class Jamf::APIClient

An API Role in the Jamf Pro API

API Roles are predefined sets of privileges that can be assigned to API Clients, aka API Integrations.

Constants

ALT_IDENTIFIERS

Identifiers not marked in the superclass’s OAPI_PROPERTIES constant which usually only identifies ‘:id’

FILTER_KEYS

Must define this when extending Filterable

LIST_PATH

The path for GETting the list of all objects in the collection, possibly filtered, sorted, and/or paged REQUIRED for all collection resources

GET_PATH, POST_PATH, PUT_PATH, PATCH_PATH, and DELETE_PATH are automatically assumed from the LIST_PATH if they follow the standards:

  • GET_PATH = “#{LIST_PATH}/id”

    • fetch an object from the collection

  • POST_PATH = LIST_PATH

    • create a new object in the collection

  • PUT_PATH = “#{LIST_PATH}/id”

    • update an object passing all its values back. Most objects use this or PATCH but not both

  • PATCH_PATH = “#{LIST_PATH}/id”

    • update an object passing some of its values back Most objects use this or PUT but not both

  • DELETE_PATH = “#{LIST_PATH}/id”

    • delete an object from the collection

If those paths differ from the standards, the constants must be defined here

NEW_CREDENTIALS_OBJECT

When creating new credentials, an instance of this is returned

NEW_CREDENTIALS_PATH_SUFFIX

The path that returns a list of all available privs

POST_OBJECT

The OAPI object class we send with a POST request to make a new member of the collection in Jamf. This is usually the same as the parent class.

PUT_OBJECT

The OAPI object class we send with a PUT request to change an object in Jamf by specifying all its values. Most updates happen this way, and this is usually the same as the parent class

SEARCH_RESULT_OBJECT

The OAPI object class we get back from a ‘list’ query to get the whole collection, or a subset of it. It contains a :results key which is an array of data for objects of the parent class.

Public Class Methods

rotate_secret(client_ident, cnx: Jamf.cnx) click to toggle source

For the given API Client, replace the existing clientSecret with a new one, to be used with the clientID for generating a connection token.

IMPORTANT: When you do this, the previous secret becomes immediately invalid and can no longer be used for generating connection tokens. BE SURE to capture the output in a variable, or display it somewhere immediately, as it will not be available ever again. See the Jamf Pro docs at learn.jamf.com/bundle/jamf-pro-documentation-current/page/API_Roles_and_Clients.html

@param client_ident [String, Integer] The displayName or id of the APIClient

for which to generate a new secret.

@param cnx [Jamf::APIConnection] The API connection through which to perform

the operation

@return [String] The new valid secret for use with the clientId

    # File lib/jamf/api/jamf_pro/api_objects/api_client.rb
129 def self.rotate_secret(client_ident, cnx: Jamf.cnx)
130   valid_id = valid_id(client_ident, cnx: cnx)
131   raise Jamf::NoSuchItemError, "No APIClient matching '#{client_ident}'" unless valid_id
132 
133   creds = NEW_CREDENTIALS_OBJECT.new cnx.jp_post("#{LIST_PATH}/#{valid_id}/#{NEW_CREDENTIALS_PATH_SUFFIX}", nil)
134   creds.clientSecret
135 end

Public Instance Methods

rotate_secret() click to toggle source

For this API Client, replace the existing clientSecret with a new one, to be used with the clientID for generating a connection token.

IMPORTANT: When you do this, the previous secret becomes immediately invalid and can no longer be used for generating connection tokens. BE SURE to capture the output in a variable, or display it somewhere immediately, as it will not be available ever again. See the Jamf Pro docs at learn.jamf.com/bundle/jamf-pro-documentation-current/page/API_Roles_and_Clients.html

@return [String] The new valid secret for use with the clientId

    # File lib/jamf/api/jamf_pro/api_objects/api_client.rb
155 def rotate_secret
156   self.class.rotate_secret(id, cnx: cnx)
157 end