Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Masters are key-value pairs that can be defined for the entire tenant. The key(name) in this context refers to the label to be shown on the Cymmetri User Interface, and the value is the backend identifier used to reference this field in various processes, rules, and policies defined in the Cymmetri platform.
Cymmetri platform allows for configuring several masters in the system, the major classification among which are Global masters (which allow for creating master key-value pairs that may be used for various situations, such as creating a new department, designation, and other custom attributes for users in the system) and Zone masters (which are network configurations that may be used to whitelist or blacklist user access onto the platform as well as act as a source for adaptive Multi-factor authentication).
These are system-wide key-value pairs primarily used to setup key-value pairs referring to various masters as given below:
Follow the steps below to Add a New Master:
Click on the "+Add New" button to add a new master of any category mentioned above.
Enter the Name and Value for the new Master, then select the type of master you wish to create and enable the active toggle button to make the master active. Once all values are entered click on the Save button
A new Global Master is successfully created in the selected category
The RBAC Master allows the maintenance of role entitlements for the organization.
Zone masters indicate the network zones that may be used for blacklisting or whitelisting access to the Cymmetri Identity platform deployment. It may also be used for detecting users from certain zones and assigning relevant multi-factor authentication policies.
Zone Name: Used to refer to a zone in other configurations on the Cymmetri platform.
Inactive/Active: Toggle button to check whether the zone is active (configurable as a condition for other rules on the Cymmetri platform.)
Gateway IP: Refers to the Gateway IP address for the network zone.
Proxy IPs: Proxy Server IP addresses that may be used to be directed to this network or the IP addresses outside of the zone that would indicate a connection from this zone.
CIDR: Refers to the CIDR notation of the subnet of the network that this zone refers to. CIDR Notation.
For adding a new Zone Master or for editing an existing one, Fill in all the mandatory details on the screen as shown above, click on the enable toggle button and finally click the “Save” button.
Type | Description |
---|---|
Country
Country key-value pairs are stored in the system, and are available as drop-downs wherever needed in the system - User attributes, Policies and other mappings.
UserType
UserType is used as one of the conditions while defining authentication policies and as an input in the rule engine.
Department
Department is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.
Designation
Designation is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.
RBAC
RBAC (System Roles) is used as one of the conditions while defining authentication policies and as an input in the rule engine, and also as a user attribute.
In this section within Cymmetri, a range of general or broad configuration settings and options are managed. These settings encompass various foundational configurations that affect the overall behavior of Cymmetri.
There are different system configurations in Cymmetri mentioned below:
It refers to a setting within Cymmetri that enables a user to raise an application access request on behalf of another user. An administrator can enable this feature and then the user can raise a request for any other user. The page here shows how the users get access to the On Behalf feature and use it to raise application requests
In the Time-Based configuration, system administrators can determine whether the system will send repeated notifications to users based on the number of days remaining, as specified in the 'Send Notifications before' field. This occurs when an application is assigned to the user as a time-based application and is about to expire.
These settings and configurations within Cymmetri are specifically related to the management and customization of email-related functionalities. This configuration area allows administrators to set up, manage, and customize, the email communications as per the organization's needs.
Within the Suspend Config section, administrators have the ability to determine the duration a user remains in a suspended state before transitioning to the archived users' section. This can be specified using the "Suspend After" setting.
The system incorporates a scheduler feature, enabling administrators to automate the transition of users from the suspended state to the archived state. The scheduler runs within defined time frames, streamlining the management of user statuses.
As an example, if the "Suspend After" configuration is set to 0 days, a user will promptly move to the archived users section upon suspension. This allows for flexibility in tailoring user management to specific organizational needs.
Within the Workflow Preference Config, administrators have the ability to specify the visibility and editability of workflows associated with user access requests for a particular application. This setting allows for tailored control over how approvers interact with the configured workflow.
When this option is selected, approvers for the requested application are visible to the user initiating the access request. Transparency is maintained throughout the workflow process.
Opting for this configuration ensures that approvers for the requested application remain hidden from the user. The workflow operates discreetly in the background without user visibility.
If this preference is chosen, users initiating access requests have the ability to select approvers based on their availability, providing a more dynamic and user-centric workflow experience.
This functionality applies if a workflow has been configured for the specified application, offering flexibility in managing user access requests in alignment with organizational requirements.
The approvers mapped in the workflow can only be edited only if they are part of the "user list" in workflow configurations.
In conclusion, if the workflow preference config is set to Editable, the requester will only be able to select the approver from the workflow if the approvers are part of a user list.
This setting involves whether an OTP (One-Time Password) is required as an additional verification step when users attempt to change their passwords.
The User Decommission Config is a vital feature in Cymmetri, allowing administrators to automate user decommissioning based on login activity.
In this configuration, actions are triggered if the user hasn't logged in to Cymmetri in N number of days
Config Days: Set the threshold for user inactivity in terms of days. Users who have not logged in for the specified duration will be subject to the defined actions.
Actions: Choose from three distinct actions to be taken when the specified inactivity threshold is reached:
None: No action will be taken based on user inactivity.
Inactive: Users exceeding the configured inactivity period will be marked as inactive.
Delete: Users who have not logged in for the specified duration will be suspended from the system.
Syslog configuration in Cymmetri allows for the seamless integration of logging and event information with external Syslog servers. By defining specific parameters, administrators can ensure that critical system events, user access information, and other relevant data are transmitted in real-time to a Syslog server.
Syslog Config fields:
Syslog Name - Assign a unique name to this Syslog configuration
App Name - Specify the application name associated with this Syslog configuration.
Server Host Name - Enter the hostname or IP address of the Syslog server that will receive log messages
Server port - Define the port number on the Syslog server where log messages will be sent.
Protocol - Choose the preferred protocol for Syslog communication - TCP or UDP.
In configuring these parameters, administrators tailor Cymmetri's interaction with external Syslog servers, optimizing the logging process to meet organizational needs.
Webhooks in the Cymmetri's admin module provide a powerful mechanism for real-time communication and integration with external applications or services. Administrators can configure various webhook settings to enhance the system's functionality and streamline interactions with external components.
