Web Service Endpoints for the Custom Connector
Learn how to configure web service endpoints for the custom connector.
capam33
Each target connector must support three web service classes:
The Custom Connector software comes with a project named customConnectorTemplate. This project includes all three services, which are defined in com/ca/pam/customConnectorTemplate/api. Before you develop your own target connector, read about each service class in detail. Then use the customConnectorTemplate as a basis to write your own Java code.
Credentials Service
The Credentials service verifies and updates the credentials for an account at the remote target device.
URLs for the Credentials service:
- http://tomcat_host:port/capamef/targetConnectors/target_connector_name/credentials/validate
- http://tomcat_host:port/capamef/targetConnectors/target_connector_name/credentials/update
Method supported:
POSTSample REST call:
HTTP POST http://112.22.30.111:8443/capamef/targetConnectors/exampleTargetConnector/credentials/validateThe following sample code includes requests to update and verify credentials. The extended attribute sections are based on the account and application attributes defined uiDefinitions.json file.
sample credentials.java

UIDefinitions Service
The UIDefinitions service returns UI definitions in JSON format for a specified field type. This service determines how the Java code and the JSON file work together.
URL for the uiDefinitions service:
http://tomcat_host
:port
/capamef/targetConnectors/target_connector_name
/uiDefinitions/{uiDefinitionType
}In the uiDefinitions service URL:
- tomcat_host:portvalues are not case-sensitive.
- target_connector_namemust be in lower camel case. For example, customTargetConnector.
- uiDefinitionTypemust beaccountorapplication
Method supported:
GETSample REST call:
HTTP GET http://112.22.30.111:8443/capamef/targetConnectors/exampleTargetConnector/uiDefinitions/applicationSample Response from the TCF:
{"_data":{"application":{"uiDefinition":{"tabs":[{"label":"Example - Application","id":"ExampleAppDetail","fields":[{"type":"NUMBER","field":"connectTimeout","minValue":"1","label":"Connect Timeout","required":false,"value":"60000"},{"type":"NUMBER","field":"readTimeout","minValue":"1","label":"Read Timeout","required":false,"value":"5000"},{"type":"NUMBER","field":"sshPort","minValue":"0","label":"SSH Port","required":false,"value":"22","maxValue":"65535"},{"type":"RADIO","field":"connectorProtocol","label":"Connector Protocol","required":false,"value":"TLS_1.2","values":[{"label":"TLS 1.0","value":"TLS_1"},{"label":"TLS 1.2","value":"TLS_1.2"},{"label":"TLS 1.3","value":"TLS_1.3"}]},{"type":"COMBOBOX","field":"additionalEncryption","label":"Additional Encryption","required":false,"value":"AES","values":[{"label":"Triple DES","value":"TRIPLEDES"},{"label":"RSA","value":"RSA"},{"label":"Blowfish","value":"BLOWFISH"},{"label":"Twofish","value":"TWOFISH"},{"label":"AES","value":"AES"}]},{"type":"CHECKBOX","field":"useCertificate","label":"Use Certificate","required":false,"value":"false"},{"type":"TEXTAREA","field":"certificate","label":"Certificate","required":false}]}]}}},"_meta":{"_success":"true"}}
Validations Service
The Validations service verifies account and application data before saving it into the
Privileged Access Manager
database.URL for the Validations service
: http://tomcat_host
:port
/capamef/targetConnectors/target_connector_name
/validations/{validationType
}.- If thevalidationTypeisaccount,this service validates data for target account creation and update.
- If thevalidationTypeisapplication,this service validates data target application creation and update.
Methods supported:
POST, PUTSample REST call:
HTTP POST http://112.22.30.111:8443/capamef/targetConnectors/exampleTargetConnector/validations/applicationThe following sample request payload includes requests to the Validations service. The extended attributes in the payload are defined in the previous sample response for the uiDefinitions service.
Sample Request Payload:
"application": { "targetServer": { "hostName": "114.20.50.111", "ipaddress": "114.20.50.111", "deviceName": "UnixDevice" }, "name": "UnixApp", "type": "exampleTargetConnector", "extendedAttributes": { "sshPort": "22", "additionalEncryption": "AES", "connectorProtocol": "TLS_1.2", "readTimeout": "5000", "useCertificate": "false", "connectTimeout": "60000", "certificate": "" } }
A ValidationManager class is distributed in the core library. This class validates data based on the constraints in the uiDdefinitions JSON file. In additions to these standard validations, you can add custom validations to this class. If a validation fails, the ValidationManager class throws an ExtensionException with a list of messages.
To see sample code, look at the Validations.java class in the customConnectorTemplate project.
Now that you are familiar with the components for creating a custom target connector, Build Your Custom Connector.