API call to reset the password of a Target Account in PAM
search cancel

API call to reset the password of a Target Account in PAM

book

Article ID: 258103

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Can external REST API be used to reset the password of a Target account? If yes, can you please share the details around that.

Resolution

You can use the following API call:

PUT /api.php/v1/devices.json/{deviceId}/targetApplications/{applicationId}/targetAccounts

This can set the password, and with the synchronize value set to true ("t") it will validate it as well.

You can use API call

GET  /api.php/v1/devices.json/{deviceId}/targetApplications/{applicationId}/targetAccounts/{accountId}

to see the current list of attributes for the target account.


Instead of providing a specific password, you can use "_generate_pass_" to generate a password based off of your password composition policy. Example:

{
    "accountId":27001,
    "accountName":"<username>@example.com",
    "password":"_generate_pass_",
    "synchronize":"t",
    "attributes": {
        "userDN": "CN=XXXX,CN=Users,DC=example,DC=com"

    }
}

Powered by Wolken Software