1. Home
    2. Security Operations
    3. Cortex XDR
    4. Cortex XDR™ API Reference
    5. Cortex XDR APIs
    6. Incident Management APIs
    7. Replace Featured Active Directory Groups

    Replace Featured Active Directory Groups

    Replace the featured active directory groups listed in your environment.

    Synopsis

    URI
    /public_api/v1/featured_fields/replace_ad_groups/
    HTTP Method
    POST
    Required License
    Cortex XDR Pro per Endpoint or Cortex XDR Pro per TB

    Description

    Replace the featured active directory groups and organizational units listed in your environment.
    Running this API will delete all existing active directory groups.

    Request Fields

    The body of this request contains a JSON object with the following fields:
    Field
    Description
    value
    (
    Required
    ) String value that defines the active directory or organizational unit name. Maximum length is 256 characters.
    An active directory name must be formated as:
    DOMAIN/GROUPNAME
    type
    String value identifying if you want to replace an active directory group or organizational unit.
    Valid values are either
    group
     or
    OU
    .
    If no value is defined,
    group
     is sent by default.
    comment
    String that represents additional information regarding the featured alert field.
    Request Example
    
curl -X POST https://api-{fqdn}/public_api/v1/featured_fields/replace_ad_groups/ \    
-H "x-xdr-auth-id:{API_KEY_ID}" \    
-H "Authorization:{API_KEY}" \    
-H "Content-Type:application/json" \    
-d '{ 
   "request_data":{
            "fields":[
      {
         "value":"domain/administrators-group",
         "type": "group",
         "comment":"Administrators-group is a featured AD group"
      },
      {
         "value":"dev",
         "type": "OU"
      }
   ]
    }
}'

    Success Response

    Upon success, the HTTP response code is 200.
    Field
    Description
    reply
    JSON object containing the query result.
    • true
       —Active directory group successfully replaced.
    Success Response Example
    {
    "reply": {true}
}

    Error Response

    Upon error, the reply includes an HTTP response code, an error message, and additional information describing the error. The HTTP response code is one of the following:
    Field
    Description
    400
    Bad Request. Got an invalid JSON.
    401
    Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.
    402
    Unauthorized access. User does not have the required license type to run this API.
    403
    Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.
    500
    Internal server error. A unified status for API communication type errors.
    Error Response Format
    {"reply": {"err_code": STATUS_CODE, "err_msg": GENERAL_MESSAGE, "err_extra": EXTRA_DATA}}

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo