Documentation Powered by ReDoc

REST API for Intel(R) Endpoint Management Assistant(Latest) (latest)

Download OpenAPI specification:Download

This API uses the OAuth2 Resource Owner Password Credentials flow with token path: base URL + /api/token

802.1XSetups

Gets a collection of 802.1X Setups

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request

403

Forbidden

500

Internal Server Error

get /api/latest/802_1XSetups
https://localhost/api/latest/802_1XSetups

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates an 802.1X Setup to be used by WifiSetup and Wired802.1X in AMT Profiles.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

Setup properties:

TenantId: This field is not required for this operation. If provided, it will be ignored.

AuthenticationProtocol: Currently, only 0=EAP_TLS and 2=EAP_PEAP_MSCHAP_V2 options are fully supported.

ClientAuthenticationSettings.DesignatedSubjectCN: The default value for this property is 4=UserPrincipalName. This is the Subject set in the client certificate and the user name required by the Network Policy Server (NPS), which is the RADIUS implementation by Microsoft.

Request Body schema:
application/json
TenantId
string <uuid>
SetupId
integer <int32>
SetupName
required
string
Data
required
object (IEEE8021x_Settings)

Responses

200

Successful request

400

Invalid ModelState

403

Forbidden

409

802.1X Setup name already exists

500

Internal Server Error

post /api/latest/802_1XSetups
https://localhost/api/latest/802_1XSetups

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "SetupId": 0,
  • "SetupName": "string",
  • "Data":
    {
    }
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "SetupId": 0,
  • "SetupName": "string",
  • "Data":
    {
    }
}

Gets an 802.1X Setup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

path Parameters
_802_1XSetupId
required
integer <int32>

802.1X Setup ID

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/802_1XSetups/{_802_1XSetupId}
https://localhost/api/latest/802_1XSetups/{_802_1XSetupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "SetupId": 0,
  • "SetupName": "string",
  • "Data":
    {
    }
}

Updates an 802.1X Setup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

Setup properties:

TenantId: This field is not required for this operation. If provided, it will be ignored.

AuthenticationProtocol: Currently, only 0=EAP_TLS and 2=EAP_PEAP_MSCHAP_V2 options are fully supported.

ClientAuthenticationSettings.DesignatedSubjectCN: The default value for this property is 4=UserPrincipalName. This is the Subject set in the client certificate and the user name required by the Network Policy Server (NPS), which is the RADIUS implementation by Microsoft.

path Parameters
_802_1XSetupId
required
integer <int32>

802_1X Setup ID

Request Body schema:
application/json

802_1X Setup object to update

TenantId
string <uuid>
SetupId
integer <int32>
SetupName
required
string
Data
required
object (IEEE8021x_Settings)

Responses

200

Successful request

400

Bad Request

403

Forbidden

404

Not found

409

802.1X Setup name already exists or SetupId mismatch

500

Internal Server Error

put /api/latest/802_1XSetups/{_802_1XSetupId}
https://localhost/api/latest/802_1XSetups/{_802_1XSetupId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "SetupId": 0,
  • "SetupName": "string",
  • "Data":
    {
    }
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "SetupId": 0,
  • "SetupName": "string",
  • "Data":
    {
    }
}

Deletes an 802.1X Setup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

path Parameters
_802_1XSetupId
required
integer <int32>

802.1X Setup ID

Responses

204

Successful request, no content

400

Bad Request

403

Forbidden

404

Not found

409

Cannot delete 802.1X Setup if it is still associated with AMT Profile or WiFi Setup

500

Internal Server Error

delete /api/latest/802_1XSetups/{_802_1XSetupId}
https://localhost/api/latest/802_1XSetups/{_802_1XSetupId}

Gets a collection of Certificate Authorities found in the current Windows domain.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

Responses

200

Successful request

403

Forbidden

500

Internal Server Error

get /api/latest/802_1XSetups/CertificateAuthorities
https://localhost/api/latest/802_1XSetups/CertificateAuthorities

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

AccessTokens

Gets a new Access Token.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

This method provides Users the means to obtain a new Access Token before their current one expires.

Responses

200

Successful request, content returned

403

Forbidden

500

Internal Server Error

get /api/latest/accessTokens/getUsingExistingToken
https://localhost/api/latest/accessTokens/getUsingExistingToken

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "access_token": "string",
  • "token_type": "string",
  • "expires_in": 0,
  • "userName": "string",
  • "issued": "string",
  • "expires": "string"
}

Gets a new Access Token using Windows Authentication credentials.

Roles required: Global Administrator, Tenant Administrator, Account Manager, Endpoint Group Creator, Endpoint Group User

This method will only grant an Access Token under the following conditions:

  1. EMA must be installed with Windows Domain Authentication mode.
  2. The EMA server must be joined to an Active Directory domain.
  3. The caller must have an EMA account with a username that maps to a User Principal Name in Active Directory.

Responses

200

Successful request, content returned

401

Unauthorized

403

Forbidden

405

Method Not Allowed

500

Internal Server Error

get /api/latest/accessTokens/getUsingWindowsCredentials
https://localhost/api/latest/accessTokens/getUsingWindowsCredentials

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "access_token": "string",
  • "token_type": "string",
  • "expires_in": 0,
  • "userName": "string",
  • "issued": "string",
  • "expires": "string"
}

Gets a new Access Token using Windows username and password. The Windows username needs to be the User Principal Name (UPN) in Active Directory.

Roles required: Global Administrator, Tenant Administrator, Account Manager, Endpoint Group Creator, Endpoint Group User

This method provides Users the means to obtain a new Access Token using Windows username and password. This method will only grant an Access Token under the following conditions:

  1. EMA must be installed with Windows Domain Authentication mode.
  2. The caller must have an EMA account with a username that maps to a User Principal Name in Active Directory.
Request Body schema:
application/json
Upn
required
string
Password
required
string

Responses

200

Successful request, content returned

401

Unauthorized

403

Forbidden

405

Not Allowed

500

Internal Server Error

post /api/latest/accessTokens/getUsingWindowsCredentials
https://localhost/api/latest/accessTokens/getUsingWindowsCredentials

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Upn": "string",
  • "Password": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "access_token": "string",
  • "token_type": "string",
  • "expires_in": 0,
  • "userName": "string",
  • "issued": "string",
  • "expires": "string"
}

Method to delete expired or unused tokens

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Responses

204

Successful request, no content

401

Unauthorized

405

Method Not Allowed

500

Internal Server Error

delete /api/latest/accessTokens/disableExistingToken
https://localhost/api/latest/accessTokens/disableExistingToken

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Gets CSRF token pair set in cookies.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

This method provides Users the means to get new CSRF token pair set in cookies.

Responses

204

Successful request, no content

401

Unauthorized

403

Forbidden

500

Internal Server Error

get /api/latest/accessTokens/getCSRFToken
https://localhost/api/latest/accessTokens/getCSRFToken

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Agents

Gets the latest agent executable for Win64Console

Roles required: Global Administrator, Tenant Administrator, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, attachment returned

500

Internal Server Error

get /api/latest/agents/getWin64Console
https://localhost/api/latest/agents/getWin64Console

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Gets the latest agent installer for Win64Service

Roles required: Global Administrator, Tenant Administrator, Account Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, attachment returned

500

Internal Server Error

get /api/latest/agents/getWin64Service
https://localhost/api/latest/agents/getWin64Service

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

AjaxCookies

Gets an Ajax cookie.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, content returned

401

Unauthorized

500

Internal Server Error

get /api/latest/ajaxCookies
https://localhost/api/latest/ajaxCookies

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "cookie": "string",
  • "expireTime": "2023-02-15T18:34:43Z"
}

AlarmClock

Gets the current Intel AMT Alarm clock entries set on the endpoint

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Responses

200

Successful request

400

Invalid Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}
https://localhost/api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Sets an Intel AMT Alarm clock entries on the endpoint

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group


StartTime must be represented in the 'yyyy-MM-ddTHH:mm:ssZ' UTC format
path Parameters
endpointId
required
string
Request Body schema:
application/json
Name
required
string
StartTime
required
string <date-time>
Interval
object (AlarmClockInterval)
DeleteOnCompletion
required
boolean

Responses

200

Successful request

400

Invalid Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}
https://localhost/api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "StartTime": "2023-02-15T18:34:43Z",
  • "Interval":
    {
    },
  • "DeleteOnCompletion": true
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "StartTime": "2023-02-15T18:34:43Z",
  • "Interval":
    {
    },
  • "DeleteOnCompletion": true
}

Deletes the specified Intel AMT Alarm clock entry from the endpoint.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string
Request Body schema:
application/json
Name
required
string

Responses

204

Successful request

400

Invalid Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

delete /api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}
https://localhost/api/latest/endpointOOBOperations/Single/AlarmClock/{endpointId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string"
}

AmtCredentials

Returns the Amt admin credentials or MEBx password, based on credential type defined in the query string, for a provisioned endpoint if its associated AmtSetup record is found in the database

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

When returning MEBx password, the username field in AMT credentials is always null

path Parameters
endpointId
required
string

Hex string with 64 characters and without the 0x prefix

query Parameters
credentialType
string

Can be 'mebx' or 'admin', it is a case sensitive string

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

409

Resource conflict due to not able to get the credential or password

500

Internal server error

get /api/latest/amtCredentials/{endpointId}
https://localhost/api/latest/amtCredentials/{endpointId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "userName": "string",
  • "password": "string"
}

AmtProfiles

Gets a list of AMT Profile summaries.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, content returned

500

Internal Server Error

get /api/latest/amtProfiles
https://localhost/api/latest/amtProfiles

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates an AMT Profile.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

The following defines the profile object's optional parameters and their default values. If no argument is provided for an optional parameter, then its default value is used.

  1. TlsAuthType: 1 = TlsNoAuth. If this is set to NoTLS, you need to specify the CIRASettings.
  2. PowerPackageSettings.PowerActiveOn: 1 = AlwaysOnInAc.
  3. PowerPackageSettings.PowerStateIdleTimeoutInMinutes: 1.
  4. ManagementInterfacesSettings.WebUIServiceEnabledState: 2 = Enabled.
  5. ManagementInterfacesSettings.KVMInterfaceState: 2 = Enabled.
  6. ManagementInterfacesSettings.UserConsentRequired: 4294967295 = All.
  7. ManagementInterfacesSettings.SOLEnabled: true.
  8. ManagementInterfacesSettings.IDEREnabled: true.
  9. ManagementInterfacesSettings.RedirectionServiceState: SOLEnabled=true and [IDEREnabled=true: 32771(IderOnSolOn); IDEREnabled=false: 32770(IderOffSolOn)]; SOLEnabled=false and [IDEREnabled=true: 32769(IderOnSolOff); IDEREnabled=false: 32768(Disabled)].
  10. FqdnSettings.FqdnSource: 0 = SharedWithHostOS.
  11. IpSettings.DHCPEnabled: true.
  12. IpSettings.SharedStaticIp: false.
  13. IpSettings.Source: 0 = DHCP.
  14. WiFiConnectionSettings.WiFiSetups: Empty collection (it is optional only if WiFiConnectionSettings.WiFiConnectionEnabledConfiguration=0)
  15. Wired802_1XSettings: An object containing _802_1Setup_DBLookupKey=null.
  16. CIRASettings (the whole object): null.
  17. CIRASettings.CIRATunnel: false.
  18. CIRASettings.EnvironmentDetectionDomainSuffix: Value to disable CIRA when the target system is in this network domain when CIRATunnel=true; Empty string when CIRATunnel=false.
  19. CIRASettings.CIRAProxies (the whole object): Empty collection.
Request Body schema:
application/json

AMT Profile object to create

Name
required
string
Description
required
string
TlsAuthType
string
Enum: "noTLS" "tlsNoAuth" "tlsRemoteAuth" "tlsLocalAuth" "tlsAuth"

An integer representing TLS Authentication Mode. Current supported modes are 'noTLS' (TLS disabled) and 'TlsNoAuth' (TLS enabled, no authentication mode)

PowerPackageSettings
required
object (Power)
ManagementInterfacesSettings
required
object (ManagementInterfaces)
FqdnSettings
required
object (FQDNSettings)
IpSettings
required
object (IPSettings)
WiFiConnectionSettings
required
object (WiFiConnection)
Wired802_1XSettings
object (Wired802_1X)
CIRASettings
object (CIRASettings)

Responses

200

Successful request, content returned

400

Bad Request

409

AMT Profile name already exists

500

Internal Server Error

post /api/latest/amtProfiles
https://localhost/api/latest/amtProfiles

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Description": "string",
  • "TlsAuthType": "noTLS",
  • "PowerPackageSettings":
    {
    },
  • "ManagementInterfacesSettings":
    {
    },
  • "FqdnSettings":
    {
    },
  • "IpSettings":
    {
    },
  • "WiFiConnectionSettings":
    {
    },
  • "Wired802_1XSettings":
    {
    },
  • "CIRASettings":
    {
    }
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtProfileId": 0,
  • "TenantId": "string",
  • "Name": "string",
  • "Description": "string",
  • "TlsAuthType": "noTLS",
  • "PowerPackageSettings":
    {
    },
  • "ManagementInterfacesSettings":
    {
    },
  • "FqdnSettings":
    {
    },
  • "IpSettings":
    {
    },
  • "WiFiConnectionSettings":
    {
    },
  • "Wired802_1XSettings":
    {
    },
  • "CIRASettings":
    {
    }
}

Gets an AMT Profile by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

path Parameters
amtProfileId
required
integer <int32>

AMT Profile ID

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/amtProfiles/{amtProfileId}
https://localhost/api/latest/amtProfiles/{amtProfileId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtProfileId": 0,
  • "TenantId": "string",
  • "Name": "string",
  • "Description": "string",
  • "TlsAuthType": "noTLS",
  • "PowerPackageSettings":
    {
    },
  • "ManagementInterfacesSettings":
    {
    },
  • "FqdnSettings":
    {
    },
  • "IpSettings":
    {
    },
  • "WiFiConnectionSettings":
    {
    },
  • "Wired802_1XSettings":
    {
    },
  • "CIRASettings":
    {
    }
}

Updates an AMT Profile by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

The properties AmtProfileId and TenantId are readonly and cannot be updated.

