Salesforce Reports APIs
CCKM provides options to generate key visibility reports based on key-related activities between CCKM and Salesforce organization. Salesforce supports the Key Activity Report.
Use the Key Activity Report to inspect individual Salesforce tenant secret (called key on CCKM GUI) histories by operations, for example, when they were refreshed, rotated, edited, or deleted. Also, use this report to compare key activities between CCKM and Salesforce organization.
Use the Salesforce reports APIs to:
-
Generate a report
-
View the list of existing reports
-
View details of a particular report
-
Delete a report from CCKM
-
View the content of a generated report
-
Download the content of a report in CSV
Generating a Salesforce Cloud Report
Use the post /v1/cckm/sfdc/reports
API to generate a report. This API starts the report generation. The content of the report can be verified by running the get /v1/cckm/sfdc/reports/{id}/contents
API. Refer to Viewing Content of Generated Salesforce Cloud Reports.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports' -H 'Authorization: Bearer AUTHTOKEN' -H 'Content-Type: application/json' --data-binary $'{\n "name": "<report name>",\n "start_time": "<start time>",\n "end_time": "<end time>",\n "report_type": "<report type>",\n "sfdc_cloud_param": [<Salesforce param>]\n}' --compressed
Request Parameters
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
name | string | Name for the report. |
report_type | string | Type of the report. The supported type is key-report . |
sfdc_cloud_param | JSON | Salesforce Cloud parameter. Refer to Salesforce Cloud Parameter for details. |
start_time | string | Start time from when the report is to be generated. Default start time is end_time-24hrs. |
end_time | string | End time for the report. Default end time is the time when the call is initiated. |
Note
If end_time
and start_time
are not specified, a report for the last 24 hours is generated.
Salesforce Cloud Parameter
Parameter | Type | Description |
---|---|---|
organization | string | ID of the Salesforce organization or resource ID of the organization. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjAxZDM2ZTY3LTI5NWQtNDNjZC05NDExLTk0OTdkYjQzMzQ4MyIsImlhdCI6MTU5NjAxMzM0OCwiZXhwIjoxNTk2MDEzNjQ4fQ.7jbUbvoZr9dZ8Yf1NmDUTw3jhq-XDzSHJzN-vQeYcbo' -H 'Content-Type: application/json' --data-binary $'{\n "name": "sfdc-report",\n "report_type": "key-report",\n "sfdc_cloud_param": {\n "organization": "00DB000000040dEMAQ"\n }\n}' --compressed
Example Response
{
"id": "351ec68f-c7ac-4e23-bd3e-f1729de0621e",
"uri": "kylo:kylo:cckm:reports:sfdc-report",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-08-19T02:02:46.768403646Z",
"name": "sfdc-report",
"updatedAt": "2021-08-19T02:02:46.802291014Z",
"overall_status": "in_progress",
"detailed_status": {
"00DB000000040dEMAQ": "in_progress"
},
"abort": false,
"report_type": "key-report",
"organization": "00DB000000040dEMAQ",
"start_time": "2021-08-18T02:02:46Z",
"end_time": "2021-08-19T02:02:46Z"
}
The output shows that the "overall_status"
of the report is "in_progress"
. Wait until the status becomes Completed
. To check the status, run the get /v1/cckm/sfdc/reports
(refer to Viewing List of Existing Salesforce Cloud Reports) or get /v1/cckm/sfdc/reports/{id}
API (refer to Viewing Details of a Particular Salesforce Cloud Report).
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.
