security-settings

The Security Settings API lets admin switch between enhanced security mode
and a custom security mode in
which one or more insecure capabilities are allowed. It also lets you
switch to, but not from, a maximum
security mode.
[tags: DMA]

Resource Root

https://localhost:8443/api/rest/security-settings

Summary

Resources	Methods
https://localhost:8443/api/rest/security-settings	GET Retrieves the security settings. PUT Updates the security settings record.

Resources

https://localhost:8443/api/rest/security-settings

Methods

GET

Retrieves the security settings. [tags: DMA]

Request

Response

Status	Representation	Description
200	application/vnd.plcm.plcm-security-settings+xml application/vnd.plcm.plcm-security-settings+json application/vnd.plcm.plcm-security-settings-v2+xml application/vnd.plcm.plcm-security-settings-v2+json application/vnd.plcm.plcm-security-settings-v3+xml application/vnd.plcm.plcm-security-settings-v3+json application/vnd.plcm.plcm-security-settings-v4+xml application/vnd.plcm.plcm-security-settings-v4+json	Security settings records successfully retrieved.
304		Security settings records have not changed since the last get. Note: The API client must provide the "plcm-security-settings" representation's ETag value in the "If-None-Match" HTTP header to ensure conditional retrieval. This will improve network performance by reducing bandwidth consumption. If the API client chooses to exclude an ETag value from a previous, identical search in the "If-None-Match" header, then the HTTP response will contain the search results in the message body. The "plcm-security-settings" ETag can be accessed from the initial search result's HTTP response header. Also, subsequent searches require the identical search filter to ensure an equivalent ETag value. This also assumes no other client made changes to the security settings on the server.
400	text/plain	Bad request.
403	application/vnd.plcm.plcm-error+xml	User has insufficient permissions to perform the operation.
409	application/vnd.plcm.plcm-error+xml	The request contained ETags in both the header (header-ETag) and the body (body-ETag) and they do not match.
412	application/vnd.plcm.plcm-error+xml	The resource has changed on the server. The API client must retrieve the latest resource version, apply the resource modifications, then update to the server.
428	application/vnd.plcm.plcm-error+xml	The API client must supply the ETag in the message body that is bounded by the "entity-tag" XML tag. Refer to the "plcm-security-settings.xsd" for details. If the message body does not contain the ETag value, the server will look for the ETag in the "If-Match" header.

PUT

Updates the security settings record. [tags: DMA]

Request

Representations

application/vnd.plcm.plcm-security-settings+xml

application/vnd.plcm.plcm-security-settings+json

application/vnd.plcm.plcm-security-settings-v2+xml

application/vnd.plcm.plcm-security-settings-v2+json

application/vnd.plcm.plcm-security-settings-v3+xml

application/vnd.plcm.plcm-security-settings-v3+json

application/vnd.plcm.plcm-security-settings-v4+xml

application/vnd.plcm.plcm-security-settings-v4+json

Response

Status	Representation	Description
204		Security settings record successfully accepted.
400	text/plain	Bad request.
400	application/vnd.plcm.plcm-error+xml	Conflicting security settings. When "Allow non-FIPS ciphers" is false then "Skip validation of certificates received while making outbound connections" must not be true.
401	application/vnd.plcm.plcm-error+xml	User is not authorized to update the security settings
406	application/vnd.plcm.plcm-error+xml	Not Acceptable
409	application/vnd.plcm.plcm-error+xml	The specified security-mode is not valid in this context.
409	application/vnd.plcm.plcm-error+xml	The specified security options are not valid for the ENHANCED security-mode. When specifying an ENHANCED security mode, the following settings should either be false or not specified: allow-a-non-events (v1,v2) allow-anon-events (v3+) allow-booting-from-usb-or-optical-drive allow-console-access (v3+) allow-linux-console-access (v1,v2) allow-non-tls-for-ldap (v3+) allow-ssh-access (v3+) allow-ssh-root-access (v3+) basic-calendar-auth-allowed http-calendar-notifications-allowed non-fips-cipher-allowed (v2) skip-call-signaling-cert skip-server-cert-validation (v1,v2) unencrypted-enterprise-directory-access-allowed unencrypted-mcu-access-allowed
409	application/vnd.plcm.plcm-error+xml	The request contained ETags in both the header (header-ETag) and the body (body-ETag) and they do not match.
412	application/vnd.plcm.plcm-error+xml	The resource has changed on the server. The API client must retrieve the latest resource version, apply the resource modifications, then update to the server.
428	application/vnd.plcm.plcm-error+xml	The API client must supply the ETag in the message body that is bounded by the "entity-tag" XML tag. Refer to the "plcm-security-settings.xsd" for details. If the message body does not contain the ETag value, the server will look for the ETag in the "If-Match" header.
428		Security settings information has changed since the last retrieval. Note: The response will contain the ETag value and link that reflects the server's security settings resource in the HTTP response header. The API client must supply the ETag in the message body that is bounded by the "entity-tag" XML tag. Refer to the "plcm-security-settings.xsd" for details. If the message body does not contain the ETag value, the server will look for the ETag in the "If-Match" header. The "plcm-security-settings" ETag can be accessed from the initial retrieval result's HTTP response header.This also assumes no other client made changes to Security settings records on the server.