Home Application Programming Interface

Application Programming Interface

The RCDevs API enables integration of RCDevs solutions with third-party applications. It provides secure endpoints for user authentication, access control, token management, and more. Built with developer needs in mind, the API supports HTTPS secure communication. Comprehensive documentation and examples ensure ease of use, allowing you to extend RCDevs functionalities efficiently within your systems

Manager APIs

Overview The Manager interface provides access to WebADM user management functions and operations exported by your registered applications. It also allows external systems, such as web portals, to remotely trigger user management operations from the network. The user management functions offer LDAP operations such as object creation, updates, removal, and

WebADM - Get_User_IDs

This method returns the list of user login name values (array) as defined in /opt/webadm/conf/webadm.conf under the uid_attrs setting. By default: uid_attrs "uid", "samAccountName", "userPrincipalName" The mandatory parameter is the DistinguishedName value of the user. Python PHP PowerShell

WebADM - Get_User_Domains

This methods returns an array of WebADM domains the user is part of. The mandatory parameter is the DistinguishedName value of the user. Python PHP PowerShell import requests import json # Define the method and parameters method = 'Get_User_Domains' params = { 'dn': 'cn=john doe,cn=

WebADM - Get_User_DN

This method returns a user's LDAP DN (string) based on their username (UID) and WebADM domain name. The mandatory parameters are the user's username and their WebADM domain membership. The usable attributes for the username value are configured in /opt/webadm/conf/webadm.conf using the

WebADM - Get_User_Groups

This method returns an array of LDAP groups that the user belongs to. The required parameters are the user's Distinguished Name (DN) and their WebADM domain. Python PHP PowerShell import requests import json # Define the method and parameters method = 'Get_User_Groups' params = { 'dn'

WebADM - Search_LDAP_Objects

This method allows you to search for an LDAP object, functioning similarly to an LDAP search operation. The mandatory setting is the basedn, which corresponds to the DN (Distinguished Name) treebase from where the search will begin in the LDAP directory. By setting the filter, you can apply an LDAP

WebADM - Create_LDAP_Object

This method is used to create a new LDAP object in the directory. The required attributes in the attrs array depend on the type of object you are creating (e.g., user, group, etc.). Ensure you provide all necessary attributes for the specific object class. This method requires two parameters:

WebADM - Check_LDAP_Object

The Check_LDAP_Object method is used to check whether an LDAP object with a specified Distinguished Name (DN) exists in the LDAP directory. Required Parameters: dn (String): The Distinguished Name (DN) of the object you want to check for existence in the LDAP directory. Returns a Boolean: true if

WebADM - Remove_LDAP_Object

The Remove_LDAP_Object method is used to delete an existing LDAP object. It requires the full DN of the object to be specified. If the operation is successful, the method returns true. If there is an error during the removal, it returns false. You can use this method to

WebADM - Rename_LDAP_Object

The Rename_LDAP_Object method is used to rename an existing LDAP object. It requires the DN of the object to be renamed, as well as the new name to assign to it. The method returns true on success and false if the operation fails, such as if the object

WebADM - Move_LDAP_Object

The Move_LDAP_Object method is used to move an LDAP object from one container to another within the LDAP directory structure. It requires the DN of the object being moved and the DN of the destination container. The method returns true on success and false on error. Errors may

WebADM - Activate_LDAP_Object

The Activate_LDAP_Object method is used to activate an LDAP object within the LDAP directory structure. It only requires the DN of the LDAP object that needs to be activated. The object can be a user or a group. This method returns true on success and false on error.

WebADM - Check_User_Password

The Check_User_Password method is used to verify whether the password for a given LDAP user is correct. It requires the DN (Distinguished Name) and the password of the LDAP user to be checked. The method returns true if the password check is successful, and false if it fails.

WebADM - Deactivate_LDAP_Object

The Deactivate_LDAP_Object method is used to deactivate an LDAP object within the LDAP directory structure. It only requires the DN of the LDAP object that needs to be deactivated. The object can be a user or a group. This method returns true on success and false on error.

