Tenable Security Center API: LDAP

Gets the list of LDAPS.

Fields Parameter

Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**name 
**description
**searchString

Session user role "1" (Administrator)

host
port
encryption
dn
dnsField
lowercase
timeLimit
password
username
attrEmail
attrName
attrPhone
attrUsername

ldapUserProvisioning

ldapUserSync
createdTime
modifiedTime
organizations

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

{     "type" : "regular",     "response" : [         {             "id" : "1",             "name" : "Test Name",             "description" : "Test Description",             "searchString" : "SearchString"     },         {             "id" : "2",             "name" : "testName",             "description" : "testDescription",             "searchString" : "SearchString"     }     ],     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1500911088 }

Adds an LDAP.

Note: This endpoint is restricted to users of role 1 (Admin)

Request Parameters

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

{     "name" : <string>,     "description" : <string> DEFAULT "",     "host" : <string> (valid IP or hostname),     "port" : <string> <valid port),     "encryption" : <string> "ldaps" | "none" | "tls",     "dn" : <string>,     "dnsField" : <string> DEFAULT "dNSHostName",     "lowercase" : <string> "false" | "true" DEFAULT "false",     "timeLimit" : <string> DEFAULT "3600",     "password" : <string> DEFAULT "",     "username" : <string> DEFAULT "",     "attrEmail" : <string> DEFAULT "",     "attrName" : <string> DEFAULT "",     "attrPhone" : <string> DEFAULT "",     "attrUsername" : <string> DEFAULT "",     "searchString" : <string> DEFAULT "",     "ldapUserProvisioning : <string> "false" | "true" DEFAULT "false",     "ldapUserSync" : <string> "false" | "true" DEFAULT "false",     "organizations" : [         {             "id" : <string>       },...     ] DEFAULT [] }

Example Response

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37

{     "type" : "regular",     "response" : {         "id" : "6",         "name" : "Test Add LDAP",         "description" : "Test Description",         "host" : "127.0.0.1",         "port" : "80",         "encryption" : "none",         "dn" : "Test DN",         "dnsField" : "Test DNS",         "lowercase" : "false",         "timeLimit" : "3600",         "password" : "SET",         "username" : "username",         "attrEmail" : "AttrEmail",         "attrName" : "AttrName",         "attrPhone" : "AttrPhone",         "attrUsername" : "AttrUsername",         "ldapUserProvisioning" : "false",         "ldapUserSync" : "false",         "searchString" : "SearchString",         "createdTime" : "1500911435",         "modifiedTime" : "1500911435",         "organizations" : [             {                 "id" : "1",                 "name" : "org1",                 "description" : "",                 "uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"         }         ]     },     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1500911573 }

Gets the LDAP associated with {id}.

Fields Parameter .

Expand

The fields parameter should be specified along the query string, and it takes the syntax

    ?fields=<field>,...

Allowed Fields

*id
**name
**description
**searchString

Session user role "1" (Administrator)

host
port
encryption
dn
dnsField
lowercase
timeLimit
password
username
attrEmail
attrName
attrPhone
attrUsername

ldapUserProvisioning

ldapUserSync
createdTime
modifiedTime
organizations

Legend

* = always comes back

** = comes back if fields list not specified on GET all

redFont =  field is a JSON object ( e.g. "repository" :{ "id" : <id>, "name" : <name> } )

Request Parameters

None

Example Response

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37

{     "type" : "regular",     "response" : {         "id" : "1",         "name" : "Test Name",         "description" : "Test Description",         "host" : "127.0.0.1",         "port" : "80",         "encryption" : "none",         "dn" : "Test DN",         "dnsField" : "Test DNS",         "lowercase" : "false",         "timeLimit" : "3600",         "password" : "SET",         "username" : "username",         "attrEmail" : "AttrEmail",         "attrName" : "AttrName",         "attrPhone" : "AttrPhone",         "attrUsername" : "AttrUsername",         "ldapUserProvisioning" : "false",         "ldapUserSync" : "false",         "searchString" : "SearchString",         "createdTime" : "1500911435",         "modifiedTime" : "1500911435",         "organizations" : [             {                 "id" : "1",                 "name" : "org1",                 "description" : "",                 "uuid" : "4F7DD1CD-EB1B-40D7-BCE1-2DB3E31F6F4C"         }         ]     },     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1500911088 }

Edits the LDAP associated with {id}, changing only the passed in fields.

Note: This endpoint is restricted to users of role 1 (Admin)

Request Parameters

(All fields are optional)

See /ldap::POST for parameters.

Example Response

Deletes the LDAP associated with {id}.

Note: This endpoint is restricted to users of role 1 (Admin)

Request Parameters

None

Example Response

Expand

1 2 3 4 5 6 7 8

{     "type" : "regular",     "response" : "",     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1408723358 }

Retrieves users for the LDAP associated with {id}, depending on access and permissions.

Request Parameters

Expand

1 2 3

{     "match" : <string> DEFAULT "<string:attrUsername>=*" (attrUsername derived from LDAP) }

Example Response

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

{     "type" : "regular",     "response" : [         {             "name" : "John Doe",             "email" : "",             "phone" : "",             "username" : "JohnDoe"      },         {             "name" : "Jane Doe",             "email" : "",             "phone" : "",             "username" : "Jane Doe"     }     ],     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1503416024 }

Tests the LDAP settings

Note: This endpoint is restricted to users of role 1 (Admin)

Request Parameters

Expand

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

{     "host" : <string> (valid IP or hostname),     "port" : <string> <valid port),     "encryption" : <string> "ldaps" | "none" | "tls",     "dn" : <string>,     "dnsField" : <string> DEFAULT "dNSHostName",     "lowercase" : <string> "false" | "true" DEFAULT "false",     "timeLimit" : <string> DEFAULT "3600",     "password" : <string> DEFAULT "",     "username" : <string> DEFAULT "",     "attrEmail" : <string> DEFAULT "",     "attrName" : <string> DEFAULT "",     "attrPhone" : <string> DEFAULT "",     "attrUsername" : <string> DEFAULT "",     "searchString" : <string> DEFAULT ""}

Example Response

Expand

1 2 3 4 5 6 7 8 9

{     "type" : "regular",     "response" : {         "status" : false,         "message" : "Verification failed."  },     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1410210283}

Tests the LDAP settings associated with {id}

Note: This endpoint is restricted to users of role 1 (Admin)

Request Parameters

(All fields are optional)

See /ldap/test::POST for parameters.

Example Response

Expand

1 2 3 4 5 6 7 8 9

{     "type" : "regular",     "response" : {         "status" : false,         "message" : "Verification failed."  },     "error_code" : 0,     "error_msg" : "",     "warnings" : [],     "timestamp" : 1410210283}