Viewing List of Existing Salesforce Cloud Reports
Use the get /v1/cckm/sfdc/reports
API to view the list of updated reports. The results can be filtered using the query parameters.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Request Query Parameters
Parameter | Type | Description |
---|---|---|
id | string | Internal ID of the Salesforce cloud report. |
overall_status | string | Overall status of the Salesforce cloud report. The status can be: • completed • in progress • failed |
name | string | Name of the Salesforce cloud report. |
report_type | string | Type of the Salesforce cloud report. The supported type is key-report . |
skip | integer | Number of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output. |
limit | integer | Numbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output. |
sort | string | Comma-delimited list of properties to sort the results. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6IjAxZDM2ZTY3LTI5NWQtNDNjZC05NDExLTk0OTdkYjQzMzQ4MyIsImlhdCI6MTU5NjAxMzM0OCwiZXhwIjoxNTk2MDEzNjQ4fQ.7jbUbvoZr9dZ8Yf1NmDUTw3jhq-XDzSHJzN-vQeYcbo' --compressed
Example Response
{
"skip": 0,
"limit": 10,
"total": 2,
"resources": [
{
"id": "351ec68f-c7ac-4e23-bd3e-f1729de0621e",
"uri": "kylo:kylo:cckm:reports:sfdc-report",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-08-19T02:02:46.768404Z",
"name": "sfdc-report",
"updatedAt": "2021-08-19T02:02:46.86135Z",
"completed_at": "2021-08-19T02:02:46.860904Z",
"overall_status": "completed",
"detailed_status": {
"00DB000000040dEMAQ": "completed"
},
"abort": false,
"report_type": "key-report",
"organization": "00DB000000040dEMAQ",
"start_time": "2021-08-18T02:02:46Z",
"end_time": "2021-08-19T02:02:46Z"
},
{
"id": "d590815f-4434-4bea-ad60-efc6276198cc",
"uri": "kylo:kylo:cckm:reports:sfdc-report-new",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-08-19T03:08:26.108812Z",
"name": "sfdc-report-new",
"updatedAt": "2021-08-19T03:08:26.184688Z",
"completed_at": "2021-08-19T03:08:26.184354Z",
"overall_status": "completed",
"detailed_status": {
"00DB000000040dEMAQ": "completed"
},
"abort": false,
"report_type": "key-report",
"organization": "00DB000000040dEMAQ",
"start_time": "2021-08-18T03:08:26Z",
"end_time": "2021-08-19T03:08:26Z"
}
]
}
The output shows two Salesforce cloud reports with their details.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.
Viewing Details of a Particular Salesforce Cloud Report
Use the get /v1/cckm/sfdc/reports/{id}
API to view the details of a Salesforce cloud report.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports/{id}' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Here, {id}
represents the resource ID of the Salesforce cloud report on the CipherTrust Manager.
Request Parameters
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports/d590815f-4434-4bea-ad60-efc6276198cc' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed
Example Response
{
"id": "d590815f-4434-4bea-ad60-efc6276198cc",
"uri": "kylo:kylo:cckm:reports:sfdc-report-new",
"account": "kylo:kylo:admin:accounts:kylo",
"application": "ncryptify:gemalto:admin:apps:kylo",
"devAccount": "ncryptify:gemalto:admin:accounts:gemalto",
"createdAt": "2021-08-19T03:08:26.108812Z",
"name": "sfdc-report-new",
"updatedAt": "2021-08-19T03:08:26.184688Z",
"completed_at": "2021-08-19T03:08:26.184354Z",
"overall_status": "completed",
"detailed_status": {
"00DB000000040dEMAQ": "completed"
},
"abort": false,
"report_type": "key-report",
"organization": "00DB000000040dEMAQ",
"start_time": "2021-08-18T03:08:26Z",
"end_time": "2021-08-19T03:08:26Z"
}
The output shows the details of a Salesforce cloud report with the specified resource ID.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.
