![]() |
REST API
14
REST API for Luna Network HSMs
|
Object activated: Object type: boolean description: activated indicates whether the role is authenticated. True means the role is authenticated with access to sensitive cryptographic material; False means authentication must occur before access is possible. challengeToBeChanged: Object type: boolean description: challengeToBeChanged indicates whether the challenge for the role must be initialized or updated. True means the challenge must be updated; False means the challenge is okay as-is. id: Object type: string description: id is a unique internal reference for the role. initialized: Object type: boolean description: initialized indicates whether the role is set up for use. True means the role is ready; False means additional administration is necessary. indirectLoginVersion: Object type: string description: indirectLoginVersion indicates the version of HA Indirect Login, the role is initialized with. Example: "legacyKey" for FW < 7.7.0, "key" for FW >= 7.7.0 (HA Login v1.1), "pkc" for FW >= 7.7.0 (HA Login v2), and "None" when role is not initilaized for HA Login. lockedOut: Object type: boolean description: lockedOut indicates whether a user is able to successfully authenticate to the HSM with the role. False means that the HSM permits a user to login to the HSM. True means that the HSM prevents a user to login even when the user presents the correct credentials. True means that a user attempted unsuccessfully too many times to login on a previous occasion. loginAttemptsLeft: Object type: integer description: loginAttemptsLeft indicates how many consecutive tries a user has left to successfully login to the HSM. If this number of consecutive login attempts fail, the HSM locks out the HSM. See "Failed Logins" in the Luna Network HSM Product Documentation for details of what happens in this circumstance. changePasswordAttemptsLeft: Object type: integer description: changePasswordAttemptsLeft indicates how many consecutive tries a user has left to successfully change credential. If this number of consecutive change credentials fail, the HSM will be zeroized. name: Object type: string description: name is a short-form, human-friendly tag for the role. pinToBeChanged: Object type: boolean description: pinToBeChanged indicates whether a user is forced to choose a new password on login. False means that the user can keep the existing password. True means that the user must change the password after successfully logging in.