Chapter 21. The PSM REST API

Starting with Balabit’s Privileged Session Management, Shell Control Box version 4 F2, certain parts and features of PSM can be configured using a REST API (Representational State Transfer Application Programming Interface). The REST server conforms to the Hypermedia as the Engine of Application State (HATEOAS).

The PSM REST API uses JSON over HTTPS. The REST server has a single entry point and all resources are available at paths (URLs) returned in the response for a request sent to the entry point. The only path that is guaranteed not to change is /api/authentication. Every other path should be reached by navigating the links returned.

The PSM REST API allows you to create, read, update and delete (CRUD) the configuration resources of PSM.

The user accessing the PSM REST API must have the REST server privilege. For details, see Procedure 5.7.2, Modifying group privileges. Note that the built-in api usergroup does not have this privilege by default, it is used to access the SOAP RPC API of PSM.

For details on using the REST API, see Using the Balabit’s Privileged Session Management, Shell Control Box REST API.