The following list defines the default values that would be used for any optional parameters if they are omitted from the profile object:

  1. TlsAuthType: 1 = TlsNoAuth. If this is set to NoTLS, you need to specify the CIRASettings.
  2. PowerPackageSettings.PowerActiveOn: 1 = AlwaysOnInAc.
  3. PowerPackageSettings.PowerStateIdleTimeoutInMinutes: 1.
  4. ManagementInterfacesSettings.WebUIServiceEnabledState: 2 = Enabled.
  5. ManagementInterfacesSettings.KVMInterfaceState: 2 = Enabled.
  6. ManagementInterfacesSettings.UserConsentRequired: 4294967295 = All.
  7. ManagementInterfacesSettings.SOLEnabled: true.
  8. ManagementInterfacesSettings.IDEREnabled: true.
  9. ManagementInterfacesSettings.RedirectionServiceState: SOLEnabled=true and [IDEREnabled=true: 32771(IderOnSolOn); IDEREnabled=false: 32770(IderOffSolOn)]; SOLEnabled=false and [IDEREnabled=true: 32769(IderOnSolOff); IDEREnabled=false: 32768(Disabled)].
  10. FqdnSettings.FqdnSource: 0 = SharedWithHostOS.
  11. IpSettings.DHCPEnabled: true.
  12. IpSettings.SharedStaticIp: false.
  13. IpSettings.Source: 0 = DHCP.
  14. WiFiConnectionSettings.WiFiSetups: Empty collection (it is optional only if WiFiConnectionSettings.WiFiConnectionEnabledConfiguration=0)
  15. Wired802_1XSettings: An object containing _802_1Setup_DBLookupKey=null.
  16. CIRASettings (the whole object): null.
  17. CIRASettings.CIRATunnel: false.
  18. CIRASettings.EnvironmentDetectionDomainSuffix: Value to disable CIRA when the target system is in this network domain when CIRATunnel=true; Empty string when CIRATunnel=false.
  19. CIRASettings.CIRAProxies (the whole object): Empty collection.
path Parameters
amtProfileId
required
integer <int32>

AMT Profile ID

Request Body schema:
application/json

AMT Profile object with updates

AmtProfileId
required
integer <int32>
TenantId
string
Name
required
string
Description
required
string
TlsAuthType
string
Enum: "noTLS" "tlsNoAuth" "tlsRemoteAuth" "tlsLocalAuth" "tlsAuth"

An integer representing TLS Authentication Mode. Current supported modes are 'noTLS' (TLS disabled) and 'TlsNoAuth' (TLS enabled, no authentication mode)

PowerPackageSettings
required
object (Power)
ManagementInterfacesSettings
required
object (ManagementInterfaces)
FqdnSettings
required
object (FQDNSettings)
IpSettings
required
object (IPSettings)
WiFiConnectionSettings
required
object (WiFiConnection)
Wired802_1XSettings
object (Wired802_1X)
CIRASettings
object (CIRASettings)

Responses

200

Successful request, content returned

400

Bad Request

404

Not found

409

AMT profile name already exists

500

Internal Server Error

put /api/latest/amtProfiles/{amtProfileId}
https://localhost/api/latest/amtProfiles/{amtProfileId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtProfileId": 0,
  • "TenantId": "string",
  • "Name": "string",
  • "Description": "string",
  • "TlsAuthType": "noTLS",
  • "PowerPackageSettings":
    {
    },
  • "ManagementInterfacesSettings":
    {
    },
  • "FqdnSettings":
    {
    },
  • "IpSettings":
    {
    },
  • "WiFiConnectionSettings":
    {
    },
  • "Wired802_1XSettings":
    {
    },
  • "CIRASettings":
    {
    }
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtProfileId": 0,
  • "TenantId": "string",
  • "Name": "string",
  • "Description": "string",
  • "TlsAuthType": "noTLS",
  • "PowerPackageSettings":
    {
    },
  • "ManagementInterfacesSettings":
    {
    },
  • "FqdnSettings":
    {
    },
  • "IpSettings":
    {
    },
  • "WiFiConnectionSettings":
    {
    },
  • "Wired802_1XSettings":
    {
    },
  • "CIRASettings":
    {
    }
}

Deletes an AMT Profile by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

path Parameters
amtProfileId
required
integer <int32>

AMT Profile ID

Responses

204

Successful request, no content

400

Bad Request

404

Not found

409

Cannot be deleted since the AMT Profile is still linked to at least one Endpoint Group

500

Internal Server Error

delete /api/latest/amtProfiles/{amtProfileId}
https://localhost/api/latest/amtProfiles/{amtProfileId}

AmtProfileToEndpointGroupsAssignments

Gets a list of Endpoint Groups associated with a given AmtProfileId.

Role required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

404 will be returned if AmtProfileId is not found.

path Parameters
amtProfileId
required
integer <int32>

AMT Profile ID

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/amtProfileToEndpointGroupsAssignments/{amtProfileId}
https://localhost/api/latest/amtProfileToEndpointGroupsAssignments/{amtProfileId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointGroupCount": 0,
  • "AccessibleEndpointGroups":
    [
    ]
}

AmtProvisioningCertificates

Gets a collection certificates required for AMT provisioning

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, content returned

401

Unauthorized

403

Forbidden

500

Internal server error

get /api/latest/amtProvisioningCertificates
https://localhost/api/latest/amtProvisioningCertificates

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Gets a certificate used for AMT provisioning by ID

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

path Parameters
amtCertificateId
required
integer <int32>

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/amtProvisioningCertificates/{amtCertificateId}
https://localhost/api/latest/amtProvisioningCertificates/{amtCertificateId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtCertificateId": 0,
  • "Name": "string",
  • "CommonName": "string",
  • "NotBefore": "2023-02-15T18:34:43Z",
  • "NotAfter": "2023-02-15T18:34:43Z",
  • "HasPrivateKey": true,
  • "Thumbprint": "string",
  • "IsAmtProvisioningCert": true,
  • "InUseByAmtProfile": true,
  • "Pem": "string",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:43Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:43Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000"
}

Deletes a certificate used for AMT provisioning, as well as the next ones in the chain serially if they are not a part of another chain.

Roles required: Tenant Administrator, Client Credentails Tenant manager

path Parameters
amtCertificateId
required
integer <int32>

Responses

204

Successful request, no content

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

409

Conflict: certificate is in use by AMT profile

500

Internal server error

delete /api/latest/amtProvisioningCertificates/{amtCertificateId}
https://localhost/api/latest/amtProvisioningCertificates/{amtCertificateId}

Gets the .CER file of an AMT provisioning certificate, or a certificate in its chain, by ID

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

The filename of the .CER file will will be specified in the "filename" parameter of the "Content-Disposition" header.

path Parameters
amtCertificateId
required
integer <int32>

Responses

200

Successful request, attachment returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/amtProvisioningCertificates/{amtCertificateId}/getFile
https://localhost/api/latest/amtProvisioningCertificates/{amtCertificateId}/getFile

Upload .PFX of AMT provisioning certificate

Roles required: Tenant Administrator, Client Credentials Tenant Manager

To import an AMT provisioning certificate, POST with enctype "multipart/form-data", the .PFX file attached, and the following parameters:
name: certificate nickname
password: password for the .PFX file

Responses

200

Successful request, content returned

400

Invalid file

401

Unauthorized

403

Forbidden

404

Not found

409

Conflict: certificate thumbprint already exists

415

Unsupported media type

500

Internal Server Error

post /api/latest/amtProvisioningCertificates/uploadPfx
https://localhost/api/latest/amtProvisioningCertificates/uploadPfx

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Upload .PFX general certificates

Roles required: Tenant Administrator, Client Credentials Tenant Manager

To import an certificate, POST with enctype "multipart/form-data", the .PFX file attached, and the following parameters:
name: certificate nickname
password: password for the .PFX file

Responses

200

Successful request, content returned

400

Invalid file

401

Unauthorized

403

Forbidden

404

Not found

415

Unsupported media type

500

Internal Server Error

post /api/latest/amtProvisioningCertificates/upload
https://localhost/api/latest/amtProvisioningCertificates/upload

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Upload .CER general certificate

Roles required: Tenant Administrator, Client Credentials Tenant Manager

To import an certificate, POST with content-type "multipart/form-data", the .CER file attached, and the following parameter:
name: certificate nickname

Responses

200

Successful request, content returned

400

Invalid file

401

Unauthorized

403

Forbidden

404

Not found

415

Unsupported media type

500

Internal Server Error

post /api/latest/amtProvisioningCertificates/uploadCert
https://localhost/api/latest/amtProvisioningCertificates/uploadCert

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

AmtSetups

Gets the AmtSetup (or provisioning record) of an Endpoint

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
amtSetupId
required
string

Use value of EndpointId. Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/amtSetups/endpoints/{amtSetupId}
https://localhost/api/latest/amtSetups/endpoints/{amtSetupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtSetupId": "string",
  • "Type": "auto",
  • "PID": "string",
  • "Creation": "2023-02-15T18:34:43Z",
  • "SetsRandomMebxPassword": true,
  • "Profile":
    {
    },
  • "State": "creation",
  • "StateString": "string",
  • "ExtraAmtInfo":
    {
    },
  • "AmtProfileId": 0,
  • "SetsRandomAdminPassword": true
}

Deletes the AmtSetup (or provisioning record) of an Endpoint

Roles required: Tenant Administrator, Client Credentials Tenant Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
amtSetupId
required
string

Use value of EndpointId. Hex string with 64 characters and without the 0x prefix

Responses

204

Successful request, no content

400

Bad request

403

Forbidden

404

Not found

500

Internal server error

delete /api/latest/amtSetups/endpoints/{amtSetupId}
https://localhost/api/latest/amtSetups/endpoints/{amtSetupId}

Gets the AmtSetup (or auto-provisioning setting) of an Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
amtSetupId
required
string

Use value of EndpointGroupId. Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/amtSetups/auto/{amtSetupId}
https://localhost/api/latest/amtSetups/auto/{amtSetupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtSetupId": "string",
  • "Type": "auto",
  • "PID": "string",
  • "Creation": "2023-02-15T18:34:43Z",
  • "SetsRandomMebxPassword": true,
  • "Profile":
    {
    },
  • "State": "creation",
  • "StateString": "string",
  • "ExtraAmtInfo":
    {
    },
  • "AmtProfileId": 0,
  • "SetsRandomAdminPassword": true
}

Deletes the AmtSetup (or auto-provisioning setting) of an Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
amtSetupId
required
string

Use value of EndpointGroupId. Hex string with 64 characters and without the 0x prefix

Responses

204

Successful request, no content

400

Bad Request

403

Forbidden

404

Not found

500

Internal server error

delete /api/latest/amtSetups/auto/{amtSetupId}
https://localhost/api/latest/amtSetups/auto/{amtSetupId}

Submits a request to provision an AMT Endpoint

Roles required: Tenant Administrator, Client Credentials Tenant Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Certificate provisioning will be requested only if an AMTProvisioningCertificateId is provided, otherwise host-based-provisioning will be requested. The certificate corresponding to AMTProvisioningCertificateId must have a Private Key, otherwise it will return error.

AdminCredential.Password requirements:

between 8 and 31 characters
contains at least one number
contains both lowercase and uppercase alpha characters
contains at least one special character: '!', '@', '#', '$', '%', '^', '&amp;', '*', '(', ')', '-', '+'

CiraIntranetSuffix is applicable only when UsesCira is set to true. The value is a string of up to four comma separated domain name suffixes.

UsesTLS and UsesCira cannot be both true or both false. You need to choose one.

Request Body schema:
application/json

AMT Setup request object

EndpointId
required
string 64 characters
UsesTls
required
boolean
UsesCira
required
boolean
SetsRandomMebxPassword
boolean

If true, MEBx password must be created randomly and set in Firmware

UsesEmaAccount
required
boolean
CiraIntranetSuffix
string
AdminCredential
required
object (AdminCredential)
AmtCertificateId
integer <int32> [ 1 .. 2147483647 ]

Responses

200

Successful request, result returned

400

Bad request

403

Forbidden

404

Not found

409

Endpoint's AMT is already provisioned

500

Internal server error

post /api/latest/amtSetups/endpoints/provision
https://localhost/api/latest/amtSetups/endpoints/provision

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "UsesTls": true,
  • "UsesCira": true,
  • "SetsRandomMebxPassword": true,
  • "UsesEmaAccount": true,
  • "CiraIntranetSuffix": "string",
  • "AdminCredential":
    {
    },
  • "AmtCertificateId": 1
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtSetupId": "string",
  • "Type": "auto",
  • "PID": "string",
  • "Creation": "2023-02-15T18:34:43Z",
  • "SetsRandomMebxPassword": true,
  • "Profile":
    {
    },
  • "State": "creation",
  • "StateString": "string",
  • "ExtraAmtInfo":
    {
    },
  • "AmtProfileId": 0,
  • "SetsRandomAdminPassword": true
}

Submits a request to unprovision an AMT Endpoint

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Warning: This operation will reset the AMT device to factory settings!

The AMT admin password is optional and should only be used to unprovision an AMT endpoint that was provisioned outside of EMA, or that has no AmtSetup (or Provisioning Record) in the database.

If the AMT Endpoint was provisioned with EMA, and the corresponding AmtSetup record is in the database, then the AMT admin password is unnecessary.

AdminCredential.Password requirements:

--between 8 and 32 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character
Request Body schema:
application/json

An unprovision AMT request

EndpointId
required
string 64 characters
AdminCredential
object (AdminCredential)

Responses

204

Successful request, no content

400

Bad request

403

Forbidden

404

Not found

409

AMT endpoint not provisioned, or TCPRELAY not enabled by policy

500

Internal server error

post /api/latest/amtSetups/endpoints/unprovision
https://localhost/api/latest/amtSetups/endpoints/unprovision

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "AdminCredential":
    {
    }
}

Sets AMT auto-provisioning for an Endpoint Group.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, User in a User Group with Execute privileges associated to target Endpoint Group For certificate provisioning, provide an AmtCertificateId in the request, otherwise Host-based-provisioning will be set. The certificate corresponding to AmtCertificateId must have a Private Key, otherwise it will return error.

To unset auto-provisioning, delete the AmtSetup record using the EndpointGroupId as AmtSetupId.

Request Body schema:
application/json
EndpointGroupId
required
string
AmtProfileId
required
integer <int32> [ 1 .. 2147483647 ]
SetsRandomMebxPassword
boolean

If true, MEBx password must be created randomly and set in Firmware

AdminCredential
object (AdminCredentialOptional)
UsesEmaAccount
required
boolean
AmtCertificateId
integer <int32>
SetsRandomAdminPassword
boolean

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

409

Conflict

500

Internal server error

post /api/latest/amtSetups/auto/set
https://localhost/api/latest/amtSetups/auto/set

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointGroupId": "string",
  • "AmtProfileId": 1,
  • "SetsRandomMebxPassword": true,
  • "AdminCredential":
    {
    },
  • "UsesEmaAccount": true,
  • "AmtCertificateId": 0,
  • "SetsRandomAdminPassword": true
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtSetupId": "string",
  • "Type": "auto",
  • "PID": "string",
  • "Creation": "2023-02-15T18:34:43Z",
  • "SetsRandomMebxPassword": true,
  • "Profile":
    {
    },
  • "State": "creation",
  • "StateString": "string",
  • "ExtraAmtInfo":
    {
    },
  • "AmtProfileId": 0,
  • "SetsRandomAdminPassword": true
}

Submits a request to adopt a currently provisioned endpoint, thus making it owned by EMA.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

This API is for use with endpoints that are already provisioned, but not by this particular EMA instance. Additionally, this API requires an AMT Autosetup to be enabled in this EMA instance for the endpoint group associated with the target endpoint. The API will apply the settings from the AMT Autosetup to the target endpoint. A given endpoint can only be provisioned and/or adopted into an Intel EMA instance one time. If you try to adopt the same endpoint twice into the same Intel EMA instance, the phase 2 provisioning process will fail with an error. You would need to unprovision and reprovision any endpoints you want to adopt again.

