Endpoint URL: {identityDomain} /config/applications/{appId} /eventdelivery/activate
Description
Adds an Identity Cloud application to the SIEM Event Delivery service: you cannot collect SIEM events for an application until that application has been activated for event delivery. (Events will still be generated, of course, but those events will not be collected and made accessible to the organization associated with the application.) In addition to activating the application, you can also use this endpoint to assign a set of public keys (required to download event data). Alternatively, keys can be added later using the /addKeys endpoint.
Note that activation is not instantaneous: there are a series of back-end processes that must be completed before an application is fully activated and event delivery begins. You can use the /eventdelivery/readStatus endpoint to check the progress of the provisioning process for an application.
Important. Before you can activate an application, your Akamai account number must be present in your application’s global settings (with the setting name akamai_account_id). You can verify that this setting has been added to your application by using the Console or by calling the /{appId}/settings/options API endpoint. If you try to activate an application and the account number cannot be found, your API call will fail. In addition to that, and thanks to server caching, even if you immediately add the account number there will be a 10-minute period in which you cannot activate the application.
Respects the API Client Allow List: No
Base URL
The base URL for this endpoint is your Identity Cloud Configuration API URL (including the appropriate region) followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr then your base URL will look like this:
If you are in the Australian (AU) region your URL will look like this:
URL Path Parameters
Parameter | Type | Required | Description |
region | string | Yes | Identity Cloud geographic region that hosts the application. Allowed values are:
|
appID | string | Yes | Unique identifier of the Identity Cloud application being activated. For example: htb8fuhxnf8e38jrzub3c7pfrr |
Request Parameters
Request parameters must be formatted as JSON objects and included in your API call’s body parameter. Valid request parameters include the following:
Parameter | Type | Required | Description |
keys | array (string) | No | JSON-formatted array of public keys that can be used to access the Amazon Web Services S3 bucket where SIEM data feeds are delivered; these public keys must be supplied by the Identity Cloud customer. Note that public keys are not required in order to activate an application; public keys can be added later by using the/eventdelivery/addKeys endpoint. However, at least one key must be configured before organizations can access their S3 bucket. For example: ["ssh-rsa DDDAB3NzaC1yc2EAACCDEQABAAABAPOUh6ty PEFEzV0LX3XGF55RMsQz1x2cEikKDEY0aIj4 1qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9x K7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPh 5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7 tgBNL0c2r3SYVkz4G/fslNfRPAABAAM49f4 htxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p ej6D4CKFE6lymSDJpW0YHX/wqE9+cfNfRP Gt5Rq9t2ta6F6fmX0agvpFyNfRPFbXeUBr7o sSCJNgvavWbA4cDniWrOvYX2xwWdhXmX3ue6 8ZbabVoha3W1 karim.nafir@mail.com"] |
Note that you do not need to include the parameter name (keys) in the body request. The parameter value (the public keys) is all that’s needed.
Authentication
This endpoint requires Basic authentication and an API client with the owner feature. When configuring authentication, use your client ID as the username and your client secret as the password.
Sample Request (curl)
The following command activates SIEM Event Delivery for the application with the ID htb8fuhxnf8e38jrzub3c7pfrr. This command also specifies a single public key to be used when accessing the S3 bucket:
curl -X GET \
https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr/eventdelivery/activate \
-H 'Authorization: Basic M2dmYmdycmE3dzI4MmhndHJ5cGZxeDlwemhxaGpnZDU6Y2dkY3A3bWhjeWszYmZocnl2d2NmY2c3NTdqdzRhb3E=' \
-H 'Content-Type: application/json' \
-d '[
"ssh-rsa DDDAB3NzaC1yc2EAACCDEQABAAABAPOUh6tyPEFEzV0LX3XGF55RMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0c2r3SYVkz4G/fslNfRPAABAAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfNfRP7xGt5Rq9t2ta6F6fmX0agvpFyNfRPFbXeUBr7osSCJNgvavWbA4cDniWrOvYX2xwWdhXmX3ue68ZbabVoha3W1 karim.nafir@mail.com"
]'
Responses
202 Accepted
If your call to this endpoint succeeds, you'll get back a response similar to this:
"message": "Your request has been accepted and is being processed.",
"sftp":
{
"uri": "sftp://user_karim.nafir@v1.api.us.janrain.com",
"user": "user_ htb8fuhxnf8e38jrzub3c7pfrr ",
"host": " v1.api.us.janrain.com"
}
}
Error Response Codes
The following table includes information about some of the other response codes that you might encounter when calling this endpoint.
Response Code | Description |
401 | Not authorized. Your client credentials may be invalid. You have specified an invalid client name and/or an invalid client secret. |
403 | Forbidden. Your credentials are valid for the application but not for this endpoint. For example, if you have read-only credentials those credentials can only be used with GET endpoints. |
404 | The Akamai account ID was not found. Check your application settings for 'akamai_account_id'. Your Akamai account ID must be listed in the application settings for the application specified in your API call. You can use the /{appId}/settings/options API endpoint or the Console to verify your application settings. |