ÿ”ข5678,192.168.1.10/24,10.11.12.13-14.15.16.17,example.com.Optional
user_post_is_disabledAccount is disabled.Optional
user_post_last_connectionThe last connection of this user.Optional
user_post_passwordThe password.Optional
user_post_preferred_languageThe preferred language. Possible values are: de, en, es, fr, ru.Optional
user_post_profileThe user profile.Required
user_post_ssh_public_keyThe SSH public key.Optional
user_post_user_authsThe authentication procedures(s).Required
user_post_user_nameThe user name. /: ?" | are forbidden.Required

Context Output#

There is no context output for this command.

wab-cancel-accepted-approval#

Cancel an accepted approval. Note: you can cancel an approval only if you are in approvers groups of authorization and the end date is still not reached

Base Command#

wab-cancel-accepted-approval

Input#

Argument NameDescriptionRequired
approval_assignment_cancel_post_commentThe cancel comment.Required
approval_assignment_cancel_post_idThe approval id.Required

Context Output#

There is no context output for this command.

wab-cancel-approval-request#

Cancel an approval request

Base Command#

wab-cancel-approval-request

Input#

Argument NameDescriptionRequired
approval_request_cancel_post_idThe approval id.Required

Context Output#

There is no context output for this command.

wab-cancel-scan-job#

Cancel a scan job

Base Command#

wab-cancel-scan-job

Input#

Argument NameDescriptionRequired
scanjob_idThe scan id or name to edit.Required

Context Output#

There is no context output for this command.

wab-check-if-approval-is-required-for-target#

Check if an approval is required for this target (optionally for a given date in future)

Base Command#

wab-check-if-approval-is-required-for-target

Input#

Argument NameDescriptionRequired
target_nameThe target name (for example 'account@domain@device:service').Required
authorizationThe name of the authorization (in case of multiple authorizations to access the target).Optional
beginThe date/time (in future) for the check, current date/time is used by default (format is 'yyyy-mm-dd hh:mm').Optional

Context Output#

PathTypeDescription
WAB.approval_request_target_get.approvalStringTells whether an approval request is needed to access the target or not: not_authorized = connection is not authorized at all, not_required = connection is allowed without approval request, required = an approval request is required, pending = an approval request is pending, error = internal error.
WAB.approval_request_target_get.idStringThe approval id if an approval request is already pending for this target.
WAB.approval_request_target_get.messageStringA message with detail about the access to the target.

wab-create-session-request#

Create a session request

Base Command#

wab-create-session-request

Input#

Argument NameDescriptionRequired
session_request_post_modeThe session sharing mode. Possible values are: view_only, view_control.Required
session_request_post_session_idThe session id.Required

Context Output#

There is no context output for this command.

wab-delete-account#

Delete an account

Base Command#

wab-delete-account

Input#

Argument NameDescriptionRequired
account_idAn account id or complete name with account name, domain name and device/application name, for example: "Administrator@local@win10".Required

Context Output#

There is no context output for this command.

wab-delete-account-from-global-domain#

Delete an account from a global domain

Base Command#

wab-delete-account-from-global-domain

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
account_idThe account id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-account-from-local-domain-of-application#

Delete an account from a local domain of an application

Base Command#

wab-delete-account-from-local-domain-of-application

Input#

Argument NameDescriptionRequired
application_idThe application id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-account-from-local-domain-of-device#

Delete an account from a local domain of a device

Base Command#

wab-delete-account-from-local-domain-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-application#

Delete an application

Base Command#

wab-delete-application

Input#

Argument NameDescriptionRequired
application_idThe application id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-authorization#

Delete an authorization

Base Command#

wab-delete-authorization

Input#

Argument NameDescriptionRequired
authorization_idThe authorization id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-device#

Delete a device

Base Command#

wab-delete-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-notification#

Delete a notification

Base Command#

wab-delete-notification

Input#

Argument NameDescriptionRequired
notification_idThe notification id or name to delete.Required

Context Output#

There is no context output for this command.

wab-delete-pending-or-live-session-request#

Delete a pending or a live session request

Base Command#

wab-delete-pending-or-live-session-request

Input#

Argument NameDescriptionRequired
request_idThe session sharing request to delete.Required

Context Output#

There is no context output for this command.

wab-delete-resource-from-global-domain-account#

delete a resource from the global domain account

Base Command#

wab-delete-resource-from-global-domain-account

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
account_idThe account id or name.Required
resource_nameThe name of the resource to remove from the account.Required

Context Output#

There is no context output for this command.

wab-delete-service-from-device#

Delete a service from a device

Base Command#

wab-delete-service-from-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
service_idThe service id or name.Required

Context Output#

There is no context output for this command.

wab-edit-account-in-global-domain#

Edit an account in a global domain

Base Command#

wab-edit-account-in-global-domain

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
account_idThe account id or name to edit.Required
forceThe default value is false. When it is set to true the values of the credentials and services, if they are supplied, are replaced, otherwise the values are added to the existing ones.Optional
domain_account_put_account_loginThe account login.Optional
domain_account_put_account_nameThe account name. /: ?" |@ and space are forbidden.Optional
domain_account_put_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
domain_account_put_auto_change_ssh_keyAutomatically change the ssh key. It is enabled by default on a new account.Optional
domain_account_put_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
domain_account_put_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
domain_account_put_checkout_policyThe account checkout policy.Optional
domain_account_put_descriptionThe account description.Optional
domain_account_put_onboard_statusOnboarding status of the account. Possible values are: onboarded, to_onboard, hide, manual.Optional
domain_account_put_resourcesThe account resources.Optional

Context Output#

There is no context output for this command.

wab-edit-account-on-local-domain-of-application#

Edit an account on a local domain of an application

Base Command#

wab-edit-account-on-local-domain-of-application

Input#

Argument NameDescriptionRequired
application_idThe application id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name to edit.Required
forceThe default value is false. When it is set to true the values of the credentials and services, if they are supplied, are replaced, otherwise the values are added to the existing ones.Optional
app_account_put_account_loginThe account login.Optional
app_account_put_account_nameThe account name. /: ?" |@ and space are forbidden.Optional
app_account_put_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
app_account_put_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
app_account_put_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
app_account_put_checkout_policyThe account checkout policy.Optional
app_account_put_descriptionThe account description.Optional
app_account_put_onboard_statusOnboarding status of the account. Possible values are: onboarded, to_onboard, hide, manual.Optional

Context Output#

There is no context output for this command.

wab-edit-account-on-local-domain-of-device#

Edit an account on a local domain of a device

Base Command#

wab-edit-account-on-local-domain-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name to edit.Required
forceThe default value is false. When it is set to true the values of the credentials and services, if they are supplied, are replaced, otherwise the values are added to the existing ones.Optional
device_account_put_account_loginThe account login.Optional
device_account_put_account_nameThe account name. /: ?" |@ and space are forbidden.Optional
device_account_put_auto_change_passwordAutomatically change the password. It is enabled by default on a new account.Optional
device_account_put_auto_change_ssh_keyAutomatically change the ssh key. It is enabled by default on a new account.Optional
device_account_put_can_edit_certificate_validityTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise.Optional
device_account_put_certificate_validityThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain.Optional
device_account_put_checkout_policyThe account checkout policy.Optional
device_account_put_descriptionThe account description.Optional
device_account_put_onboard_statusOnboarding status of the account. Possible values are: onboarded, to_onboard, hide, manual.Optional
device_account_put_servicesThe account services.Optional

Context Output#

There is no context output for this command.

wab-edit-application#

Edit an application

Base Command#

wab-edit-application

Input#

Argument NameDescriptionRequired
application_idThe application id or name to edit.Required
forceThe default value is false. When it is set to true the values of the global_domains and tags are replaced, otherwise the values are added to the existing ones.Optional
application_put__metersThe application meters.Optional
application_put_application_nameThe application name. \/: ?" | and space are forbidden.Optional
application_put_connection_policyThe connection policy name.Optional
application_put_descriptionThe application description.Optional

Context Output#

There is no context output for this command.

wab-edit-authorization#

Edit an authorization

Base Command#

wab-edit-authorization

Input#

Argument NameDescriptionRequired
authorization_idThe authorization id or name to edit.Required
forceThe default value is false. When it is set to true the values of subprotocols and approvers are replaced otherwise the values are added to the existing ones.Optional
authorization_put_active_quorumThe quorum for active periods (-1: approval workflow with automatic approval, 0: no approval workflow (direct connection), 0: quorum to reach).Optional
authorization_put_approval_requiredApproval is required to connect to targets.Optional
authorization_put_approval_timeoutSet a timeout in minutes after which the approval will be automatically closed if no connection has been initiated (i.e. the user won't be able to connect). 0: no timeout.Optional
authorization_put_approversThe approvers user groups.Optional
authorization_put_authorization_nameThe authorization name. \ /: ?" |@& and space are forbidden.Optional
authorization_put_authorize_password_retrievalAuthorize password retrieval. Enabled by default.Optional
authorization_put_authorize_session_sharingEnable Session Sharing.Optional
authorization_put_authorize_sessionsAuthorize sessions via proxies. Enabled by default.Optional
authorization_put_descriptionThe authorization description.Optional
authorization_put_has_commentComment is allowed in approval.Optional
authorization_put_has_ticketTicket is allowed in approval.Optional
authorization_put_inactive_quorumThe quorum for inactive periods (-1: approval workflow with automatic approval, 0: no connection allowed, 0: quorum to reach).Optional
authorization_put_is_criticalDefine if it's critical.Optional
authorization_put_is_recordedDefine if it's recorded.Optional
authorization_put_mandatory_commentComment is mandatory in approval.Optional
authorization_put_mandatory_ticketTicket is mandatory in approval.Optional
authorization_put_session_sharing_modeThe Session Sharing Mode. Possible values are: view_only, view_control.Optional
authorization_put_single_connectionLimit to one single connection during the approval period (i.e. if the user disconnects, he will not be allowed to start a new session during the original requested time).Optional
authorization_put_subprotocolsThe authorization subprotocols. It is mandatory if "authorize_sessions" is enabled (default).Optional