Request Body schema:
application/json
EndpointId
required
string 64 characters

Hex string without "0x" prefix

CurrentAdminCredential
required
string [ 8 .. 31 ] characters

AMT admin password

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not Found

500

Internal server error

post /api/latest/amtSetups/endpoints/adopt
https://localhost/api/latest/amtSetups/endpoints/adopt

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "CurrentAdminCredential": "stringst"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtSetupId": "string",
  • "Type": "auto",
  • "PID": "string",
  • "Creation": "2023-02-15T18:34:43Z",
  • "SetsRandomMebxPassword": true,
  • "Profile":
    {
    },
  • "State": "creation",
  • "StateString": "string",
  • "ExtraAmtInfo":
    {
    },
  • "AmtProfileId": 0,
  • "SetsRandomAdminPassword": true
}

AuditEvents

Gets a list of Audit Events filterable by optional query string parameters.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Endpoint Manager

Note: Global Administrators can only access Audit Events not associated with a TenantId.

Timestamps are recorded in UTC. Use UTC format when filtering with startDateTime and/or endDateTime. For example, "2020-01-29T15:10:38.017Z"

query Parameters
resourceName
string

Resource Name of Audit Events

resourceId
string

Resource Id of Audit Events

callerName
string

Caller Name of Audit Events

callerId
string <uuid>

Caller Id of Audit Events

source
string
Enum: "Unknown" "Reserved1" "SwarmServer" "AjaxServer" "WebApi" "RecoveryServer" "ManageabilityServer" "FileActionsServer" "PlatformManager"

Source (enum) of Audit Events. If the value is a string and the string is not a valid string name of the enumeration item, it will be ignored.

action
string
Enum: "NoAction" "Login" "Logout" "PageLoad" "Starting" "Stopping" "CreateAjaxCookie" "CreateRoutingCookie" "NewMesh" "PowerAction" "AccountDelete" "MeshDelete" "NodeDelete" "AlertMessage" "HttpRedirect" "TcpRedirect" "TestEvent" "AjaxKVM" "AjaxTerminal" "AjaxFiles" "WebSocketDirect" "WebSocketManagement" "Stats" "FileDownload" "FileUpload" "AddAccess" "RemoveAccess" "AmtProvisioningRecordSet" "AmtProvisioningRecordClear" "AmtProvisioningRecordAttempt" "AmtProvisioningRecordUsed" "AmtProvisioningRecordFail" "AgentConnect" "UserFeedback" "UserNodeEvent" "UserMeshEvent" "UserEvent" "AmtRedirectError" "AmtPowerActionSuccess" "AmtPowerActionFailed" "Translation" "NodeEvent" "AgentUninstalled" "NodeMovedToDifferentMesh" "ProcessAmtPreCheck" "UnexpectedError" "NewUser" "EditUser" "RemoveUser" "NewTenant" "EditTenant" "RemoveTenant" "NewGroup" "EditGroup" "RemoveGroup" "UsersInGroupAdded" "UsersInGroupRemoved" "NewRole" "UserRoleChange" "UserAddedToGroup" "UserRemovedFromGroup" "BaseRolesCreated" "AccessDenied" "WebApiEvent" "WMI" "FileDeliver" "FileExecution" "FileSearch" "FileShortOps" "New802_1xSetup" "Edit802_1xSetup" "Delete802_1xSetup" "AMTDiscovery_ByIP" "AMTDiscovery_ByIPAutomatically" "AMTDiscovery_Cancel" "AMTDiscovery_BySubnet" "AMTDiscovery_BySubnetAutomatically" "AMTDiscovery_ByIPRange" "AMTDiscovery_ByIPRangeAutomatically" "AMTDiscovery_ByLocalBroadcast" "AMTDiscovery_ByLocalBroadcastAutomatically" "NewAmtProfile" "EditAmtProfile" "DeleteAmtProfile" "NewAmtProvisioningCertificate" "NewGeneralCertificate" "DeleteAmtProvisioningCertificate" "DeleteManualProvisioning_AMTSetup" "DeleteAutoProvisioning_AMTSetup" "Provision_AMTSetup" "Unprovision_AMTSetup" "AutoProvisioningForEndpointGroup_AMTSetup" "MeshUpdate" "EndpointIBOperation_Reboot" "EndpointIBOperation_Sleep" "EndpointIBOperation_Hibernate" "EndpointIBOperation_Shutdown" "EndpointIBOperation_Alert" "EndpointOOBOperation_Multiple_PowerOn" "EndpointOOBOperation_Multiple_SleepLight" "EndpointOOBOperation_Multiple_SleepDeep" "EndpointOOBOperation_Multiple_PowerCycleOffSoft" "EndpointOOBOperation_Multiple_PowerOffHard" "EndpointOOBOperation_Multiple_Hibernate" "EndpointOOBOperation_Multiple_PowerOffSoft" "EndpointOOBOperation_Multiple_PowerCycleOffHard" "EndpointOOBOperation_Multiple_MasterBusReset" "EndpointOOBOperation_Multiple_PowerOffSoftGraceful" "EndpointOOBOperation_Multiple_PowerOffHardGraceful" "EndpointOOBOperation_Multiple_MasterBusResetGraceful" "EndpointOOBOperation_Multiple_PowerCycleOffSoftGraceful" "EndpointOOBOperation_Multiple_PowerCycleOffHardGraceful" "EndpointOOBOperations_Single_PowerOn" "EndpointOOBOperations_Single_SleepLight" "EndpointOOBOperations_Single_SleepDeep" "EndpointOOBOperations_Single_PowerCycleOffSoft" "EndpointOOBOperations_Single_PowerOffHard" "EndpointOOBOperations_Single_Hibernate" "EndpointOOBOperations_Single_PowerOffSoft" "EndpointOOBOperations_Single_PowerCycleOffHard" "EndpointOOBOperations_Single_MasterBusReset" "EndpointOOBOperations_Single_PowerOffSoftGraceful" "EndpointOOBOperations_Single_PowerOffHardGraceful" "EndpointOOBOperations_Single_MasterBusResetGraceful" "EndpointOOBOperations_Single_PowerCycleOffSoftGraceful" "EndpointOOBOperations_Single_PowerCycleOffHardGraceful" "UserGroupAssignedToEndpointGroup" "UserGroupDisassociatedFromEndpointGroup" "NewWiFiSetup" "EditWiFiSetup" "DeleteWiFiSetup" "GetAmtRoutingCookie" "ValidateAjaxCookie" "AmtWSMAN" "CheckUserAccess" "GetSwarmServerId" "MeshTargetHop" "MutliTargetHop" "EditAjaxServerSettings" "EditFileActionsServerSettings" "EditManageabilityServerSettings" "EditSwarmServerSettings" "EditWebServerSettings" "DecodeRoutingCookie" "GetCRL" "RevokeCertificate" "ResetCRL" "ResumableUploadCreate" "ResumableUploadAppend" "ResumableUploadDelete" "FileUploadRegister" "UsbrImageUpdated" "UsbrImageDeleted" "EndpointOOBOperations_Single_PowerCycleToIderIsoSol" "UsbrSessionStarted" "UsbrSessionStopped" "UsbrTempFileDeletedFromDatabase" "UsbrTempFileDeletedFromFilesystem" "UsbrTenantDirectoryDeletedFromFilesystem" "UsbrTenantFileDeletedFromFilesystem" "DosRateLimitedPreAuth" "DosRateLimitedPostAuth" "DosConnectionCount" "DosTcpIdle" "EditSecuritySettings" "DosRateLimitedHttp" "UserConsentCancel" "UserConsentChangeSpriteDisplay" "UserConsentStarted" "UserConsentSendCode" "GetServerSettingsCertificate" "ResetBootSettings" "EditRecoveryServerSettings" "StartPlatformErase" "UnConfigureCsme" "StartSecureErase" "HttpListener" "OneClickRecovery" "EndpointOobOperationsSinglePowerCycleToIderImgSol" "EndpointOobOperationsPowerCycleToBios" "StartOcrBoot" "EndpointAdded" "ProvisionedEndpointAdoption" "DeleteAmtAlarm" "GetAmtCredential" "SetAmtAlarmClock"

Action (enum) of Audit Events. If the value is a string and the string is not a valid string name of the enumeration item, it will be ignored.

resourceType
string
Enum: "NONE" "ROLE" "TENANT" "ENDPOINT_GROUP" "USER_GROUP" "USER" "ENDPOINT" "INTEL_AMT_SETUP" "AMTPROFILE" "WIFISETUP" "AJAXCOOKIE" "SERVERID" "AMT_PROVISIONING_CERTIFICATE" "DEFAULT" "_802_1XSETUP" "AMTDISCOVERY" "BEARER_TOKEN" "ROUTING_COOKIE" "SERVERSETTINGS" "CRL" "RESUMABLE_UPLOAD" "USBR_IMAGE" "USBR_ORPHAN_FILE_CLEANUP" "PORT" "SERVER_SETTINGS_CERTIFICATE" "REMOTE_ERASE" "ONE_CLICK_RECOVERY"

Resource Type (enum) of Audit Events. If the value is a string and the string is not a valid string name of the enumeration item, it will be ignored.

startDateTime
string

Start DateTime of a range of Audit Events in UTC format, e.g., 2020-01-29T15:10:38.017Z. If the string cannot be parsed as date time, it will be ignored.

endDateTime
string

End DateTime of a range of Audit Events in UTC format, e.g., 2020-01-29T15:10:38.017Z. If the string cannot be parsed as date time, it will be ignored.

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

get /api/latest/auditEvents
https://localhost/api/latest/auditEvents

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

AzureLogin

Authenticates a user through Azure AD and then redirects to EMA website with the EMA access token in the EMA secure cookie.

This method is following the Microsoft Identity platform authorization code flow, so as a result it is called twice. The first request is from the EMA website with an empty body (user initiated). The response will be a string indicating the authentication code request URL. The second request is a callback from Microsoft Identity platform with the response of the authentication code request. The response will be a Redirect with success or failure state in the query parameter.

This method will only grant an Access Token under the following conditions:

  1. EMA must be installed with Azure AD Authentication mode.
  2. The caller must have an EMA account with a username that maps to a User Principal Name in Azure AD.

This API is tightly coupled with EMA front-end web site and it requires specific setup to work.

Request Body schema:
application/json

The response from the authentication first step

Code
string
State
string

Responses

200

Successful request, containing redirection link to Azure

302

Redirect, containing in the Uri the success or failure state

500

Internal Server Error

post /api/latest/azureLogin
https://localhost/api/latest/azureLogin

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Code": "string",
  • "State": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

ClientCredentials

Gets a list of Client credentials objects

Roles required: Global Administrator, Tenant Administrator

  • If caller user is Global Administrator, this method will return all Client Credentials in all Tenants unless a specific tenantId is provided.
  • If caller user is Tenant Administrator, this method will return only Client Credentials for that Tenant.
query Parameters
tenantId
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

200

Successful request, content

400

Bad request

401

Unauthorized

500

Internal server error

get /api/latest/clientCredentials
https://localhost/api/latest/clientCredentials

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a set of client credentials for a Tenant. Multiple client credentials creation is allowed.

Roles required: Global Administrator, Tenant Administrator

Parameters description:

  • Client_secret
  • TenantId - Required if user is Global Administrator otherwise it is optional
  • Scope - Must be either EndpointManager or TenantManager
  • MaxFailedLoginAttempts - Min 5, Max 15, Default 10
  • TokenLifetimeHours - Min 1, Max 24, Default 1

Client Secret Requirements

--at least 12 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character
Request Body schema:
application/json
client_secret
required
string
tenantId
string <uuid>
scope
required
string
Enum: "endpointManager" "tenantManager"
maxFailedLoginAttempts
integer <int32> [ 5 .. 15 ]
tokenLifetimeHours
integer <int32> [ 1 .. 24 ]

Responses

200

Successful request, content

400

Bad request

401

Unauthorized

500

Internal server error

post /api/latest/clientCredentials
https://localhost/api/latest/clientCredentials

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "client_secret": "string",
  • "tenantId": "00000000-0000-0000-0000-000000000000",
  • "scope": "endpointManager",
  • "maxFailedLoginAttempts": 5,
  • "tokenLifetimeHours": 1
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "id": 0,
  • "userId": "00000000-0000-0000-0000-000000000000",
  • "name": "string",
  • "client_id": "00000000-0000-0000-0000-000000000000",
  • "client_secret": "string",
  • "tenantId": "00000000-0000-0000-0000-000000000000",
  • "scope": "string",
  • "maxFailedLoginAttempts": 0,
  • "tokenLifetimeHours": 0,
  • "enabled": true
}

Updates Client Credentials for a Tenant.

Roles required: Global Administrator, Tenant Administrator

  • Global Administrators can update any Client Credentials account.
  • Only Tenant Administrators that share the same Tenant Id with a Client Credentials account, can update it.

Parameters allowed to be updated:

  • Client_secret
  • TokenLifetimeHours - Min 1, Max 24, Default 1
  • Enabled status

Client Secret Requirements

--at least 12 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character
path Parameters
clientCredentialsId
required
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Request Body schema:
application/json
client_secret
string
tokenLifetimeHours
integer <int32> [ 1 .. 24 ]
enabled
boolean

Responses

200

Successful request, content

400

Bad request

401

Unauthorized

404

Not Found

500

Internal server error

put /api/latest/clientCredentials/{clientCredentialsId}
https://localhost/api/latest/clientCredentials/{clientCredentialsId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "client_secret": "string",
  • "tokenLifetimeHours": 1,
  • "enabled": true
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "id": 0,
  • "userId": "00000000-0000-0000-0000-000000000000",
  • "name": "string",
  • "client_id": "00000000-0000-0000-0000-000000000000",
  • "client_secret": "string",
  • "tenantId": "00000000-0000-0000-0000-000000000000",
  • "scope": "string",
  • "maxFailedLoginAttempts": 0,
  • "tokenLifetimeHours": 0,
  • "enabled": true
}

Deletes Client Credentials for a Tenant.

Roles required: Global Administrator, Tenant Administrator

  • Global Administrators can delete any Client Credentials account.
  • Only Tenant Administrators that share the same Tenant Id with a Client Credentials account, can delete it.
path Parameters
clientCredentialsId
required
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

204

Successful request, No content

400

Bad request

401

Unauthorized

404

Not found

500

Internal server error

delete /api/latest/clientCredentials/{clientCredentialsId}
https://localhost/api/latest/clientCredentials/{clientCredentialsId}

CRL

CRL Operations

Roles required: Global Administrator

Responses

200

Successful request, content returned

401

Unauthorized

403

Forbidden

500

Internal Server Error

get /api/latest/crl
https://localhost/api/latest/crl

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Adds entry to the CRL. i.e., revokes a certificate

Roles required: Global Administrator

For serial number open the certificate to see details in Windows and find the Serial number's hex value.