Protocol - Communication protocol - (Static field)
Method - HTTP method for webhook requests - (Static Set to post)
Server - Enter the server or endpoint URL where the webhook payloads will be delivered.
Server Context path - provide the context path for the specific service within the server.
Secret - This secret key, known to both Cymmetri and the external service, helps authenticate the webhook requests.
Token Expiry Minutes - Define the duration (in minutes) for which authentication tokens associated with webhook requests are valid.
This setting determines if a user has the ability to initiate requests for new applications through the Cymmetri self-service page.
When the status is active, the user will see the "Add New" button on the "My Access" page within the "My Workspace" section. By clicking this button, the user can submit an access request for additional applications.
The Threshold Delete Config is a critical component in Cymmetri, governing the maximum number of users that can be deleted from the system in a single day.
This configuration provides an additional layer of control to prevent unintended mass deletions and ensure the security and stability of Cymmetri
Cymmetri platform has six different admin roles with various levels of access to the various menus and resources on the administration portal of Cymmetri.
In addition to these six admin roles, Cymmetri also supports three different privileged user roles that grant varying levels of access (read, write, report) to privileged users within Cymmetri.
The various admin roles on the Cymmetri Identity Platform may be described as follows:
This is the so-called 'super admin' administrator role in the Cymmetri platform. Administrators with this role have the authorization to modify any settings or make changes to the tenant.
This is a slightly less privileged administrator. Most tenant-wide system settings, such as the configuration of SMS and email providers (when configured by the tenant), are restricted for domain administrators. All other configurations can be viewed and edited by administrators with the Domain Administrator role.
An administrator with the role of Application Administrator has access to Identity Hub configurations, including Application, User, and Group configurations. The Application Administrator can map users and groups to applications and can edit all configurations related to Application Management.
An administrator with the role of Report Administrator has access to the Reports menu, which includes the ability to view, modify, and add new reports.
The Helpdesk administrator has access to a very limited set of administrative functionalities, such as, resetting password of the end-user, removing configured Multifactor authentication options, and other such common use-case
All administrative users have editing access to the various administrative sections of the Cymmetri platform. However, administrators with the "Read Only Administrator" role do not have editing access to any of the settings or configurations; they only have "Read Only" access to the administrative section.
PAM Write Access in Cymmetri grants users the privilege to connect to servers via RDP or SSH and perform write or modification actions on those servers. Users with PAM Write Access have the ability to make changes, update configurations, and perform tasks that involve altering data or settings on the connected servers. This access level is typically assigned to administrators and IT personnel responsible for making configuration changes or updates on various servers within the Cymmetri environment.
PAM Read Access provides users with the ability to connect to servers using RDP or SSH and view the content and configurations on those servers. However, users with PAM Read Access do not have the authority to make modifications or changes to the server settings or data. This level of access is suitable for individuals who need to monitor server activities, check logs, or retrieve information from servers without the need to alter any server configurations.
PAM Report Access is designed for users who require access to PAM-related reports without the need to connect to servers via RDP or SSH directly. Users with PAM Report Access can generate and access reports that provide insights into server activities, access logs, or other relevant data within the Cymmetri. Such users can also configure schedulers to send timely reports to various other users. This level of access is beneficial for auditors, compliance teams, or individuals focused on analyzing server-related information for reporting and auditing purposes.
Follow the steps mentioned below to promote a user as an admin in the Cymmetri platform.
Click on the Configuration menu on the right-hand side
Now click on the Admins sub-menu within the Configuration menu
Click on the "+Add New" button to add a new administrator
To assign an administrator role to a user, search for the user and then click the 'Assign' button.
Select the chosen administration role and click on Save
The administrator has been assigned the role of “Report Administrator”.
All admins is a section where various Cymmetri admins listing is displayed to the admin user
Custom Attributes may be added for all user entities in your Cymmetri Platform. This allows organizations to add custom user attributes, that are used across the applications in the organization.
For example, your organization has a custom attribute that captures and uses the local language of your employees and vendors to provide local services. This attribute may be stored in your Active Directory and may need to be synchronized to your organization’s other applications during the course of an employee or vendor’s employment.
Cymmetri platform allows the administrator to define custom attributes on a tenant-wide level.
Custom attributes can be used at various places like when creating a user, as a filter when searching for users, and are visible in the others section of user info
To start configuring custom attributes, click on the Configurations menu on the left-hand side and then click on the Custom Attributes menu.
Click on the Add New button to start adding a custom attribute
Fields to be updated:
Name/ Key: refers to the label assigned to the custom attribute.
Description: allows you to provide additional details or notes about the custom attribute for reference and clarity.
Status: Allows to activate the custom attribute. Only if it is set to active, is the attribute available to use in the User Object.
Note: A custom attribute once created can only be set to inactive, it cannot be deleted.
Tenant branding in Cymmetri allows you to personalize and enhance the visual identity of your environment. With tenant branding, you can customize the appearance of your platform, including logos, color schemes, and even tailored messages, aligning it with your organization's branding guidelines.
This not only creates a cohesive and professional user experience but also reinforces your brand's presence throughout the Cymmetri environment. It's a powerful tool for organizations looking to maintain a consistent and recognizable image while utilizing Cymmetri's identity and management capabilities.
The Cymmetri platform allows a certain level of customization to your tenant from the administration panel. This includes the ability to modify the default Cymmetri branding scheme to your own Organization’s branding scheme.
Your Organization Name and Tagline
Your Organization Logo
Your Organization Branding Colors (Primary, Secondary, Accent Colors)
To access the branding menu, first click on the Configuration menu on the left-hand side and then proceed by clicking on the Branding menu item.
Start the configuration by entering your Organization Name and Tag Line
Proceed by adding a Welcome text and Welcome Tagline and select whether the Cymmetri help icon should be visible to the user or not
Proceed by adding your URL to the Website text box and click “Fetch Brand”.
If your organization’s branding is available, the logo and the corresponding color scheme will be displayed in the menu below.
If your branding is unavailable, you may configure it yourself by uploading your logo and editing your primary color, secondary color, and accent color.
Click on the Save and Sync Server button to make the branding configuration apply to the entire website.
