The SafeConsole API allows you to manage devices and resources within your SafeConsole server in a simple, programmatic way using conventional HTTP requests. The endpoints are intuitive and powerful, allowing you to easily make calls to retrieve information or execute actions. More information regarding the use of SafeConsole's REST API can be found here.
Note: Current implementation of SafeConsole API (Beta) functions best when used with safeConsole owner API-created tokens. It is recommended the SafeConsole Owner creates and manages API Tokens. API tokens created by other SafeConsole Admins (Admin, Manager, Support, and custom roles) have limited functionality.
API Authentication
In order to interact with the SafeConsole API, you or your application must authenticate.
The SafeConsole API handles authentication through an API Token, an open standard for authorization. API allows you to delegate access to your account in full or in a read-only mode based on the Custom Role-Based system.
An API token functions as a complete authentication request. In effect, the token is a substitute for a username and password pair. Because of this, it is absolutely essential that you keep your API tokens secure. In fact, upon generation, the web interface will only display each token a single time in order to prevent the token from being compromised.
Generating a SafeConsole API Token
Before you can generate an API token you will need to verify that you have enabled the API options in your SafeConsole Server (This will need to be done by the account owner) under General > Server Settings:
Once enabled, you can obtain an API Token by visiting the profile section of the SafeConsole interface for your account.
The steps below and the corresponding screenshots will assist with generating this token.
Note: These steps assume you have access to your SafeConsole server as a SafeConsole administrator.
1. After logging into your SafeConsole, click your username in the upper right-hand corner
2. Click "Profile Settings" from the drop-down menu
3. On the following screen, click the "API Tokens (BETA)" tab
4. Click the "+Generate New Token" button
5. Configure a name for your API token. (It is recommended to use the name of your third-party integration - See 'integrate' above)
(Optional) Configure the "Access Token Expiration" - Default is 90 days
6. Click the copy "Clipboard" button to the right of your Access Token and save this in a secure location for reference during integration configuration
7. Close the window to return to your SafeConsole Account page
How to Authenticate with API Token
In order to make an authenticated request, include a bearer-type Authorization header containing your API token. All requests must be made over HTTPS.
Please visit https://api.safeconsole.com/ for our full SafeConsole API documentation.
#Example API request using Curl: curl --location --request POST 'https://safeconsole.mycompany.com/safeconsole/admin?action=find_users' \ --header 'Authorization: Bearer eyQiLCJhbGciOiJNiJ9.eyJyb2xlcyI6WyJzeXN0ZW1fc3VwcG9ydCJdLCJpc3MiOiJuaWdodxlY2xvdWQuaW8iLCJyZWFsbSI6ImNvbS5ibG9ja21hc3Rlci5zZ1NPUmVhbG0iLCJhZG1pbl9uYW1lIjoia2VhbkBkYNvbSIsImV4cCI6MjE0NzM2NjIwN30.DDFgdMB0lEfKahNkkuWg7TbMdNjw8VJ-mYOpSGjfBkI' \ --header 'Content-Type: application/json' \ --data-raw '{ "limit": 25, "start": 0, "sort_by": "last_login", "sort_order": "DESC", "keyword": "search_all" }'
#Example response using the above request #Some content has been abbreviated { "total": 1, "success": true, "response": [ { "last_ip": "127.0.0.1", "ou": 1, "last_login": "2020-08-31T19:58:14Z", "acquired_date": "2020-08-31T19:58:14Z", "isUpdated": false, "cn": "safeconsole-apitest.org", "hasPolicy": false, "policyId": 1, "policyType": "OU", "safesticks": [ { "owner": "safeconsole-apitest.org", "safeStickStatus": "DISABLED", "lastUsed": "2020-08-31T19:58:14Z", "serialBarcode": "BBBBBBBBBBBBBBB", "hasRecoveryCode": false, "serial": "BBBBBBBBBBBBBBB", "hardwareID": "BBBBBBBB", "lastIP": "127.0.0.1", "isUpdated": true, "isOnline": false, "version": "1.4.2", "geolocation": { "date": "2020-08-31T19:58:14Z", "ip_end": "000000007F000001", "country": "Atlantic Ocean", ...abbreviated... } } ], "id": 1, "email": "johndoe@email.com", "geolocation": { "date": "2020-08-31T19:58:14Z", "ip_end": "000000007F000001", "country": "Atlantic Ocean", ...abbreviated... } } ] }