ArcherIRM

the archerirm connector facilitates the integration of swimlane turbine with rsa archer's risk management capabilities, enabling automated data retrieval and record management archerirm, an rsa solution, is a comprehensive governance, risk, and compliance (grc) platform that enables organizations to manage corporate risk and compliance with regulatory requirements this connector allows swimlane turbine users to automate grc related tasks by integrating with archerirm's applications, streamlining record creation, modification, and retrieval, as well as managing users and groups within the platform the integration empowers security teams to efficiently handle grc processes, ensuring timely risk assessment and compliance management directly from the swimlane turbine environment the archerirm connector integrates with swimlane turbine to create, get, update, and delete records prerequisites to utilize the archerirm connector within swimlane turbine, ensure you have the following prerequisites rsa archer authentication with the following parameters url the endpoint url for the archerirm instance instance name the specific name of the archerirm instance to connect to username the user account with permissions to access the archerirm instance password the corresponding password for the provided username turn on api read permissions the set of credentials for this plugin require read permissions for the api to turn on api read permissions navigate to the login page and login from the administration pull down menu, select access roles on manage access role api access, select the rights tab and then select read permissions for manage security parameters ensure manage security parameters read permissions is selected capabilities this connector provides the following capabilities create record delete record get all applications get all groups get all users get field definition by application id get group by id get record get user by id update record search records by report id or guid configurations rsa archer authentication rsa archer authentication configuration parameters parameter description type required url the scheme, url, and optional port and root path pointing to archer string required instancename target archer instance name string required userdomain optional user domain for provided user string optional username username of the archer api user string required password password of the archer api user string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions create record initiates a new record creation in an rsa archer application using the provided content data endpoint url /core/content method post input argument name type required description content object required response content levelid number required unique identifier fieldcontents object required response content 13867 object optional parameter for create record type number optional type of the resource tag string optional parameter for create record value string optional value for the parameter fieldid number optional unique identifier 13868 object optional parameter for create record type number optional type of the resource tag string optional parameter for create record value string optional value for the parameter fieldid number optional unique identifier 13870 object optional parameter for create record type number optional type of the resource tag string optional parameter for create record value object optional value for the parameter fieldid number optional unique identifier 13872 object optional parameter for create record type number optional type of the resource tag string optional parameter for create record value array optional value for the parameter fieldid number optional unique identifier 13877 object optional parameter for create record type number optional type of the resource output parameter type description status code number http status code of the response reason string response reason phrase links array output field links file name string name of the resource file string output field file requestedobject object output field requestedobject id number unique identifier issuccessful boolean whether the operation was successful validationmessages array unique identifier example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "links" \[], "requestedobject" {}, "issuccessful" true, "validationmessages" \[] } } ] delete record removes a specified content record from an application within archerirm using the provided contentid endpoint url /core/content/{{contentid}} method delete input argument name type required description contentid number required the id of the content record to delete output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" {} } ] get all applications retrieves metadata for all applications within archerirm, including authentication headers endpoint url /core/system/application method post input argument name type required description headers object required http headers for the request x http method override string required post is valid only if you include the x http method override \ get statement in the request header output parameter type description status code number http status code of the response reason string response reason phrase archer object output field archer application object output field application guid string unique identifier id number unique identifier languageid number unique identifier name string name of the resource status number status value type number type of the resource example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "archer" {} } } ] get all groups retrieves all user groups from archerirm, with necessary headers for authentication and authorization endpoint url /core/system/group method post input argument name type required description headers object required http headers for the request x http method override string required post is valid only if you include the x http method override \ get statement in the request header output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" \[ {} ] } ] get all users retrieves all users from the current archerirm instance, requiring specific headers for authentication endpoint url /core/system/user method post input argument name type required description headers object required http headers for the request x http method override string required post is valid only if you include the x http method override \ get statement in the request header output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" \[ {} ] } ] get field definition by application id retrieve field definitions for a given application id in the current archerirm instance, using the 'applicationid' path parameter endpoint url /core/system/fielddefinition/application/{{applicationid}} method get input argument name type required description applicationid string required the application id to get the application fields output parameter type description status code number http status code of the response reason string response reason phrase archer object output field archer applicationfield array output field applicationfield fieldid number unique identifier fieldname string name of the resource fieldtype string type of the resource levelid number unique identifier example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "archer" {} } } ] get group by id retrieves a specific group from archerirm using the provided group id endpoint url /core/system/group/{{groupid}} method get input argument name type required description groupid number required id of group content to be retrieved output parameter type description status code number http status code of the response reason string response reason phrase links array output field links file name string name of the resource file string output field file requestedobject object output field requestedobject id number unique identifier name string name of the resource displayname string name of the resource description string output field description everyoneflag boolean output field everyoneflag guid string unique identifier systemflag boolean output field systemflag ldapflag boolean output field ldapflag domainid object unique identifier distinguishedname object name of the resource defaulthomedashboardid object unique identifier defaulthomeworkspaceid object unique