The configuration will be applied in a few seconds to reflect your branding.
In Cymmetri, the administrator now has the option to select the "Reset to default theme" button, allowing them to revert to the original theme.
Cymmetri framework to extend the out of box use cases and support custom requirements from the platform
The following are the APIs calls.
Important Note:
Purpose: This API is used to create application hook
URL: http://<tenant_domain>/api/user/listByApplication
Method: POST
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "619ce9a69139ca14885a4717",
"displayName": "John Snow",
"firstName": "John",
"lastName": "Snow",
"email": null,
"mobile": null,
"designation": "Developer",
"status": "ACTIVE",
"profilePic": null,
"login": "john.snow",
"initialLoginPending": true,
"startDate": null,
"endDate": null,
"provStatus": {
"617253cc2fb4b2125b237b75": "SUCCESS_UPDATE"
}
}
],
"pageable": {
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalPages": 1,
"totalElements": 1,
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"first": true,
"number": 0,
"numberOfElements": 1,
"size": 10,
"empty": false
},
"timestamp": "02-Mar-2022 01:58:57",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"data":
null
,
"success":
false
,
"errorCode": "PROVSRVC.APPLICATION_NOT_FOUND",
"message":
null
,
"timestamp": "02-Mar-2022 01:59:39"
}
Purpose: This API is used to get an application hook for the provided application id and type.
URL: http://<tenant_domain>/api/group/groupListByApplication
Method: POST
applicationId: Application id
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"offset": 0,
"pageSize": 10,
"totalElements": 1,
"totalPages": 1,
"elements": [
{
"id": "621cdbb7776c95564c0313ab",
"name": "Gold",
"type": "LocalGroup",
"description": "Gold group",
"ouId": "",
"ouName": null,
"parentGroupIds": null,
"directParentGroupId": null,
"userCount": 0,
"appCount": 1
}
],
"pageNumber": 0,
"sort": {
"orders": [
{
"direction": "ASC",
"property": "name"
}
],
"sorted": true
}
},
"timestamp": "03-Mar-2022 05:29:23",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"data":
null
,
"success":
false
,
"errorCode": "PROVSRVC.APPLICATION_NOT_FOUND",
"message":
null
,
"timestamp": "03-Mar-2022 05:29:49"
}
Purpose: This API is used to list reconciliation pull for provided application id and keyword.
URL: https://<tenant_domain>/provsrvc/reconciliation/pull/search
Method: POST
applicationId: applicationId
keyword : keyword
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "621cca3f9423002d41cbbed4",
"name": "AD-ADMIN-USERS",
"type": "USER",
"status": "ACTIVE",
"applicationId": "614b5d3489ad96554e89e2ab",
"targetSystemSearchQueryFilter": null,
"idmRepositoryField": "login",
"sourceAttributeName": "cn",
"reconType": "PULL",
"reconMode": "FILTERED_RECONCILIATION",
"reconConditions": {
"TARGET_DELETED_IDM_EXISTS": "IGNORE",
"TARGET_EXTSTS_IDM_EXISTS": "IGNORE",
"TARGET_EXTSTS_IDM_NOT_EXISTS": "PROVISION"
},
"lastRunDateTime": null,
"createdDateTime": "2022-02-28T13:12:31.07",
"updatedDateTime": "2022-03-02T12:45:31.069",
"version": 2
},
...
...
],
"pageable": {
"sort": [
{
"direction": "DESC",
"property": "updatedDateTime",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalPages": 1,
"totalElements": 3,
"first": true,
"sort": [
{
"direction": "DESC",
"property": "updatedDateTime",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"numberOfElements": 3,
"size": 10,
"number": 0,
"empty": false
},
"timestamp": "03-Mar-2022 08:41:03",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "INVALID_ARGUMENTS"
}
Response 2#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "PROVSRVC.UNKNOWN"
}
Purpose: This API is used to list reconciliation push for provided application id and keyword.
URL: http://<tenant_domain>/reconciliation/push/search
Method: POST
applicationId: Application Id.
keyword : keyword
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "62207b1655a2d10f525dc2bf",
"name": "AD-Admin",
"type": "USER",
"status": "ACTIVE",
"applicationId": "614b5d3489ad96554e89e2ab",
"idmSearchQueryFilter": {
"location": null,
"reportingManager": null,
"department": null,
"designation": null,
"group": null,
"email": null,
"mobile": null,
"status": [],
"userType": null,
"locked": false
},
"idmRepositoryField": "login",
"sourceAttributeName": "cn",
"reconType": "PUSH",
"reconMode": "FILTERED_RECONCILIATION",
"reconConditions": {
"IDM_DELETED_TARGET_EXISTS": "IGNORE",
"IDM_EXTSTS_TARGET_EXISTS": "IGNORE",
"IDM_EXTSTS_TARGET_NOT_EXISTS": "PROVISION"
},
"lastRunDateTime": null,
"createdDateTime": "2022-03-03T08:23:50.963",
"updatedDateTime": "2022-03-03T08:23:50.963",
"version": 0
}
…
…
],
"pageable": {
"sort": [
{
"direction": "DESC",
"property": "updatedDateTime",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalPages": 1,
"totalElements": 3,
"first": true,
"sort": [
{
"direction": "DESC",
"property": "updatedDateTime",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"numberOfElements": 3,
"size": 10,
"number": 0,
"empty": false
},
"timestamp": "03-Mar-2022 08:40:09",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "INVALID_ARGUMENTS"
}
Response 2#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "PROVSRVC.UNKNOWN"
}
Purpose: This API is used to list application roles with provided application id and keyword.
URL: http://<tenant_domain>/applicationRole/findAppRolesByApplicationId
Method: POST
application id: applicationId
keyword: keyword
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "621f2996a36e574d3e7ab4a7",
"roleId": "ROLE_ID_101",
"roleName": "ADMIN",
"roleDescreption": "This role is for admin users.",
"applicationId": "614b5d3489ad96554e89e2ab",
"cosoType": "Admin",
"active": false,
"mappedBusinessRoles": [],
"createdDateTime": "2022-03-02T08:23:50.608",
"updatedDateTime": "2022-03-02T13:48:54.189",
"version": 3
},
...
