Tech Tip - CA Privileged Access Manager: Creating new devices with device group membership using the Rest API

Document created by prira01 Employee on Oct 30, 2017
Version 1Show Document
  • View in full screen mode

The PAM Rest API includes a "POST" resource with URL https://<PAM host>/api.php/v1/devices.json to add new devices to PAM. The description text on the API Explorer lists only three parameters as required: "deviceName", "domainName" and "os". To add device group membership, the "deviceGroupMembershipIds" field is used. But just adding that field to the POST request will create the device without group membership. New devices will be associated with device groups only when "typeAccess" is true. Per documentation the default value for this field is "f", i.e. false. The following sample data will create a new device and make it a member of an existing device group with ID = 7.

{
"deviceName":"apitestdev1",
"deviceGroupMembershipIds":[7],
"domainName":"apitestdev1.ca.com",
"os":"Linux", 
"typeAccess":"t"
}

 

New devicew created via Rest API

 

You can use the "GET /v1/deviceGroups.json" resource to get the IDs for your device groups.
Also note that the value of "deviceGroupMembershipIds" is an array of numbers, not a string, and no quote characters are used. Multiple group IDs can be provided in a comma separated list such as [7,8,12].

Attachments

    Outcomes