identifier updateinformation object output field updateinformation createdate string date value updatedate string date value createlogin number output field createlogin updatelogin number output field updatelogin issuccessful boolean whether the operation was successful validationmessages array unique identifier example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "links" \[], "requestedobject" {}, "issuccessful" true, "validationmessages" \[] } } ] get record retrieves detailed information about a specific content record in an archerirm application using the provided contentid endpoint url /core/content/{{contentid}} method get input argument name type required description contentid number required the content record id output parameter type description status code number http status code of the response reason string response reason phrase archer object output field archer record object output field record current status object status value othertext object output field othertext valueslistids array unique identifier date/time occurred string output field date/time occurred date/time reported string output field date/time reported days open number output field days open default record permissions object output field default record permissions grouplist array output field grouplist hasdelete boolean output field hasdelete hasread boolean output field hasread hasupdate boolean date value id number unique identifier userlist array output field userlist file name string name of the resource file string output field file google map string output field google map id number unique identifier incident details string unique identifier incident result object unique identifier othertext object output field othertext valueslistids array unique identifier example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "archer" {} } } ] get user by id retrieves a user's details from archerirm by the specified user id, requiring path parameters and headers endpoint url /core/system/user/{{userid}} method post input argument name type required description userid number required id of user content to be retrieved headers object required http headers for the request x http method override string required post is valid only if you include the x http method override \ get statement in the request header output parameter type description status code number http status code of the response reason string response reason phrase links array output field links file name string name of the resource file string output field file requestedobject object output field requestedobject id number unique identifier displayname string name of the resource firstname string name of the resource middlename object unique identifier lastname string name of the resource lastlogindate string date value username string name of the resource accountstatus number status value domainid object unique identifier securityid number unique identifier locale object output field locale timezoneid string unique identifier address object output field address company object output field company title object output field title additionalnote object output field additionalnote businessunit object output field businessunit department object output field department forcepasswordchange boolean output field forcepasswordchange example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "links" \[], "requestedobject" {}, "issuccessful" true, "validationmessages" \[] } } ] search records by report id or guid executes a search for records in archerirm using a specific report id or guid, with pagination support endpoint method get input argument name type required description reportidorguid string required internal id or guid of the report whose records you want to query pagenumber number required integer of the page (1,2,3,…,n) of search results to return output parameter type description status code number http status code of the response reason string response reason phrase example \[ { "status code" 200, "response headers" { "content type" "text/html; charset=utf 8", "x hsci cache time" "2024 10 21t12 01 22 328z", "content encoding" "gzip", "expires" "mon, 21 oct 2024 12 08 57 gmt", "cache control" "max age=0, no cache, no store", "pragma" "no cache", "date" "mon, 21 oct 2024 12 08 57 gmt" }, "reason" "ok", "json body" {} } ] update record updates an existing content record in archerirm with specified 'content' details provided in the json body endpoint url /core/content method put input argument name type required description content object required response content id number required unique identifier levelid number required unique identifier fieldcontents object required response content 3202 object optional parameter for update record type number optional type of the resource value object optional value for the parameter fieldid number optional unique identifier 3204 object optional parameter for update record type number optional type of the resource value number optional value for the parameter fieldid number optional unique identifier 10066 object optional parameter for update record type number optional type of the resource value array optional value for the parameter fieldid number optional unique identifier version string optional parameter for update record subformfieldid number optional subform field id that must be passed when subform content is being saved otherwise, this parameter can be omitted output parameter type description status code number http status code of the response reason string response reason phrase links array output field links file name string name of the resource file string output field file requestedobject object output field requestedobject id number unique identifier issuccessful boolean whether the operation was successful validationmessages array unique identifier example \[ { "status code" 200, "response headers" { "content length" "140", "content type" "application/json", "date" "tue, 19 dec 2023 20 37 23 gmt" }, "reason" "ok", "json body" { "links" \[], "requestedobject" {}, "issuccessful" true, "validationmessages" \[] } } ] response headers header description example cache control directives for caching mechanisms max age=0, no cache, no store content encoding http response header content encoding gzip content length the length of the response body in bytes 140 content type the media type of the resource application/json date the date and time at which the message was originated tue, 19 dec 2023 20 37 23 gmt expires the date/time after which the response is considered stale mon, 21 oct 2024 12 08 57 gmt pragma http response header pragma no cache x hsci cache time http response header x hsci cache time 2024 10 21t12 01 22 328z notes archerirm authentication link https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/authentication htmcreate record api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/content htm?highlight=core%2fcontent%2fattachment#postcontentdelete record api doc https //xsoar pan dev/docs/reference/integrations/rsa archer v2#archer delete recordget all applications api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata application htm?highlight=core%2fsystem%2fapplication#getallapplicationsget all groups api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata group htm?highlight=core%2fsystem%2fgroup%2f#getallgroupsget all users api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata user htm?highlight=core%2fsystem%2fuser#getallusersget field definition by application id api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata field htm?highlight=core%2fsystem%2ffielddefinition#getfielddefinitionbyapplicationidget group by id api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata group htm?highlight=core%2fsystem%2fgroup%2f#getgroupbyidget record api doc https //xsoar pan dev/docs/reference/integrations/rsa archer v2#archer get recordget user by id api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/metadata user htm?highlight=core%2fsystem%2fuser%2f#getuserbyidupdate record api doc https //help archerirm cloud/platform 611/en us/content/api/restapi/segmentsresources/content htm?highlight=core%2fcontent%2fattachment#putcontentsearch records by report id https //help archerirm cloud/platform 611/en us/content/api/webapi/searchrecordsbyreport htm