...
],
"pageable": {
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalPages": 1,
"totalElements": 3,
"first": true,
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"numberOfElements": 3,
"size": 10,
"number": 0,
"empty": false
},
"timestamp": "03-Mar-2022 09:20:03",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "INVALID_ARGUMENTS"
}
Response 2#
{
"success": false,
"data": null,
"timestamp": "03-Mar-2022 09:06:43",
"message": null,
"errorCode": "PROVSRVC.UNKNOWN"
}
Purpose: This API is used to search PolicymapTenant.
URL: http://<tenant_domain>/policyMapTenant/findAll
Method: POST
tenantApplicationId: Tenant Application Id
objectType: Mapping Object Type
internal: Internal Attribute
external: External Application Attribute
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "61dd1da8db654e41881b5281",
"internal": "lastName",
"external": "sn",
"mandatory": false,
"script": null,
"createdDateTime": "2022-01-11T06:03:20.202",
"updatedDateTime": "2022-01-11T06:03:20.202",
"version": 0,
"default_val": "",
"tenant_applicationId": "61dd1da8db654e41881b5273",
"object_type": "USER",
"isCustom": false,
"scriptEnable": false
}
],
"pageable": {
"sort": [
{
"direction": "DESC",
"property": "internal",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalPages": 1,
"totalElements": 1,
"first": true,
"sort": [
{
"direction": "DESC",
"property": "internal",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"numberOfElements": 1,
"size": 10,
"number": 0,
"empty": false
},
"timestamp": "03-Mar-2022 07:13:09",
"message": null,
"errorCode": null
}
Purpose: This API is used to get paginated lists with filters.
URL: https://<tenant_domain>/selfservice/api/selfservice/applications
Method: POST
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"offset": 0,
"pageSize": 16,
"totalElements": 5,
"totalPages": 1,
"elements": [
{
"endDate": null,
"deprovNotification": false,
"enabled": true,
"tagLine": "Directory service developed by Microsoft",
"id": "617253cc2fb4b2125b237b75",
"name": "Active Directory",
"appUrl": "",
"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dCXQU17nnv1tb.....truncated"
}
],
"pageNumber": 0,
"sort": {
"orders": [
{
"direction": "ASC",
"property": "NAME"
}
],
"sorted": true
}
},
"timestamp": "03-Mar-2022 05:41:09",
"message": null,
"errorCode": null
}
Purpose: This API is used to get list of selfservice dashboard new Joiner list of logged in users.
URL: http://<tenant_url>/usersrvc/api/user/getSubOrdinates
Method: POST
Example Request: Need to pass filter as createdFrom and createdTo date time difference for seven day.
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"login": "nilesh",
"displayName": "Nilesh Dhepe",
"userId": "61e947c37dce7c5e40134f1f",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
},
{
"login": "workflow.one",
"displayName": "Test Workflow",
"userId": "61ee658de3a8361263cab0d1",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
},
{
"login": "workflow.two",
"displayName": "Test Workflow",
"userId": "61f7b3b50d84c22f79e1debd",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
},
{
"login": "mrunal",
"displayName": "Mrunal Chaple",
"userId": "61f8cda757a8e27934066a91",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
},
{
"login": "manoj.b",
"displayName": "Manoj Barapatre",
"userId": "61f8d81883126a511188e2ae",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
},
{
"login": "man.ba",
"displayName": "Manoj Bara",
"userId": "61f9160ed9800d4dbbc1baed",
"profilePic": null,
"qualitativeRisk": null,
"sodViolations": null
}
],
"pageable": {
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"last": true,
"totalElements": 6,
"totalPages": 1,
"first": true,
"number": 0,
"sort": [
{
"direction": "ASC",
"property": "id",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"numberOfElements": 6,
"size": 10,
"empty": false
},
"timestamp": "04-Mar-2022 10:39:22",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": true,
"data": null,
"timestamp": "04-Mar-2022 10:39:22",
"message": null,
"errorCode": null
}
Purpose: This API is used to get count of onboard application config incomplete.
URL: http://<tenant_url>/provsrvc/applicationTenant/getApplicationIncompleteConfig
Method: GET
Example Request:
Sample Response:
On success{
"success": true,
"data": 3,
"timestamp": "07-Mar-2022 08:11:48",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": true,
"data": 0,
"timestamp": "04-Mar-2022 10:39:22",
"message": null,
"errorCode": null
}
Purpose: This API is used to get count of application, admin and user.
URL: http://<tenant_url>/usersrvc/api/user/getOnboardCount
Method: GET
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"appCount": 9,
"adminCount": 1,
"userCount": 25
},
"timestamp": "07-Mar-2022 08:11:27",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": true,
"data": {
"appCount": 0,
"adminCount": 0,
"userCount": 0
},
"timestamp": "07-Mar-2022 08:11:27",
"message": null,
"errorCode": null
}
Purpose: This API is used to get the count of application,role,rule,workflow,password policy,active user,total user and unlogged user.
URL:https://<tenant_url>/usersrvc/api/user/getSystemKPICount
Method: GET
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"appCount": 80,
"roleCount": 5,
"activeUserCount": 128,
"totalUserCount": 131,
"unloggedUserCount": 106,
"passwordPolicyCount": 2,
"workflowCount": 3,
"ruleCount": 6
},
"timestamp": "11-Mar-2022 12:42:30",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": true,
"data": {
"appCount": 0,
"roleCount": 0,
"activeUserCount": 0,
"totalUserCount": 0,
"unloggedUserCount": 0,
"passwordPolicyCount": 0,
"workflowCount": 0,
"ruleCount": 0
},
"timestamp": "11-Mar-2022 12:42:30",
"message": null,
"errorCode": null
}
Purpose: This API is used to get count of requests, claims and my requests.
