security-settings



The Security Settings API lets admin switch between enhanced security mode
and a custom security mode in
which one or more insecure capabilities are allowed. It also lets you
switch to, but not from, a maximum
security mode.
[tags: DMA]

Resource Root

https://localhost:8443/api/rest/security-settings

Summary


Resources Methods
https://localhost:8443/api/rest/security-settings

GET  Retrieves the security settings.

PUT  Updates the security settings record.

Resources


https://localhost:8443/api/rest/security-settings


Methods

GET


Retrieves the security settings. [tags: DMA]

Request

Response

Status Representation Description
200 application/vnd.plcm.plcm-security-settings+xml
application/vnd.plcm.plcm-security-settings+json
application/vnd.plcm.plcm-security-settings-v2+xml
application/vnd.plcm.plcm-security-settings-v2+json
application/vnd.plcm.plcm-security-settings-v3+xml
application/vnd.plcm.plcm-security-settings-v3+json
application/vnd.plcm.plcm-security-settings-v4+xml
application/vnd.plcm.plcm-security-settings-v4+json
Security settings records successfully retrieved.
304
Security settings records have not changed since the last get.

Note: The API client must provide the "plcm-security-settings"
representation's
ETag value in the "If-None-Match" HTTP header to ensure conditional
retrieval.
This will improve network performance by reducing bandwidth
consumption.

If the API client chooses to exclude an ETag value from a previous,
identical
search in the "If-None-Match" header, then the HTTP response will
contain the
search results in the message body.

The "plcm-security-settings" ETag can be accessed from the initial
search result's HTTP
response header. Also, subsequent searches require the identical search
filter
to ensure an equivalent ETag value. This also assumes no other
client made changes to
the security settings on the server.
400 text/plain
Bad request.
403 application/vnd.plcm.plcm-error+xml
User has insufficient permissions to perform the operation.
409 application/vnd.plcm.plcm-error+xml

The request contained ETags in both the header (header-ETag) and the
body (body-ETag) and they do not match.
412 application/vnd.plcm.plcm-error+xml

The resource has changed on the server. The API client must retrieve
the latest resource version, apply the resource modifications,
then update to the server.
428 application/vnd.plcm.plcm-error+xml

The API client must supply the ETag in the message body that is
bounded by
the "entity-tag" XML tag. Refer to the "plcm-security-settings.xsd"
for details.
If the message body does not contain the ETag value, the server will
look for the ETag in the "If-Match" header.

PUT


Updates the security settings record. [tags: DMA]

Request

Representations

application/vnd.plcm.plcm-security-settings+xml
application/vnd.plcm.plcm-security-settings+json
application/vnd.plcm.plcm-security-settings-v2+xml
application/vnd.plcm.plcm-security-settings-v2+json
application/vnd.plcm.plcm-security-settings-v3+xml
application/vnd.plcm.plcm-security-settings-v3+json
application/vnd.plcm.plcm-security-settings-v4+xml
application/vnd.plcm.plcm-security-settings-v4+json

Response

Status Representation Description
204 Security settings record successfully accepted.
400 text/plain
Bad request.
400 application/vnd.plcm.plcm-error+xml
Conflicting security settings. When "Allow non-FIPS ciphers" is false then
"Skip validation of certificates received while making outbound connections" must not be true.
401 application/vnd.plcm.plcm-error+xml
User is not authorized to update the security settings
406 application/vnd.plcm.plcm-error+xml
Not Acceptable
409 application/vnd.plcm.plcm-error+xml

The specified security-mode is not valid in this context.
409 application/vnd.plcm.plcm-error+xml

The specified security options are not valid for the ENHANCED security-mode.

When specifying an ENHANCED security mode, the following settings should either be false or not specified:

allow-a-non-events (v1,v2)
allow-anon-events (v3+)
allow-booting-from-usb-or-optical-drive
allow-console-access (v3+)
allow-linux-console-access (v1,v2)
allow-non-tls-for-ldap (v3+)
allow-ssh-access (v3+)
allow-ssh-root-access (v3+)
basic-calendar-auth-allowed
http-calendar-notifications-allowed
non-fips-cipher-allowed (v2)
skip-call-signaling-cert
skip-server-cert-validation (v1,v2)
unencrypted-enterprise-directory-access-allowed
unencrypted-mcu-access-allowed
409 application/vnd.plcm.plcm-error+xml

The request contained ETags in both the header (header-ETag) and the
body (body-ETag) and they do not match.
412 application/vnd.plcm.plcm-error+xml

The resource has changed on the server. The API client must retrieve
the latest resource version, apply the resource modifications,
then update to the server.
428 application/vnd.plcm.plcm-error+xml

The API client must supply the ETag in the message body that is
bounded by
the "entity-tag" XML tag. Refer to the
"plcm-security-settings.xsd" for details.
If the message body does not contain the ETag value, the server will
look for the ETag in the "If-Match" header.
428
Security settings information has changed since the last retrieval.

Note: The response will contain the ETag value and link that reflects
the server's security settings resource in the HTTP response
header.

The API client must supply the ETag in the message body that is
bounded by
the "entity-tag" XML tag. Refer to the "plcm-security-settings.xsd"
for details.
If the message body does not contain the ETag value, the server will
look for the ETag in the "If-Match" header.

The "plcm-security-settings" ETag can be accessed from the initial
retrieval result's HTTP
response header.This also assumes no other client made changes to
Security settings records on the server.