Friday, April 29, 2016

Policy add using Rest API in WSO2 EMM

You can add a policy using REST API given in EMM. For the use the dynamic registration client given.
below sample curl command will return client id and secret


curl -k -H "Content-Type: application/json" -X POST -d '{"owner":"admin","clientName":"admin_emm","grantType":"refresh_token password client_credentials","tokenScope":"prod"}' https://localhost:9443/dynamic-client-web/register

This will return a response like below

{"client_secret":"YCnfi_jp9Tso0qyRcbGxaQnYctga","callback_url":null,"client_id":"xJvKvUHNYqfK1MeQ_VybtBfF5MAa","client_name":"admin_admin_emm"}

Use the client id and secret by encoding using base64 to generate access token using below command

curl -k -d "grant_type=password&username=admin&password=admin&scope=default " -H "Authorization: Basic eEp2S3ZVSE5ZcWZLMU1lUV9WeWJ0QmZGNU1BYTpZQ25maV9qcDlUc28wcXlSY2JHeGFRblljdGdh" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

This will return a response like below

{"scope":"default","token_type":"Bearer","expires_in":3600,"refresh_token":"97c3c78b8c2c4e2ccd5424ffc7259d3e","access_token":"60a810d5baa3361af9aa5e6d8cf76ea9"}

Use the generated access token to call the policy publishing API. 

Below is a sample curl command to create black list policy

curl -X POST -H "Content-Type: application/json" -H "Authorization: Bearer 60a810d5baa3361af9aa5e6d8cf76ea9" -d @'operation.json' -k -v https://localhost:9443/mdm-admin/policies/active-policy


Resource path  : /active-policy
URL : /mdm-admin/policies/active-policy
HTTP Method : POST
Request/Response format : application/json

Sample payload in operation.json is 

{
  "policyName": "black list",
  "description": "",
  "compliance": "enforce",
  "ownershipType": "ANY",
  "profile": {
    "profileName": "black list",
    "deviceType": {
      "id": 1
    },
    "profileFeaturesList": [
      {
        "featureCode": "APP-RESTRICTION",
        "deviceTypeId": 1,
        "content": {
          "restriction-type": "black-list",
          "restricted-applications": [
            {
              "appName": "app name1",
              "packageName": "package1"
            },
            {
              "appName": "app name2",
              "packageName": "package2"
            },
            {
              "appName": "app name3",
              "packageName": "package3"
            }
          ]
        }
      }
    ]
  },
  "roles": [
    "ANY"
  ]
}


After making above curl command you will get successful response as below

*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 9443 (#0)
* TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
* Server certificate: localhost
> POST /mdm-admin/policies/active-policy HTTP/1.1
> Host: localhost:9443
> User-Agent: curl/7.43.0
> Accept: */*
> Content-Type: application/json
> Authorization: Bearer 60a810d5baa3361af9aa5e6d8cf76ea9
> Content-Length: 460
* upload completely sent off: 460 out of 460 bytes
< HTTP/1.1 200 OK
< Date: Fri, 29 Apr 2016 11:19:39 GMT
< Content-Type: application/json
< Content-Length: 76
< Server: WSO2 Carbon Server
* Connection #0 to host localhost left intact
{"statusCode":201,"messageFromServer":"Policy has been added successfully."}

Created policy bundle will show in policy management window of EMM UI.

No comments:

Post a Comment

How to choose IP address range for resources for AWS virtual private cloud

You will often need to allocate  an IP address range when you design the network of an AWS VPC. Since VPC is a small network of resources(E...