Context Output#

There is no context output for this command.

wab-edit-device#

Edit a device

Base Command#

wab-edit-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name to edit.Required
forceThe default value is false. When it is set to true the values of the tags are replaced, otherwise the values are added to the existing ones.Optional
device_put_hostThe device host address.Optional
device_put_aliasThe device alias. \ /: ?" |@ and space are forbidden.Optional
device_put_descriptionThe device description.Optional
device_put_device_nameThe device name. \ /: ?" |@ and space are forbidden.Optional
device_put_onboard_statusOnboarding status of the device. Possible values are: onboarded, to_onboard, hide, manual.Optional

Context Output#

There is no context output for this command.

wab-edit-notification#

Edit a notification

Base Command#

wab-edit-notification

Input#

Argument NameDescriptionRequired
notification_idThe notification id or name to edit.Required
forceThe default value is false. When it is set to true the values of the events are replaced, otherwise the values are added to the existing ones.Optional
notification_put_descriptionThe notification description.Optional
notification_put_destinationDestination for notification; for the type "email", this is a list of recipient emails se ted by ";".Optional
notification_put_enabledNotification is enabled.Optional
notification_put_eventsThe list of events that will trigger a notification.Optional
notification_put_languageThe notification language (in email). Possible values are: de, en, es, fr, ru.Optional
notification_put_notification_nameThe notification name.Optional
notification_put_typeNotification type. Possible values are: email.Optional

Context Output#

There is no context output for this command.

wab-edit-service-of-device#

Edit a service of a device

Base Command#

wab-edit-service-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
service_idThe service id or name to edit.Required
forceThe default value is false. When it is set to true the values of the subprotocols and global_domains are replaced, otherwise the values are added to the existing ones.Optional
service_put_connection_policyThe connection policy name.Optional
service_put_global_domains.Optional
service_put_portThe port number.Optional

Context Output#

There is no context output for this command.

wab-edit-session#

Edit a session

Base Command#

wab-edit-session

Input#

Argument NameDescriptionRequired
session_idThe session id to edit.Required
actionThe action on the session: 'edit' to edit the session (default), 'kill' to kill the session.Optional
session_put_edit_descriptionThe new session description.Required

Context Output#

There is no context output for this command.

wab-extend-duration-time-to-get-passwords-for-target#

Extend the duration time to get the passwords for a given target

Base Command#

wab-extend-duration-time-to-get-passwords-for-target

Input#

Argument NameDescriptionRequired
account_nameA target name: 'account@domain@device' for an account on a device, 'account@domain@application' for an account on an application or 'account@domain' for an account on a global domain.Required
authorizationThe name of the authorization (in case of multiple authorizations to access the target).Optional

Context Output#

There is no context output for this command.

wab-generate-trace-for-session#

Generate a trace for a session

Base Command#

wab-generate-trace-for-session

Input#

Argument NameDescriptionRequired
session_trace_post_dateThe starting date/time (format: "yyyy-mm-dd hh:mm:ss").Optional
session_trace_post_durationThe duration (in seconds).Optional
session_trace_post_session_idThe session id.Required

Context Output#

There is no context output for this command.

wab-get-account-of-global-domain#

Get the account of a global domain

Base Command#

wab-get-account-of-global-domain

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
account_idThe account id or name.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.domain_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.domain_account_get.credentials.certificateStringThe certificate.
WAB.domain_account_get.credentials.idStringThe credential id.
WAB.domain_account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.domain_account_get.credentials.key_lenNumberThe key length.
WAB.domain_account_get.credentials.key_typeStringThe key type
WAB.domain_account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.domain_account_get.credentials.passwordStringThe account password.
WAB.domain_account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.domain_account_get.credentials.public_keyStringThe account public key.
WAB.domain_account_get.credentials.typeStringThe credential type.
WAB.domain_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.domain_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.urlStringThe API URL to the resource.

wab-get-account-reference#

Get account reference

Base Command#

wab-get-account-reference

Input#

Argument NameDescriptionRequired
account_idThe referenced account id or name.Required
reference_idAn account reference id or name. If specified, only this account reference is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.account_reference_get.accountStringThe referenced account name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.admin_accountStringThe administrator account used to change password references Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.descriptionStringThe account reference description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.devices.device_nameStringThe device name. \ /: ?"@ and space are forbidden.
WAB.account_reference_get.devices.error_dateStringThe date/time since which the status is "error", or null if the status is not "error".
WAB.account_reference_get.devices.error_descriptionStringThe description of the error, of null if the status is not "error".
WAB.account_reference_get.devices.statusStringThe status of the last password change on this device, or null it has never been changed.
WAB.account_reference_get.domainStringThe name of the domain defining the password change. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.idStringThe account reference id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.reference_nameStringThe reference name. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-account-references#

Get account references

Base Command#

wab-get-account-references

Input#

Argument NameDescriptionRequired
account_idThe referenced account id or name.Required
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'key'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.account_reference_get.accountStringThe referenced account name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.admin_accountStringThe administrator account used to change password references Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.descriptionStringThe account reference description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.devices.device_nameStringThe device name. \ /: ?"@ and space are forbidden.
WAB.account_reference_get.devices.error_dateStringThe date/time since which the status is "error", or null if the status is not "error".
WAB.account_reference_get.devices.error_descriptionStringThe description of the error, of null if the status is not "error".
WAB.account_reference_get.devices.statusStringThe status of the last password change on this device, or null it has never been changed.
WAB.account_reference_get.domainStringThe name of the domain defining the password change. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.idStringThe account reference id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_reference_get.reference_nameStringThe reference name. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-accounts-of-global-domain#

Get the accounts of a global domain

Base Command#

wab-get-accounts-of-global-domain

Input#

Argument NameDescriptionRequired
domain_idThe global domain id or name.Required
qSearches for a resource matching meters.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.domain_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.domain_account_get.credentials.certificateStringThe certificate.
WAB.domain_account_get.credentials.idStringThe credential id.
WAB.domain_account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.domain_account_get.credentials.key_lenNumberThe key length.
WAB.domain_account_get.credentials.key_typeStringThe key type
WAB.domain_account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.domain_account_get.credentials.passwordStringThe account password.
WAB.domain_account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.domain_account_get.credentials.public_keyStringThe account public key.
WAB.domain_account_get.credentials.typeStringThe credential type.
WAB.domain_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.domain_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_account_get.urlStringThe API URL to the resource.

wab-get-all-accounts#

Get all accounts

Base Command#

wab-get-all-accounts

Input#

Argument NameDescriptionRequired
account_typeThe account type: "global" for only global domain accounts, "device" for only device accounts, "application" for only application accounts. By default accounts of any type are returned. Cannot be used if an account_name and/or device/application is specified.Optional
applicationThe name of the application whose accounts must be returned. Cannot be used if an account_name and/or an account_type/device is specified.Optional
deviceThe name of the device whose accounts must be returned. Cannot be used if an account_name and/or an application is specified.Optional
passwordsReturn credentials (passwords and SSH keys) as-is without replacing content by stars. Note: this requires the Password Manager license, the flag "Credential recovery" in the profile of the user logged on the API and the "Credential recovery" option must be enabled in REST API configuration.Optional
key_formatFormat of the returned SSH public key of the account. Accepted values are 'openssh' (default value) and 'ssh.com'.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'account_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.applicationStringThe application name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.account_get.credentials.certificateStringThe certificate.
WAB.account_get.credentials.idStringThe credential id.
WAB.account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.account_get.credentials.key_lenNumberThe key length.
WAB.account_get.credentials.key_typeStringThe key type
WAB.account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.account_get.credentials.passwordStringThe account password.
WAB.account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.account_get.credentials.public_keyStringThe account public key.
WAB.account_get.credentials.typeStringThe credential type.
WAB.account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.deviceStringThe device name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.domainStringThe domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.urlStringThe API URL to the resource.

wab-get-all-accounts-on-device-local-domain#

Get all accounts on a device local domain

Base Command#

wab-get-all-accounts-on-device-local-domain

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
domain_idThe local domain id or name.Required
key_formatFormat of the returned SSH public key of the account. Accepted values are 'openssh' (default value) and 'ssh.com'.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'account_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.device_account_get.credentials.certificateStringThe certificate.
WAB.device_account_get.credentials.idStringThe credential id.
WAB.device_account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.device_account_get.credentials.key_lenNumberThe key length.
WAB.device_account_get.credentials.key_typeStringThe key type
WAB.device_account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.device_account_get.credentials.passwordStringThe account password.
WAB.device_account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.device_account_get.credentials.public_keyStringThe account public key.
WAB.device_account_get.credentials.typeStringThe credential type.
WAB.device_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.device_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.urlStringThe API URL to the resource.

wab-get-application#

Get the application

Base Command#

wab-get-application

Input#

Argument NameDescriptionRequired
application_idAn application id or name. If specified, only this application is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.application_get.parametersStringThe application meters. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.application_nameStringThe application name. \/: ?"and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.categoryStringThe application category. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.connection_policyStringThe connection policy name. Usable in the "q" meter.
WAB.application_get.descriptionStringThe application description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.idStringThe application id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.last_connectionStringThe last connection on this application. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.application_get.local_domains.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.enable_password_changeBooleanEnable the change of password on this domain.
WAB.application_get.local_domains.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.application_get.local_domains.password_change_policyStringThe name of password change policy for this domain.
WAB.application_get.local_domains.urlStringThe API URL to the resource.
WAB.application_get.urlStringThe API URL to the resource.

wab-get-application-account#

Get the application account

Base Command#

wab-get-application-account

Input#

Argument NameDescriptionRequired
application_idThe application id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.app_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.app_account_get.credentials.idStringThe credential id.
WAB.app_account_get.credentials.passwordStringThe account password.
WAB.app_account_get.credentials.typeStringThe credential type.
WAB.app_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.app_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.urlStringThe API URL to the resource.

wab-get-application-accounts#

Get the application accounts

Base Command#

wab-get-application-accounts

Input#

Argument NameDescriptionRequired
application_idThe application id or name.Required
domain_idThe local domain id or name.Required
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'account_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.app_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.app_account_get.credentials.idStringThe credential id.
WAB.app_account_get.credentials.passwordStringThe account password.
WAB.app_account_get.credentials.typeStringThe credential type.
WAB.app_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.app_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.app_account_get.urlStringThe API URL to the resource.

wab-get-applications#

Get the applications

Base Command#

wab-get-applications

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'application_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.application_get.parametersStringThe application meters. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.application_nameStringThe application name. \/: ?"and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.categoryStringThe application category. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.connection_policyStringThe connection policy name. Usable in the "q" meter.
WAB.application_get.descriptionStringThe application description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.idStringThe application id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.last_connectionStringThe last connection on this application. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.application_get.local_domains.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.enable_password_changeBooleanEnable the change of password on this domain.
WAB.application_get.local_domains.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.application_get.local_domains.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.application_get.local_domains.password_change_policyStringThe name of password change policy for this domain.
WAB.application_get.local_domains.urlStringThe API URL to the resource.
WAB.application_get.urlStringThe API URL to the resource.

wab-get-approval-request-pending-for-user#

Get the approval request pending for this user (by default the user logged on the REST API), or the approval request with the given id

Base Command#

wab-get-approval-request-pending-for-user

Input#

Argument NameDescriptionRequired
user(1st option) The name of a user (by default the user logged on the REST API).Optional
q(1st option) Searches for a resource matching meters.Optional
sort(1st option) Comma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: '-begin'.Optional
offset(1st option) The index of first item to retrieve (starts and defaults to 0).Optional
limit(1st option) The number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional
approval_id(2nd option) The approval request id (the 'id' returned when the approval was created).Optional

Context Output#

PathTypeDescription
WAB.approval_get.answers.approvedBooleanRequest approval (true = accepted, false = rejected).
WAB.approval_get.answers.approver_nameStringThe user name of approver.
WAB.approval_get.answers.commentStringThe answer comment.
WAB.approval_get.answers.dateStringThe answer date (format: "yyyy-mm-dd hh:mm").
WAB.approval_get.beginStringThe start date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.commentStringThe request description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.creationStringThe creation date (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.durationNumberThe allowed connection time, in minutes. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.emailStringThe user email. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.endStringThe end date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.idStringThe approval id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.languageStringThe user language code (en, fr, ...). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.quorumNumberThe quorum to reach. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.statusStringThe approval status. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.target_nameStringThe target name (example: account@domain@device:service).
WAB.approval_get.ticketStringThe ticket reference. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.timeoutNumberTimeout to initiate the first connection (in minutes). After that, the approval will be automatically closed. 0: no timeout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.urlStringThe API URL to the resource.
WAB.approval_get.user_nameStringThe user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-approvals#

Get the approvals

Base Command#

wab-get-approvals

Input#

Argument NameDescriptionRequired
approval_idAn approval id. If specified, only this approval is returned.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: '-begin'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.approval_get.answers.approvedBooleanRequest approval (true = accepted, false = rejected).
WAB.approval_get.answers.approver_nameStringThe user name of approver.
WAB.approval_get.answers.commentStringThe answer comment.
WAB.approval_get.answers.dateStringThe answer date (format: "yyyy-mm-dd hh:mm").
WAB.approval_get.beginStringThe start date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.commentStringThe request description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.creationStringThe creation date (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.durationNumberThe allowed connection time, in minutes. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.emailStringThe user email. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.endStringThe end date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.idStringThe approval id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.languageStringThe user language code (en, fr, ...). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.quorumNumberThe quorum to reach. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.statusStringThe approval status. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.target_nameStringThe target name (example: account@domain@device:service).
WAB.approval_get.ticketStringThe ticket reference. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.timeoutNumberTimeout to initiate the first connection (in minutes). After that, the approval will be automatically closed. 0: no timeout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.urlStringThe API URL to the resource.
WAB.approval_get.user_nameStringThe user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-approvals-for-all-approvers#

Get the approvals for a given approver

Base Command#

wab-get-approvals-for-all-approvers

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: '-begin'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.approval_get.answers.approvedBooleanRequest approval (true = accepted, false = rejected).
WAB.approval_get.answers.approver_nameStringThe user name of approver.
WAB.approval_get.answers.commentStringThe answer comment.
WAB.approval_get.answers.dateStringThe answer date (format: "yyyy-mm-dd hh:mm").
WAB.approval_get.beginStringThe start date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.commentStringThe request description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.creationStringThe creation date (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.durationNumberThe allowed connection time, in minutes. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.emailStringThe user email. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.endStringThe end date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.idStringThe approval id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.languageStringThe user language code (en, fr, ...). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.quorumNumberThe quorum to reach. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.statusStringThe approval status. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.target_nameStringThe target name (example: account@domain@device:service).
WAB.approval_get.ticketStringThe ticket reference. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.timeoutNumberTimeout to initiate the first connection (in minutes). After that, the approval will be automatically closed. 0: no timeout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.urlStringThe API URL to the resource.
WAB.approval_get.user_nameStringThe user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-approvals-for-approver#

Get the approvals for a given approver

Base Command#

wab-get-approvals-for-approver

Input#

Argument NameDescriptionRequired
user_nameThe name of a user (approver).Required
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: '-begin'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.approval_get.answers.approvedBooleanRequest approval (true = accepted, false = rejected).
WAB.approval_get.answers.approver_nameStringThe user name of approver.
WAB.approval_get.answers.commentStringThe answer comment.
WAB.approval_get.answers.dateStringThe answer date (format: "yyyy-mm-dd hh:mm").
WAB.approval_get.beginStringThe start date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.commentStringThe request description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.creationStringThe creation date (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.durationNumberThe allowed connection time, in minutes. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.emailStringThe user email. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.endStringThe end date/time for connection (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.idStringThe approval id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.languageStringThe user language code (en, fr, ...). Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.quorumNumberThe quorum to reach. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.statusStringThe approval status. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.target_nameStringThe target name (example: account@domain@device:service).
WAB.approval_get.ticketStringThe ticket reference. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.timeoutNumberTimeout to initiate the first connection (in minutes). After that, the approval will be automatically closed. 0: no timeout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.approval_get.urlStringThe API URL to the resource.
WAB.approval_get.user_nameStringThe user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-auth-domain#

Get the auth domain

Base Command#

wab-get-auth-domain

Input#

Argument NameDescriptionRequired
domain_idAn auth domain id or name to retrieve. If specified, only this auth domain information will be retrieved.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.auth_domain_get.auth_domain_nameStringThe auth domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.default_email_domainStringThe default email domain. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.default_languageStringThe default language. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.domain_nameStringThe domain name.\ Only alphanumeric characters, dots (.) and hyphens (-) are allowed \ Length ranges between 3 and 63. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.is_defaultBooleanThe domain is used by default. Usable in the "sort" meter.
WAB.auth_domain_get.typeStringThe domain type. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.urlStringThe API URL to the resource.

wab-get-auth-domains#

Get the auth domains

Base Command#

wab-get-auth-domains

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'domain_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.auth_domain_get.auth_domain_nameStringThe auth domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.default_email_domainStringThe default email domain. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.default_languageStringThe default language. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.domain_nameStringThe domain name.\ Only alphanumeric characters, dots (.) and hyphens (-) are allowed \ Length ranges between 3 and 63. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.is_defaultBooleanThe domain is used by default. Usable in the "sort" meter.
WAB.auth_domain_get.typeStringThe domain type. Usable in the "q" meter. Usable in the "sort" meter.
WAB.auth_domain_get.urlStringThe API URL to the resource.

wab-get-authentication#

Get the authentication

Base Command#

wab-get-authentication

Input#

Argument NameDescriptionRequired
auth_idAn authentication id. If specified, only this authentication is returned.Required
from_dateReturn authentications from this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
to_dateReturn authentications until this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
date_fieldThe field used for date comparison: "login" for the login time, "logout" for the logout time.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.authentication_get.diagnosticStringThe diagnostic message. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.domainStringThe user domain. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.idStringThe authentication id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.loginStringThe user connection date/time (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.logoutStringThe user deconnection date/time (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.resultBooleanThe authentication is successful. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.source_ipStringThe source IP. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.urlStringThe API URL to the resource.
WAB.authentication_get.usernameStringThe primary user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-authentications#