Following are the accepted revocation reason codes:

  1. Unspecified (0)
  2. keyCompromise (1)
  3. cACompromise (2)
  4. affiliationChanged (3)
  5. superseded (4)
  6. cessationOfOperation (5)
  7. certificateHold (6)
  8. removeFromCRL (8)
  9. privilegeWithdrawn (9)
  10. aACompromise (10)

If restartEmaComponent is set to true, it will immediately restart all the EMA servers and the IIS default app pool hosting the EMA Website.

query Parameters
restartEmaComponent
boolean

Indicates whether to restart EMA Service, as changes to its configuration are applied only when the services are restarted.

Request Body schema:
application/json

Json with CRLEntry.

serialNumber
required
string
reasonCode
required
integer <int32>

Responses

204

Successful request, no content returned

400

Bad request

401

Unauthorized

403

Forbidden

500

Internal Server Error

post /api/latest/crl/AddCrlEntry
https://localhost/api/latest/crl/AddCrlEntry

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "serialNumber": "string",
  • "reasonCode": 0
}

Resets the CRL to empty CRL.

Roles required: Global Administrator

If restartEmaComponent is set to true, it will immediately restart all the EMA servers and the IIS default app pool hosting the EMA Website.

query Parameters
restartEmaComponent
boolean

Indicates whether to restart EMA Service, as changes to its configuration are applied only when the services are restarted.

Responses

204

Successful request, no content returned

401

Unauthorized

403

Forbidden

500

Internal Server Error

post /api/latest/crl/ResetCRL
https://localhost/api/latest/crl/ResetCRL

EmaServerInfo

Get server information.

This call does not need authentication.

Responses

200

Successful request

500

Internal Server Error

get /api/emaServerInfo
https://localhost/api/emaServerInfo

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "LatestApiVersionNumber": 0,
  • "EmaVersion": "string",
  • "AuthMode": "string",
  • "EmaFrontEndStorageType": "string",
  • "ApiUrl": "string",
  • "SupportedApiVersions":
    [
    ]
}

EndpointGroups

Gets a collection of Endpoint Group summaries.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

Responses

200

Successful request, content returned

500

Internal Server Error

get /api/latest/endpointGroups
https://localhost/api/latest/endpointGroups

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a new Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

Password is needed when the endpoint group's policy needs to be modified. Currently, the modification of the policy is not supported yet.

Password requirements:

--between 8 characters and 255 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character

UserConsentKVM_Timeout requirements:

--timeout value must fall between 1 and 65
--timeout in seconds
--this value will be taken if the AllowUserConsentKVM web permission is enabled
Request Body schema:
application/json
Name
required
string
Description
required
string
Password
required
string .*(?=^.{8,255}$)(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[&"'(\-_)=~#{[|`\\^@\]}^$*¨£µ%,;:!?./§+]).*
UserConsentKVM_Timeout
integer <int32>

Define timeout in seconds to show user consent window for In-Band KVM connection before reject the operation

Permissions
required
object (EndpointGroupPermissions)

Responses

200

Successful request, content returned

400

Bad Request

409

Conflict

500

Internal Server Error

post /api/latest/endpointGroups
https://localhost/api/latest/endpointGroups

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Description": "string",
  • "Password": "string",
  • "UserConsentKVM_Timeout": 0,
  • "Permissions":
    {
    }
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Description": "string",
  • "EndpointGroupId": "string",
  • "TenantId": "string",
  • "LastUpdated": "2023-02-15T18:34:43Z",
  • "UserConsentKVM_Timeout": 0,
  • "Permissions":
    {
    }
}

Gets the details of a Endpoint Group by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
endpointGroupId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/endpointGroups/{endpointGroupId}
https://localhost/api/latest/endpointGroups/{endpointGroupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Description": "string",
  • "EndpointGroupId": "string",
  • "TenantId": "string",
  • "LastUpdated": "2023-02-15T18:34:43Z",
  • "UserConsentKVM_Timeout": 0,
  • "Permissions":
    {
    }
}

Updates an Endpoint Group.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

The only property that can be updated is Description.

path Parameters
endpointGroupId
required
string
Request Body schema:
application/json
Description
required
string
EndpointGroupId
required
string

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

409

Conflict

500

Internal Server Error

put /api/latest/endpointGroups/{endpointGroupId}
https://localhost/api/latest/endpointGroups/{endpointGroupId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Description": "string",
  • "EndpointGroupId": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Description": "string",
  • "EndpointGroupId": "string",
  • "TenantId": "string",
  • "LastUpdated": "2023-02-15T18:34:43Z",
  • "UserConsentKVM_Timeout": 0,
  • "Permissions":
    {
    }
}

Deletes an Endpoint Group.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

path Parameters
endpointGroupId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

204

Successful request, no content

400

Bad Request

403

Forbidden

404

Not found

500

Internal server error

delete /api/latest/endpointGroups/{endpointGroupId}
https://localhost/api/latest/endpointGroups/{endpointGroupId}

Gets the .msh file associated with an Endpoint Group.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
endpointGroupId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

get /api/latest/endpointGroups/{endpointGroupId}/getMshFile
https://localhost/api/latest/endpointGroups/{endpointGroupId}/getMshFile

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Gets the highest access right for a User to an Endpoint Group.

Roles required: Tenant Administrator, Endpoint Group Creator, Endpoint Group User

The access rights that a User has to an Endpoint Group are obtained by way of membership in User Group(s) assigned to that Endpoint Group.

path Parameters
endpointGroupId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request

400

Bad Request

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/endpointGroups/{endpointGroupId}/getUserAccessRights
https://localhost/api/latest/endpointGroups/{endpointGroupId}/getUserAccessRights

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AccessRightsId": 0,
  • "AccessRights": "string"
}

EndpointIBOperations

Submits batch request to reboot Endpoints inband

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

The action must be allowed by the Endpoint's Endpoint Group.

With an HTTP 200, the response list will contain only those EndpointIds for which a request was put on the message bus. EndpointIds for which a request was not put on the message bus for one reason or another will not appear in the response list.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointIBOperations/reboot
https://localhost/api/latest/endpointIBOperations/reboot

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits batch request to sleep Endpoints inband

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

The action must be allowed by the Endpoint's Endpoint Group.

With an HTTP 200, the response list will contain only those EndpointIds for which a request was put on the message bus. EndpointIds for which a request was not put on the message bus for one reason or another will not appear in the response list.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointIBOperations/sleep
https://localhost/api/latest/endpointIBOperations/sleep

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits batch request to hibernate Endpoints inband

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

The action must be allowed by the Endpoint's Endpoint Group.

With an HTTP 200, the response list will contain only those EndpointIds for which a request was put on the message bus. EndpointIds for which a request was not put on the message bus for one reason or another will not appear in the response list.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointIBOperations/hibernate
https://localhost/api/latest/endpointIBOperations/hibernate

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits batch request to shutdown Endpoints inband

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

The action must be allowed by the Endpoint's Endpoint Group.

With an HTTP 200, the response list will contain only those EndpointIds for which a request was put on the message bus. EndpointIds for which a request was not put on the message bus for one reason or another will not appear in the response list.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointIBOperations/shutdown
https://localhost/api/latest/endpointIBOperations/shutdown

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits batch request to alert Endpoints inband

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

The action must be allowed by the Endpoint's Endpoint Group.

With an HTTP 200, the response list will contain only those EndpointIds for which a request was put on the message bus. EndpointIds for which a request was not put on the message bus for one reason or another will not appear in the response list.

On receiving an alert, an Endpoint's desktop will popup a MessageBox that closes after a specified duration.

Request Body schema:
application/json

An object containing a list of Endpoints to which an alert will popup with indicated message and for a specified duration.
•Message: Allowed characters: space, enter, 0-9, a-z, A-Z. Maximum length: 510.
•Duration(seconds): A number between 0 and 300, with 0 for indefinite.

EndpointIds
required
Array of objects (EndpointIdDTO)
Message
required
string ^[ \r\n\dA-Za-z0-9]+$
Duration
integer <int32> [ 0 .. 300 ]

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointIBOperations/alert
https://localhost/api/latest/endpointIBOperations/alert

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointIds":
    [
    ],
  • "Message": "string",
  • "Duration": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

EndpointOOBOperations

Submits a batch request to perform an out of band PowerOn operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. It will send also a Wake on LAN (WOL) request to all listed endpoints, but only Intel(R) vPro(TM) endpoints are officially supported. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerOn
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerOn

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Sleep light operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/Sleep/Light
https://localhost/api/latest/endpointOOBOperations/Multiple/Sleep/Light

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Sleep Deep operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/Sleep/Deep
https://localhost/api/latest/endpointOOBOperations/Multiple/Sleep/Deep

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Cycle (Off soft) operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed t o execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerCycle/OffSoft
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerCycle/OffSoft

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power off - Hard operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerOff/Hard
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerOff/Hard

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Hibernate operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/Hibernate
https://localhost/api/latest/endpointOOBOperations/Multiple/Hibernate

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Off-Soft operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerOff/Soft
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerOff/Soft

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Cycle (Off hard) operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerCycle/OffHard
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerCycle/OffHard

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Master Bus Reset operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/MasterBusReset
https://localhost/api/latest/endpointOOBOperations/Multiple/MasterBusReset

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Off - Soft Graceful operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerOff/SoftGraceful
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerOff/SoftGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Off - Hard Graceful operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerOff/HardGraceful
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerOff/HardGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Master Bus Reset Graceful operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/MasterBusReset/Graceful
https://localhost/api/latest/endpointOOBOperations/Multiple/MasterBusReset/Graceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Cycle (Off - Soft Graceful) operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerCycle/OffSoftGraceful
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerCycle/OffSoftGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a batch request to perform an out of band Power Cycle (Off - Hard Graceful) operation on multiple endpoints

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

With an HTTP 200, the response list will contain those EndpointIds for which a request was put on the message bus in Accepted list. EndpointIds for which a request was not put on the message bus will appear in the Forbidden, NotFound, BadRequest or InternalServerError list, depending on the case.

Request Body schema:
application/json

List of EndpointId objects

Array
EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

500

Internal Server Error

post /api/latest/endpointOOBOperations/Multiple/PowerCycle/OffHardGraceful
https://localhost/api/latest/endpointOOBOperations/Multiple/PowerCycle/OffHardGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Accepted":
    [
    ],
  • "Forbidden":
    [
    ],
  • "NotFound":
    [
    ],
  • "BadRequest":
    [
    ],
  • "InternalServerError":
    [
    ]
}

Submits a request to perform an out of band PowerOn operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerOn
https://localhost/api/latest/endpointOOBOperations/Single/PowerOn

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Sleep Light operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/Sleep/Light
https://localhost/api/latest/endpointOOBOperations/Single/Sleep/Light

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Sleep Deep operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/Sleep/Deep
https://localhost/api/latest/endpointOOBOperations/Single/Sleep/Deep

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Cycle (Off Soft) operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/OffSoft
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/OffSoft

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Off - Hard operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerOff/Hard
https://localhost/api/latest/endpointOOBOperations/Single/PowerOff/Hard

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Hibernate operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/Hibernate
https://localhost/api/latest/endpointOOBOperations/Single/Hibernate

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Off - Soft operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerOff/Soft
https://localhost/api/latest/endpointOOBOperations/Single/PowerOff/Soft

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Cycle (Off Hard) operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/OffHard
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/OffHard

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Master Bus Reset operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/MasterBusReset
https://localhost/api/latest/endpointOOBOperations/Single/MasterBusReset

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Off - Soft Graceful operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerOff/SoftGraceful
https://localhost/api/latest/endpointOOBOperations/Single/PowerOff/SoftGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Off - Hard Graceful operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerOff/HardGraceful
https://localhost/api/latest/endpointOOBOperations/Single/PowerOff/HardGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Master Bus Reset Graceful operations

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/MasterBusReset/Graceful
https://localhost/api/latest/endpointOOBOperations/Single/MasterBusReset/Graceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Cycle (Off - Soft Graceful) operations

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/OffSoftGraceful
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/OffSoftGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band Power Cycle (Off - Hard Graceful) operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/OffHardGraceful
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/OffHardGraceful

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band boot to USB-R CD/DVD (*.iso)

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

If no boot-able CD/DVD image is mounted, this power command will boot based on the endpoint's boot order set in BIOS.

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/BootToUsbrIso
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/BootToUsbrIso

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band boot to USB-R floppy (*.img)

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

If no boot-able floppy image is mounted, this power command will boot based on the endpoint's boot order set in BIOS.

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/BootToUsbrImg
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/BootToUsbrImg

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Submits a request to perform an out of band boot to Bios operation

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Request Body schema:
application/json

EndpointId object

EndpointId
required
string 64 characters

Responses

200

Successful request, content returned

400

Invalid ModelState

403

User not allowed to execute operation

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PowerCycle/BootToBios
https://localhost/api/latest/endpointOOBOperations/Single/PowerCycle/BootToBios

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"string"

Endpoints

Gets the details of an Endpoint by ID

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/endpoints/{endpointId}
https://localhost/api/latest/endpoints/{endpointId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "EndpointGroupId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "EndpointGroupName": "string",
  • "LastUpdate": "2023-02-15T18:34:43Z",
  • "ComputerName": "string",
  • "PlatformType": 0,
  • "AgentVersion": "string",
  • "AgentType": "string",
  • "PowerState": 0,
  • "PowerStateUpdate": "2023-02-15T18:34:43Z",
  • "IsConnected": true,
  • "IsCiraConnected": true,
  • "NodeIdentity": 0,
  • "OperatingSystem": "string",
  • "NeighborsCount": 0,
  • "AgentLocalAdminMode": "unknown",
  • "NetworkInterfaces":
    [
    ],
  • "MEInfo":
    {
    }
}

Deletes an Endpoint by ID

Roles required: Tenant Administrator, Client Credentials Tenant Manager, User in a User Group with Delete privileges associated to target Endpoint Group

Note: This will stop any active USB-R session to this endpoint

path Parameters
endpointId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

204

Successful request, no content

400

Bad Request

403

Forbidden

404

Not found

500

Internal server error

delete /api/latest/endpoints/{endpointId}
https://localhost/api/latest/endpoints/{endpointId}

Gets the Hardware information of an Endpoint using Id and AMT connection

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

The Return code Not Found means endpoint doesn't exist or hardware information for it is not found as the endpoint doesn't support AMT requests

path Parameters
endpointId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

409

Conflict

500

Internal server error

get /api/latest/endpoints/{endpointId}/HardwareInfoFromAmt
https://localhost/api/latest/endpoints/{endpointId}/HardwareInfoFromAmt