WebADM - Sync_LDAP_Delete

TheSync_LDAP_Delete method is used to synchronize LDAP object removals in a tenant context. It requires the DN of the container being synced and the contents, which correspond to an array of LDAP object that won't be deleted. This method returns the number of remaining objects on

WebADM - Sync_LDAP_Object

TheSync_LDAP_Object method is used to synchronize a remote LDAP object in a tenant context. It requires the DN of the object being synced. The second parameter required is attrs, an array of LDAP attributes and their corresponding values that define the object. It is also possible to set

WebADM - Get_User_Attrs

The Get_User_Attrs method is used to retrieve the attributes of an LDAP user. It mainly requires the DN of the LDAP user. In addition, you can precise an array of the attributes that you want to retrieve through the parameter attrs. This method returns an array of attributes,

WebADM - Set_User_Password

The Set_User_Password method is used to define the password of an LDAP user. It requires the DN of the LDAP user and the password that you want to define. In addition, you can enable the parameter change if the user must change the password at next logon with

WebADM - Set_User_Attrs

The Set_User_Attrs method is used to define some particular attributes of an LDAP user. It requires the DN of the LDAP user, but also the attrs parameter, which must be an array of attributes, each attribute containing an array of values. If values is set to true, then

WebADM - Remove_User_Attrs

The Remove_User_Attrs method is used to delete some particular attributes of an LDAP user. It requires the DN of the LDAP user, but also the attrs parameter, which must contain an array of LDAP attribute names. If values is set to true, then only the specified attribute values

WebADM - Get_User_Settings

The Get_User_Settings method is used to retrieve user settings from an LDAP user. It mainly requires the DN of the LDAP user. In addition, you can precise an array of the settings that you want to retrieve through the parameter settings. Settings names must be in the form

WebADM - Get_User_Data

The Get_User_Data method retrieves user application data from the WebADM data attribute configured in the webadm.conf file using the webadm_data_attrs setting. It mainly requires the DN of the LDAP user. In addition, you can precise an array of the data that you want to retrieve

WebADM - Set_User_Data

The Set_User_Data method is used to define user application data for the configured WebADM data attribute. It requires the DN of the LDAP user and an array of data to define, passed through the data parameter. Data names must follow the format ApplicationName.DataName, for example, OpenOTP.TokenType.

WebADM - Set_User_Settings

The Set_User_Settings method is used to define user settings for an LDAP user. It requires the DN of the LDAP user and an array of settings to define, passed through the settings parameter. Setting names must follow the format ApplicationName.SettingName, for example, OpenOTP.LoginMode. Setting values must

WebADM - Get_User_Certificates

The Get_User_Certificates method is used to retrieve user certificates for an LDAP user. It only requires the DN of the LDAP user. This method returns an array of user certificates in PEM format. Python PHP PowerShell import requests import json # Define the method and parameters method = 'Get_

WebADM - Remove_User_Certificate

The Remove_User_Certificate method is used to delete a specific user certificate from an LDAP user. It requires the DN of the LDAP user and the serial number to specify the user certificate with the parameter certificate. This method returns true on success and false on error. Python PHP

WebADM - Import_Inventory_Item

The Import_Inventory_Item method is used to import new items to the inventory database. It requires the type, the reference and the description of the item. It also needs the data parameter which is an array that must be base64-encoded and set according to RCDevs inventory specification. There are

WebADM - Search_Inventory_Items

The Search_Inventory_Items method is used to return the inventory items (list of serial numbers) corresponding to the search parameters. It requires the type of the searched items. There are other parameters such as the filter, which applies to the item reference and can contain start like '1234*

WebADM - Link_Inventory_Item

The Link_Inventory_Item method is used to link or unlink an item to an LDAP user. It requires the type and reference of the concerned item. You can also specify the user dn to whom you want to link the item. If no dn is specified, the item will

WebADM - Unlock_Application_Access

The Unlock_Application_Access method is used to temporarily unlock user access for WebApps configured with 'Access Locked'. It requires the dn of the LDAP user for whom you want to unlock the WebApp, that needs to be specified through the application parameter. Applications values are: * pwreset * selfdesk