URL: https://<tenant_url>/workflowsrvc/api/workflowtaskassignment/user/request/claims/count
Method: GET
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"requestCount": 12,
"clamisCount": 6,
"requestorCount": 0
},
"timestamp": "10-Mar-2022 07:07:48",
"message": null,
"errorCode": null
}
On failure:
Response 1#
{
"success": true,
"data": {
"requestCount": 0,
"clamisCount": 0,
"requestorCount": 0
},
"timestamp": "04-Mar-2022 10:39:22",
"message": null,
"errorCode": null
}
Purpose: This API is used to search application assigned to user.
URL: https://<tenant_url>/usersrvc/api/user/listApplications
Method: POST
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"offset": 0,
"pageSize": 12,
"totalElements": 1,
"totalPages": 1,
"elements": [
{
"appId": "6226051994c38e414989eccd",
"appName": "ServiceNow",
"tagLine": "Workflow Automation Platform",
"status": "",
"appType": "GROUP",
"groupId": "61dea46ef515150ebe517b0d",
"endDate": null,
"provisionEnable": true,
"assignRoles": null
}
],
"pageNumber": 0,
"sort": null
},
"timestamp": "11-Mar-2022 01:06:33",
"message": null,
"errorCode": null
}
Purpose: This API is used to get assigned and unassigned application.
URL: https://<tenant_url>/provsrvc/applicationTenant/applicationListByPage
Method: POST
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"content": [
{
"id": "61dbfdf6b30690468b0d4a79",
"appName": "Google Workplace",
"icon": null,
"tagLine": "Integrated Collaboration & Productivity Apps from Google",
"status": "ACTIVE",
"provisionEnable": false,
"ssoEnable": true,
"assigned": true
},
{
"id": "61dd1da8db654e41881b5273",
"appName": "Active Directory",
"icon": null,
"tagLine": "Directory service developed by Microsoft",
"status": "ACTIVE",
"provisionEnable": true,
"ssoEnable": false,
"assigned": true
},
{
"id": "6225f81edd7111640e094f8d",
"appName": "Google Workplace5",
"icon": null,
"tagLine": "Integrated Collaboration & Productivity Apps from Google",
"status": "ACTIVE",
"provisionEnable": true,
"ssoEnable": false,
"assigned": true
}
],
"pageable": {
"sort": [
{
"direction": "DESC",
"property": "displayName",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"totalPages": 2,
"totalElements": 12,
"last": false,
"first": true,
"sort": [
{
"direction": "DESC",
"property": "displayName",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": false,
"descending": true
}
],
"numberOfElements": 10,
"size": 10,
"number": 0,
"empty": false
},
"timestamp": "11-Mar-2022 02:10:38",
"message": null,
"errorCode": null
}
Purpose: This API is used to get list of application of user with there expiry days
URL: https://<tenant_url>/selfservice/api/selfservice/applicationswithexpiry
Method: POST
Example Request:
Sample Response:
On success:
{
"success": true,
"data": {
"offset": 0,
"pageSize": 10,
"totalElements": 3,
"totalPages": 1,
"elements": [
{
"id": "62220c747dab08061e00ba7b",
"name": "Active Directory",
"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dCXQU17nnv1tb71q7BUJIzW7Jxo5N6zlOsPD2COBlEsnbiZFf,
"period": 20,
"tagLine": "Directory service developed by Microsoft"
},
{
"id": "62260e904f6c552b8b489c20",
"name": "Google Workplace",
"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAIAAACWbMCmAAAACXBIWXMAAAsSAAALEgHS3X78AAAgAElEQVR4nO2dd3wURf/Ht1xLcnfpvUB6uRRSKFKl9w6C+KgPj2B57D6gD/o8iOVBEaQIiCiIgoBKNSAgVXoPISG910u5S0+u7/xed3vZ27vsXW6T4A+fZ97/ZLM7uzs7+9mZ73xn5nsoAACBQOwDg+UEsR8oFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXCAigXCAugXCAsgHKBsADKBcICKBcIC6BcICyAcoGwAMoFwgIoFwgLoFwgLIBygbAAygXYQGUC4QFUC4QFkC5QFgA5QKxFwRB/g+Z9ki2AOTkrgAAAABJRU5ErkJggg==",
"period": 5,
"tagLine": "Integrated Collaboration & Productivity Apps from Google"
},
{
"id": "62260e994f6c552b8b489c28",
"name": "PowerShell",
"icon": "iVBORw0KGgoAAAANSUhEUgAAALoAAAC6CAYAAAAZDlfxAT/gAAAABJRU5ErkJggg==",
"period": 4,
"tagLine": "Command-line Shell from Microsoft"
}
],
"pageNumber": 0,
"sort": {
"orders": [
{
"direction": "DESC",
"property": "plannedStart"
}
],
"sorted": true
}
},
"timestamp": "11-Mar-2022 01:42:30",
"message": null,
"errorCode": null
}
Purpose: This API is used to validate password against password policy
URL: https://<tenant_url>/authsrvc/passwordPolicy/pub/validate
Method: POST
Example Request:
Sample Response:
On success:
{"success":true,"data":null,"timestamp":"11-Mar-2022 01:40:38","message":null,"errorCode":null}
On failure:
Response 1#
{"success":false,"data":null,"timestamp":"11-Mar-2022 01:39:40","message":null,"errorCode":"AUTHSRVC.PASSWORD_COMPOSITION_RULE_VIOLATION"}
Purpose: This API is used to get count of application
URL: http://<tenant_url>/api/selfservice/newApplicationsCount
Method: GET
Example Request:
Sample Response:
On success:
{"success": true,"data": 1,"timestamp": "11-Mar-2022 02:13:39","message": null,"errorCode": null}
Purpose: This API is used to get list of campaign
URL: https://<tenant_url>/igsrvc/api/ig/campaign/execution/history/list-summary/reviewer
Method: POST
Example Request:
Sample Response:
On success:
{
"data": {
"content": [
{
"executionId": "61a865c69c60c83eb2d2cf0e",
"name": "Campaign For Bug_w8z89q",
"description": "",