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtPlatformInfo":
    {
    },
  • "AmtBaseBoardInfo":
    {
    },
  • "AmtBiosInfo":
    {
    },
  • "AmtProcessorInfo":
    [
    ],
  • "AmtMemoryModuleInfo":
    [
    ],
  • "AmtStorageMediaInfo":
    [
    ]
}

Get a collection of Endpoint summaries, filterable by EndpointGroupId or HostName.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

If endpointGroupId is not specified or empty, get a collection of Endpoint summaries for all endpoint groups that this user has access to.

query Parameters
endpointGroupId
string

Endpoint Group ID

computerName
string

String as input which need to pass Computer/Host Name need to search

computerNameStartsWith
string

String as input search whose Computer/Host Name stars with given input

computerNameContains
string

String as input search whose Computer/Host Name contains given input

Responses

200

Successful request, content returned

400

Bad Request

404

Not found

500

Internal server error

get /api/latest/endpoints
https://localhost/api/latest/endpoints

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Get the supported platform capabilities of an endpoint by Id

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

The Return code Not Found means endpoint doesn't exist or hardware information for it is not found as the endpoint doesn't support AMT requests

path Parameters
endpointId
required
string

Hex string with 64 characters and without the 0x prefix

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

409

Conflict

500

Internal server error

get /api/latest/endpoints/{endpointId}/PlatformCapabilities
https://localhost/api/latest/endpoints/{endpointId}/PlatformCapabilities

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AmtBootCapabilities":
    {
    },
  • "AmtManagementInterfaces":
    {
    }
}

FileUploads

Gets the constraints for performing a file upload based on file type.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

fileType is a required query string parameter. Filetypes supported: usbr

query Parameters
fileType
string

Type of file to be uploaded

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

500

Internal Server Error

get /api/latest/fileUploads/settings
https://localhost/api/latest/fileUploads/settings

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "MaxBytesPerUploadRequest": 0,
  • "MaxStorageCapacityInBytes": 0,
  • "RemainingStorageCapacityInBytes": 0,
  • "ResumableUploadValidityPeriodInDays": 0
}

Uploads a file using a single request.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

This upload method is ideal for a file with a size that is within the threshold of MaxBytesPerUploadRequest, which can be obtained with GET /api/{version}/fileUploads/settings

fileType is a required query string parameter. Filetypes supported: usbr

Use multipart/form-data to attach one file with filename of up to 128 chars and with the optional field:
Description: string (256 max chars)

query Parameters
fileType
string

FileTypes name

Responses

201

Created, URI of new resource returned

400

Bad request

401

Unauthorized

403

Forbidden

409

Filename not unique

415

Unsupported media type

500

Internal Server Error

post /api/latest/fileUploads/singleRequests
https://localhost/api/latest/fileUploads/singleRequests

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ResourceUri": "string"
}

Gets the collection of resumable upload statuses.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

fileType is a required query string parameter. Filetypes supported: usbr

query Parameters
fileType
string

FileTypes name

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

403

Forbidden

500

Internal Server Error

get /api/latest/fileUploads/resumables
https://localhost/api/latest/fileUploads/resumables

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Starts a resumable upload with the first chunk of a file.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

This upload method is ideal for a file with a size that is within the threshold of MaxBytesPerUploadRequest, which can be obtained with GET /api/{version}/fileUploads/settings

fileType is a required query string parameter. Filetypes supported: usbr

Use multipart/form-data to attach one file chunk with the following required fields:
fileName: string (128 max chars)
fileSize: int (total bytes of a completed file)
The following field is optional:
description: string (256 max chars)

After uploading the first chunk, use PUT to upload each subsequent chunk, which will be appended in order to the file until it is complete. The resumable upload needs to be completed before the session expires.

query Parameters
fileType
string

FileTypes name

Responses

201

Created, URI of new resource returned

202

Accepted, chunk appended, resumable status returned

400

Bad request

401

Unauthorized

403

Forbidden

409

Filename not unique

415

Unsupported media type

500

Internal Server Error

post /api/latest/fileUploads/resumables
https://localhost/api/latest/fileUploads/resumables

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ResumableId": "00000000-0000-0000-0000-000000000000",
  • "FileName": "string",
  • "FileType": "string",
  • "UploadedBytes": 0,
  • "FileSize": 0,
  • "Description": "string",
  • "Expiration": "2023-02-15T18:34:43Z",
  • "ResourceUri": "string"
}

Gets the status of a resumable upload by Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

path Parameters
resumableId
required
string

Guid format: 00000000-0000-0000-0000-000000000000

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/fileUploads/resumables/{resumableId}
https://localhost/api/latest/fileUploads/resumables/{resumableId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ResumableId": "00000000-0000-0000-0000-000000000000",
  • "FileName": "string",
  • "FileType": "string",
  • "UploadedBytes": 0,
  • "FileSize": 0,
  • "Description": "string",
  • "Expiration": "2023-02-15T18:34:43Z",
  • "ResourceUri": "string"
}

Uploads a subsequent chunk of a resumable upload.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

Use multipart/form-data to attach one file chunk.
Each subsequent chunk will be appended to the file in order until it is complete. The resumable upload needs to be completed before the session expires. When a file is completed, the resumable upload session will be removed.

path Parameters
resumableId
required
string

Responses

201

Created, URI of new resource returned

202

Accepted, chunk appended, resumable status returned

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

415

Unsupported media type

500

Internal Server Error

put /api/latest/fileUploads/resumables/{resumableId}
https://localhost/api/latest/fileUploads/resumables/{resumableId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ResumableId": "00000000-0000-0000-0000-000000000000",
  • "FileName": "string",
  • "FileType": "string",
  • "UploadedBytes": 0,
  • "FileSize": 0,
  • "Description": "string",
  • "Expiration": "2023-02-15T18:34:43Z",
  • "ResourceUri": "string"
}

Cancels a resumable upload by Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

path Parameters
resumableId
required
string

Guid format: 00000000-0000-0000-0000-000000000000

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal Server Error

delete /api/latest/fileUploads/resumables/{resumableId}
https://localhost/api/latest/fileUploads/resumables/{resumableId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

OneClickRecovery

Submits a request to get status associated with One Click Recovery.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

The status returned will be only at the time the call is made. It is recommended to poll this API in a loop as needed to get regular status updates Returns BiosBootStatus object that contains BiosStatus and its value, BiosErrorStatus and its value.

path Parameters
endpointId
required
string

EndpointId object

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/OCR/{endpointId}/status
https://localhost/api/latest/endpointOOBOperations/Single/OCR/{endpointId}/status

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Submits a request to get OCR Boot Options of an endpoint.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Returns the list of OCR Boot options (WinRE/PBA/HTTPS) for the Endpoint

path Parameters
endpointId
required
string

EndpointId object

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/OCR/{endpointId}/BootOptions
https://localhost/api/latest/endpointOOBOperations/Single/OCR/{endpointId}/BootOptions

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

This operation will attempt to boot the endpoint to the specified recovery image. If the operation is successful the Intel EMA agent on the endpoint may no longer be reachable, depending on the recovery scenario. If it was provisioned with CIRA mode, the endpoint will still be provisioned and OOB operations via CIRA connection will still be possible. Will return the result of the command being sent. You will get a success or the corresponding error. The Status API can be used to get the actual status of the operation.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string
Request Body schema:
application/json

BootOption (256 max length): Represents an OCR boot option. A value that ends with .iso will first be considered an HTTPS boot.

Description: Not used.

BootOption
required
string
Description
string

Responses

204

Successful request, no content returned

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error; Recovery Server disabled when making https boot request

post /api/latest/endpointOOBOperations/Single/OCR/{endpointId}/start
https://localhost/api/latest/endpointOOBOperations/Single/OCR/{endpointId}/start

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "BootOption": "string",
  • "Description": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Submits a request to clear settings associated with One click recovery.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

EndpointId object

Responses

204

Successful, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/OCR/{endpointId}/clear
https://localhost/api/latest/endpointOOBOperations/Single/OCR/{endpointId}/clear

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

PlatformErase

Submits a request to get status associated with Remote Platform Erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

The status returned will be only at the time the call is made. It is recommended to poll this API in a loop as needed to get regular status updates

Returns BiosBootStatus object that contains BiosStatus and its value, BiosErrorStatus and its value.

path Parameters
endpointId
required
string

EndpointId object

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/status
https://localhost/api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/status

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "BiosStatus": "success",
  • "BiosStatusMessage": "string",
  • "BiosErrorStatus": "successOrInProgress",
  • "BiosErrorStatusMessage": "string"
}

Submits a request to clear settings associated with Remote Platform Erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

EndpointId object

Responses

204

Successful, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/clear
https://localhost/api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/clear

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"success"

Submits a request to start Remote Platform Erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

The SssdMaster Password is required if SsdErase is true and must be between 1 and 64 characters in length. The PyritePSID is required if PyriteRevert is true and must be between 1 and 64 characters in length.

This operation will attempt to securely erase the endpoint’s whole platform. If the operation is successful the Intel EMA agent on the endpoint will no longer be reachable. If it was provisioned with CIRA mode, the endpoint will still be provisioned and OOB operations via CIRA connection will still be possible.

This operation will return the result of the command being sent. You will get a success or the corresponding error. The Status API can be used to get the actual status of the operation.

Use this operation on endpoints in either the shutdown or power-on state. Do not use this operation on endpoints that are in hibernate or sleep state. The Endpoint API can be used to get the endpoint’s current power state, and the EndpointOOBOperations API can be used to set the endpoint’s power state.

path Parameters
endpointId
required
string

EndpointId object

Request Body schema:
application/json

Platform erase object used to be created

PyriteRevert
required
boolean
PyritePsid
string
SsdErase
required
boolean
SsdMasterPassword
string
TpmClear
required
boolean
OemCustom
required
boolean
ClearBiosNvmVars
required
boolean
BiosReloadConfig
required
boolean

Responses

204

Successful Request, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/start
https://localhost/api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/start

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "PyriteRevert": true,
  • "PyritePsid": "string",
  • "SsdErase": true,
  • "SsdMasterPassword": "string",
  • "TpmClear": true,
  • "OemCustom": true,
  • "ClearBiosNvmVars": true,
  • "BiosReloadConfig": true
}

Submits a request to unconfigure CSME.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Perform this action after performing RemotePlatformErase start.

This operation will attempt to unprovision the endpoint. If the operation is successful subsequent OOB operations will not be possible.

Use this operation on endpoints in either the shutdown or power-on state. Do not use this operation on endpoints that are in hibernate or sleep state. The Endpoint API can be used to get the endpoint’s current power state, and the EndpointOOBOperations API can be used to set the endpoint’s power state.

path Parameters
endpointId
required
string

EndpointId object

Responses

204

Successful Request, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/unconfigure
https://localhost/api/latest/endpointOOBOperations/Single/PlatformErase/{endpointId}/unconfigure

Roles

Gets a collection of Roles.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

Responses

200

Successful request, content returned

500

Internal Server Error

get /api/latest/roles
https://localhost/api/latest/roles

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Gets the details of a Role by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

path Parameters
roleId
required
integer <int32>

Role ID

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/roles/{roleId}
https://localhost/api/latest/roles/{roleId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "RoleId": 0,
  • "Name": "string",
  • "Description": "string",
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000"
}

SecureErase

Submits a request to get status associated with Remote Secure Erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

The status returned will be only at the time the call is made. It is recommended to poll this API in a loop as needed to get regular status updates

Returns BiosBootStatus object that contains BiosStatus and its value, BiosErrorStatus and its value.

path Parameters
endpointId
required
string

EndpointId object

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/status
https://localhost/api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/status

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "BiosStatus": "success",
  • "BiosStatusMessage": "string",
  • "BiosErrorStatus": "successOrInProgress",
  • "BiosErrorStatusMessage": "string"
}

Submits a request to start remote secure erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

The drive master password must be between 1 and 32 characters in length.

This operation will attempt to securely erase the endpoint’s whole drive. If the operation is successful the Intel EMA agent on the endpoint will no longer be operable. If it was provisioned with CIRA mode, the endpoint will still be provisioned and OOB operations via CIRA connection will still be possible.

Use this operation on endpoints in either the shutdown or power-on state. Do not use this operation on endpoints that are in hibernate or sleep state. The Endpoint API can be used to get the endpoint’s current power state, and the EndpointOOBOperations API can be used to set the endpoint’s power state.

path Parameters
endpointId
required
string

EndpointId object

Request Body schema:
application/json

Object that encapsulates the drive master password

Password
required
string

Responses

204

Successful Request, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/start
https://localhost/api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/start

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Password": "string"
}

Submits a request to clear settings associated with Remote Secure Erase.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

EndpointId object

Responses

204

Successful, no content

400

Bad Request

401

Unauthorized

403

User not allowed to execute operation

404

Not Found

409

Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/clear
https://localhost/api/latest/endpointOOBOperations/Single/SecureErase/{endpointId}/clear

Response samples

Content type
application/json
Copy
 Expand all Collapse all
"success"

ServerCertificates

Gets a collection of server certificates.

Roles required: Global Administrator

Responses

200

Successful request, content returned

401

Unauthorized

403

Forbidden

500

Internal server error

get /api/latest/serverCertificates
https://localhost/api/latest/serverCertificates

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Gets a server certificate by name

Roles required: Global Administrator

path Parameters
certificateName
required
string

The certificate name used in Intel(R) EMA database. This is not the subject name or the common name.

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/serverCertificates/{certificateName}
https://localhost/api/latest/serverCertificates/{certificateName}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "CommonName": "string",
  • "NotBefore": "2023-02-15T18:34:44Z",
  • "NotAfter": "2023-02-15T18:34:44Z",
  • "HasPrivateKey": true,
  • "Thumbprint": "string",
  • "Pem": "string",
  • "LastModified": "2023-02-15T18:34:44Z"
}

Gets the .CER file of an server certificate by name

Roles required: Global Administrator

The filename of the .CER file will will be specified in the "filename" parameter of the "Content-Disposition" header.

path Parameters
certificateName
required
string

The certificate name used in Intel(R) EMA database. This is not the subject name or the common name.

Responses

200

Successful request, attachment returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/serverCertificates/{certificateName}/getFile
https://localhost/api/latest/serverCertificates/{certificateName}/getFile

Gets the .PFX file of a server certificate by name

Roles required: Global Administrator

The filename of the .PFX file will be specified in the "filename" parameter of the "Content-Disposition" header. The output PFX file includes the certificate and the private key of the requested certificate only and does not include the full certificate chain. Use the ServerCertificates/{certificateName}/getFile API to get the “MeshRootCert” and build the chain locally.

This API requires the Intel(R) EMA to be installed on Windows Server 2019 or later.

path Parameters
certificateName
required
string

The certificate name used in Intel(R) EMA database. This is not the subject name or the common name.

Request Body schema:
application/json

The password is used for securing the Pfx file.