Get the authentications

Base Command#

wab-get-authentications

Input#

Argument NameDescriptionRequired
from_dateReturn authentications from this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
to_dateReturn authentications until this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
date_fieldThe field used for date comparison: "login" for the login time, "logout" for the logout time.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.authentication_get.diagnosticStringThe diagnostic message. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.domainStringThe user domain. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.idStringThe authentication id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.loginStringThe user connection date/time (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.logoutStringThe user deconnection date/time (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.resultBooleanThe authentication is successful. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.source_ipStringThe source IP. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authentication_get.urlStringThe API URL to the resource.
WAB.authentication_get.usernameStringThe primary user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-authorization#

Get the authorization

Base Command#

wab-get-authorization

Input#

Argument NameDescriptionRequired
authorization_idAn authorization id or name. If specified, only this authorization is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.authorization_get.active_quorumNumberThe quorum for active periods (-1: approval workflow with automatic approval, 0: no approval workflow (direct connection), 0: quorum to reach). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.approval_requiredBooleanApproval is required to connect to targets. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.approval_timeoutNumberSet a timeout in minutes after which the approval will be automatically closed if no connection has been initiated (i.e. the user won't be able to connect). 0: no timeout. Usable in the "q" meter.
WAB.authorization_get.authorization_nameStringThe authorization name. \ /: ?"@& and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_password_retrievalBooleanAuthorize password retrieval. Enabled by default. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_session_sharingBooleanEnable Session Sharing. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_sessionsBooleanAuthorize sessions via proxies. Enabled by default. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.descriptionStringThe authorization description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.has_commentBooleanComment is allowed in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.has_ticketBooleanTicket is allowed in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.idStringThe authorization id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.inactive_quorumNumberThe quorum for inactive periods (-1: approval workflow with automatic approval, 0: no connection allowed, 0: quorum to reach). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.is_criticalBooleanDefine if it's critical. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.is_recordedBooleanDefine if it's recorded. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.mandatory_commentBooleanComment is mandatory in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.mandatory_ticketBooleanTicket is mandatory in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.session_sharing_modeStringThe Session Sharing Mode. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.single_connectionBooleanLimit to one single connection during the approval period (i.e. if the user disconnects, he will not be allowed to start a new session during the original requested time). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.target_groupStringThe target group. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.urlStringThe API URL to the resource.
WAB.authorization_get.user_groupStringThe user group. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-authorizations#

Get the authorizations

Base Command#

wab-get-authorizations

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.authorization_get.active_quorumNumberThe quorum for active periods (-1: approval workflow with automatic approval, 0: no approval workflow (direct connection), 0: quorum to reach). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.approval_requiredBooleanApproval is required to connect to targets. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.approval_timeoutNumberSet a timeout in minutes after which the approval will be automatically closed if no connection has been initiated (i.e. the user won't be able to connect). 0: no timeout. Usable in the "q" meter.
WAB.authorization_get.authorization_nameStringThe authorization name. \ /: ?"@& and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_password_retrievalBooleanAuthorize password retrieval. Enabled by default. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_session_sharingBooleanEnable Session Sharing. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.authorize_sessionsBooleanAuthorize sessions via proxies. Enabled by default. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.descriptionStringThe authorization description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.has_commentBooleanComment is allowed in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.has_ticketBooleanTicket is allowed in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.idStringThe authorization id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.inactive_quorumNumberThe quorum for inactive periods (-1: approval workflow with automatic approval, 0: no connection allowed, 0: quorum to reach). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.is_criticalBooleanDefine if it's critical. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.is_recordedBooleanDefine if it's recorded. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.mandatory_commentBooleanComment is mandatory in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.mandatory_ticketBooleanTicket is mandatory in approval. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.session_sharing_modeStringThe Session Sharing Mode. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.single_connectionBooleanLimit to one single connection during the approval period (i.e. if the user disconnects, he will not be allowed to start a new session during the original requested time). Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.target_groupStringThe target group. Usable in the "q" meter. Usable in the "sort" meter.
WAB.authorization_get.urlStringThe API URL to the resource.
WAB.authorization_get.user_groupStringThe user group. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-certificate-on-device#

Get the certificate on a device

Base Command#

wab-get-certificate-on-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
cert_typeThe certificate type (SSH, RDP).Required
addressThe certificate address/ip.Required
portThe certificate port.Required
qSearch and return only certificates matching these words.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'type,address'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_certificates_get.addressStringThe certificate address. Usable in the "sort" meter.
WAB.device_certificates_get.fingerprintStringThe fingerprint of the certificate. Usable in the "sort" meter.
WAB.device_certificates_get.key_typeStringThe certificate key type. Usable in the "sort" meter.
WAB.device_certificates_get.last_modification_dateStringThe last time the certificate was modified. Usable in the "sort" meter.
WAB.device_certificates_get.portNumberThe certificate port. Usable in the "sort" meter.
WAB.device_certificates_get.typeStringThe certificate type. Usable in the "sort" meter.
WAB.device_certificates_get.urlStringThe API URL to the resource.

wab-get-certificates-on-device#

Get the certificates on a device

Base Command#

wab-get-certificates-on-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
qSearch and return only certificates matching these words.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'type,address'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_certificates_get.addressStringThe certificate address. Usable in the "sort" meter.
WAB.device_certificates_get.fingerprintStringThe fingerprint of the certificate. Usable in the "sort" meter.
WAB.device_certificates_get.key_typeStringThe certificate key type. Usable in the "sort" meter.
WAB.device_certificates_get.last_modification_dateStringThe last time the certificate was modified. Usable in the "sort" meter.
WAB.device_certificates_get.portNumberThe certificate port. Usable in the "sort" meter.
WAB.device_certificates_get.typeStringThe certificate type. Usable in the "sort" meter.
WAB.device_certificates_get.urlStringThe API URL to the resource.

wab-get-checkout-policies#

Get the checkout policies

Base Command#

wab-get-checkout-policies

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'checkout_policy_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.checkoutpolicy_get.change_credentials_at_checkinBooleanChange credentials at check-in. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.checkout_policy_nameStringThe checkout policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.descriptionStringThe checkout policy description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.durationNumberThe checkout duration (in seconds). It is mandatory if lock on checkout is enabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.enable_lockBooleanLock on checkout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.extensionNumberThe extension duration (in seconds). Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.idStringThe checkout policy id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.max_durationNumberThe max duration (in seconds). Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.urlStringThe API URL to the resource.

wab-get-checkout-policy#

Get the checkout policy

Base Command#

wab-get-checkout-policy

Input#

Argument NameDescriptionRequired
checkout_policy_idA checkout policy id or name. If specified, only this checkout policy is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.checkoutpolicy_get.change_credentials_at_checkinBooleanChange credentials at check-in. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.checkout_policy_nameStringThe checkout policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.descriptionStringThe checkout policy description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.durationNumberThe checkout duration (in seconds). It is mandatory if lock on checkout is enabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.enable_lockBooleanLock on checkout. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.extensionNumberThe extension duration (in seconds). Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.idStringThe checkout policy id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.max_durationNumberThe max duration (in seconds). Usable in the "q" meter. Usable in the "sort" meter.
WAB.checkoutpolicy_get.urlStringThe API URL to the resource.

wab-get-device#

Get the device

Base Command#

wab-get-device

Input#

Argument NameDescriptionRequired
device_idA device id or name. If specified, only this device is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_get.hostStringThe device host address. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.tags.idStringThe tag id.
WAB.device_get.tags.keyStringThe tag key. Must not start or end with a space.
WAB.device_get.tags.valueStringThe tag value. Must not start or end with a space.
WAB.device_get.aliasStringThe device alias. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.descriptionStringThe device description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.device_nameStringThe device name. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.idStringThe device id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.last_connectionStringThe last connection on this device. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.device_get.local_domains.ca_private_keyStringThe ssh private key of the signing authority for the ssh keys for accounts in the domain. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.device_get.local_domains.ca_public_keyStringThe ssh public key of the signing authority for the ssh keys for accounts in the domain.
WAB.device_get.local_domains.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.enable_password_changeBooleanEnable the change of password on this domain.
WAB.device_get.local_domains.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.device_get.local_domains.password_change_policyStringThe name of password change policy for this domain.
WAB.device_get.local_domains.urlStringThe API URL to the resource.
WAB.device_get.onboard_statusStringOnboarding status of the device Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.connection_policyStringThe connection policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.idStringThe service id. Usable in the "sort" meter.
WAB.device_get.services.portNumberThe port number. Usable in the "sort" meter. / The port number. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.protocolStringThe protocol. Usable in the "sort" meter. / The protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.service_nameStringThe service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "sort" meter. / The service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.urlStringThe API URL to the resource.
WAB.device_get.urlStringThe API URL to the resource.

