Example: Setting Tenant Management Console security for a tenant

Here’s a sample POST request that modifies the Tenant Management Console configuration for the Finance tenant. The Console configuration information is in an XML file named FinanceMgmtConsole.xml. The request is made using a tenant-level user account that includes the security role.

Request body in XML

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<consoleSecurity>
    <ipSettings>
        <allowAddresses>
             <ipAddress>192.168.103.18</ipAddress>
            <ipAddress>192.168.103.24</ipAddress>
             <ipAddress>192.168.103.25</ipAddress>
        </allowAddresses>
        <denyAddresses/>
        <allowIfInBothLists>false</allowIfInBothLists>
    </ipSettings>
    <minimumPasswordLength>6</minimumPasswordLength>
    <forcePasswordChangeDays>45</forcePasswordChangeDays>
    <disableAfterAttempts>3</disableAfterAttempts>
    <disableAfterInactiveDays>30</disableAfterInactiveDays>
    <logoutOnInactive>20</logoutOnInactive>
    <loginMessage/>
</consoleSecurity>

Request with cURL command line

curl -k -i -d @FinanceMgmtConsole.xml
    -H "Content-Type: application/xml"
    -H "Authorization: HCP bGdyZWVu:a3b9c163f6c520407ff34cfdb83ca5c6"
    "https://finance.hcp.example.com:9090/mapi/tenants/finance/consoleSecurity"

Request in Python using PycURL

import pycurl
import os
filehandle = open("FinanceMgmtConsole.xml", 'rb')
curl = pycurl.Curl()
curl.setopt(pycurl.HTTPHEADER, ["Content-Type: application/xml",
  "Authorization: HCP \
  bGdyZWVu:a3b9c163f6c520407ff34cfdb83ca5c6"])
curl.setopt(pycurl.URL,
  "https://finance.hcp.example.com:9090/mapi/tenants/finance/" +
  "consoleSecurity")
curl.setopt(pycurl.SSL_VERIFYPEER, 0)
curl.setopt(pycurl.SSL_VERIFYHOST, 0)
curl.setopt(pycurl.UPLOAD, 1)
curl.setopt(pycurl.CUSTOMREQUEST, "POST")
curl.setopt(pycurl.INFILESIZE,
  os.path.getsize("FinanceMgmtConsole.xml"))
curl.setopt(pycurl.READFUNCTION, filehandle.read)
curl.perform()
print curl.getinfo(pycurl.RESPONSE_CODE)
curl.close()
filehandle.close()

Request headers

POST /mapi/tenants/finance/consoleSecurity HTTP/1.1
Host: finance.hcp.example.com:9090
Authorization: HCP bGdyZWVu:a3b9c163f6c520407ff34cfdb83ca5c6
Content-Type: application/xml
Content-Length: 620

Response headers

HTTP/1.1 200 OK
Content-Type: application/xml
X-HCP-SoftwareVersion: 9.0.0.2
Content-Length: 0