"campaignId": "61a8657c9c60c83eb2d2cf0c",
"revision": 1,
"iteration": 1,
"status": "COMPLETED",
"remarks": "",
"startMode": "MANUAL",
"startDate": "2021-12-02",
"endMode": "MANUAL",
"endDate": "2021-12-02",
"plannedEnd": "2021-12-05",
"totalAssignments": 41,
"pendingAssignments": 41,
"approvedAssignments": 0,
"rejectedAssignments": 0
},
{
"executionId": "6225c00ab21ac3024d5a1d91",
"name": "Campaign For Bug_w8z89q",
"description": "",
"campaignId": "61a8657c9c60c83eb2d2cf0c",
"revision": 1,
"iteration": 2,
"status": "COMPLETED",
"remarks": "",
"startMode": "MANUAL",
"startDate": "2022-03-07",
"endMode": "AUTO",
"endDate": "2022-03-10",
"plannedEnd": "2022-03-10",
"totalAssignments": 40,
"pendingAssignments": 40,
"approvedAssignments": 0,
"rejectedAssignments": 0
}
],
"pageable": {
"sort": [
{
"direction": "ASC",
"property": "startDate",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"pageNumber": 0,
"pageSize": 10,
"offset": 0,
"paged": true,
"unpaged": false
},
"totalPages": 1,
"totalElements": 2,
"last": true,
"first": true,
"sort": [
{
"direction": "ASC",
"property": "startDate",
"ignoreCase": false,
"nullHandling": "NATIVE",
"ascending": true,
"descending": false
}
],
"numberOfElements": 2,
"size": 10,
"number": 0,
"empty": false
},
"errorCode": null,
"message": null,
"success": true,
"timestamp": "11-Mar-2022 02:38:11"
}
curl --location --request POST 'http://api.cymmetri.in/usersrvc/api/user/listByApplication' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNzEwNywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDExMTA3fQ.8j711_L--eQHHfen2GPI1qWCmUWRd4n6O44HCZhuRSo' \
--data-raw '{
"keyword":"shu",
"pageNumber": "0",
"pageSize": "10",
"filter": {
"applicationId": "617253cc2fb4b2125b237b75"
},
"sortDirection": "ASC",
"sortOn": [
"id"
]
}'
curl --location --request POST 'http://localhost:9080/api/group/groupListByApplication' \
--header 'Tenant: gk16'
--data-raw '{
"filter": {
"applicationId": "617253cc2fb4b2125b237b75"
},
"keyword": "gold",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "ASC",
"sortOn": [
"name"
]
}'
curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/reconciliation/pull/search' \
--header 'Tenant: mru18' \
--data-raw '{
"filter": {
"applicationId": "614b5d3489ad96554e89e2ab"
},
"keyword": "",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "DESC",
"sortOn": [
"updatedDateTime"
]
}'
curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/reconciliation/pull/search' \
--header 'Tenant: mru18' \
--data-raw '{
"filter": {
"applicationId": "614b5d3489ad96554e89e2ab"
},
"keyword": "",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "DESC",
"sortOn": [
"updatedDateTime"
]
}'
curl --location --request POST 'https://mru18.cymmetri.in/provsrvc/applicationRole/findAppRolesByApplicationId' \
--header 'Tenant: mru18' \
--data-raw '{
"filter": {
"active": true,
"applicationId": "614b5d3489ad96554e89e2ab"
},
"keyword": "",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "ASC",
"sortOn": [
"id"
]
}'
curl --location --request POST 'api.cymmetri.in/provsrvc/policyMapTenant/findAll' \
--data-raw '{
"keyword": "lastName",
"pageNumber": 0,
"pageSize": 10,
"filter": {
"tenantApplicationId": "61dd1da8db654e41881b5273",
"objectType": "USER"
},
"sortDirection": "DESC",
"sortOn": [
"internal"
]
}'
curl --location --request POST 'https://gk40.cymmetri.in/selfservice/api/selfservice/applications' \
--header 'Connection: keep-alive' \
--header 'Pragma: no-cache' \
--header 'Cache-Control: no-cache' \
--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96"' \
--header 'Accept: application/json' \
--header 'content-type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNDY2NywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDA4NjY3fQ.jP2BgjiOVUcdxhImVvdwy18puEylWSSOVHnWA_2hhJU' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36' \
--header 'sec-ch-ua-platform: "Linux"' \
--header 'Origin: https://gk40.cymmetri.in' \
--header 'Sec-Fetch-Site: same-origin' \
--header 'Sec-Fetch-Mode: cors' \
--header 'Sec-Fetch-Dest: empty' \
--header 'Referer: https://gk40.cymmetri.in/' \
--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; Correlation=1E83B306404E4E46A2F6BE7D5A79C3BC; RefreshToken=fc6b1bcc-1c00-4663-b6ef-441051fb2e57; sessionId=75bdbb27-cf85-4102-9ba7-0cc5a84f8fb4' \
--data-raw '{
"direction": "ASC",
"keyword": "",
"pageNumber": 0,
"pageSize": 16,
"sort": "NAME"
}'
curl --location --request POST 'http://api.cymmetri.in/usersrvc/api/user/getSubOrdinates' \
--header 'Content-Type: application/json' \
--header 'Tenant: gk17' \
--header 'UserId: 61e81227aa505f4393b93405' \
--data-raw '{
"filter": {
"createdFrom": "2022-01-04T10:26:56.030Z",
"createdTo": "2022-03-04T10:26:56.030Z"
},
"keyword": "",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "ASC",
"sortOn": [
"id"
]
}'
curl --location --request GET 'http://api.cymmetri.in/provsrvc/applicationTenant/getApplicationIncompleteConfigCount' \