wab-get-devices#

Get the devices

Base Command#

wab-get-devices

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'device_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_get.hostStringThe device host address. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.tags.idStringThe tag id.
WAB.device_get.tags.keyStringThe tag key. Must not start or end with a space.
WAB.device_get.tags.valueStringThe tag value. Must not start or end with a space.
WAB.device_get.aliasStringThe device alias. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.descriptionStringThe device description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.device_nameStringThe device name. \ /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.idStringThe device id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.last_connectionStringThe last connection on this device. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.device_get.local_domains.ca_private_keyStringThe ssh private key of the signing authority for the ssh keys for accounts in the domain. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.device_get.local_domains.ca_public_keyStringThe ssh public key of the signing authority for the ssh keys for accounts in the domain.
WAB.device_get.local_domains.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.enable_password_changeBooleanEnable the change of password on this domain.
WAB.device_get.local_domains.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.local_domains.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.device_get.local_domains.password_change_policyStringThe name of password change policy for this domain.
WAB.device_get.local_domains.urlStringThe API URL to the resource.
WAB.device_get.onboard_statusStringOnboarding status of the device Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.connection_policyStringThe connection policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.idStringThe service id. Usable in the "sort" meter.
WAB.device_get.services.portNumberThe port number. Usable in the "sort" meter. / The port number. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.protocolStringThe protocol. Usable in the "sort" meter. / The protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.service_nameStringThe service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "sort" meter. / The service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_get.services.urlStringThe API URL to the resource.
WAB.device_get.urlStringThe API URL to the resource.

wab-get-global-domain#

Get the global domain

Base Command#

wab-get-global-domain

Input#

Argument NameDescriptionRequired
domain_idA global domain id or name. If specified, only this domain is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.domain_get.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.domain_get.ca_private_keyStringThe ssh private key of the signing authority for the ssh keys for accounts in the domain. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.domain_get.ca_public_keyStringThe ssh public key of the signing authority for the ssh keys for accounts in the domain.
WAB.domain_get.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.domain_real_nameStringThe domain name used for connection to a target. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.enable_password_changeBooleanEnable the change of password on this domain.
WAB.domain_get.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.is_editableBooleanTrue if the domain is editable by the user who made the query. This might be slow to compute for a domain with many accounts if the user has limitations.
WAB.domain_get.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.domain_get.password_change_policyStringThe name of password change policy for this domain.
WAB.domain_get.urlStringThe API URL to the resource.
WAB.domain_get.vault_pluginStringThe name of vault plugin used to manage all accounts defined on this domain.

wab-get-global-domains#

Get the global domains

Base Command#

wab-get-global-domains

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'domain_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.domain_get.admin_accountStringThe administrator account used to change passwords on this domain (format: "account_name").
WAB.domain_get.ca_private_keyStringThe ssh private key of the signing authority for the ssh keys for accounts in the domain. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.domain_get.ca_public_keyStringThe ssh public key of the signing authority for the ssh keys for accounts in the domain.
WAB.domain_get.descriptionStringThe domain description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.domain_nameStringThe domain name. /: ?"@ are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.domain_real_nameStringThe domain name used for connection to a target. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.enable_password_changeBooleanEnable the change of password on this domain.
WAB.domain_get.idStringThe domain id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.domain_get.is_editableBooleanTrue if the domain is editable by the user who made the query. This might be slow to compute for a domain with many accounts if the user has limitations.
WAB.domain_get.password_change_pluginStringThe name of plugin used to change passwords on this domain.
WAB.domain_get.password_change_policyStringThe name of password change policy for this domain.
WAB.domain_get.urlStringThe API URL to the resource.
WAB.domain_get.vault_pluginStringThe name of vault plugin used to manage all accounts defined on this domain.

wab-get-information-about-wallix-bastion-license#

Get information about the WALLIX Bastion license

Base Command#

wab-get-information-about-wallix-bastion-license

Input#

There are no input arguments for this command.

Context Output#

PathTypeDescription
WAB.licenseinfo_get.clusteringBooleanClustering 3+ nodes option is enabled.
WAB.licenseinfo_get.data_leak_preventionBooleanData leak prevention option is enabled.
WAB.licenseinfo_get.enterpriseBooleanEnterprise license.
WAB.licenseinfo_get.evaluationBooleanLicense is the default evaluation license.
WAB.licenseinfo_get.expiration_dateStringThe license expiration date.
WAB.licenseinfo_get.externvault_enabledBooleanExternal Vaults option is enabled.
WAB.licenseinfo_get.functional_packStringName of the license type.
WAB.licenseinfo_get.haBooleanHigh Availibility (2 nodes) option is enabled.
WAB.licenseinfo_get.is_validBooleanLicense is valid.
WAB.licenseinfo_get.itsmBooleanInformation technology service management option is enabled.
WAB.licenseinfo_get.legacyBooleanLicense is of legacy type.
WAB.licenseinfo_get.named_userNumberThe current number of named users.
WAB.licenseinfo_get.named_user_maxNumberThe maximum number of named users allowed by the license.
WAB.licenseinfo_get.password_managerBooleanPassword manager is enabled.
WAB.licenseinfo_get.pm_targetNumberThe current number of PM targets.
WAB.licenseinfo_get.pm_target_maxNumberThe max number of PM targets allowed by the license.
WAB.licenseinfo_get.primaryNumberThe current number of primary connections.
WAB.licenseinfo_get.primary_maxNumberThe max number of primary connections allowed by the license.
WAB.licenseinfo_get.product_nameStringLicensed product name.
WAB.licenseinfo_get.resourceNumberThe current number of resources defined.
WAB.licenseinfo_get.resource_maxNumberThe max number of resources allowed by the license.
WAB.licenseinfo_get.revokedBooleanLicenses are revoked.
WAB.licenseinfo_get.secondaryNumberThe current number of secondary connections.
WAB.licenseinfo_get.secondary_maxNumberThe max number of secondary connections allowed by the license.
WAB.licenseinfo_get.session_managerBooleanSession manager is enabled.
WAB.licenseinfo_get.siem_enabledBooleanSIEM / Remote Syslog option is enabled.
WAB.licenseinfo_get.sm_targetNumberThe current number of SM targets.
WAB.licenseinfo_get.sm_target_maxNumberThe max number of SM targets allowed by the license.
WAB.licenseinfo_get.universal_tunnelingBooleanRAWTCP protocol usage is enabled.
WAB.licenseinfo_get.waapmNumberThe current number of WAAPM license used on the last 30 days.
WAB.licenseinfo_get.waapm_maxNumberThe max number of WAAPM license useable on one month.
WAB.licenseinfo_get.web_jumphost_concurrent_usersNumberThe current number of concurrent jumphost users.
WAB.licenseinfo_get.web_jumphost_concurrent_users_maxNumberThe max number of concurrent jumphost users allowed by the license.

wab-get-latest-snapshot-of-running-session#

Get the latest snapshot of a running session

Base Command#

wab-get-latest-snapshot-of-running-session

Input#

Argument NameDescriptionRequired
session_idThe session id.Required

Context Output#

There is no context output for this command.

wab-get-ldap-user-of-domain#

Get the LDAP user of a given domain

Base Command#

wab-get-ldap-user-of-domain

Input#

Argument NameDescriptionRequired
domainA LDAP domain name. All users in this domain are returned.Required
user_nameA user name. If specified, only this user is returned.Required
last_connectionIf set to true, the date of last connection is returned for each user returned. Be careful: this can slow down the request if a lot of users are returned.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.ldapuser_get.display_nameStringThe displayed name. Usable in the "sort" meter.
WAB.ldapuser_get.domainStringThe domain name.
WAB.ldapuser_get.emailStringThe email address.
WAB.ldapuser_get.last_connectionStringThe last connection of this user (format: "yyyy-mm-dd hh:mm:ss", returned only if query string meter "last_connection" is set to true).
WAB.ldapuser_get.loginStringThe user login.
WAB.ldapuser_get.passwordStringThe password (hidden with stars or empty).
WAB.ldapuser_get.preferred_languageStringThe preferred language.
WAB.ldapuser_get.ssh_public_keyStringThe SSH public key.
WAB.ldapuser_get.urlStringThe API URL to the resource.
WAB.ldapuser_get.user_nameStringThe user name.

wab-get-ldap-users-of-domain#

Get the LDAP users of a given domain

Base Command#

wab-get-ldap-users-of-domain

Input#

Argument NameDescriptionRequired
domainA LDAP domain name. All users in this domain are returned.Required
last_connectionIf set to true, the date of last connection is returned for each user returned. Be careful: this can slow down the request if a lot of users are returned.Optional
qSearches for a resource matching meters.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.ldapuser_get.display_nameStringThe displayed name. Usable in the "sort" meter.
WAB.ldapuser_get.domainStringThe domain name.
WAB.ldapuser_get.emailStringThe email address.
WAB.ldapuser_get.last_connectionStringThe last connection of this user (format: "yyyy-mm-dd hh:mm:ss", returned only if query string meter "last_connection" is set to true).
WAB.ldapuser_get.loginStringThe user login.
WAB.ldapuser_get.passwordStringThe password (hidden with stars or empty).
WAB.ldapuser_get.preferred_languageStringThe preferred language.
WAB.ldapuser_get.ssh_public_keyStringThe SSH public key.
WAB.ldapuser_get.urlStringThe API URL to the resource.
WAB.ldapuser_get.user_nameStringThe user name.

wab-get-metadata-of-one-or-multiple-sessions#

Get the metadata of one or multiple sessions

Base Command#

wab-get-metadata-of-one-or-multiple-sessions

Input#

Argument NameDescriptionRequired
session_idsThe session id, multiple IDs can be se ted by commas.Required
downloadThe default value is false. When it is set to true, the session metadata is sent as a file instead of JSON (recommended for large metadata). The download is possible only with a single session id.Optional

Context Output#

PathTypeDescription
WAB.session_metadata_get.metadataStringThe session metadata content.
WAB.session_metadata_get.session_idStringThe session id.

