On This Page
Importing Rule Owners Using API
Overview
Use this procedure to add Rule Owners to RLM using API. After you define the owners and their assets, Rule Owners can make certification decisions about the rules for which they are responsible.
For more information about mapping Rule Owners to rules, see Mapping Assets to Rule Owners.
Prerequisites
-
Create users in SecureChange for all Rule Owners in RLM.
-
Each user must have User name and Email attributes.
- The field, Owner, in the RLM mapping template must be an identical match to the field User name.
For SecureChange login credentials, contact your TOS Administrator.
-
-
Use either Google Chrome or Mozilla Firefox internet browser for RLM.
-
Configure all relevant users and workflows in SecureChange.
-
Provide SMTP server information if notifications need to be sent.
-
Ensure a list of owners and their associated assets, if available.
Import Owners using API
You can use API to upload owner and asset information.
-
API URL is
https://<Server_IP>/apps/public/rlm/api/owners. -
HTTP method is
POST. -
Authentication method must be OAuth2 and must be done before importing owner data using API. The required fields are as follows:
Field
Value
Grant type Resource Owner Password Credentials Username/password Credentials for the API user Access Token URL https://<Server_IP>/apps/public/rlm/oauth/tokenClient ID securechange Client Secret 123 -
JSON payload must have the following structure:
{
"owners": [
{
"owner": {
"name": "<NAME>"
},
"asset": {
"assets": {
"name": "<GROUP>",
"values": [
"<IP_VALUES>"
],
"objects": [
"<EXACT_NAME_OF_OBJECTS_AS_IN_SECURETRACK>"
]
}
},
"match_on": [
<MATCH_ON_VALUE: 'source' or 'destination'>
],
"service": {
"services": [
{
"protocol": "<value>",
"min_port": "<value>",
"max_port": "<value>"
}
],
"object_names: ["<service name>", "<service name>"]
},
"applications": "<APPLICATIONS>",
"description": "<DESCRIPTION>"
}
]
}