--header 'Tenant: gk17' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJnazE3IiwiZGVsZWdhdGVlIjpudWxsLCJkZWxlZ2F0ZWVJZCI6bnVsbCwiZmlyc3RMb2dpbiI6ZmFsc2UsInJvbGVzIjpbIk9SR19BRE1JTiIsIlVTRVIiXSwidGVuYW50SWQiOiJnazE3IiwiZXhwIjoxNjQ2NjQ2NjQ0LCJ1c2VySWQiOiI2MWU4MTIyN2FhNTA1ZjQzOTNiOTM0MDUiLCJpYXQiOjE2NDY2NDA2NDR9.snwC7XVRWM5S-gCP53fXXObh9aROFtZDtfOXQCUDPps'
curl --location --request GET 'http://api.cymmetri.in/usersrvc/api/user/getOnboardCount' \
--header 'Content-Type: application/json' \
--header 'Tenant: n23' \
--header 'UserId: 6176c0b33c79f20dde6fd732' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJnazE3IiwiZGVsZWdhdGVlIjpudWxsLCJkZWxlZ2F0ZWVJZCI6bnVsbCwiZmlyc3RMb2dpbiI6ZmFsc2UsInJvbGVzIjpbIk9SR19BRE1JTiIsIlVTRVIiXSwidGVuYW50SWQiOiJnazE3IiwiZXhwIjoxNjQ2NjQ2NjQ0LCJ1c2VySWQiOiI2MWU4MTIyN2FhNTA1ZjQzOTNiOTM0MDUiLCJpYXQiOjE2NDY2NDA2NDR9.snwC7XVRWM5S-gCP53fXXObh9aROFtZDtfOXQCUDPps'
curl --location --request GET 'https://macos.cymmetri.in/usersrvc/api/user/getSystemKPICount' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoibWFjb3MiLCJleHAiOjE2NDcwMDg1MjUsInVzZXJJZCI6IjYxN2Y4YmIxZDE5MDViNjcyYzQ3N2QzMiIsImlhdCI6MTY0NzAwMjUyNX0.JzhcbfcQXxZoCYH5Mi_HmRCHZf_FVIr3OYrewl7vkjc'
curl --location --request GET 'https://gk40.cymmetri.in/workflowsrvc/api/workflowtaskassignment/user/request/claims/count' \
--header 'Tenant: gk40' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJtcnUxOCIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoibXJ1MTgiLCJleHAiOjE2NDY2NzE2MTYsInVzZXJJZCI6IjYxNGI1Yjc1ODVmODU0NGYxY2RkOTcxNSIsImlhdCI6MTY0NjY2NTYxNn0.bViQdrikfQD1xdI6Waf_Sk6LOYQh-ilHVq4dMYfVt3E'
curl --location --request POST 'https://s3.cymmetri.in/usersrvc/api/user/listApplications' \
--data-raw '{
"pageNumber": 0,
"pageSize": 20,
"userId": "61d7f610dd92d761faa278f2",
"appName":"service"
}'
curl --location --request POST 'https://s3.cymmetri.in/provsrvc/applicationTenant/applicationListByPage' \
--data-raw '{
"displayName": "",
"order": "DESC",
"pageNo": 0,
"size": 10,
"sortBy": "displayName",
"tag": "",
"userId":"61d7f610dd92d761faa278f2"
}'
curl --location --request POST 'https://as100.cymmetri.in/selfservice/api/selfservice/applicationswithexpiry' \ --header 'Connection: keep-alive' \ --header 'Pragma: no-cache' \ --header 'Cache-Control: no-cache' \ --header 'sec-ch-ua: "Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"' \ --header 'Accept: application/json' \ --header 'content-type: application/json' \ --header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiYXMxMDAiLCJleHAiOjE2NDcwMDk4NzgsInVzZXJJZCI6IjYyMTRkYjdiZDY2MWE1NzM4NmE3MWYxMCIsImlhdCI6MTY0NzAwMzg3OH0.LKZci0Yqeoyn4RHUIyYBFq7O5ATeDuCerZ0QdJ243gY' \ --header 'sec-ch-ua-mobile: ?0' \ --header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36' \ --header 'sec-ch-ua-platform: "Linux"' \ --header 'Origin: https://as100.cymmetri.in' \ --header 'Sec-Fetch-Site: same-origin' \ --header 'Sec-Fetch-Mode: cors' \ --header 'Sec-Fetch-Dest: empty' \ --header 'Referer: https://as100.cymmetri.in/' \ --header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \ --header 'Cookie: deviceId=48ba110c-c93c-45ac-92dc-3c6e04e74473; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; Correlation=C43A4277E7AB46178F0000BE4DD72F0C; RefreshToken=1ac7eea6-28a6-4bb8-997f-d7381a3dd7d1; sessionId=3417319f-789a-4849-8faa-bf180f4bec14; device=cf7bbf2a-161c-11ec-b3ec-39287c680726' \ --data-raw '{ "keyword": "", "pageNumber": 0, "pageSize": 10, "filter": {}, "sortDirection": "DESC", "sortOn": [ "plannedStart" ] }'
curl 'https://as100.cymmetri.in/authsrvc/passwordPolicy/pub/validate' \
-H 'Connection: keep-alive' \
-H 'Pragma: no-cache' \
-H 'Cache-Control: no-cache' \
-H 'sec-ch-ua: "Google Chrome";v="93", " Not;A Brand";v="99", "Chromium";v="93"' \
-H 'content-type: application/json' \
-H 'sec-ch-ua-mobile: ?0' \
-H 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36' \
-H 'tenant: as100' \
-H 'sec-ch-ua-platform: "Linux"' \
-H 'Accept: */*' \
-H 'Origin: https://as100.cymmetri.in' \
-H 'Sec-Fetch-Site: same-origin' \
-H 'Sec-Fetch-Mode: cors' \
-H 'Sec-Fetch-Dest: empty' \
-H 'Referer: https://as100.cymmetri.in/' \
-H 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \
-H 'Cookie: deviceId=fa83c4b1-7c85-467d-9b46-ffbc70efad97; Correlation=9928D5133AED419CBC01591B56483953; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; device=cf7bbf2a-161c-11ec-b3ec-39287c680726' \
--data-raw '{"password":"U2FsdGVkX191zbRQpSQz+rdxyAacEqD1G5Mx5wKtPV5ElwKZu7/TFHFLuCNH+v63G8k7sTFDa5gNYG9SQ+0ix4eZdTvLcJbELGm2yjUWjx2a6jH3JnP/USl2efCC9nDvufmqUhSbIPA0Nc1PZUqM+PPk+TpCFSoKtKwBPWeBa/LYjlYt11u++aTuVGsd/rOaWJxqINPRHIk6Ax89LfhM8+H6VKc4+ybfearoCJgHWCPE/X566hiYZJEKcMGe7u0OpUzGUMlyguBtfYlWlT7tcdP6x/rXlqs8vNTLk/HboYLv10UkB0ifsQ64c7fSQ/ofZKjQlqehpP4+SzIi4OiqRQikP9MOkKZWl9YJdGXZs+mUuzfEs9UGINMYBk1hSCq6xGb9mfE0vyFeVAyY/6oGgQ==","login":"totp","userId":"6214def0a251e06721ed8594"}' \
--compressed
curl --location --request GET 'http://localhost:8080/api/selfservice/newApplicationsCount' \
--header 'Connection: keep-alive' \
--header 'Pragma: no-cache' \
--header 'Cache-Control: no-cache' \
--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
--header 'Accept: application/json' \
