As part of my job, I try to prioritize automation using scripting languages as much as possible to avoid operational processes. In this article, I will discuss how to reactivate a suspended user using CyberArk REST API. I developed the following example in Python, but you can use another programming language if you prefer, such as PowerShell, etc.
To begin with, using the Python requests module will be sufficient. However, if desired, we can use different modules for a more capable and visually pleasing program.
Let’s consider that the code consists of four main parts:
- Obtaining a token using a privileged account.
- Learning the ID of the suspended user.
- Reactivating the user using the relevant ID.
- End of the code destroy the token for security
# import the requests module
import requests
# variables
caBaseUrl = "https://CyberArkPVWAUrl.local"
caLogonPath = "/PasswordVault/API/Auth/CyberArk/Logon" # for the cyberark authentication it means is local user
# caLogonPath = "/PasswordVault/API/Auth/LDAP/Logon" # for the ldap authentication it means is domain user
caLogoffPath = "/PasswordVault/API/Auth/Logoff"
suspendedUser = "skurt"
getUserIdURL = f"https://CyberArkPVWAUrl.local/PasswordVault/api/Users?filter=userType&search={suspendedUser}&extendedDetails=false"
# 1. Obtaining a token using a privileged account via getToken() function
def getToken(username, password):
pLogOn = requests.post(str(caBaseUrl + caLogonPath), {
'UserName': username,
'Password': password
})
caToken = pLogOn.json()
return caToken
caToken = getToken("Administrator","Password")
# 2. Learning the ID of the suspended user.
headers = {'Content-Type': 'application/json', 'Authorization': caToken}
reqUser = requests.get(getUserIdURL, headers=headers)
resp = reqUser.json()
# 3. Reactivating the user using the relevant ID.
try:
activateUserID = str(resp['Users'][0]['id'])
activateUserUrl = f"https://CyberArkPVWAUrl.local/PasswordVault/api/Users/{activateUserID}/Activate"
activateUser = requests.post(activateUserUrl, headers=headers)
if (str(activateUser) == "<Response [200]>"):
print(suspendedUser + " has been unlocked")
except:
print("General error")
# 4. Destroy token
def destroyToken(token):
try:
headers = {'Content-Type': 'application/json',
'Authorization': token}
pLogOff = requests.post(
str(caBaseUrl + caLogoffPath), headers=headers)
logOffMsg = pLogOff.json()
return logOffMsg
except:
print("Token could not destroyed")
destroyToken(caToken)
Remember that the values of the following variables should be adjusted according to your environment:
caLogonPathsuspendedUser
Of course, you also need to enter the Administrator and password information to reactivate the user.
To conclude my writing, you can use the built-in CyberArk REST API library in the Postman application, benefit from CyberArk documentation, or use CyberArk Swagger.