wab-get-notification#

Get the notification

Base Command#

wab-get-notification

Input#

Argument NameDescriptionRequired
notification_idA notification id or name. If specified, only this notification is returned.Required

Context Output#

PathTypeDescription
WAB.notification_get.descriptionStringThe notification description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.destinationStringDestination for notification; for the type "email", this is a list of recipient emails se ted by ";". Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.enabledBooleanNotification is enabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.idStringThe notification id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.languageStringThe notification language (in email). Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.notification_nameStringThe notification name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.typeStringNotification type. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.urlStringThe API URL to the resource.

wab-get-notifications#

Get the notifications

Base Command#

wab-get-notifications

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'notification_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional

Context Output#

PathTypeDescription
WAB.notification_get.descriptionStringThe notification description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.destinationStringDestination for notification; for the type "email", this is a list of recipient emails se ted by ";". Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.enabledBooleanNotification is enabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.idStringThe notification id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.languageStringThe notification language (in email). Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.notification_nameStringThe notification name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.typeStringNotification type. Usable in the "q" meter. Usable in the "sort" meter.
WAB.notification_get.urlStringThe API URL to the resource.

wab-get-object-to-onboard#

Get object to onboard, by type (either devices with their linked accounts or global accounts alone)

Base Command#

wab-get-object-to-onboard

Input#

Argument NameDescriptionRequired
object_typeThe type of object, one of : 'devices', 'global_accounts'.Required
object_statusThe desired object status, one of: 'to_onboard', 'hide'.Required
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'object name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.onboarding_objects_get.descriptionStringThe device description. Usable in the "q" meter. Usable in the "sort" meter. / The account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.onboarding_objects_get.idStringThe device id. Usable in the "q" meter. Usable in the "sort" meter. / The account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.onboarding_objects_get.onboard_statusStringOnboarding status of the device Usable in the "q" meter. Usable in the "sort" meter. / Onboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.onboarding_objects_get.urlStringThe API URL to the resource.

wab-get-one-account#

Get one account

Base Command#

wab-get-one-account

Input#

Argument NameDescriptionRequired
account_idAn account id or complete name with account name, domain name and device/application name, for example: "Administrator@local@win10".Required
account_typeThe account type: "global" for only global domain accounts, "device" for only device accounts, "application" for only application accounts. By default accounts of any type are returned. Cannot be used if an account_name and/or device/application is specified.Optional
applicationThe name of the application whose accounts must be returned. Cannot be used if an account_name and/or an account_type/device is specified.Optional
deviceThe name of the device whose accounts must be returned. Cannot be used if an account_name and/or an application is specified.Optional
passwordsReturn credentials (passwords and SSH keys) as-is without replacing content by stars. Note: this requires the Password Manager license, the flag "Credential recovery" in the profile of the user logged on the API and the "Credential recovery" option must be enabled in REST API configuration.Optional
key_formatFormat of the returned SSH public key of the account. Accepted values are 'openssh' (default value) and 'ssh.com'.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.applicationStringThe application name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.account_get.credentials.certificateStringThe certificate.
WAB.account_get.credentials.idStringThe credential id.
WAB.account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.account_get.credentials.key_lenNumberThe key length.
WAB.account_get.credentials.key_typeStringThe key type
WAB.account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.account_get.credentials.passwordStringThe account password.
WAB.account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.account_get.credentials.public_keyStringThe account public key.
WAB.account_get.credentials.typeStringThe credential type.
WAB.account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.deviceStringThe device name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.domainStringThe domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.account_get.urlStringThe API URL to the resource.

wab-get-one-account-on-device-local-domain#

Get one account on a device local domain

Base Command#

wab-get-one-account-on-device-local-domain

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
domain_idThe local domain id or name.Required
account_idThe account id or name.Required
key_formatFormat of the returned SSH public key of the account. Accepted values are 'openssh' (default value) and 'ssh.com'.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.device_account_get.account_loginStringThe account login. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.account_nameStringThe account name. /: ?"@ and space are forbidden. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.auto_change_passwordBooleanAutomatically change the password. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.auto_change_ssh_keyBooleanAutomatically change the ssh key. It is enabled by default on a new account. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.can_edit_certificate_validityBooleanTrue if the field 'certificate_validity' can be edited based the availibility of CA certificate on the account's domain, false otherwise Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.certificate_validityStringThe validity duration of the signed ssh public key in the case a Certificate Authority is defined for the account's domain Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.checkout_policyStringThe account checkout policy. Usable in the "q" meter.
WAB.device_account_get.credentials.certificateStringThe certificate.
WAB.device_account_get.credentials.idStringThe credential id.
WAB.device_account_get.credentials.key_idStringThe key identity: random value used for revocation.
WAB.device_account_get.credentials.key_lenNumberThe key length.
WAB.device_account_get.credentials.key_typeStringThe key type
WAB.device_account_get.credentials.passphraseStringThe passphrase for the private key (only for an encrypted private key). If provided, it must be between 4 and 1024 characters long.
WAB.device_account_get.credentials.passwordStringThe account password.
WAB.device_account_get.credentials.private_keyStringThe account private key. Special values are allowed to automatically generate SSH key: "generate:RSA_1024", "generate:RSA_2048", "generate:RSA_4096", "generate:RSA_8192", "generate:DSA_1024", "generate:ECDSA_256", "generate:ECDSA_384", "generate:ECDSA_521", "generate:ED25519"
WAB.device_account_get.credentials.public_keyStringThe account public key.
WAB.device_account_get.credentials.typeStringThe credential type.
WAB.device_account_get.descriptionStringThe account description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.domain_password_changeBooleanTrue if the password change is configured on the domain (change policy and plugin are set).
WAB.device_account_get.idStringThe account id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.onboard_statusStringOnboarding status of the account Usable in the "q" meter. Usable in the "sort" meter.
WAB.device_account_get.urlStringThe API URL to the resource.

wab-get-profile#

Get the profile

Base Command#

wab-get-profile

Input#

Argument NameDescriptionRequired
profile_idA profile id or name. If specified, only this profile is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.profile_get.descriptionStringThe target group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.idStringThe profile id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.ip_limitationStringThe profile ip limitation. Format is an IPv4 address, subnet or host name, for example: 192.168.1.10/24 Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.profile_nameStringThe profile name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.target_accessBooleanTarget access.
WAB.profile_get.urlStringThe API URL to the resource.

wab-get-profiles#

Get the profiles

Base Command#

wab-get-profiles

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'profile_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.profile_get.descriptionStringThe target group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.idStringThe profile id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.ip_limitationStringThe profile ip limitation. Format is an IPv4 address, subnet or host name, for example: 192.168.1.10/24 Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.profile_nameStringThe profile name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.profile_get.target_accessBooleanTarget access.
WAB.profile_get.urlStringThe API URL to the resource.

wab-get-scan#

Get the scan

Base Command#

wab-get-scan

Input#

Argument NameDescriptionRequired
scan_idA scan id or name. If specified, only this scan is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.scan_get.activeBooleanState of the job schedule. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.descriptionStringDescription of the scan. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.idStringThe scan id. Usable in the "sort" meter.
WAB.scan_get.nameStringScan name Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.periodicityStringPeriodicity of the scan, in cron notation. Usable in the "q" meter.
WAB.scan_get.typeStringScan type Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.urlStringThe API URL to the resource.

wab-get-scanjob#

Get the scanjob

Base Command#

wab-get-scanjob

Input#

Argument NameDescriptionRequired
scanjob_idA scan job id or name. If specified, only this scan job is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.scanjob_get.endStringScan job end timestamp Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.errorStringError message.
WAB.scanjob_get.idStringThe scan job id. Usable in the "sort" meter.
WAB.scanjob_get.startStringScan job start timestamp. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.statusStringScan job status Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.typeStringScan type Usable in the "q" meter. Usable in the "sort" meter.

wab-get-scanjobs#

Get the scanjobs

Base Command#

wab-get-scanjobs

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'scan_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.scanjob_get.endStringScan job end timestamp Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.errorStringError message.
WAB.scanjob_get.idStringThe scan job id. Usable in the "sort" meter.
WAB.scanjob_get.startStringScan job start timestamp. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.statusStringScan job status Usable in the "q" meter. Usable in the "sort" meter.
WAB.scanjob_get.typeStringScan type Usable in the "q" meter. Usable in the "sort" meter.

wab-get-scans#

Get the scans

Base Command#

wab-get-scans

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'scan_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.scan_get.activeBooleanState of the job schedule. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.descriptionStringDescription of the scan. Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.idStringThe scan id. Usable in the "sort" meter.
WAB.scan_get.nameStringScan name Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.periodicityStringPeriodicity of the scan, in cron notation. Usable in the "q" meter.
WAB.scan_get.typeStringScan type Usable in the "q" meter. Usable in the "sort" meter.
WAB.scan_get.urlStringThe API URL to the resource.

wab-get-service-of-device#

Get the service of a device

Base Command#

wab-get-service-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
service_idThe service id or name.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.service_get.connection_policyStringThe connection policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.idStringThe service id. Usable in the "sort" meter.
WAB.service_get.portNumberThe port number. Usable in the "sort" meter. / The port number. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.protocolStringThe protocol. Usable in the "sort" meter. / The protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.service_nameStringThe service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "sort" meter. / The service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.urlStringThe API URL to the resource.

