REST API  14
REST API for Luna Network HSMs
HSM Role Description

HSM Role Description

Object
    activated: Object
        type:  boolean
        description:  activated indicates whether the role is authenticated.
                      True means the role is authenticated with access to sensitive
                      cryptographic material; False means authentication must
                      occur before access is possible.

    challengeToBeChanged: Object
        type:  boolean
        description:  challengeToBeChanged indicates whether the challenge for the
                      role must be initialized or updated.  True means the challenge
                      must be updated; False means the challenge is okay as-is.

    id: Object
        type:  string
        description:  id is a unique internal reference for the role.

    initialized: Object
        type:  boolean
        description:  initialized indicates whether the role is set up for use.
                      True means the role is ready; False means additional
                      administration is necessary.

    indirectLoginVersion: Object
        type:  string
        description:  indirectLoginVersion indicates the version of HA Indirect Login, the role
                      is initialized with.
                              Example: "legacyKey" for FW < 7.7.0,
                           "key" for FW >= 7.7.0 (HA Login v1.1),
                       "pkc" for FW >= 7.7.0 (HA Login v2), and
                           "None" when role is not initilaized for HA Login.

    lockedOut: Object
        type:  boolean
        description:  lockedOut indicates whether a user is able to successfully
                      authenticate to the HSM with the role.  False means
                      that the HSM permits a user to login to the HSM.
                      True means that the HSM prevents a user to login even when
                      the user presents the correct credentials.  True means that
                      a user attempted unsuccessfully too many times to login on a
                      previous occasion.

    loginAttemptsLeft: Object
        type:  integer
        description:  loginAttemptsLeft indicates how many consecutive tries a user
                      has left to successfully login to the HSM.  If this
                      number of consecutive login attempts fail, the HSM locks
                      out the HSM.  See "Failed Logins" in the Luna Network HSM
                      Product Documentation for details of what happens in
                      this circumstance.

    changePasswordAttemptsLeft: Object
        type:  integer
        description:  changePasswordAttemptsLeft indicates how many consecutive tries
                      a user has left to successfully change credential.  If this
                      number of consecutive change credentials fail, the HSM will be
                      zeroized.

    name: Object
        type:  string
        description:  name is a short-form, human-friendly tag for the role.

    pinToBeChanged: Object
        type:  boolean
        description:  pinToBeChanged indicates whether a user is forced to choose
                      a new password on login.  False means that the user can
                      keep the existing password.  True means that the user must
                      change the password after successfully logging in.

REST API for Luna Network HSMs VERSION" Reference Guide
007-013322-007 Rev. A Copyright 2023  Thales. All rights reserved.