Password
string .*(?=^.{8,255}$)(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[&"'(\-_)=~#{[|`\\^@\]}^$*¨£µ%,;:!?./§+]).*

Responses

200

Successful request, attachment returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

post /api/latest/serverCertificates/{certificateName}/getPFX
https://localhost/api/latest/serverCertificates/{certificateName}/getPFX

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Password": "string"
}

ServerSettings

Gets the settings of the Ajax server.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/ajaxServer
https://localhost/api/latest/serverSettings/ajaxServer

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Sets the settings of the Ajax server.

Roles required: Global Administrator

Restart service indicates whether to restart the Ajax Server or not, as changes to its configuration are applied only when the service is restarted.

query Parameters
restartEmaService
boolean

Indicates whether to restart the Ajax service or not.

Request Body schema:
application/json

Json with updated server settings.

ajaxCookieAutoRefreshRange
required
integer <int32> [ 1 .. 60 ]
ajaxCookieIdleTimeout
required
integer <int32> [ 1 .. 720 ]
httpheader_Access-Control-Allow-Headers
required
string [ 0 .. 1024 ] characters
logfilepath
required
string
maxdbconnections
required
integer <int32> [ 4 .. 10000 ]
swarmserver
required
Array of objects (LoadBalanceSetting)
userAccessFailedMaxCount
required
integer <int32> [ 1 .. 50 ]
expiresessions
required
boolean
serverIps
required
Array of strings
messagePort
required
integer <int32> [ 0 .. 65535 ]

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/ajaxServer
https://localhost/api/latest/serverSettings/ajaxServer

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ajaxCookieAutoRefreshRange": 1,
  • "ajaxCookieIdleTimeout": 1,
  • "httpheader_Access-Control-Allow-Headers": "string",
  • "logfilepath": "string",
  • "maxdbconnections": 4,
  • "swarmserver":
    [
    ],
  • "userAccessFailedMaxCount": 1,
  • "expiresessions": true,
  • "serverIps":
    [
    ],
  • "messagePort": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Gets the settings of the Manageability server.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/manageabilityServer
https://localhost/api/latest/serverSettings/manageabilityServer

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Sets the settings of the Manageability server.

Roles required: Global Administrator

Restart service indicates whether to restart the Manageability Server or not, as changes to its configuration are applied only when the service is restarted.

query Parameters
restartEmaService
boolean

Indicates whether to restart the Manageability service or not.

Request Body schema:
application/json

Json with updated server settings.

ciraserver_ip
string
ciraserver_host
required
string
ciraserver_port
required
integer <int32> [ 0 .. 65535 ]
logfilepath
required
string
maxdbconnections
required
integer <int32> [ 4 .. 10000 ]
swarmserver
required
Array of objects (LoadBalanceSetting)
serverIps
required
Array of strings
messagePort
required
integer <int32> [ 0 .. 65535 ]
usbrImagesRootDirectory
required
string
maxUsbrImageStorageCapacityPerTenantInGigabytes
required
integer <int32> [ 0 .. 50 ]
maxUsbrImageStorageCapacityPerEmaInstanceInGigabytes
required
integer <int32> [ 0 .. 500 ]
maxUsbrSlotCountPerTenant
required
integer <int32> [ 0 .. 20 ]
maxUsbrIdleTimeInMinutes
required
integer <int32> [ 1 .. 3600 ]
usbrRedirectionManagerLoopIntervalInSeconds
required
integer <int32> [ 1 .. 120 ]
usbrRedirectionThrottlingRateInMilliseconds
required
integer <int32> [ 0 .. 1000 ]
fileUploadRetentionPeriodInDays
required
integer <int32> [ 1 .. 365 ]
fileUploadCleanupIntervalInHours
required
integer <int32> [ 4 .. 24 ]
AuditLogRetentionPeriodInDays
required
integer <int32> [ 1 .. 365 ]
AuditLogCleanupIntervalInHours
required
integer <int32> [ 1 .. 24 ]
Is8021XCertificateRenewalEnabled
required
boolean
Ieee8021XCertificateRenewalWindowDays
required
integer <int32> [ 1 .. 90 ]

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/manageabilityServer
https://localhost/api/latest/serverSettings/manageabilityServer

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "ciraserver_ip": "string",
  • "ciraserver_host": "string",
  • "ciraserver_port": 0,
  • "logfilepath": "string",
  • "maxdbconnections": 4,
  • "swarmserver":
    [
    ],
  • "serverIps":
    [
    ],
  • "messagePort": 0,
  • "usbrImagesRootDirectory": "string",
  • "maxUsbrImageStorageCapacityPerTenantInGigabytes": 0,
  • "maxUsbrImageStorageCapacityPerEmaInstanceInGigabytes": 0,
  • "maxUsbrSlotCountPerTenant": 0,
  • "maxUsbrIdleTimeInMinutes": 1,
  • "usbrRedirectionManagerLoopIntervalInSeconds": 1,
  • "usbrRedirectionThrottlingRateInMilliseconds": 0,
  • "fileUploadRetentionPeriodInDays": 1,
  • "fileUploadCleanupIntervalInHours": 4,
  • "AuditLogRetentionPeriodInDays": 1,
  • "AuditLogCleanupIntervalInHours": 1,
  • "Is8021XCertificateRenewalEnabled": true,
  • "Ieee8021XCertificateRenewalWindowDays": 1
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Gets the settings of the Swarm server.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/swarmServer
https://localhost/api/latest/serverSettings/swarmServer

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Sets the settings of the Swarm server.

Roles required: Global Administrator

Restart service indicates whether to restart the Swarm Server or not, as changes to its configuration are applied only when the service is restarted.

query Parameters
restartEmaService
boolean

Indicates whether to restart the Swarm service or not.

Request Body schema:
application/json

Json with updated server settings.

adminport
required
integer <int32> [ 0 .. 65535 ]
adminportlocal
required
integer <int32> [ 0 .. 1 ]
logfilepath
required
string
enableCIRAPowerPolling
required
boolean
maxdbconnections
required
integer <int32> [ 4 .. 10000 ]
swarmserver
required
Array of objects (LoadBalanceSetting)
serverIps
required
Array of strings
messagePort
required
integer <int32> [ 0 .. 65535 ]
tcpConnRetrySeconds
required
integer <int32> [ 5 .. 86400 ]
tcpConnIdleSeconds
required
integer <int32> [ 5 .. 7200 ]
agentUpdateIntervalSeconds
required
integer <int32> [ 10 .. 120 ]
enableAgentAutoUpdate
required
boolean
dbSetLockTimeoutSeconds
required
integer <int32> [ 1 .. 60 ]
dbConnectionWaitTimeMinutes
required
integer <int32> [ 1 .. 10 ]
dbRetryHoldtimeMilliSeconds
required
integer <int32> [ 100 .. 60000 ]
dbRetryMaxAttempts
required
integer <int32> [ 3 .. 100 ]

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/swarmServer
https://localhost/api/latest/serverSettings/swarmServer

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "adminport": 0,
  • "adminportlocal": 0,
  • "logfilepath": "string",
  • "enableCIRAPowerPolling": true,
  • "maxdbconnections": 4,
  • "swarmserver":
    [
    ],
  • "serverIps":
    [
    ],
  • "messagePort": 0,
  • "tcpConnRetrySeconds": 5,
  • "tcpConnIdleSeconds": 5,
  • "agentUpdateIntervalSeconds": 10,
  • "enableAgentAutoUpdate": true,
  • "dbSetLockTimeoutSeconds": 1,
  • "dbConnectionWaitTimeMinutes": 1,
  • "dbRetryHoldtimeMilliSeconds": 100,
  • "dbRetryMaxAttempts": 3
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Gets the settings of the Web server.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/webServer
https://localhost/api/latest/serverSettings/webServer

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Sets the settings of the Web server.

Roles required: Global Administrator

If Azure Active Directory authentication is not used, AzureAdTenantId, AzureAdClientId, and AzureAdClientSecretValue can be omitted in the input data.

Sync web settings indicates whether to synchronize the EMA Website app settings, in the Web server, with the Web server settings from the EMADatabase, or not.

query Parameters
syncWebSettings
boolean

True or false value.

Request Body schema:
application/json

Json with updated server settings.

AccessTokenTimeToLive
required
integer <int32> [ 60 .. 43200 ]
AjaxServerHost
required
string
AllowedDomains
required
string [ 0 .. 1024 ] characters
EnableAllowedDomains
required
integer <int32> [ 0 .. 1 ]
logfilepath
required
string
SwarmServerHost
required
string
SwarmServerPort
required
integer <int32> [ 0 .. 65535 ]
GlobalCatalogPort
required
integer <int32> [ 0 .. 65535 ]
LdapConnectionPort
required
integer <int32> [ 0 .. 65535 ]
MaxAccesstokenTTL
required
integer <int32> [ 1 .. 168 ]
frontendstoragetype
required
string
maxdbconnections
required
integer <int32> [ 4 .. 10000 ]
AzureAdTenantId
string
AzureAdClientId
string
AzureAdClientSecretValue
string

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/webServer
https://localhost/api/latest/serverSettings/webServer

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "AccessTokenTimeToLive": 60,
  • "AjaxServerHost": "string",
  • "AllowedDomains": "string",
  • "EnableAllowedDomains": 0,
  • "logfilepath": "string",
  • "SwarmServerHost": "string",
  • "SwarmServerPort": 0,
  • "GlobalCatalogPort": 0,
  • "LdapConnectionPort": 0,
  • "MaxAccesstokenTTL": 1,
  • "frontendstoragetype": "string",
  • "maxdbconnections": 4,
  • "AzureAdTenantId": "string",
  • "AzureAdClientId": "string",
  • "AzureAdClientSecretValue": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Gets the settings of the Recovery server.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/recoveryServer
https://localhost/api/latest/serverSettings/recoveryServer

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Sets the settings of the Recovery server.

Roles required: Global Administrator

Restart service indicates whether to restart the Recovery Server or not, as changes to its configuration are applied only when the service is restarted.

query Parameters
restartEmaService
boolean

Indicates whether to restart the Recovery service or not.

Request Body schema:
application/json

Json with updated server settings.

RecoveryPort
required
integer <int32> [ 0 .. 65535 ]
RecoveryPortEnabled
required
boolean
logfilepath
required
string
maxdbconnections
required
integer <int32> [ 4 .. 10000 ]
serverIps
required
Array of strings
messagePort
required
integer <int32> [ 0 .. 65535 ]

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/recoveryServer
https://localhost/api/latest/serverSettings/recoveryServer

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "RecoveryPort": 0,
  • "RecoveryPortEnabled": true,
  • "logfilepath": "string",
  • "maxdbconnections": 4,
  • "serverIps":
    [
    ],
  • "messagePort": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "Name": "string",
  • "Data":
    {
    },
  • "ModifiedOn": "2023-02-15T18:34:44Z"
}

Gets the security settings.

Roles required: Global Administrator

Responses

200

Successful request, content returned

403

Forbidden

404

Not Found

500

Internal server error

get /api/latest/serverSettings/securitySettings
https://localhost/api/latest/serverSettings/securitySettings

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "enableRateLimiter": true,
  • "enableConnectionCountChecker": true,
  • "enableUnauthTcpConnectionIdleTimeout": true,
  • "rateLimiterWinSizeInMilliSeconds": 100,
  • "unauthTcpConnectionIdleTimeoutInMilliSeconds": 100,
  • "ajaxHttpRateLimiterMaxCount": 1,
  • "recoveryHttpRateLimiterMaxCount": 1,
  • "blastMessageBeforeAuthRateLimiterMaxCount": 4,
  • "blastMessageAfterAuthRateLimiterMaxCount": 4,
  • "adminPortBeforeAuthRateLimiterMaxCount": 1,
  • "adminPortAfterAuthRateLimiterMaxCount": 10,
  • "agentPortBeforeAuthRateLimiterMaxCount": 1,
  • "agentPortAfterAuthRateLimiterMaxCount": 100,
  • "blastMessageConnCountChecker": 4,
  • "swarmAdminPortConnCountChecker": 1,
  • "swarmAgentPortConnCountChecker": 2,
  • "userPasswordMinLength": 8,
  • "userPasswordMaxLength": 64,
  • "clientCredentialsMinLength": 12,
  • "clientCredentialsMaxLength": 64,
  • "passwordComplexityRequired": true,
  • "passwordDisallowedListChecking": true,
  • "PlatformManagerBeforeAuthRateLimiter": 0,
  • "PlatformManagerAfterAuthRateLimiter": 0,
  • "PlatformManagerConnCountChecker": 0,
  • "EnablePlatformManagerBeforeAuthRateLimiter": true,
  • "EnablePlatformManagerAfterAuthRateLimiter": true
}

Sets the security settings.

Roles required: Global Administrator

query Parameters
restartAllServers
boolean

Boolean to restart all the servers

Request Body schema:
application/json

Security settings in Json format

enableRateLimiter
required
boolean
enableConnectionCountChecker
required
boolean
enableUnauthTcpConnectionIdleTimeout
required
boolean
rateLimiterWinSizeInMilliSeconds
required
integer <int32> [ 100 .. 300000 ]
unauthTcpConnectionIdleTimeoutInMilliSeconds
required
integer <int32> [ 100 .. 300000 ]
ajaxHttpRateLimiterMaxCount
required
integer <int32> [ 1 .. 1000000 ]
recoveryHttpRateLimiterMaxCount
required
integer <int32> [ 1 .. 1000000 ]
blastMessageBeforeAuthRateLimiterMaxCount
required
integer <int32> [ 4 .. 1000000 ]
blastMessageAfterAuthRateLimiterMaxCount
required
integer <int32> [ 4 .. 1000000 ]
adminPortBeforeAuthRateLimiterMaxCount
required
integer <int32> [ 1 .. 1000000 ]
adminPortAfterAuthRateLimiterMaxCount
required
integer <int32> [ 10 .. 1000000 ]
agentPortBeforeAuthRateLimiterMaxCount
required
integer <int32> [ 1 .. 1000000 ]
agentPortAfterAuthRateLimiterMaxCount
required
integer <int32> [ 100 .. 1000000 ]
blastMessageConnCountChecker
required
integer <int32> [ 4 .. 1000000 ]
swarmAdminPortConnCountChecker
required
integer <int32> [ 1 .. 1000000 ]
swarmAgentPortConnCountChecker
required
integer <int32> [ 2 .. 1000000 ]
userPasswordMinLength
required
integer <int32> [ 8 .. 20 ]
userPasswordMaxLength
required
integer <int32> [ 64 .. 255 ]
clientCredentialsMinLength
required
integer <int32> [ 12 .. 20 ]
clientCredentialsMaxLength
required
integer <int32> [ 64 .. 255 ]
passwordComplexityRequired
required
boolean
passwordDisallowedListChecking
required
boolean
PlatformManagerBeforeAuthRateLimiter
integer <int32>
PlatformManagerAfterAuthRateLimiter
integer <int32>
PlatformManagerConnCountChecker
integer <int32>
EnablePlatformManagerBeforeAuthRateLimiter
boolean
EnablePlatformManagerAfterAuthRateLimiter
boolean

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not Found

500

Internal server error

put /api/latest/serverSettings/securitySettings
https://localhost/api/latest/serverSettings/securitySettings