wab-get-services-of-device#

Get the services of a device

Base Command#

wab-get-services-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'service_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.service_get.connection_policyStringThe connection policy name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.idStringThe service id. Usable in the "sort" meter.
WAB.service_get.portNumberThe port number. Usable in the "sort" meter. / The port number. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.protocolStringThe protocol. Usable in the "sort" meter. / The protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.service_nameStringThe service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "sort" meter. / The service name. Must start with a letter; only letters, digits and - are allowed. Usable in the "q" meter. Usable in the "sort" meter.
WAB.service_get.urlStringThe API URL to the resource.

wab-get-session-sharing-requests#

Get session sharing requests

Base Command#

wab-get-session-sharing-requests

Input#

Argument NameDescriptionRequired
request_idA request id. If specified, only this request is returned.Optional
session_idA session id. If specified, only the request linked to this session is returned.Optional

Context Output#

PathTypeDescription
WAB.session_request_get.contextStringThe request context.
WAB.session_request_get.creation_dateStringThe request creation date/time (format: "yyyy-mm-dd hh:mm:ss").
WAB.session_request_get.expiration_dateStringThe request expiration date/time (format: "yyyy-mm-dd hh:mm:ss").
WAB.session_request_get.guest_idStringA Guest ID (random if unknown invited guest) or a username (if known Bastion user). Usable in the "sort" meter.
WAB.session_request_get.guest_session_idStringThe guest session id. Usable in the "sort" meter.
WAB.session_request_get.idStringThe request id. Usable in the "sort" meter.
WAB.session_request_get.modeStringThe session sharing mode.
WAB.session_request_get.session_idStringThe session id. Usable in the "sort" meter.
WAB.session_request_get.statusStringThe request status.

wab-get-sessionrights#

Get current user's or the user 'user_name' session rights (connections via proxies)

Base Command#

wab-get-sessionrights

Input#

Argument NameDescriptionRequired
qOnly a simple string to search is allowed in this resource (for example: 'q=windows'). The search is performed on the following fields only: account, account_description, device, device_alias, device_description, application, application_description, service_protocol, domain, domain_description, authorization, authorization_description.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'account,domain,device,application'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.sessionrights_get.accountStringThe account name. Usable in the "sort" meter.
WAB.sessionrights_get.account_descriptionStringThe account description. Usable in the "sort" meter.
WAB.sessionrights_get.account_mappingBooleanAccount mapping.
WAB.sessionrights_get.account_mapping_vaultBooleanAccount mapping with a vault account.
WAB.sessionrights_get.authorizationStringThe authorization name. Usable in the "sort" meter.
WAB.sessionrights_get.authorization_approvalBooleanTrue if an approval workflow is defined in the authorization, otherwise False. Usable in the "sort" meter.
WAB.sessionrights_get.authorization_descriptionStringThe authorization description. Usable in the "sort" meter.
WAB.sessionrights_get.domainStringThe domain name. Usable in the "sort" meter.
WAB.sessionrights_get.domain_descriptionStringThe domain description. Usable in the "sort" meter.
WAB.sessionrights_get.interactive_loginBooleanInteractive login.
WAB.sessionrights_get.serviceStringThe service name. Usable in the "sort" meter.
WAB.sessionrights_get.service_protocolStringThe protocol name. Usable in the "sort" meter.
WAB.sessionrights_get.typeStringThe resource type.

wab-get-sessionrights-user-name#

Get current user's or the user 'user_name' session rights (connections via proxies)

Base Command#

wab-get-sessionrights-user-name

Input#

Argument NameDescriptionRequired
user_nameIf specified, the user_name session rights is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.sessionrights_get.accountStringThe account name. Usable in the "sort" meter.
WAB.sessionrights_get.account_descriptionStringThe account description. Usable in the "sort" meter.
WAB.sessionrights_get.account_mappingBooleanAccount mapping.
WAB.sessionrights_get.account_mapping_vaultBooleanAccount mapping with a vault account.
WAB.sessionrights_get.authorizationStringThe authorization name. Usable in the "sort" meter.
WAB.sessionrights_get.authorization_approvalBooleanTrue if an approval workflow is defined in the authorization, otherwise False. Usable in the "sort" meter.
WAB.sessionrights_get.authorization_descriptionStringThe authorization description. Usable in the "sort" meter.
WAB.sessionrights_get.domainStringThe domain name. Usable in the "sort" meter.
WAB.sessionrights_get.domain_descriptionStringThe domain description. Usable in the "sort" meter.
WAB.sessionrights_get.interactive_loginBooleanInteractive login.
WAB.sessionrights_get.serviceStringThe service name. Usable in the "sort" meter.
WAB.sessionrights_get.service_protocolStringThe protocol name. Usable in the "sort" meter.
WAB.sessionrights_get.typeStringThe resource type.

wab-get-sessions#

Get the sessions

Base Command#

wab-get-sessions

Input#

Argument NameDescriptionRequired
session_idA session id. If specified, only this session is returned.Optional
otpUser's OTP (One Time Password) If specified, only the session initiated with the provided OTP is returned.Optional
statusStatus of sessions to return: "closed" for closed sessions (default) or "current" for current sessions.Optional
from_dateReturn sessions from this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
to_dateReturn sessions until this date/time (format: "yyyy-mm-dd" or "yyyy-mm-dd hh:mm:ss").Optional
date_fieldThe field used for date comparison: "begin" for the start of session, "end" for the end of session.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'end,id' when status is 'closed', 'begin,id' when status is 'current'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.session_get.auditor_sessions.idStringThe session id.
WAB.session_get.auditor_sessions.urlStringThe API URL to the resource.
WAB.session_get.beginStringThe beginning date/time of the session (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.descriptionStringThe session description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.diagnosticStringThe diagnostic message. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.endStringThe end date/time of the session (format: "yyyy-mm-dd hh:mm:ss"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.idStringThe session id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.is_applicationBooleanThe session is on an application.
WAB.session_get.is_criticalBooleanThe session is critical. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.is_recordedBooleanThe session is recorded. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.killedBooleanThe session has been killed.
WAB.session_get.ownerStringThe node id which own this session. Usable in the "sort" meter.
WAB.session_get.resultBooleanThe session is successful. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.session_log_sizeNumberSize of the session log file (metadata), in bytes (if -1, there is no metadata file).
WAB.session_get.session_trace_sizeNumberSize of the session trace file, in bytes (if -1, there is no trace file).
WAB.session_get.source_ipStringThe source IP. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.source_protocolStringThe source protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_accountStringThe target account name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_account_domainStringThe target account domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_deviceStringThe target device name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_effective_hostStringThe effective target IP.
WAB.session_get.target_effective_loginStringThe effective login.
WAB.session_get.target_groupStringName of the target group in authorization used to make the session. Usable in the "sort" meter.
WAB.session_get.target_hostStringThe target hostname or IP. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_portNumberThe target port number Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_protocolStringThe target protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_serviceStringThe target service name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_session_idStringThe RDP target session id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.target_sub_protocolStringThe target sub-protocol. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.titleStringThe session title. Usable in the "q" meter. Usable in the "sort" meter.
WAB.session_get.urlStringThe API URL to the resource.
WAB.session_get.user_groupStringName of the user group in authorization used to make the session. Usable in the "sort" meter.
WAB.session_get.usernameStringThe primary user name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-status-of-trace-generation#

Get the status of a trace generation

Base Command#

wab-get-status-of-trace-generation

Input#

Argument NameDescriptionRequired
session_idThe session id.Required
dateGenerate the trace from this date/time (format: "yyyy-mm-dd hh:mm:ss").Optional
durationDuration of the trace to generate (in seconds).Optional
downloadThe default value is false. When it is set to true, the session trace is sent as a file instead of JSON output with the generation status.Optional

Context Output#

PathTypeDescription
WAB.session_trace_get.dateStringThe starting date/time (format: "yyyy-mm-dd hh:mm:ss").
WAB.session_trace_get.durationNumberThe duration (in seconds).
WAB.session_trace_get.etaNumberEstimated time before end of generation (in seconds).
WAB.session_trace_get.progress_pctNumberProgress (percent).
WAB.session_trace_get.reasonStringThe error description (only in case of error).
WAB.session_trace_get.session_idStringThe session id.
WAB.session_trace_get.statusStringThe generation status.

wab-get-target-by-type#

Get the target by type

Base Command#

wab-get-target-by-type

Input#

Argument NameDescriptionRequired
target_typeThe type of target, one of: 'session_accounts', 'session_account_mappings', 'session_interactive_logins', 'session_scenario_accounts', 'password_retrieval_accounts'.Required
groupReturn only the targets in the group with this name.Optional
group_idReturn only the targets in the group with this id.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'account,domain'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.getTargetByType.accountStringThe device or application account name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.getTargetByType.applicationStringThe application name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.getTargetByType.deviceStringThe device name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.getTargetByType.domainStringThe domain name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.getTargetByType.domain_typeStringThe domain type.
WAB.getTargetByType.idStringThe target id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.getTargetByType.serviceStringThe service name. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-target-group#

Get the target group

Base Command#

wab-get-target-group

Input#

Argument NameDescriptionRequired
group_idA target group id or name. If specified, only this target group is returned.Required
deviceReturn only the targetgroups this device belongs to.Optional
applicationReturn only the targetgroups this application belongs to.Optional
domainReturn only the targetgroups this domain belongs to.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.targetgroups_get.descriptionStringThe target group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.group_nameStringThe target group name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.idStringThe target group id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.restrictions.actionStringThe restriction type.
WAB.targetgroups_get.restrictions.idStringThe restriction id.
WAB.targetgroups_get.restrictions.rulesStringThe restriction rules.
WAB.targetgroups_get.restrictions.subprotocolStringThe restriction subprotocol.
WAB.targetgroups_get.urlStringThe API URL to the resource.

