This REST API is used to authenticate the users. A user needs to authenticate when he wants to use the API for administrative tasks like enrolling a token.
This API must not be confused with the validate API, which is used to check, if a OTP value is valid. See Validate endpoints.
Authentication of users and admins is tested in tests/test_api_roles.py
You need to authenticate for all administrative tasks. If you are not authenticated, the API returns a 401 response.
To authenticate you need to send a POST request to /auth containing username and password.
13.1.1.1. Audit endpoint¶
-
GET
/audit/statistics
¶ get the statistics values from the audit log
Example request:
GET /audit/statistics HTTP/1.1 Host: example.com Accept: application/json
Example response:
HTTP/1.1 200 OK Content-Type: text/csv { "id": 1, "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial_plot": "...image data...", } ] }, "version": "privacyIDEA unknown" }
-
GET
/audit/
¶ return a paginated list of audit entries.
Params can be passed as key-value-pairs.
Example request:
GET /audit?realm=realm1 HTTP/1.1 Host: example.com Accept: application/json
Example response:
HTTP/1.1 200 OK Content-Type: application/json { "id": 1, "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial": "....", "missing_line": "..." } ] }, "version": "privacyIDEA unknown" }
-
GET
/audit/
(csvfile)¶ Download the audit entry as CSV file.
Params can be passed as key-value-pairs.
Example request:
GET /audit/audit.csv?realm=realm1 HTTP/1.1 Host: example.com Accept: text/csv
Example response:
HTTP/1.1 200 OK Content-Type: text/csv { "id": 1, "jsonrpc": "2.0", "result": { "status": true, "value": [ { "serial": "....", "missing_line": "..." } ] }, "version": "privacyIDEA unknown" }