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "enableRateLimiter": true,
  • "enableConnectionCountChecker": true,
  • "enableUnauthTcpConnectionIdleTimeout": true,
  • "rateLimiterWinSizeInMilliSeconds": 100,
  • "unauthTcpConnectionIdleTimeoutInMilliSeconds": 100,
  • "ajaxHttpRateLimiterMaxCount": 1,
  • "recoveryHttpRateLimiterMaxCount": 1,
  • "blastMessageBeforeAuthRateLimiterMaxCount": 4,
  • "blastMessageAfterAuthRateLimiterMaxCount": 4,
  • "adminPortBeforeAuthRateLimiterMaxCount": 1,
  • "adminPortAfterAuthRateLimiterMaxCount": 10,
  • "agentPortBeforeAuthRateLimiterMaxCount": 1,
  • "agentPortAfterAuthRateLimiterMaxCount": 100,
  • "blastMessageConnCountChecker": 4,
  • "swarmAdminPortConnCountChecker": 1,
  • "swarmAgentPortConnCountChecker": 2,
  • "userPasswordMinLength": 8,
  • "userPasswordMaxLength": 64,
  • "clientCredentialsMinLength": 12,
  • "clientCredentialsMaxLength": 64,
  • "passwordComplexityRequired": true,
  • "passwordDisallowedListChecking": true,
  • "PlatformManagerBeforeAuthRateLimiter": 0,
  • "PlatformManagerAfterAuthRateLimiter": 0,
  • "PlatformManagerConnCountChecker": 0,
  • "EnablePlatformManagerBeforeAuthRateLimiter": true,
  • "EnablePlatformManagerAfterAuthRateLimiter": true
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "enableRateLimiter": true,
  • "enableConnectionCountChecker": true,
  • "enableUnauthTcpConnectionIdleTimeout": true,
  • "rateLimiterWinSizeInMilliSeconds": 100,
  • "unauthTcpConnectionIdleTimeoutInMilliSeconds": 100,
  • "ajaxHttpRateLimiterMaxCount": 1,
  • "recoveryHttpRateLimiterMaxCount": 1,
  • "blastMessageBeforeAuthRateLimiterMaxCount": 4,
  • "blastMessageAfterAuthRateLimiterMaxCount": 4,
  • "adminPortBeforeAuthRateLimiterMaxCount": 1,
  • "adminPortAfterAuthRateLimiterMaxCount": 10,
  • "agentPortBeforeAuthRateLimiterMaxCount": 1,
  • "agentPortAfterAuthRateLimiterMaxCount": 100,
  • "blastMessageConnCountChecker": 4,
  • "swarmAdminPortConnCountChecker": 1,
  • "swarmAgentPortConnCountChecker": 2,
  • "userPasswordMinLength": 8,
  • "userPasswordMaxLength": 64,
  • "clientCredentialsMinLength": 12,
  • "clientCredentialsMaxLength": 64,
  • "passwordComplexityRequired": true,
  • "passwordDisallowedListChecking": true,
  • "PlatformManagerBeforeAuthRateLimiter": 0,
  • "PlatformManagerAfterAuthRateLimiter": 0,
  • "PlatformManagerConnCountChecker": 0,
  • "EnablePlatformManagerBeforeAuthRateLimiter": true,
  • "EnablePlatformManagerAfterAuthRateLimiter": true
}

Tenants

Gets a collection of Tenants .

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request, content returned

404

Not found

500

Internal Server Error

get /api/latest/tenants
https://localhost/api/latest/tenants

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a Tenant.

Roles required: Global Administrator

Request Body schema:
application/json

Tenant object to create.

CreatedBy
string <uuid>
CreatedOn
string <date-time>
TenantId
string <uuid>
ModifiedBy
string <uuid>
ModifiedOn
string <date-time>
Description
required
string
Name
required
string

Responses

200

Successful request, content returned

400

Bad request

409

Conflict

500

Internal Server Error

post /api/latest/tenants
https://localhost/api/latest/tenants

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "Description": "string",
  • "Name": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "Description": "string",
  • "Name": "string"
}

Gets the details of a Tenant by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

path Parameters
tenantId
required
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

200

Successful request, content returned

400

Bad Request Error

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/tenants/{tenantId}
https://localhost/api/latest/tenants/{tenantId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "Description": "string",
  • "Name": "string"
}

Updates a Tenant.

Roles required: Global Administrator

Only the fields Name and Description can be updated.

path Parameters
tenantId
required
string <uuid>

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Request Body schema:
application/json

Tenant object to update

CreatedBy
string <uuid>
CreatedOn
string <date-time>
TenantId
string <uuid>
ModifiedBy
string <uuid>
ModifiedOn
string <date-time>
Description
required
string
Name
required
string

Responses

200

Successful request, content returned

400

Bad request

404

Not found

500

Internal server error

put /api/latest/tenants/{tenantId}
https://localhost/api/latest/tenants/{tenantId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "Description": "string",
  • "Name": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "Description": "string",
  • "Name": "string"
}

Deletes a Tenant By ID

Roles required: Global Administrator

During tenant deletion, the active USBR sessions for the tenant are stopped, and the USBR image files for the tenant are deleted.

path Parameters
tenantId
required
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

204

Successful request, no content

400

Bad request

404

Not found

500

Internal server error

delete /api/latest/tenants/{tenantId}
https://localhost/api/latest/tenants/{tenantId}

UsbrImages

Gets a collection of USBR image metadata.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

File hash is SHA2-256.

Responses

200

Successful request, content returned

403

Forbidden

500

Internal Server Error

get /api/latest/usbr/images
https://localhost/api/latest/usbr/images

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Gets a USBR image metadata by Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

File hash is SHA2-256.

path Parameters
usbrImageId
required
integer <int32>

Id of USBR image metadata

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

NotFound

500

Internal Server Error

get /api/latest/usbr/images/{usbrImageId}
https://localhost/api/latest/usbr/images/{usbrImageId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrImageId": 0,
  • "FileName": "string",
  • "FileDescription": "string",
  • "FileBytes": 0,
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "FileHashString": "string"
}

Updates a USBR image metadata by Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

Only the name and the description of the image can be updated. All other fields are read-only.

Filename must be unique per tenant.

File hash is SHA2-256.

path Parameters
usbrImageId
required
integer <int32>

Id of USBR image metadata to update

Request Body schema:
application/json

Updated USBR image metadata

UsbrImageId
integer <int32>
FileName
required
string
FileDescription
required
string
FileBytes
integer <int64>
LastUpdated
string <date-time>
TenantId
string <uuid>
FileHashString
string

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

NotFound

409

Conflict due to file in use or to filename is not unique

500

Internal Server Error

put /api/latest/usbr/images/{usbrImageId}
https://localhost/api/latest/usbr/images/{usbrImageId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrImageId": 0,
  • "FileName": "string",
  • "FileDescription": "string",
  • "FileBytes": 0,
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "FileHashString": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrImageId": 0,
  • "FileName": "string",
  • "FileDescription": "string",
  • "FileBytes": 0,
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "FileHashString": "string"
}

Deletes a USBR image file and its metadata by Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

This operation deletes both the metadata and file of a USBR image given the Id.

path Parameters
usbrImageId
required
integer <int32>

Id of USBR Image to delete

Responses

204

Successful request, no content returned

400

Bad Request

403

Forbidden

404

NotFound

409

Conflict due to image file in use

500

Internal Server Error

delete /api/latest/usbr/images/{usbrImageId}
https://localhost/api/latest/usbr/images/{usbrImageId}

UsbrSessions

Gets a list of USB-R sessions per tenant and with an option to filter by status.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

query Parameters
status
string
Enum: "initialized" "connected" "connectionDroppedMaxSessions" "disconnectedByUser" "disconnectedDueToError" "disconnectedDueToIdleTimeout" "disconnectedDueToUserConsent"

Status (enum) of USB-R Session. If the value is a string and the string is not a valid string name of the enumeration item, it will be ignored.

Responses

200

Successful request, content returned

403

Forbidden

500

Internal Server Error

get /api/latest/usbr/sessions
https://localhost/api/latest/usbr/sessions

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Submits a request to start USB-R session for the specified endpoint.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

Accepted values for startMode are iderSetOnReset, iderSetGracefully, iderSetImmediately

The request requires both UsbrImageIsoId and UsbrImageImgId if only one image is used, then use 0 as the ID for the other.

Request Body schema:
application/json

usbrStartSessionRequestModel object for starting the session

EndpointId
required
string 64 characters
UsbrImageImgId
required
integer <int32> [ 0 .. 2147483647 ]
UsbrImageIsoId
required
integer <int32> [ 0 .. 2147483647 ]
StartMode
required
string
Enum: "iderSetOnReset" "iderSetGracefully" "iderSetImmediately"

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

409

Resource Conflict

500

Internal Server Error

post /api/latest/usbr/sessions
https://localhost/api/latest/usbr/sessions

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "EndpointId": "stringstringstringstringstringstringstringstringstringstringstri",
  • "UsbrImageImgId": 0,
  • "UsbrImageIsoId": 0,
  • "StartMode": "iderSetOnReset"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrSessionId": "00000000-0000-0000-0000-000000000000",
  • "UsbrImageImgName": "string",
  • "UsbrImageIsoName": "string",
  • "EndpointId": "string",
  • "EndpointName": "string",
  • "UsbrImageImgId": 0,
  • "UsbrImageIsoId": 0,
  • "Status": "string",
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "IdleTimeSeconds": 0,
  • "SessionDurationSeconds": 0
}

Submits a request to stop a USB-R session.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
usbrSessionId
required
string

USB-R session unique identifier

Responses

200

Successful request, content returned

400

Bad Request

403

Forbidden

404

Not Found

500

Internal Server Error

post /api/latest/usbr/sessions/{usbrSessionId}/stop
https://localhost/api/latest/usbr/sessions/{usbrSessionId}/stop

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrSessionId": "00000000-0000-0000-0000-000000000000",
  • "UsbrImageImgName": "string",
  • "UsbrImageIsoName": "string",
  • "EndpointId": "string",
  • "EndpointName": "string",
  • "UsbrImageImgId": 0,
  • "UsbrImageIsoId": 0,
  • "Status": "string",
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "IdleTimeSeconds": 0,
  • "SessionDurationSeconds": 0
}

Gets USB-R request status for an AMT Endpoint by USB-R session Id.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
usbrSessionId
required
string

USB-R Session ID

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not found

500

Internal Server Error

get /api/latest/usbr/sessions/{usbrSessionId}
https://localhost/api/latest/usbr/sessions/{usbrSessionId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UsbrSessionId": "00000000-0000-0000-0000-000000000000",
  • "UsbrImageImgName": "string",
  • "UsbrImageIsoName": "string",
  • "EndpointId": "string",
  • "EndpointName": "string",
  • "UsbrImageImgId": 0,
  • "UsbrImageIsoId": 0,
  • "Status": "string",
  • "LastUpdated": "2023-02-15T18:34:44Z",
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "IdleTimeSeconds": 0,
  • "SessionDurationSeconds": 0
}

UserConsent

Gets the current User Consent State

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Read privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Endpoint unique identifier

Responses

200

Successful request

400

Invalid ModelState

401

Unauthorized

403

User not allowed to execute operation

404

Not found

409

Endpoint not ready to execute operation yet

500

Internal Server Error

get /api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}
https://localhost/api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "DefaultScreen": 0,
  • "UserConsentRequired": "none",
  • "State": "notStarted",
  • "UserConsentCodeTimeout": 0,
  • "UserConsentDisplayTimeout": 0,
  • "UserConsentRequiredMessage": "string",
  • "StateMessage": "string",
  • "DefaultScreenMessage": "string"
}

Start a User Consent session on the target endpoint.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Responses

204

Successful request, no content returned

400

Invalid ModelState

401

Unauthorized

403

User not allowed to execute operation

404

Not found

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/start
https://localhost/api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/start

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Send a User Consent code to endpoint Intel(R) AMT

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string
Request Body schema:
application/json
integer <int32>

Responses

204

Successful request, no content returned

400

Invalid ModelState

401

Unauthorized

403

User not allowed to execute operation

404

Not found

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/sendCode
https://localhost/api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/sendCode

Request samples

Content type
application/json
Copy
 Expand all Collapse all
0

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Cancels a User Consent session that has been started.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Responses

204

Successful request, no content returned

400

Invalid ModelState

401

Unauthorized

403

User not allowed to execute operation

404

Not found

409

Endpoint not ready to execute operation yet

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/cancel
https://localhost/api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/cancel

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

Set the display that the User Consent Sprite will appear on.

Roles required: Tenant Administrator, Client Credentials Endpoint Manager, User in a User Group with Execute privileges associated to target Endpoint Group

path Parameters
endpointId
required
string

Target endpoint ID

Request Body schema:
application/json

Display to set the user consent sprite to

TargetDisplay
required
string
Enum: "primaryDisplay" "secondDisplay" "thirdDisplay"

Desired display to change the user consent sprite to.

Responses

204

Successful request

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

409

Resource Conflict

500

Internal Server Error

post /api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/setDisplay
https://localhost/api/latest/endpointOOBOperations/Single/UserConsent/{endpointId}/setDisplay

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "TargetDisplay": "primaryDisplay"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{ }

UserGroupMemberships

Gets a collection of names of User Group members.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator

path Parameters
userGroupId
required
integer <int32>

User Group identifier

Responses

200

Successful request, content returned

404

Not found

500

Internal Server Error

get /api/latest/userGroupMemberships/{userGroupId}
https://localhost/api/latest/userGroupMemberships/{userGroupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Add members to a User Group.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

With an HTTP 200, the response list will contain only those members that got added to the User Group. Members not added for one reason or another will not appear in the response list.

path Parameters
userGroupId
required
string

User Group ID

Request Body schema:
application/json
Array
UserName
required
string

Responses

200

Successful request, content returned

400

Bad request

404

Not found

500

Internal Server Error

post /api/latest/userGroupMemberships/{userGroupId}/addMembers
https://localhost/api/latest/userGroupMemberships/{userGroupId}/addMembers

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Removes members from a User Group.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

With an HTTP 200, the response list will contain only those members removed from the User Group. Members not removed for one reason or another will not appear in the response list.

path Parameters
userGroupId
required
string

User Group ID

Request Body schema:
application/json

Members to remove from a User Group

Array
UserName
required
string

Responses

200

Successful request, content returned

400

Bad request

404

Not found

500

Internal server error

post /api/latest/userGroupMemberships/{userGroupId}/removeMembers
https://localhost/api/latest/userGroupMemberships/{userGroupId}/removeMembers

Request samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

UserGroups

Gets a collection of User Groups.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator

Responses

200

Successful request, content returned

500

Internal server error

get /api/latest/userGroups
https://localhost/api/latest/userGroups

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a new User Group having Execute or View right.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

For AccessRightsId, enter one of the two following values: 1 - Execute 2 - View

The roleId value will be automatically populated by the system

Request Body schema:
application/json

User Group object to create

UserGroupId
integer <int32>
Name
required
string
TenantId
string <uuid>
Description
required
string
CreatedOn
string <date-time>
CreatedBy
string <uuid>
ModifiedOn
string <date-time>
ModifiedBy
string <uuid>
RoleId
integer <int32>
AccessRightsId
required
string
Enum: "execute" "view"
AccessRights
string

Responses

200

Successful request, content returned

400

Bad request

409

Conflict, User Group name already exists

500

Internal Server Error

post /api/latest/userGroups
https://localhost/api/latest/userGroups

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 0,
  • "Name": "string",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "RoleId": 0,
  • "AccessRightsId": "execute",
  • "AccessRights": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 0,
  • "Name": "string",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "RoleId": 0,
  • "AccessRightsId": "execute",
  • "AccessRights": "string"
}

Gets a User Group by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator

path Parameters
userGroupId
required
integer <int32>

User Group identifier

Responses

200

Successful request, content returned

400

Bad request

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/userGroups/{userGroupId}
https://localhost/api/latest/userGroups/{userGroupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 0,
  • "Name": "string",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "RoleId": 0,
  • "AccessRightsId": "execute",
  • "AccessRights": "string"
}

Updates a User Group by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager.

