The SafeConsole API allows you to manage devices and resources within your SafeConsole server in a simple, programmatic way using conventional HTTP requests. The endpoints are intuitive and powerful, allowing you to easily make calls to retrieve information or to execute actions. More information regarding the use of SafeConsole's REST API can be found here.



API Authentication

In order to interact with the SafeConsole API, you or your application must authenticate.


The SafeConsole API handles authentication through an API Token, an open standard for authorization. API allows you to delegate access to your account in full or in read-only mode based on the Custom Role-Based system. 


An API token functions as a complete authentication request. In effect, the token is a substitute for a username and password pair. Because of this, it is absolutely essential that you keep your API tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.



Generating a SafeConsole API Token

You can obtain an API Token by visiting the profile section of the SafeConsole interface for your account.

The steps below and the corresponding screenshots will assist with generating this token.


Note: These steps assume you have access to your SafeConsole server as a SafeConsole administrator.


1. After logging into your SafeConsole, click your username in the upper right-hand corner

2. Click "Profile Settings" from the drop-down menu



3. On the following screen, click the "API Tokens (BETA)" tab

4. Click the "+Generate New Token" button 



5. Configure a name for your API token. (It is recommended to use the name of your third party integration - See 'integromat' above)

    (Optional) Configure the "Access Token Expiration" - Default is 90 days

6. Click the copy "Clipboard" button to the right of your Access Token and save this in a secure location for reference during integration configuration

7. Close the window to return to your SafeConsole Account page



How to Authenticate with API Token

In order to make an authenticated request, include a bearer-type Authorization header containing your API token. All requests must be made over HTTPS.

#Example API request using Curl: 
curl --location --request POST 'https://safeconsole.mycompany.com/safeconsole/admin?action=find_users' \
--header 'Authorization: Bearer eyQiLCJhbGciOiJNiJ9.eyJyb2xlcyI6WyJzeXN0ZW1fc3VwcG9ydCJdLCJpc3MiOiJuaWdodxlY2xvdWQuaW8iLCJyZWFsbSI6ImNvbS5ibG9ja21hc3Rlci5zZ1NPUmVhbG0iLCJhZG1pbl9uYW1lIjoia2VhbkBkYNvbSIsImV4cCI6MjE0NzM2NjIwN30.DDFgdMB0lEfKahNkkuWg7TbMdNjw8VJ-mYOpSGjfBkI' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'data={"limit": 25, "start": 0, "sort_by": "last_login", "sort_order": "DESC", "keyword": "search_all"}'
#Example response using the above request
#Some content has been abbreviated
{
  "total": 1,
  "success": true,
  "response": [
    {
      "last_ip": "127.0.0.1",
      "ou": 1,
      "last_login": "2020-08-31T19:58:14Z",
      "acquired_date": "2020-08-31T19:58:14Z",
      "isUpdated": false,
      "cn": "safeconsole-apitest.org",
      "hasPolicy": false,
      "policyId": 1,
      "policyType": "OU",
      "safesticks": [
        {
          "owner": "safeconsole-apitest.org",
          "safeStickStatus": "DISABLED",
          "lastUsed": "2020-08-31T19:58:14Z",
          "serialBarcode": "BBBBBBBBBBBBBBB",
          "hasRecoveryCode": false,
          "serial": "BBBBBBBBBBBBBBB",
          "hardwareID": "BBBBBBBB",
          "lastIP": "127.0.0.1",
          "isUpdated": true,
          "isOnline": false,
          "version": "1.4.2",
          "geolocation": {
            "date": "2020-08-31T19:58:14Z",
            "ip_end": "000000007F000001",
            "country": "Atlantic Ocean",
	        ...abbreviated...
          }
        }
      ],
      "id": 1,
      "email": "johndoe@email.com",
      "geolocation": {
        "date": "2020-08-31T19:58:14Z",
        "ip_end": "000000007F000001",
        "country": "Atlantic Ocean",
	    ...abbreviated...
      }
    }
  ]
}