Viewing Content of Generated Salesforce Cloud Reports
Use the get /v1/cckm/sfdc/reports/{id}/contents
API to view the content of a Salesforce cloud report on console. Use the request query parameters to filter the content of the report.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports/{id}/contents?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Here, {id}
represents the resource ID of the Salesforce cloud report on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Request Query Parameters
Parameter | Type | Description |
---|---|---|
key_name | string | Name of the Salesforce tenant secret. |
key_type | string | Type of the Salesforce tenant secret. |
organization | string | Name of the Salesforce organization. |
cckm_operation | string | Operation performed from CCKM. |
user_name | string | Name of the CCKM user who performed the operation. |
version | string | Version of the Salesforce tenant secret. |
skip | integer | Number of records to skip. For example, if "skip":5 is specified, the first five records will not be displayed in the output. |
limit | integer | Numbers of records to display. For example, if "limit":10 is specified, then the next 10 records (after skipping the number of records specified in the skip parameter) will be displayed in the output. |
sort | string | Comma-delimited list of properties to sort the results. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports/d590815f-4434-4bea-ad60-efc6276198cc/contents?skip=0&limit=10&sort=updatedAt' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed
Example Response
{
"skip": 0,
"limit": 10,
"total": 0,
"resources": []
}
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.
Downloading Content of Salesforce Cloud Reports in CSV
Use the get /v1/cckm/sfdc/reports/{id}/download
API to download the comma-separated Salesforce cloud report. The report is downloaded as a CSV file named as <report-name>-<report-type>.csv
, for example, sfdc-report-key-report.csv
.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports/{id}/download' -H 'Authorization: Bearer AUTHTOKEN' --compressed
Here, {id}
represents the resource ID of the Salesforce cloud report on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports/a67b9ef0-9b47-4fbd-b30f-1646af4b4259/download' -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed
The report is downloaded as a CSV file named as <report-name>-<report-type>.csv
, for example, sfdc-report-key-report.csv
.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.
Deleting a Report from CCKM
Use the delete /v1/cckm/sfdc/reports/{id}
API to delete a Salesforce cloud report from CCKM.
Syntax
curl -k '<IP>/api/v1/cckm/sfdc/reports/{id}' -X DELETE -H 'Authorization: Bearer AUTHTOKEN' --compressed
Here, {id}
represents the resource ID of the Salesforce cloud report on the CipherTrust Manager.
Request Parameter
Parameter | Type | Description |
---|---|---|
AUTHTOKEN | string | Authorization token. |
Example Request
curl -k 'https://127.0.0.1/api/v1/cckm/sfdc/reports/d590815f-4434-4bea-ad60-efc6276198cc' -X DELETE -H 'Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiI5ZDJiYmYxNC0zMDg1LTQ5YjAtYTY4MC1hMDQ5ODgyYjIwNDQiLCJzdWIiOiJsb2NhbHxhNDk0MmY1OS1mMGUxLTQ1ZWQtYWUxNS1kZGM3YWZhZDA4NzYiLCJpc3MiOiJreWxvIiwiYWNjIjoia3lsbyIsInByZWZlcnJlZF91c2VybmFtZSI6ImFkbWluIiwiY3VzdCI6eyJkb21haW5faWQiOiIwMDAwMDAwMC0wMDAwLTAwMDAtMDAwMC0wMDAwMDAwMDAwMDAiLCJncm91cHMiOlsiYWRtaW4iXSwic2lkIjoiNWU3MDBjY2UtMTRmYS00ZTVjLWI0YjMtNWQ4ZmE3ODgxYmI3Iiwiem9uZV9pZCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCJ9LCJqd3RpZCI6ImJmZjI5NDEyLWNmMzMtNDkyMS1hYzEzLWZmM2IzZGIyZWQ1YyIsImlhdCI6MTU5NjAxMzY2MiwiZXhwIjoxNTk2MDEzOTYyfQ.pQ8y9tMSTrBGZ-RYfWAHh6JTFp7GJXMDL10UFGScJQU' --compressed
Example Response
{
"status": 204
}
The output shows that the report with the specified resource ID is deleted from CCKM.
Response Codes
Response Code | Description |
---|---|
2xx | Success |
4xx | Client errors |
5xx | Server errors |
Refer to HTTP status codes for details.