WebADM - Get_QRCode

The Get_QRCode method is used to build a QRCode in GIF/PNG/JPG/TXT format. It requires the uri string of the QRCode built with the method OpenOTP.TOTP_URI or OpenOTP.HOTP_URI It is possible to specify some optionnal parameters to design the QRCode : * size : Integer parameter

WebADM - Get_Random_Bytes

The Get_Random_Bytes method is used to generate random bytes. The only required parameter is the length of the string generated. This method returns pseudo-random bytes generated by the WebADM true random engine. The random bytes are usable for cryptography and random seeds. Python PHP PowerShell import requests import

WebADM - Get_License_Details

The Get_License_Details method is used to retrieve information from the license. The only optional parameter is the product license if you want to specify it. This method returns license details such as expiration, limitations, and the license server's pool state. For service provider licenses, tenant data

WebADM - Clear_Caches

The Clear_Caches method triggers the 'Clear WebADM System Caches' action from the Admin menu in the WebADM GUI. It does not require parameters, but you can use the type parameter to clear configuration objects of a specific type (e.g., Domain, Optionset, Client). Additionally, if a service

WebADM - Sign_Certificate_Request

The Sign_Certificate_Request method is used to sign a previously generated certificate request (CSR). It requires the request parameter, which contains the CSR, and allows you to specify the certificate's expiration using the integer parameter expires. This method returns the locally signed certificate in PEM format. Python

WebADM - Count_Activated_Users

The Count_Activated_Users method retrieves the number of cached activated users. The only optional parameters are product and tenant. If a product ID is provided, WebADM counts only the licenses in use for that specific product. You can also specify the tenant when using a service provider license. This

WebADM - Count_Activated_Hosts

The Count_Activated_Hosts method retrieves the number of cached activated hosts. The only optional parameters are product and tenant. If a product ID is provided, WebADM counts only the hosts in use for that specific product. You can also specify the tenant when using a service provider license. This

WebADM - Send_Push

The Send_Push method is used to send a push notification to a specified recipient. The required parameters are the recipient through the parameter to that corresponds to the ID of the token on which you want to send the push, that you can find in the User Data in

OpenOTP - OpenOTP.TOTP_Verify

The OpenOTP.TOTP_Verify method is used to verify TOTP password. The required parameters are the key (in base 64) that is the token binary random seed, the current otp of the TOTP token, the length of the otp and the period of the token. The only optional parameter is

OpenOTP - OpenOTP.TOTP_Resync

The OpenOTP.TOTP_Resync method is used to resynchronize the TOTP token. Some TOTP tokens tend to get an internal clock drift by time and do not work anymore. The re-synchronization computes and stores the time drift between the server and the token. The required parameters are the dn of

OpenOTP - OpenOTP.OCRA_Register

The OpenOTP.OCRA_Register method is used to register an OCRA token. The required parameters are the key (in base 64) that is the token binary random seed and the dn of the LDAP user. The key length can be : * 20 bytes for a SHA1 OATH token * 32 bytes for

WebADM - Send_SMS

The Send_SMS method is used to send a SMS to a specified recipient. The required parameters are the recipient through the parameter to and the message of the SMS. You can also specify who is sending the SMS with from. This method returns true on succes and false on

WebADM - Server_Status

The Server_Status method is used to retrieve system status information. There are only optional boolean parameters for this method. If servers is true then server connector statuses are included. If webapps is true then Web Application statuses are included. If websrvs is true then Web Service statuses are included.

OpenOTP - OpenOTP.Mobile_Response

The OpenOTP.Mobile_Response method is used to get the status of the mobile session. The only required parameter is the session ID of the corresponding session. This method returns the session status, which can have different values : * 0 : The mobile session has failed or expired * 1 : OpenOTP successfully received

OpenOTP - OpenOTP.HOTP_Register

The OpenOTP.HOTP_Register method is used to register a HOTP token. The required parameters are the key (in base 64) that is the token binary random seed and the dn of the LDAP user. The key length can be : * 20 bytes for a SHA1 OATH token * 32 bytes for

OpenOTP - OpenOTP.HOTP_Verify

The OpenOTP.HOTP_Verify method is used to verify HOTP password. The required parameters are the key (in base 64) that is the token binary random seed, the current otp of the HOTP token and the length of the otp. The only optional parameter is the state of the token.

