PUT Security Roles ID Permissions PAM Providers

The PUT /Security/Roles/{id}/Permissions/PamProviders method is used to update PAM PAM (Privileged Access Management): Controls privileged access by vaulting credentials, enforcing least-privilege/just-in-time access, rotating secrets, and auditing sessions. Across Keyfactor products, PAM protects diverse sensitive operations and secrets—for example certificate stores and CA credentials—via built-in or third-party providers; external integrations are delivered as custom PAM extensions (several published on Keyfactor’s public GitHub). provider permissions on the security role that matches the specified ID. This method returns HTTP 200 OK on a success with PAM provider permission details for the specified security role.

Important: This endpoint

An endpoint is a URL that enables the API to gain access to resources on a server. has been deprecated. It is retained for backwards compatibility, but new development should not use this method.

Important: Any previously defined permissions of the given type (e.g., ) that are not submitted with their full existing data using this method will be cleared of their existing data. Existing data for other types will be retained. When using this method, you should first do a GET to retrieve all the permissions of the given type for the role you want to update, enter corrected data into the field(s) you want to update, and then submit all the fields using PUT, including the fields that contain values but which you are not changing. If you just wish to add permissions without modifying existing permissions, use the POST method.

Tip: The following permissions (see Security Roles and Claims) are required to use this feature:

/security/modify/

Table 741: PUT Security Roles {id} Permissions PAM Providers Input Parameters

Name	In	Description
id	Path	Required. An integer indicating the Keyfactor Command reference ID of the security role for which to set permissions. Use the GET /Security/Roles method (see GET Security Roles) to retrieve a list of all the security roles to determine the role's ID.

Name

Description

Path

Required. An integer indicating the Keyfactor Command reference ID of the security role for which to set permissions.

Use the GET /Security/Roles method (see GET Security Roles) to retrieve a list of all the security roles to determine the role's ID.

Table 742: PUT Security Roles {id} Permissions PAM Providers Response Data

Name

Description

An object containing information about the certificate permissions granted to the security role. Show permission details.

Name	Description
Id	An integer containing the ID.
Name	A string containing the name of the certificate .
Permission	A string indicating the permission granted on the entity for this role.

Tip: See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor API

An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow

A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (

) at the bottom of the Management Portal side menu.

Was this page helpful? Provide Feedback

Version v25.5

On this page: