pyIVIA API Version Factory
Supported Versions
pyIVIA supports management API from several versions of IBM Verify Identity Access:
IBM Verify Identity Access 11.0.0.0
IBM Security Verify Access 10.0.9.0
IBM Security Verify Access 10.0.8.0
IBM Security Verify Access 10.0.7.0
IBM Security Verify Access 10.0.6.0
IBM Security Verify Access 10.0.5.0
IBM Security Verify Access 10.0.4.0
IBM Security Verify Access 10.0.3.1
IBM Security Verify Access 10.0.3.0
IBM Security Verify Access 10.0.2.0
IBM Security Verify Access 10.0.1.0
IBM Security Verify Access 10.0.0.0
IBM Security Access Manager 9.0.7.0
IBM Security Access Manager 9.0.6.0
IBM Security Access Manager 9.0.5.0
IBM Security Access Manager 9.0.4.0
IBM Security Access Manager 9.0.3.0
IBM Security Access Manager 9.0.2.1
IBM Security Access Manager 9.0.2.0
Usage
This module uses the firmware management API to return the version string from Verify Identity Access and return the appropriate version implementation of the management API.
A user should not attempt to instantiate the versioned classes, instead the pyivia.factory module should be
used to create a pyisava.factory.Factory object which is capable of returning version specific implementation of
the five modules used.
import pyivia
f = pyivia.factory.Factory("https://verify.identity.access.appliance", "user", "secret")
Verifying TLS to Verify Identity Access Management Interface
By default, connections to verify access local management interface do not verify the x509 certificate with
python’s CA truststore. to verify connections, the PYIVIA_VERIFY_TLS_LMI environment variable can be used.
If PYIVIA_VERIFY_TLS_LMI=true then the default CA certificate store is used to verify TLS connections
to a Verify Identity Access management interface.
Consult python or operating system documentation for steps to add certificates to this store.
- class pyivia.factory.Factory(base_url, username, password)
The Factory class is used to initialise a singleton “appliance” object which can be use for all subsequent API requests.
The factory has getter methods for the three modules: WebSEAL, Advanced Access Control; and Federation. It also getter methods for the system and diagnostics API.
Finally this class has helper methods to determine if the IBM Verify Identity Access deployment is an appliance or container deployment model.
This project supports both basic and API token authorization. If both username and password are provided, the rest client will use Basic authorization, if just a password is supplied, then Bearer authorization is supplied.
- get_access_control()
Return manager of AAC endpoint
- Returns:
versioned Advanced Access Control object.
- get_analysis_diagnostics()
Return manager of diagnostic endpoint
- Returns:
versioned Analysis and Diagnostics object.
- get_deployment_model()
Get the deployment model detected by Verify Identity Access. Appliance or Docker
- get_deployment_utility()
Return manager of Web Reverse Proxy endpoints
- get_federation()
Return manager of Federation endpoint
- Returns:
versioned Federations object.
- get_system_settings()
Return manager of system settings endpoint
- Returns:
versioned System Settings object.
- get_version()
Return the Verify Identity Access version
- get_web_settings()
Return manager of Web Reverse Proxy endpoints
Returns: versioned WebSEAL Reverse Proxy Settings object.
- is_docker()
Return true if detected deployment is running in a container
- set_password(password)
Update the password used to authenticate to Verify Identity Access administrator endpoints