Use the Adaxes PowerShell SDK Module for JIT Form Submission

Question

My role as a developer require a form submission with Adaxes to get JIT (just in time) access to an client environment, I want to need guidance to form submission with the Adaxes PowerShell module.

Comments

Hello Spencer,

Sorry fort the confusion, but we are not sure we understand what the Web Interface form is intended for and what the desired result is. Could you, please, provide all the possible details regarding the desired workflow with live examples?

---

Here's my workflow:

1. Log into our adaxes site using my hosting credentials while connected to our hosted VPN
2. Select one of our hosting clients from a list which comes from this endpoint: /Adaxes/api/SelfService/activeConfiguration/actions)
3. A modal pops up and has be select from the list of AD groups. This endpoint looks something like this /Adaxes/api/SelfService/listView/dataSources/[GUID]/items
4. Upon choosing the AD group that I would like to temporarily added to (which I believe does a POST to this /Adaxes/api/SelfService/directoryObjects/valueReferences/resolve), another popup form has me fill out the business purpose of the request, an incident number, and confirm a little check box.
5. Clicking the submit button runs a PATCH request with something like this /Adaxes/api/SelfService/directoryObjects?key=CN=JIT+Local+Administrator,OU=Just-In-Time+%28JIT%29+Groups,OU=Groups,OU=Hosting,DC=hosting,DC=local and body for this request looks something like this

   {
   "properties":[
      {
         "propertyName":"adm-customattributetext1",
         "propertyType":3,
         "values":[
            "Apply idea hotfix to hcut"
         ]
      },
      {
         "propertyName":"adm-customattributetext3",
         "propertyType":3,
         "values":[
            "Task-251524"
         ]
      },
      {
         "propertyName":"adm-customattributeboolean2",
         "propertyType":6,
         "values":[
            true
         ]
      },
      {
         "propertyName":"adm-customattributetext2",
         "propertyType":3,
         "values":[
            "CN=My Name,OU=Users,OU=Hosting,DC=hosting,DC=local"
         ]
      }
   ]
   }

6. I then receive an e-mail confirming that my user has been added to the selected AD group

This is the workflow that I'm trying to automate. So I would love some insight on how I might go about this. Are there way for me to authenticate and get a token and hit some of these same endpoints? Or would that be best suited for the powershell module?

Answer 1

Hello Spencer,

Thank you for clarifying. Unfortunately, there is no such possibility except for using the Web Interface itself. As an option, you can use a PowerShell script. In the script, you will need to manually enter all the property values same as the distinguished name of the group. For examples, you can check section Sample scripts in our SDK: http://adaxes.com/sdk.