PUT PAM Providers

The PUT /PamProviders method updates an existing PAM provider. This method returns HTTP 200 OK on a success with details for the updated provider.

Tip:  The following permissions (see Security Roles and Claims) are required to use this feature:

/pam/modify/
OR
/pam/modify/#/ (where # is a reference to a specific PAM provider ID)

Permissions for PAM providers and certificate stores can be set at either the global or PAM provider level. See PAM Permissions for more information about global vs PAM provider permissions.

Important:  Any previously populated fields that are not submitted with their full existing data using this method will be cleared of their existing data. When using this method, you should first do a GET to retrieve all the values for the record you want to update, enter corrected data into the field(s) you want to update, and then submit all the fields using PUT, including the fields that contain values but which you are not changing.

This method has two available versions. Keyfactor recommends using the newer method when possible. For more information about versioning, see Versioning.

Version 2 of the PUT /PamProviders method has been redesigned to remove references to PAM associations with areas and containers.

Table 598: PUT PamProviders v2 Input Parameters

Name In Description
Id Body Required. An integer indicating the Keyfactor Command reference ID for the PAM provider. This ID is automatically set by Keyfactor Command.
Name Body

Required. A string indicating the name of the PAM provider. This name is used to identify the PAM provider throughout Keyfactor Command.

Important:  The name you give to your PAM provider in Keyfactor Command must match the name of the PAM provider as referenced in the manifest.json file (see Installing Custom PAM Provider Extensions).
Provider Type Body

Required. An object containing details about the provider type for the provider. Only the provider type ID is needed on input. ClosedShow provider type details.
Provider Type Param Values Body

Required*. An array of objects containing the values for the provider types specified by ProviderTypeParam. Values are only required in this field if the Remote parameter is set to false. ClosedShow provider type parameter value details.

Example:  When creating a new PAM provider for Delinea local to Keyfactor Command, your POST body might look like:
Copy
{
   "name": "PAMProviders.Delinea.PAMProvider",
   "providerType": {
      "id": "bd1762ce-3ea5-41fb-bfb4-1b6de6393fa3"
   },
   "providerTypeParamValues": [
      {
         "providerTypeParam": {
            "Id": 19
         },
         "Value": "https://MyDelineaURL"
      },
      {
         "providerTypeParam": {
            "Id": 20
         },
         "Value": "MyDelineaServiceAccountUser"
      },
      {
         "providerTypeParam": {
            "Id": 21
         },
         "Value": "MySuperSecretPasswordtoAccessDelinea"
      }
   ]
}
Remote Body A Boolean indicating whether the PAM provider is local to the Keyfactor Command server (false) or local to the orchestrator (true). The default is false.

Table 599: PUT PamProviders v2 Response Data

Name Description
Id An integer indicating the Keyfactor Command reference ID for the PAM provider. This ID is automatically set by Keyfactor Command.
Name

A string indicating the name of the PAM provider. This name is used to identify the PAM provider throughout Keyfactor Command.
Provider Type

An object containing details about the provider type for the provider. ClosedShow provider type details.
Provider Type Param Values

An array of objects containing the values for the provider types specified by ProviderTypeParam. . ClosedShow provider type parameter value details.
Remote A Boolean indicating whether the PAM provider is local to the Keyfactor Command server (false) or local to the orchestrator (true). The default is false.

Version 1 of the PUT /PamProviders method includes the same capabilities as version 2 except it includes references to the deprecated parameters related to the area of Keyfactor Command to which the PAM provider applies.

Table 600: PUT PamProviders v1 Input Parameters

Name In Description
Id Body Required. An integer indicating the Keyfactor Command reference ID for the PAM provider. This ID is automatically set by Keyfactor Command.
Name Body

Required. A string indicating the name of the PAM provider. This name is used to identify the PAM provider throughout Keyfactor Command.

Important:  The name you give to your PAM provider in Keyfactor Command must match the name of the PAM provider as referenced in the manifest.json file (see Installing Custom PAM Provider Extensions).
Provider Type Body

Required. An object containing details about the provider type for the provider. Only the provider type ID is needed on input. ClosedShow provider type details.
Provider Type Param Values Body

Required*. An array of objects containing the values for the provider types specified by ProviderTypeParam. Values are only required in this field if the Remote parameter is set to false. ClosedShow provider type parameter value details.

Example:  When creating a new PAM provider for Delinea local to Keyfactor Command, your POST body might look like:
Copy
{
   "name": "PAMProviders.Delinea.PAMProvider",
   "providerType": {
      "id": "bd1762ce-3ea5-41fb-bfb4-1b6de6393fa3"
   },
   "providerTypeParamValues": [
      {
         "providerTypeParam": {
            "Id": 19
         },
         "Value": "https://MyDelineaURL"
      },
      {
         "providerTypeParam": {
            "Id": 20
         },
         "Value": "MyDelineaServiceAccountUser"
      },
      {
         "providerTypeParam": {
            "Id": 21
         },
         "Value": "MySuperSecretPasswordtoAccessDelinea"
      }
   ]
}
Remote Body A Boolean indicating whether the PAM provider is local to the Keyfactor Command server (false) or local to the orchestrator (true). The default is false.

Table 601: PUT PamProviders v1 Response Data

Name Description
Id An integer indicating the Keyfactor Command reference ID for the PAM provider. This ID is automatically set by Keyfactor Command.
Name

A string indicating the name of the PAM provider. This name is used to identify the PAM provider throughout Keyfactor Command.
Area

An integer indicating the area of Keyfactor Command the provider is used for.

This is considered deprecated and may be removed in a future release.
Provider Type

An object containing details about the provider type for the provider. ClosedShow provider type details.
Provider Type Param Values

An array of objects containing the values for the provider types specified by ProviderTypeParam. . ClosedShow provider type parameter value details.
Remote A Boolean indicating whether the PAM provider is local to the Keyfactor Command server (false) or local to the orchestrator (true). The default is false.
Secure Area Id

An integer indicating the Keyfactor Command reference ID for the certificate store container the PAM provider is associated with, if any.

This is considered deprecated and may be removed in a future release.
Tip:  See the Keyfactor API Reference and Utility which provides a utility through which the Keyfactor APIClosed An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflowClosed A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon () at the top of the Management Portal page next to the Log Out button.