search cancel

Creating Windows Remote target accounts using the Rest API


Article ID: 186491


Updated On:


CA Privileged Access Manager (PAM)


We tried to create a new target account for a Windows Remote target connector using the JSON body returned for an existing account as a starting point, but it didn't work. Can we have a sample JSON body that works?


Multiple parameters returned for an existing target account are not valid when posting a new account, such as account ID and application ID. PAM will create the account ID, and the application ID is part of the URL, not the JSON body. On the other hand, the GET command will not include the password, but the password has to be specified when creating a new account. Also, boolean attributes tend to be returned with value "t" or "f" by a GET, but typically have to be provided as "true" or "false" in a POST.


Applies to all supported release as of March 2020 (3.2 and 3.3).


Here is a sample JSON body that works:

  "accountName": "windowstest",
  "password": "dummy",
  "privileged": "t",
  "attributes": {
    "accountType": "admin",
    "descriptor1": "DESC1",
    "extensionType": "windowsRemoteAgent",
    "forcePasswordChange": "false",
    "useOtherAccountToChangePassword": "false"
  "cacheBehavior": "useCacheFirst",
  "cacheDuration": "30",
  "synchronize": "f",
  "passwordViewPolicyId": "1000"