Book Demo!

This article provides a small example of Python script calling XTAM REST API. The example access XTAM REST API to retrieve current user information and XSRF REST API token. Then the example demonstrates the functions to access secret data of a specified record and to create a new record in the specified folder. The article also contains an example of accessing XTAM REST API using API authentication token.

XTAM REST API Python

To view XTAM’s full, interactive REST API utilizing the OpenAPI format, navigate to Adminstration > Settings > Application Nodes > API Documentation.

Looking for REST API examples using other scripts? Click PowerShell examples, Shell examples, VBScript examples or Python examples for additional information.

Below is the script demonstrating accessing records secret data and creating a new record. Details of the API calls are outlined in the comments. Note the use of the XSRF token to call data modification functions. The script intention is to illustrate details of the protocol. As a result, the script does not process network errors leaving it to the implementation.

# ------------------------------------------------------------------------------------
# XTAM REST API access script example for Python
# 
# The script will demonstrate the following functions 
#    * to access secret fields of the existing record
#    * to create a new record
# ------------------------------------------------------------------------------------

import requests
import json
from http.cookies import SimpleCookie

# ------------------------------------------------------------------------------------
# Script parameters define XTAM objects used in the script
# ------------------------------------------------------------------------------------

# Authentication parameters
url = 'https://xtam.company.com/xtam' # XTAM REST API URL
login = 'xtam_login'
password = 'xtam_password'

# XTAM Object IDs and names used in the script
rid = 'i-2qhyGh2UB0V' # Record ID to retrieve
fid = 'i-2Zh30SUCq7c' # Folder ID to create a new record in
tid = 'i-83XfwpNvCHy' # Record Type ID for the new record creation
recordName = 'New Record' # Name for the new record
recordDescription = 'New record description' # Description of the new record
recordCustom = '{"Host":"host", "Port":24, "User":"user", "Password":"password"}' # Custom data for the new record

# ------------------------------------------------------------------------------------
# Call to /user/whoami function returns current user data.
# In addition, this call returns an REST API token for cross site scripting protection.
# ------------------------------------------------------------------------------------
r = requests.get(url + '/rest/user/whoami', auth=(login, password))
user = r.json()

# Print user information retrieved from the XTAM server
print('Hello ' + user['firstName'] + ' ' + user['lastName'])

# Access REST API token for cross-site scripting protection and save it in the xsrf variable
cookie = SimpleCookie()
cookie.load(r.headers['Set-Cookie'])
xsrf = cookie['XSRF-TOKEN'].value
#print(xsrf)

# ------------------------------------------------------------------------------------
# Example call /record/unlock to retrieve secret data of a record
# ------------------------------------------------------------------------------------
r = requests.get(url + '/rest/record/unlock/' + rid, auth=(login, password))
record = r.json()
custom = json.loads(record['custom'])
print('{0}: {1} ({2}/{3})'.format(record['name'], custom['Host'], custom['User'], custom['Password']))

# ------------------------------------------------------------------------------------
# Example call to /record/new to create a new record
# Note that calls that modify XTAM data must include REST API token
# ------------------------------------------------------------------------------------
resp = requests.post(url + '/rest/record/new/' + fid + '/' + tid,
   data={'name':recordName,'description':recordDescription, 'custom':recordCustom},
   headers={'Content-Type':'application/x-www-form-urlencoded', 'Accept':'application/json', 'X-XSRF-TOKEN':xsrf},
   auth=(login, password))
   
print(resp)

The next example demonstrates the technique of connecting to XTAM REST API using API authentication tokens. As before, details of the script use are outlined in the comments.

# ------------------------------------------------------------------------------------
# XTAM REST API access script example for Python
# 
# The script will demonstrate API access using API tokens
# ------------------------------------------------------------------------------------

import requests
import json
from http.cookies import SimpleCookie

# ------------------------------------------------------------------------------------
# Script parameters define XTAM objects used in the script
# ------------------------------------------------------------------------------------

# Authentication parameters
url = 'https://xtam.company.com/xtam' # XTAM URL
cas = 'https://xtam.company.com/cas' # XTAM Federated Sign-In URL
token = 'yourXTAMtoken' # XTAM Token

# ------------------------------------------------------------------------------------
# Authentication using the token
# ------------------------------------------------------------------------------------
# Exchange REST API Token for a service ticket in Federated Sign-In Service.
# Note that a service ticket is short lived so it should be quickly exchanged to more permanent session cookie
# Also note disabling of redirects to catch service ticket in the Location header.
r = requests.get('{0}/login?service={1}/'.format(cas,url), headers={'token':token}, allow_redirects=False)
location = r.headers['Location']

# Exchange service ticket for a session cookie in XTAM.
# Save the session cookie to use in consecutive calls
r = requests.get(location, allow_redirects=False)
jar = r.cookies

# ------------------------------------------------------------------------------------
# Call to /user/whoami function returns current user data.
# In addition, this call returns an REST API token for cross site scripting protection.
# ------------------------------------------------------------------------------------
# Note the use of cookies parameter replacing auth parameter used for basic authentication
r = requests.get(url + '/rest/user/whoami', cookies=jar)
user = r.json()

# Print user information retrieved from the XTAM server
print('Hello ' + user['firstName'] + ' ' + user['lastName'])

# Access REST API token for cross-site scripting protection and save it in the xsrf variable
cookie = SimpleCookie()
cookie.load(r.headers['Set-Cookie'])
xsrf = cookie['XSRF-TOKEN'].value
print('XSRF Token: ' + xsrf)

Categories: xton

Mark Klinchin

I am Co-Founder and CEO of Xton Technologies. I am interested in computers, software development, cyber security, content management, photography, image processing and mathematics.

Related Posts

xton

Configuring Windows Server NLB for Multi-Node Deployment

Configuring Windows Server NLB for Multi-Node Deployment Architecture This article discusses details of Windows Network Load Balancer (NLB) configuration to balance two or more XTAM Server nodes. Earlier we discussed XTAM Server multi-node architecture built Read more…

Industry

The Challenge of Multi-Factor Authentication and Shared Accounts

Recently, I wrote about the importance of combining multi-factor authentication (MFA) and privileged access management. According to 2018 Global Password Security Report, 45% of organizations are already using two-factor authentication (2FA) and the 451 Group Read more…

xton

KuppingerCole Analyst Executive View of XTAM

As Xton Access Manager (XTAM) continues to grow in the Privileged Account Management space we are briefing popular analyst firms such as Gartner, KuppingerCole, Forrester and others about our capabilities and product roadmap.  If you Read more…

Copyright © 2020 Xton Technologies, LLC. All rights reserved.