OpenOTP - OpenOTP.Mobile_Session

The OpenOTP.Mobile_Session method is used to start a mobile enrolment session. It initializes a mobile communication session when mobile Push is enabled. The required parameter is the timeout of the session in seconds, which must be long enough for the Token to enrol the provided QRCode. You can

OpenOTP - OpenOTP.HOTP_URI

The OpenOTP.HOTP_URI method is used to get a HOTP mobile URI. The required parameters are the key (in base 64) that is the token binary random seed, the userid (corresponding to the username), the domain and the name which is the display name for the Software Token. The

OpenOTP - OpenOTP.HOTP_Resync_Sequence

The OpenOTP.HOTP_Resync_Sequence method is used to resynchronize the HOTP token with OTPs. The re-synchronization recovers the token counter value based on OTP values. The required parameters are the dn of the LDAP user with the token and you must provide two consecutive OTPs generated on the token,

WebADM - Count_Domain_Users

The Count_Domain_Users method retrieves the number of users within a domain. The required parameter is the domain name from which you want to count the users. You can also specify if you want to count only the activated users with the boolean parameter active. This method returns how

WebADM - Check_User_Active

The Check_User_Active method checks if an LDAP user is activated. The only required parameter is the dn from the LDAP user you want to check. This method returns true if the user is activated (count one license) and false if the user is not activated. Python PHP PowerShell

WebADM - Get_Event_Logs

The Get_Event_Logs method is used to fetch SQL logs. The required parameter is the application from which you want to get the logs. It is possible to specify the max last SQL logs you want to fetch. Otherwise, the last 100 entries are fetched. You can also specify

WebADM - Send_Mail

The Send_Mail method is used to send an email with potential attachment(s). The required parameters are the recipient through the parameter to, the subject and the body of the mail. It is possible to specify other parameters such as the from or the certificate. To send a s/

WebADM - Cert_Auto_Confirm

The Cert_Auto_Confirm method enable the auto confirmation mode like in Admin / Issue Certificate. The required parameter is expires and corresponds to the duration in minutes of the Auto-confirm mode. It has pre-defined values : 0, 1, 5, 10, 15, 30, 60. If you use 0 as expiration, it will

WebADM - Check_User_Badging

The Check_User_Badging method checks if an LDAP user is badged-in. The only required parameter is the dn from the LDAP user you want to check. This method returns true and the badging time if the user is badged-in and false if the user is not badged-in. Python PHP

WebADM - Get_Config_Objects

The Get_Config_Objects method is used to retrieve configuration objects information. The required parameter is the type that can be either domains, trusts, clients, webapps or websrvs. It is possible to specify the boolean parameter settings and the application. This method returns the list of WebADM LDAP configurations objects

WebADM - Set_Client_Mode

The Set_Client_Mode method is used to temporarily change a client policy's operating mode. The required parameters are the name of the client policy and the mode desired. Use mode 1 for Step Down, 2 for Step Up, 3 for No Access and 0 for default. The

OpenOTP - OpenOTP.HOTP_Resync_Counter

The OpenOTP.HOTP_Resync_Counter method is used to resynchronize the HOTP token with counter. The re-synchronization resets the token counter to the specified value. It implies that you know the current counter value on the token. The required parameters are the dn of the LDAP user with the token

OpenOTP - OpenOTP.TOTP_URI

The OpenOTP.TOTP_URI method is used to get a TOTP mobile URI. The required parameters are the key (in base 64) that is the token random seed, the userid (corresponding to the username), the domain and the name which is the display name for the Software Token. The optional

