Interfaces
This section provides an overview of the CipherTrust Manager interfaces that can be used for CDP related operations.
REST API
Use the REST interface from the API playground or through any REST client such as curl. The REST interface acquires an authorization token internally and uses it for making API calls.
Acquiring an Authorization Token
To acquire a token:
Open the CipherTrust Manager URL in a browser.
Click the API & CLI Documentation link. The API playground is displayed.
At the top right, click Authenticate.
Enter username and password.
Click POST.
Note
This acquires an API token and prefills it in the playground examples. The token expires in 300 seconds (5 minutes). When it expires, use this tool again to acquire a new token.
On successful token generation, the remaining token expiry time in seconds is displayed. Response similar to the following is displayed:
Response 200 : POST : https://<CipherTrust Manager IP>/api/<version>/auth/tokens/ Object headers:Object data:Object
Two new buttons, Clear Credentials and Re Authenticate, are also displayed at the top right.
Expand
data:Object
to view the token. Details similar to the following are displayed:jwt:"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIwNTBhN2Q5Yi1mYTJlLTRkYTgtOTZhZS03MDIwMDE3ZmQ5ZGUiLCJzdWIiOiJsb2NhbHxjMzk1NGRjMC1kM2IxLTQ4YTktODA3OC0zYmI5ZjIwZmJkYmUiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJncm91cHMiOlsiYWRtaW4iXX0sImp3dGlkIjoiYWQyODZhNDEtMTg1NC00NzFiLWFmNmEtNzc5MDU3OTU2MTk4IiwiaWF0IjoxNTI0ODE5NDI1LCJleHAiOjE1MjQ4MTk3MjV9.89fKSHizTgEz1mfxWdMQ598FLY1CTk-ePaLOlOypQoc" duration:300 token_type:"Bearer" client_id:"8181a3e4-082e-4aaa-b985-5c35db15ffcd" refresh_token:"UmOsCNMfIHSv0yVIw2q8F12dtVZ8W7QtmqfYAZxbhXjWfIBBYpDrUabiiMqIHg0S" refresh_token_expires_in:1799
The APIs would now use this token.
Using the Token
The authorization token acquired above is used in examples in the API playground. The token expires in 5 minutes; if expired, generate a new token, as described in Acquiring an Authorization Token.
Making an API Call
To make an API call, find the API in the left pane and click it. In the right pane, specify the required parameters, and click an appropriate button (for example, POST, GET, DELETE, or Curl). For example, to create a CTE policy on CipherTrust Manager:
In the left pane of the API playground, click CTE/Policies.
Under cte/policies, click Create. The Create section of the API playground is displayed in the right pane.
In the body field, specify required parameters with their values, as shown below.
{ "database_type" :"Oracle", "name" :"alias2", "host":"10.1.1.1", "database_port":"1521", "connection_Protocol" :"tcp", "database_user" :"test", "database_password" :"asdftest", "metadb_user":"ingrian", "meta_password" : "asdftest", "database_name":"orcl" }
Expand schema under the body field for names and types of fields. Hover your mouse over each field to view its description. The parameter names and casing in the body field must match with those shown in the schema. Also, ensure that parameters and their values are specified in double quotes.
Click POST.
Alternatively, to get an equivalent curl
command, click the Curl button. The curl
equivalent will be shown in the text field below. Use the curl
tool to run the command to make the REST API call.
Similarly, all API calls can be made by referring to the schema shown in the playground.
GUI
Use the CipherTrust Manager's GUI to perform CDP management functions, such as database connection, user mapping, add table, and encryption configuration. These functions can also be performed using the REST APIs.
To use the GUI:
Open the CipherTrust Manager URL in a browser.
Enter Username and Password.
Click Log In. By default, the Products page is displayed.
Click CDP to open the application. The Databases page is displayed on the right.
Use the Databases page to view details of existing database connections or set up new connections, view/add/delete/modify database tables, user mappings, and configure/modify column level encryption properties.