--header 'content-type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0Njc0OTkzMiwidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ2NzQzOTMyfQ.puFKgrNoHZtRl6P4LxzFd9KQM_-EB-45DqqP4zywws8' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \
--header 'sec-ch-ua-platform: "Linux"' \
--header 'Sec-Fetch-Site: same-origin' \
--header 'Sec-Fetch-Mode: cors' \
--header 'Sec-Fetch-Dest: empty' \
--header 'Referer: https://gk40.cymmetri.in/' \
--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; app_73e5c5f8-276b-47bb-a6a5-b6f82a779d79=e689a8da-faa7-46f5-9c7a-2800abdd206a; device=41b5bf50-9def-11ec-8665-953ee8af105c; Correlation=1B9449F921B043B9B513E99D253894CE; RefreshToken=b8ada8a1-d089-4a39-b3e1-72c04ce202fe; sessionId=130e95df-69a5-4462-a8b5-c04b53e97e64' \
--header 'Tenant: gk40' \
--header 'userId: 617015a3c0481756b798aca2'
curl --location --request POST 'https://gk40.cymmetri.in/igsrvc/api/ig/campaign/execution/history/list-summary/reviewer' \
--header 'Connection: keep-alive' \
--header 'Pragma: no-cache' \
--header 'Cache-Control: no-cache' \
--header 'sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="99", "Google Chrome";v="99"' \
--header 'Accept: application/json' \
--header 'content-type: application/json' \
--header 'Authorization: Bearer eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImRlbGVnYXRlZSI6bnVsbCwiZGVsZWdhdGVlSWQiOm51bGwsImZpcnN0TG9naW4iOmZhbHNlLCJyb2xlcyI6WyJPUkdfQURNSU4iLCJVU0VSIl0sInRlbmFudElkIjoiZ2s0MCIsImV4cCI6MTY0NzAxNDY2NywidXNlcklkIjoiNjE3MDE1YTNjMDQ4MTc1NmI3OThhY2EyIiwiaWF0IjoxNjQ3MDA4NjY3fQ.jP2BgjiOVUcdxhImVvdwy18puEylWSSOVHnWA_2hhJU' \
--header 'sec-ch-ua-mobile: ?0' \
--header 'User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36' \
--header 'sec-ch-ua-platform: "Linux"' \
--header 'Origin: https://gk40.cymmetri.in' \
--header 'Sec-Fetch-Site: same-origin' \
--header 'Sec-Fetch-Mode: cors' \
--header 'Sec-Fetch-Dest: empty' \
--header 'Referer: https://gk40.cymmetri.in/' \
--header 'Accept-Language: en-GB,en-US;q=0.9,en;q=0.8' \
--header 'Cookie: deviceId=6e4caedd-beaf-444c-9312-21b219bb3709; Correlation=B194B86832FB4683ABC43EA6077944E2; Correlation=C27A4466A21046309B58FD53AEF4A2C5; RefreshToken=4ec80313-bed3-44e5-9081-33eb9ba301f2; sessionId=32ceee83-781e-45d6-9c2c-2acc8741a944' \
--data-raw '{
"filter": {
"campaignName": "Campaign For"
},
"keyword": "",
"pageNumber": 0,
"pageSize": 10,
"sortDirection": "ASC",
"sortOn": [
"startDate"
]
}'
API
Status
Error Code
Message
Create API
200
OK
500
Internal Server Error
401
Unauthorized
403
Forbidden
404
Not Found
Update API
200
OK
500
Internal Server Error
401
Unauthorized
403
Forbidden
404
Not Found
Notifications are triggered from the Cymmetri platform for various actions occurring on the platform either through direct action by the end-user or by the virtue of some backend action (such as running of a scheduler for a campaign). Cymmetri platform ships with default notification templates listed below-
Mandatory Notifications
Sign-up / Registration
OTP Notification
Access Code Manager Notification
Access Code User Notification
Optional Notifications
Workflow Notification
Reviewer Notification
Application Access Approval Request
Application Assignment
Delegation Assignee Notification
User Activation
Application Scheduled Deprovisioning
Delegation User Notification
Application Access Approval Request Denied by Approver
Application Access Approval Request Granted
User Notification
Login Failed
Password Expiry Notification
Review Assignment Notification
Self Approval Notification
Login Adaptive Failed Notification
MFA Failed Notification
User Threshold
User attribute update / Profile update
Pending Access Certification Notification
Ad-Hoc Certification Notification
User Risk score changes
Please note: The above notifications are available out of the box. The system also allows custom notifications to be triggered for specific events using the Cymmetri Webhooks. The custom action trigger can call an existing Cymmetri notification template or a custom template can be included in the webhook code.
The default templates may be modified by the administrator using the following process:
Access the notification templates menu by clicking on the configuration menu on the left-hand side menu bar and then clicking on the Notification templates pop-up menu.
Click on the eye icon to preview the corresponding template
Values in <> anchor tags and ${} reflect macros.
Click on the pencil icon shown above the image to edit the template.
We may treat this template as an email, and edit the subject of the mail.
By default, the email notification will be sent to the corresponding affected end-user, but selecting the toggle option for “Send notification to Reporting Manager” will also copy the mail to the Reporting manager of the affected end-user, allowing for offline follow-up for the notification.
The administrator may edit the HTML using the provided HTML editor to add/change any template button/text/background. The macros required for the particular template are already provided in the sample default notification template.
Click on the Save button to save the notification template.