OpenOTP - OpenOTP.TOTP_Register

The OpenOTP.TOTP_Register method is used to register a TOTP token. The required parameters are the key (in base 64) that is the token binary random seed and the dn of the LDAP user. The key length can be : * 20 bytes for a SHA1 OATH token * 32 bytes for

OpenOTP - OpenOTP.OCRA_Resync_Counter

The OpenOTP.OCRA_Resync_Counter method is used to resynchronize the OCRA token with counter. This re-synchronization method is for event-based OCRA Suites. It implies that you know the current counter value on the token. The required parameters are the dn of the LDAP user with the token and the

OpenOTP - OpenOTP.OCRA_Resync_Sequence

The OpenOTP.OCRA_Resync_Sequence method is used to resynchronize the OCRA token with OTPs. This re-synchronization method is for event-based OCRA Suites. The required parameters are the dn of the LDAP user with the token and you must provide two consecutive OTPs generated on the token, which are otp1

OpenOTP - OpenOTP.OCRA_Resync_Time

The OpenOTP.OCRA_Resync_Time method is used to resynchronize the OCRA token with timestamp. This re-synchronization method is for time-based OCRA Suites, it computes and stores the time drift between the server and the token. The required parameters are the dn of the LDAP user with the token and

OpenOTP - OpenOTP.Token_Enable

The OpenOTP.Token_Enable method is used to re-activate an OTP token. It re-activates a disabled token to make it usable again. The only required parameter is the dn of the LDAP user on which you want to re-activate the token. The only optional parameter is the id that indicates

OpenOTP - OpenOTP.Yubikey_Register

The OpenOTP.Yubikey_Register method is used to register a Yubikey token. The required parameters are the dn of the LDAP user with the token, the key, which is the Yubikey binary random seed (or secret) and must be base64-encoded and 16 Bytes long, the secret, which is the Yubikey

OpenOTP - OpenOTP.OCRA_Setpin

The OpenOTP.OCRA_Setpin method is used to set PIN code for the OCRA Token. It sets a new PIN code value for OCRA Suites having a PIN code component. The required parameters are the dn of the LDAP user with the token and the pin, which must be alpha-numeric

OpenOTP - OpenOTP.Yubicloud_Register

The OpenOTP.Yubicloud_Register method is used to register a Yubikey token with YubiCloud. The required parameters are the dn of the LDAP user with the token and the otp string generated by the Yubikey. The only optional parameter is the id that indicates which token is registered with this

OpenOTP - OpenOTP.Yubikey_Reset

The OpenOTP.Yubikey_Reset method is used to reset a Yubikey token. The reset simply removes the token state value from the user. The only required parameter is the dn of the LDAP user with the Yubikey token. The only optional parameter is the id that indicates which token is

OpenOTP - OpenOTP.Yubikey_Locate

The OpenOTP.Yubikey_Locate method is used to locate a Yubikey token. It gets the registration index, from 1 to 10, for a registered Yubikey. The required parameters are the dn of the LDAP user with the Yubikey token and the otp string generated by the Yubikey. This method returns

OpenOTP - OpenOTP.Token_Disable

The OpenOTP.Token_Disable method is used to de-activate an OTP token. It marks the token as disabled to temporarily/permanently de-activate it. The only required parameter is the dn of the LDAP user on which you want to de-activate the token. The only optional parameter is the id that

OpenOTP - OpenOTP.FIDO_Challenge

The OpenOTP.FIDO_Challenge method is used to get a FIDO registration challenge. The required parameters are the username of the LDAP user for which you want a FIDO challenge, the domain and the random, generated with the method WebADM - Get_Random_Bytes. The only optional parameter is the

OpenOTP - OpenOTP.Token_Unregister

The OpenOTP.Token_Unregister method is used to unregister an OTP token. The un-registration removes the token metadata from the user. The only required parameter is the dn of the LDAP user on which you want to unregister the token. The only optional parameter is the id that indicates which

OpenOTP - OpenOTP.List_Register

The OpenOTP.List_Register method is used to register an OTP list. It initializes an OTP list for the user. The only required parameter is the dn of the LDAP user on which you want to register the list. The optional parameters are the algo that should always be SHA1

OpenOTP - OpenOTP.TmpKey_Register

The OpenOTP.TmpKey_Register method is used to register temporary passwords for the user (bypassing usual factors). The required parameters are the dn of the LDAP user on which you want to register the temporary password and the password, the length of which must be between 10 and 30 characters.