wab-get-target-groups#

Get the target groups

Base Command#

wab-get-target-groups

Input#

Argument NameDescriptionRequired
deviceReturn only the targetgroups this device belongs to.Optional
applicationReturn only the targetgroups this application belongs to.Optional
domainReturn only the targetgroups this domain belongs to.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'group_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.targetgroups_get.descriptionStringThe target group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.group_nameStringThe target group name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.idStringThe target group id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.targetgroups_get.restrictions.actionStringThe restriction type.
WAB.targetgroups_get.restrictions.idStringThe restriction id.
WAB.targetgroups_get.restrictions.rulesStringThe restriction rules.
WAB.targetgroups_get.restrictions.subprotocolStringThe restriction subprotocol.
WAB.targetgroups_get.urlStringThe API URL to the resource.

wab-get-user#

Get the user

Base Command#

wab-get-user

Input#

Argument NameDescriptionRequired
nameA user name. If specified, only this user is returned.Required
password_hashExport password hash if true. In Configuration Options menu REST API then Advanced options, you should set User password hash and change the default Data encryption key.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.user_get.certificate_dnStringThe certificate DN (for X509 authentication). Usable in the "sort" meter.
WAB.user_get.display_nameStringThe displayed name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.emailStringThe email address. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.expiration_dateStringAccount expiration date/time (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.force_change_pwdBooleanForce password change. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.gpg_public_keyStringThe GPG public key fingerprint.
WAB.user_get.ip_sourceStringThe source IP to limit access. Format is a comma-se ted list of IPv4 or IPV6 addresses, subnets, ranges or domain, for example: 1.2.3.4,2001:db8:๐Ÿ”ข5678,192.168.1.10/24,10.11.12.13-14.15.16.17,example.com Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.is_disabledBooleanAccount is disabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.is_lockedBooleanAccount is locked.
WAB.user_get.last_connectionStringThe last connection of this user. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.passwordStringThe password (hidden with stars or empty).
WAB.user_get.preferred_languageStringThe preferred language. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.profileStringThe user profile. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.ssh_public_keyStringThe SSH public key.
WAB.user_get.urlStringThe API URL to the resource.
WAB.user_get.user_nameStringThe user name. /: ?"are forbidden. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-user-group#

Get the user group

Base Command#

wab-get-user-group

Input#

Argument NameDescriptionRequired
group_idA user group id or name. If specified, only this user group is returned.Required
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.usergroups_get.descriptionStringThe group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.group_nameStringThe group name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.idStringThe group id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.profileStringThe group profile.
WAB.usergroups_get.restrictions.actionStringThe restriction type.
WAB.usergroups_get.restrictions.idStringThe restriction id.
WAB.usergroups_get.restrictions.rulesStringThe restriction rules.
WAB.usergroups_get.restrictions.subprotocolStringThe restriction subprotocol.
WAB.usergroups_get.urlStringThe API URL to the resource.

wab-get-user-groups#

Get the user groups

Base Command#

wab-get-user-groups

Input#

Argument NameDescriptionRequired
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'group_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.usergroups_get.descriptionStringThe group description. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.group_nameStringThe group name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.idStringThe group id. Usable in the "q" meter. Usable in the "sort" meter.
WAB.usergroups_get.profileStringThe group profile.
WAB.usergroups_get.restrictions.actionStringThe restriction type.
WAB.usergroups_get.restrictions.idStringThe restriction id.
WAB.usergroups_get.restrictions.rulesStringThe restriction rules.
WAB.usergroups_get.restrictions.subprotocolStringThe restriction subprotocol.
WAB.usergroups_get.urlStringThe API URL to the resource.

wab-get-users#

Get the users

Base Command#

wab-get-users

Input#

Argument NameDescriptionRequired
password_hashExport password hash if true. In Configuration Options menu REST API then Advanced options, you should set User password hash and change the default Data encryption key.Optional
qSearches for a resource matching meters.Optional
sortComma-se ted list of fields used to sort results; a field starting "-" reverses the order. The default sort for this resource is: 'user_name'.Optional
offsetThe index of first item to retrieve (starts and defaults to 0).Optional
limitThe number of items to retrieve (100 by default, -1 = no limit). Note: this default value of 100 can be changed in the REST API configuration option.Optional
fieldsThe list of fields to return (se ted by commas). By default all fields are returned.Optional

Context Output#

PathTypeDescription
WAB.user_get.certificate_dnStringThe certificate DN (for X509 authentication). Usable in the "sort" meter.
WAB.user_get.display_nameStringThe displayed name. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.emailStringThe email address. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.expiration_dateStringAccount expiration date/time (format: "yyyy-mm-dd hh:mm"). Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.force_change_pwdBooleanForce password change. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.gpg_public_keyStringThe GPG public key fingerprint.
WAB.user_get.ip_sourceStringThe source IP to limit access. Format is a comma-se ted list of IPv4 or IPV6 addresses, subnets, ranges or domain, for example: 1.2.3.4,2001:db8:๐Ÿ”ข5678,192.168.1.10/24,10.11.12.13-14.15.16.17,example.com Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.is_disabledBooleanAccount is disabled. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.is_lockedBooleanAccount is locked.
WAB.user_get.last_connectionStringThe last connection of this user. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.passwordStringThe password (hidden with stars or empty).
WAB.user_get.preferred_languageStringThe preferred language. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.profileStringThe user profile. Usable in the "q" meter. Usable in the "sort" meter.
WAB.user_get.ssh_public_keyStringThe SSH public key.
WAB.user_get.urlStringThe API URL to the resource.
WAB.user_get.user_nameStringThe user name. /: ?"are forbidden. Usable in the "q" meter. Usable in the "sort" meter.

wab-get-wallix-bastion-usage-statistics#

Get the WALLIX Bastion usage statistics. If no from_date or to_date are supplied it will return the statistics for the last full calendar month

Base Command#

wab-get-wallix-bastion-usage-statistics

Input#

Argument NameDescriptionRequired
from_dateGet statistics from this date at midnight (format: "yyyy-mm-dd").Optional
to_dateGet statistics until this date at 23:59:59 (format: "yyyy-mm-dd").Optional

Context Output#

PathTypeDescription
WAB.statistics_get.from_dateStringBeginning of the interval (format: "yyyy-mm-dd").
WAB.statistics_get.to_dateStringEnd of the interval (format: "yyyy-mm-dd").

wab-make-new-approval-request-to-access-target#

Make a new approval request to access a target. Note: depending on the authorization settings, the fields "ticket" and "comment" may be required

Base Command#

wab-make-new-approval-request-to-access-target

Input#

Argument NameDescriptionRequired
approval_request_post_authorizationThe authorization name.Optional
approval_request_post_beginThe date/time for connection (format: "yyyy-mm-dd hh:mm"), default is now.Optional
approval_request_post_commentThe request comment.Optional
approval_request_post_durationThe allowed time range to connect (in minutes).Required
approval_request_post_target_nameThe target name (example: account@domain@device:service).Required
approval_request_post_ticketThe ticket reference.Optional

Context Output#

PathTypeDescription
WAB.approval_request_post_response_ok.idStringThe new approval id.

wab-release-passwords-for-target#

Release the passwords for a given target

Base Command#

wab-release-passwords-for-target

Input#

Argument NameDescriptionRequired
account_nameA target name: 'account@domain@device' for an account on a device, 'account@domain@application' for an account on an application or 'account@domain' for an account on a global domain.Required
authorizationThe name of the authorization (in case of multiple authorizations to access the target).Optional
forceThe default value is false. When it is set to true, the checkin is forced. The user connected on the REST API must have an auditor profile and the configured limitations don't prohibit access to the account.Optional
commentA comment that is input by the auditor when an account checkin is forced. This argument is mandatory if the checkin is forced, and is ignored for a standard checkin.Optional

Context Output#

There is no context output for this command.

wab-reply-to-approval-request#

Reply to an approval request (approve/reject it). Note: you can answer to an approval request only if you are in approvers groups of authorization

Base Command#

wab-reply-to-approval-request

Input#

Argument NameDescriptionRequired
approval_assignment_post_approvedApprove/reject the request.Required
approval_assignment_post_commentThe approval comment.Required
approval_assignment_post_durationThe allowed time range to connect (in minutes).Optional
approval_assignment_post_idThe approval id.Required
approval_assignment_post_timeoutTimeout to initiate the first connection (in minutes). After that, the approval will be automatically closed. 0: no timeout.Optional

Context Output#

There is no context output for this command.

wab-revoke-certificate-of-device#

Revoke a certificate of a device

Base Command#

wab-revoke-certificate-of-device

Input#

Argument NameDescriptionRequired
device_idThe device id or name.Required
cert_typeThe certificate type (SSH, RDP).Required
addressThe certificate address/ip.Required
portThe certificate port.Required

Context Output#

There is no context output for this command.

wab-start-scan-job-manually#

Start a scan job manually

Base Command#

wab-start-scan-job-manually

Input#

Argument NameDescriptionRequired
scanjob_post_scan_idScan definition id.Required

Context Output#

There is no context output for this command.

Edit this page
Report an Issue