/eventdelivery/activate

POST

Description

Adds an Identity Cloud application to the SIEM Event Delivery service: you cannot collect SIEM events for an application until that application has been activated for event delivery. (Events will still be generated, of course, but those events will not be collected and made accessible to the organization associated with the application.) In addition to activating the application, you can also use this endpoint to assign a set of public keys (required to download event data). Alternatively, keys can be added later using the /addKeys endpoint.

Note that activation is not instantaneous: there are a series of back-end processes that must be completed before an application is fully activated and event delivery begins. You can use the /eventdelivery/readStatus endpoint to check the progress of the provisioning process for an application.

Important.  Before you can activate an application, your Akamai account number must be present in your application’s global settings (with the setting name akamai_account_id). You can verify that this setting has been added to your application by using the Console or by calling the /{appId}/settings/options API endpoint. If you try to activate an application and the account number cannot be found, your API call will fail. In addition to that, and thanks to server caching, even if you immediately add the account number there will be a 10-minute period in which you cannot activate the application. 


Base URL

The base URL for this endpoint is your Identity Cloud Configuration API URL (including the appropriate region) followed by your application ID. For example, if you are in the US region and your application ID is htb8fuhxnf8e38jrzub3c7pfrr then your base URL will look like this:

https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr

If you are in the Australian (AU) region your URL will look like this:

https://v1.api.au.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr


URL Path Parameters
 

Parameter

Type

Required

Description

region

string


Yes

Identity Cloud geographic region that hosts the application. Allowed values are:

  • us
  • eu
  • au
  • sg
  • cc

appID

string

Yes

Unique identifier of the Identity Cloud application being activated. For example:

htb8fuhxnf8e38jrzub3c7pfrr


Request Parameters

Request parameters must be formatted as JSON objects and included in your API call’s body parameter. Valid request parameters include the following:

Parameter

Type

Required

Description

keys

array (string)


No

JSON-formatted array of public keys that can be used to access the Amazon Web Services S3 bucket where SIEM data feeds are delivered; these public keys must be supplied by the Identity Cloud customer. Note that public keys are not required in order to activate an application; public keys can be added later by using the/eventdelivery/addKeys endpoint. However, at least one key must be configured before organizations can access their S3 bucket.

For example:

["ssh-rsa DDDAB3NzaC1yc2EAACCDEQABAAABAPOUh6ty
PEFEzV0LX3XGF55RMsQz1x2cEikKDEY0aIj4
1qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9x
K7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPh
5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7
tgBNL0c2r3SYVkz4G/fslNfRPAABAAM49f4
htxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p
ej6D4CKFE6lymSDJpW0YHX/wqE9+cfNfRP
Gt5Rq9t2ta6F6fmX0agvpFyNfRPFbXeUBr7o
sSCJNgvavWbA4cDniWrOvYX2xwWdhXmX3ue6
8ZbabVoha3W1 karim.nafir@mail.com"]

Note that you do not need to include the parameter name (keys) in the body request. The parameter value (the public keys) is all that’s needed.


Authentication

This endpoint requires Basic authentication and an API client with the owner feature. When configuring authentication, use your client ID as the username and your client secret as the password.


Sample Request (curl)

The following command activates SIEM Event Delivery for the application with the ID htb8fuhxnf8e38jrzub3c7pfrr. This command also specifies a single public key to be used when accessing the S3 bucket:


curl -X GET \
  https://v1.api.us.janrain.com/config/applications/htb8fuhxnf8e38jrzub3c7pfrr/eventdelivery/activate \
  -H 'Authorization: Basic M2dmYmdycmE3dzI4MmhndHJ5cGZxeDlwemhxaGpnZDU6Y2dkY3A3bWhjeWszYmZocnl2d2NmY2c3NTdqdzRhb3E=' \
  -H 'Content-Type: application/json' \
  -d '[
      "ssh-rsa DDDAB3NzaC1yc2EAACCDEQABAAABAPOUh6tyPEFEzV0LX3XGF55RMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0c2r3SYVkz4G/fslNfRPAABAAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfNfRP7xGt5Rq9t2ta6F6fmX0agvpFyNfRPFbXeUBr7osSCJNgvavWbA4cDniWrOvYX2xwWdhXmX3ue68ZbabVoha3W1 karim.nafir@mail.com"
    ]' 
 


Responses

202 Accepted

If your call to this endpoint succeeds, you'll get back a response similar to this:

{
     "message": "Your request has been accepted and is being
     processed.",
     "sftp":
    {
         "uri": "sftp://user_karim.nafir@v1.api.us.janrain.com",
         "user": "user_ htb8fuhxnf8e38jrzub3c7pfrr ",
         "host": " v1.api.us.janrain.com"
   }


Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code

Description

401

Not authorized. Your client credentials may be invalid. You have specified an invalid client name and/or an invalid client secret.

403

Forbidden. Your credentials are valid for the application but not for this endpoint. For example, if you have read-only credentials those credentials can only be used with GET endpoints.

404

The Akamai account ID was not found. Check your application settings for 'akamai_account_id'. Your Akamai account ID must be listed in the application settings for the application specified in your API call. You can use the /{appId}/settings/options API endpoint or the Console to verify your application settings.