OpenOTP - OpenOTP.Inventory_Register

The OpenOTP.Inventory_Register method is used to register an inventoried token, which can be registered with its serial number. The required parameters are the dn of the LDAP user on which you want to register the token and the serial corresponding to the 'Reference' field in the

OpenOTP - OpenOTP.AppKey_Register

The OpenOTP.AppKey_Register method is used to register application passwords (bypassing usual factors). The only required parameter is the dn of the LDAP user on which you want to register the application password. The optional parameters are : * length : the length is the number of alphanumeric characters of the passwords.

OpenOTP - OpenOTP.AppKey_Fetch

The OpenOTP.AppKey_Fetch method is used to retrieve the application passwords. The only required parameter is the dn of the LDAP user on which you want to retrieve the application passwords. This method returns the application passwords in an array containing the passwords per client ID on success and

OpenOTP - OpenOTP.List_Fetch

The OpenOTP.List_Fetch method is used to retrieve an OTP list. The only required parameter is the dn of the LDAP user on which you want to fetch the list. This method returns the OTP list in an array containning all the OTP values in sequence. Python PHP PowerShell

OpenOTP - OpenOTP.Emerg_Register

The OpenOTP.Emerg_Register method is used to register an emergency (temporary static) OTP for the user. The only required parameter is the dn of the LDAP user on which you want to register the emergency OTP. The optional parameters are : * otp : the emergency OTP must be alpha-numeric and length

OpenOTP - OpenOTP.List_Unregister

The OpenOTP.List_Unregister method is used to unregister the OTP list. It removes the registered OTP List from the user. The only required parameter is the dn of the LDAP user on which you want to unregister the list. This method returns true on success and false on error.

OpenOTP - OpenOTP.Prefix_Unregister

The OpenOTP.Prefix_Unregister method is used to unregister the OTP PIN Prefix from the user. The only required parameter is the dn of the LDAP user on which you want to unregister the OTP PIN Prefix. This method returns true on success and false on error. Python PHP PowerShell

OpenOTP - OpenOTP.AppKey_Unregister

The OpenOTP.AppKey_Unregister method is used to unregister application passwords. The only required parameter is the dn of the LDAP user on which you want to unregister the application password. This method returns true on success and false on error. Python PHP PowerShell import requests import json # Define the

OpenOTP - OpenOTP.Emerg_Unregister

The OpenOTP.Emerg_Unregister method is used to unregister the emergency OTP from the user. The only required parameter is the dn of the LDAP user on which you want to unregister the emergency OTP. This method returns true on success and false on error. Python PHP PowerShell import requests

OpenOTP - OpenOTP.Prefix_Register

The OpenOTP.Prefix_Register method is used to register an OTP PIN Prefix. The only required parameter is the dn of the LDAP user on which you want to register the OTP PIN Prefix. The only optional parameter is the prefix which must be alpha-numeric and its length must be

OpenOTP - OpenOTP.List_State

The OpenOTP.List_State method is used to get the number of remaining OTPs. The only required parameter is the dn of the LDAP user on which you want to have the state of the list. This method returns the Id (current OTP offset) in the OTP List. If the

OpenOTP - OpenOTP.TmpKey_Unregister

The OpenOTP.TmpKey_Unregister method is used to unregister temporary passwords for the user. The only required parameter is the dn of the LDAP user on which you want to unregister the temporary password. This method returns true on success and false on error. Python PHP PowerShell import requests import
Link copied to clipboard.
You've successfully subscribed to RCDevs | Documentation Center
Great! Next, complete checkout for full access to RCDevs | Documentation Center
Welcome back! You've successfully signed in.
Unable to sign you in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info is updated.
Billing info update failed.