Manage lockers
- Updated: 2020/05/12
Manage lockers
Use the Credential Vault API to manage lockers, consumers, members, and credentials in the lockers.
Permissions
Users with anAAE_Locker_Admin
role can
view and manage all lockers. By default, non-admin users have permissions to create and
manage their own lockers. Non-admin users can also be given permissions to access other
lockers. -
Locker Owner: A locker owner can edit, view, and delete a locker, and can add or remove other owners.
-
Locker Manager: A locker manager has access to all the functions of a locker owner, but does not have permission to add owners, managers, or participants to the locker.
-
Locker Participants: A locker participant has access to view a locker and its participants, and can also add their own credentials to a locker. A locker participant can not access or view credentials created by other users.
-
Locker Consumers: Locker consumers have access to view a locker and input a credential attribute value (if the attribute is configured for user-input). When you select one or more user-defined roles, the users who have these selected roles become consumers of the locker.
Lockers URLS
- Create a new instance of a locker
-
POST http://<your_control_room_url>/v2/credentialvault/lockers
- Search for lockers
- Returns a list of lockers where the user is a
member (owner, manager, or participant) or has usage permission (consumer).
If the user has
AAE_Locker Admin
permission, this URL returns a list of all the lockers in the system. - Retrieve a specific locker by id
-
GET http://<your_control_room_url>/v2/credentialvault/lockers/{id}
- Update an existing locker
-
PUT http://<your_control_room_url>/v2/credentialvault/lockers/{id}
- Delete locker
-
DELETE http://<your_control_room_url>/v2/credentialvault/lockers/{id}
Locker consumers URLS
These URLs accept role not user IDs. Use the Role APIs to manage roles. See User management API overview.
- Retrieve a list of consumers of a locker
-
GET http://<your_control_room_url>/v2/credentialvault/lockers/{id}/consumers
- Add a consumer to a locker
-
POST http://<your_control_room_url>/v2/credentialvault/lockers/{id}/consumers
- Delete a consumer from a specific locker
-
DELETE http://<your_control_room_url>/v2/credentialvault/lockers/{id}/consumers/{roleId}
Locker members URLS
- Retrieve a list of locker members
-
GET http://<your_control_room_url>/v2/credentialvault/lockers/{id}/members
- Add or updates a member of a locker
-
PUT http://<your_control_room_url>/v2/credentialvault/lockers/{id}/members/{userId}
- Delete a member from a locker
-
DELETE http://<your_control_room_url>/v2/credentialvault/lockers/{id}/members/{userId}
Locker credentials URLS
- Retrieve a list of all credentials in a locker
-
GET http://<your_control_room_url>/v2/credentialvault/lockers/{id}/credentials
- Add your credential to the locker
-
Note: You must be an owner, manager, or participant of the locker.
- Delete a credential from the locker
-
Note: You must be an owner, manager, or participant of the locker.