The only fields that can be updated are Name, Description and AccessRights.

For AccessRightsId, enter one of the two following values: 1 - Execute 2 - View

The roleId value will be automatically populated by the system

path Parameters
userGroupId
required
integer <int32>

The User Group identifier

Request Body schema:
application/json

UserGroup object with updated data

UserGroupId
integer <int32>
Name
required
string
TenantId
string <uuid>
Description
required
string
CreatedOn
string <date-time>
CreatedBy
string <uuid>
ModifiedOn
string <date-time>
ModifiedBy
string <uuid>
RoleId
integer <int32>
AccessRightsId
required
string
Enum: "execute" "view"
AccessRights
string

Responses

200

OK: Return content.

400

Bad request

403

Forbidden

404

Not found

409

Conflict, User Group name already exists

500

Internal Server Error

put /api/latest/userGroups/{userGroupId}
https://localhost/api/latest/userGroups/{userGroupId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 0,
  • "Name": "string",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "RoleId": 0,
  • "AccessRightsId": "execute",
  • "AccessRights": "string"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 0,
  • "Name": "string",
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "RoleId": 0,
  • "AccessRightsId": "execute",
  • "AccessRights": "string"
}

Deletes a User Group by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

path Parameters
userGroupId
required
integer <int32>

The User Group identifier.

Responses

204

Successful request, no content.

400

Bad Request

403

Forbidden

404

Not found

500

Internal Server Error

delete /api/latest/userGroups/{userGroupId}
https://localhost/api/latest/userGroups/{userGroupId}

UserGroupToEndpointGroupAssignments

Gets a collection of User Groups assigned to an Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

path Parameters
endpointGroupId
required
string

Endpoint Group ID. Hex string with 64 characters and without the 0x prefix.

Responses

200

OK: Return content.

400

Bad request

403

Forbidden: If the caller does not have the required rights.

500

Internal Server Error: Exceptions thrown.

get /api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}
https://localhost/api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Assigns a User Group to an Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

path Parameters
endpointGroupId
required
string

EndPoint Group ID. Hex string with 64 characters and without the 0x prefix.

Request Body schema:
application/json

UserGroup Identifier DTO object

UserGroupId
required
integer <int32> [ 1 .. 2147483647 ]

Responses

200

OK: Return content.

400

Bad request: If request body is not in right format.

403

Forbidden: If the caller does not have the required rights.

404

Not found: If {userGroupId} does not exist.

409

Conflict: If {userGroupId} and {endpointGroupId} are already associated.

500

Internal Server Error: Exceptions thrown.

post /api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}
https://localhost/api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 1
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserGroupId": 1
}

Disassociates an User Group from a Endpoint Group

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Endpoint Group Creator

path Parameters
endpointGroupId
required
string

Endpoint Group ID. Hex string with 64 characters and without the 0x prefix.

userGroupId
required
integer <int32>

User Group ID.

Responses

204

Successful request, no content.

400

Bad request: If URI is not formatted right or If {endpointGroupId} and {userGroupId} are already associated.

403

Forbidden: If the caller does not have the required rights.

404

Not found: If {endpointGroupId} or {userGroupId} does not exist.

500

Internal Server Error: Exceptions thrown.

delete /api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}/userGroup/{userGroupId}
https://localhost/api/latest/userGroupToEndpointGroupAssignments/{endpointGroupId}/userGroup/{userGroupId}

Users

Gets a collection of Users.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator

Responses

200

Successful request, content returned

401

Unauthorized

500

Internal server error

get /api/latest/users
https://localhost/api/latest/users

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a User

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager

TenantId is not required when a Global Administrator creates another Global Administrator.

If EMA is installed in Windows Domain Authentication mode, the Username used for registering a new user must be its User Principle Name (UPN).

If EMA is installed in Azure Active Directory Authentication mode, the Username used for registering a new user must be its UPN property.

Username must be in an email address format.

Creating a 'Locked' user is not allowed. The 'Enabled' property should always be passed as 'true'

Password is required only when EMA is installed in local account mode.

Password Requirements

--between 8 characters and 255 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character
Request Body schema:
application/json

User object to be created

UserId
string <uuid>
Username
required
string
Enabled
required
boolean
TenantId
string <uuid>
Description
required
string
Password
string
RoleId
required
integer <int32>

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

404

Not Found

409

Conflict

500

Internal server error

post /api/latest/users
https://localhost/api/latest/users

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "Password": "string",
  • "RoleId": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "RoleId": 0,
  • "SysRole": "none"
}

Gets the details of a User by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Endpoint Group Users can see only their own information.

path Parameters
userId
required
string

User ID. Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

200

Successful request, content returned

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/users/{userId}
https://localhost/api/latest/users/{userId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "RoleId": 0,
  • "SysRole": "none"
}

Updates a User by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account manager

Only Description, RoleId, and Enabled can be updated, except for TenantId if converting a user from a Global Admin to a Tenant User. All other fields are ignored.

TenantId is required if the target user is changed to a Tenant user role (i.e., a role that is not a Global Admin).

Manually locking a user by changing the 'Enabled' property to 'false' is not currently supported.

If EMA is installed in Azure Active Directory Authentication mode, the Role of the root account cannot be changed.

path Parameters
userId
required
string

User ID. Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Request Body schema:
application/json
UserId
required
string <uuid>
Username
string
CreatedOn
string <date-time>
CreatedBy
string <uuid>
ModifiedOn
string <date-time>
ModifiedBy
string <uuid>
Enabled
required
boolean
TenantId
string <uuid>
Description
required
string
RoleId
required
integer <int32>
SysRole
string
Enum: "none" "globalAdministrator" "tenantAdministrator" "accountManager" "endpointGroupsCreator" "endpointGroupsUser"

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

405

Method Not Allowed

500

Internal server error

put /api/latest/users/{userId}
https://localhost/api/latest/users/{userId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "RoleId": 0,
  • "SysRole": "none"
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "RoleId": 0,
  • "SysRole": "none"
}

Deletes a User by ID.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

All users can delete their own accounts. Global Administrators can delete any user account from any Tenant. Tenant Administrators can delete any user account from the same Tenant. Account Managers can delete any user having the primary role of Account Manager, Endpoint Group Creator, or Endpoint Group User from the same Tenant.

If EMA is installed in Azure Active Directory Authentication mode, the root account cannot be deleted.

path Parameters
userId
required
string

Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

204

Successful request, no content

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

delete /api/latest/users/{userId}
https://localhost/api/latest/users/{userId}

Gets the details of a User by username.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Endpoint Group Users can see only their own information.

query Parameters
username
string

Responses

200

Successful request, content returned

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

get /api/latest/users/getUserByName
https://localhost/api/latest/users/getUserByName

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "UserId": "00000000-0000-0000-0000-000000000000",
  • "Username": "string",
  • "CreatedOn": "2023-02-15T18:34:44Z",
  • "CreatedBy": "00000000-0000-0000-0000-000000000000",
  • "ModifiedOn": "2023-02-15T18:34:44Z",
  • "ModifiedBy": "00000000-0000-0000-0000-000000000000",
  • "Enabled": true,
  • "TenantId": "00000000-0000-0000-0000-000000000000",
  • "Description": "string",
  • "RoleId": 0,
  • "SysRole": "none"
}

Set a User's password.

Roles required: Global Administrator, Tenant Administrator, Client Credentials Tenant Manager, Account Manager, Endpoint Group Creator, Endpoint Group User

Global Administrators can reset the passwords of all Users without providing their current passwords. Tenant Administrators can reset the passwords of Users in the same Tenant without providing their current passwords. All other users need to provide their current passwords to reset them.

Password is required when EMA is installed in local account mode. Password is also required for the root account when EMA is installed in Azure Active Directory Authentication mode.

Password Requirements

--between 8 characters and 255 characters
--contains at least one number
--contains both lowercase and uppercase alpha characters
--contains at least one special character
path Parameters
userId
required
string

User ID. Canonical GUID form: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Request Body schema:
application/json
CurrentPassword
string
NewPassword
required
string

Responses

204

Successful request, no content

400

Bad request

401

Unauthorized

403

Forbidden

404

Not found

500

Internal server error

post /api/latest/users/{userId}/resetPassword
https://localhost/api/latest/users/{userId}/resetPassword

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "CurrentPassword": "string",
  • "NewPassword": "string"
}

WifiSetups

Gets a collection of WifiSetups.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

Responses

200

Successful request

500

Internal Server Error

get /api/latest/wifiSetups
https://localhost/api/latest/wifiSetups

Response samples

Content type
application/json
Copy
 Expand all Collapse all
[
  • {
    }
]

Creates a WifiSetup to be used by AMT Profiles.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

When the KeyManagementProtocol is WPAPSK or WPA2PSK, Passphrase is required, and _802_1_SetupLookupKey is not needed and will be set to null. When the KeyManagementProtocol is WPAIEEE802_1 or WPA2IEEE802_1, _802_1_SetupLookupKey is required, and Passphrase is not needed and will be set to nul.

Request Body schema:
application/json

WifiSetup object to create

SetupName
required
string
Priority
required
integer <int32>
SSID
required
string
EncryptionAlgorithm
required
string
Enum: "tKIP" "cCMP"
KeyManagementProtocol
required
string
Enum: "wPAPSK" "wPAIEEE802_1" "wPA2PSK" "wPA2IEEE802_1"
Passphrase
string
TenantId
string
_802_1_SetupLookupKey
integer <int32>

Responses

200

Successful request

400

Invalid ModelState

409

WifiSetup name already exists

500

Internal Server Error

post /api/latest/wifiSetups
https://localhost/api/latest/wifiSetups

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "SetupName": "string",
  • "Priority": 0,
  • "SSID": "string",
  • "EncryptionAlgorithm": "tKIP",
  • "KeyManagementProtocol": "wPAPSK",
  • "Passphrase": "string",
  • "TenantId": "string",
  • "_802_1_SetupLookupKey": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "WifiSetupId": 0,
  • "SetupName": "string",
  • "Priority": 0,
  • "SSID": "string",
  • "EncryptionAlgorithm": "tKIP",
  • "KeyManagementProtocol": "wPAPSK",
  • "Passphrase": "string",
  • "TenantId": "string",
  • "_802_1_SetupLookupKey": 0
}

Gets a WiFiSetup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager, Client Credentials Endpoint Manager, Endpoint Group Creator, Endpoint Group User

path Parameters
wifiSetupId
required
integer <int32>

WifiSetup ID

Responses

200

Successful request, content returned

400

Bad Request

404

Not found

500

Internal Server Error

get /api/latest/wifiSetups/{wifiSetupId}
https://localhost/api/latest/wifiSetups/{wifiSetupId}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "WifiSetupId": 0,
  • "SetupName": "string",
  • "Priority": 0,
  • "SSID": "string",
  • "EncryptionAlgorithm": "tKIP",
  • "KeyManagementProtocol": "wPAPSK",
  • "Passphrase": "string",
  • "TenantId": "string",
  • "_802_1_SetupLookupKey": 0
}

Updates a WiFiSetup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

When the KeyManagementProtocol is WPAPSK or WPA2PSK and the original KeyManagementProtocol is WPAPSK or WPA2PSK, Passphrase is optional, and _802_1_SetupLookupKey is not needed and will be set to null internally. If Passphrase is not provided or empty, the original Passphrase will be used. When the KeyManagementProtocol is WPAPSK or WPA2PSK and the original KeyManagementProtocol is WPAIEEE802_1 or WPA2IEEE802_1, Passphrase is required, and _802_1_SetupLookupKey is not needed and will be set to null internally. When the KeyManagementProtocol is WPAIEEE802_1 or WPA2IEEE802_1, _802_1_SetupLookupKey is required, and Passphrase is not needed and will be set to null internally.

path Parameters
wifiSetupId
required
integer <int32>

WifiSetup ID

Request Body schema:
application/json

WifiSetup object to update

WifiSetupId
required
integer <int32>
SetupName
required
string
Priority
required
integer <int32>
SSID
required
string
EncryptionAlgorithm
required
string
Enum: "tKIP" "cCMP"
KeyManagementProtocol
required
string
Enum: "wPAPSK" "wPAIEEE802_1" "wPA2PSK" "wPA2IEEE802_1"
Passphrase
string
TenantId
string
_802_1_SetupLookupKey
integer <int32>

Responses

200

Returns updated WifiSetup

400

Bad request

404

Not found

409

WifiSetup name already exists

500

Internal Server Error

put /api/latest/wifiSetups/{wifiSetupId}
https://localhost/api/latest/wifiSetups/{wifiSetupId}

Request samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "WifiSetupId": 0,
  • "SetupName": "string",
  • "Priority": 0,
  • "SSID": "string",
  • "EncryptionAlgorithm": "tKIP",
  • "KeyManagementProtocol": "wPAPSK",
  • "Passphrase": "string",
  • "TenantId": "string",
  • "_802_1_SetupLookupKey": 0
}

Response samples

Content type
application/json
Copy
 Expand all Collapse all
{
  • "WifiSetupId": 0,
  • "SetupName": "string",
  • "Priority": 0,
  • "SSID": "string",
  • "EncryptionAlgorithm": "tKIP",
  • "KeyManagementProtocol": "wPAPSK",
  • "Passphrase": "string",
  • "TenantId": "string",
  • "_802_1_SetupLookupKey": 0
}

Deletes a WiFiSetup by ID.

Roles required: Tenant Administrator, Client Credentials Tenant Manager

path Parameters
wifiSetupId
required
integer <int32>

WifiSetup ID

Responses

204

Successful request, no content

400

Bad Request

404

Not found

409

Cannot delete Wifisetup if it is still associated with AMT Profile

500

Internal Server Error

delete /api/latest/wifiSetups/{wifiSetupId}
https://localhost/api/latest/wifiSetups/{wifiSetupId}