POST PAM Providers Local ID Entries

The POST /PamProviders/Local/{providerId}/Entries method creates a new PAMClosed PAM (Privileged Access Management): Controls privileged access by vaulting credentials, enforcing least-privilege/just-in-time access, rotating secrets, and auditing sessions. Across Keyfactor products, PAM protects diverse sensitive operations and secrets—for example certificate stores and CA credentials—via built-in or third-party providers; external integrations are delivered as custom PAM extensions (several published on Keyfactor’s public GitHub). secret for the requested local PAM provider ID. This method returns HTTP 200 OK on a success with details for the secret (not including the actual secret).

Before creating secret entries with this endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server., you must first create a PAM provider of type Command Secret Provider (see Adding or Modifying a PAM Provider or POST PAM Providers).

Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:

/pam/modify/
OR
/pam/modify/#/ (where # is a reference to a specific PAM provider ID)

Permissions for PAM providers can be set at the system-wide level or with fine-grained control at the PAM provider level. See PAM Permissions for more information about the differences between system-wide and more targeted permissions.

Table 617: POST PamProviders Local {providerId} Entries Input Parameters

Name In

Description

ProviderId Path Required. An integer containing the Keyfactor Command reference ID for the PAM provider associated with the secret.

Use the GET /PamProviders method (see GET PAM Providers) to retrieve a list of all the PAM providers to determine the PAM provider's ID.

SecretName Body Required. A string containing the Keyfactor Command reference name for the PAM secret.
Description Body A string containing a description for the PAM secret.
SecretValue Body Required. A string containing the secret data for the PAM secret. This data is not returned in responses or GET requests.

Table 618: POST PamProviders Local {providerId} Entries Response Data

Name

Description

ProviderId An integer containing the Keyfactor Command reference ID for the PAM provider associated with the secret.
SecretName A string containing the Keyfactor Command reference name for the PAM secret.
Description A string containing a description for the PAM secret.
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.