Previous Topic: IntroductionNext Topic: Authorization and Authentication API


About This Guide

This guide introduces you to the Application Program Interfaces (APIs) provided with CA ControlMinder.

CA ControlMinder offers several APIs for programmers who want to develop in‑house CA ControlMinder‑secured applications and to customize CA ControlMinder functions for specific user needs:

CA ControlMinder provides sample programs. Additional examples are in the subdirectory of the directory in which CA ControlMinder is installed.

APIs for UNIX and Windows

For UNIX and Windows, this version of CA ControlMinder includes the following APIs:

Authorization and Authentication API

The Authorization and Authentication API lets client applications request authorization for predefined or site‑defined abstract resource classes using the authorization and auditing mechanisms provided by CA ControlMinder. Use this API to call the CA ControlMinder authorization daemon from within your application to check whether a user has authorization to perform the requested action.

Administration API

The Administration API extracts information from the CA ControlMinder database. This API also permits applications to perform administrative tasks such as shutting down seosd or to modify the ability to perform activities such as concurrent logins.

ExitsAPI

The Exits API lets you customize the CA ControlMinder authorization mechanisms by complementing CA ControlMinder authorization routines with your own authorization routines. You can also add a special notification function to CA ControlMinder activities. For example, you can use this API to add a site‑specific encryption algorithm to CA ControlMinder.

Note: (Windows only). Because CA ControlMinder is a certified product, you must format all object names and object property names in the UTF8 format.

APIs for UNIX Only

For UNIX alone, this version of CA ControlMinder includes the following API:

LogRouteAPI

The LogRoute API lets you add your own alerts to the standard CA ControlMinder audit log functions. You can also use the log routing daemon to add a guaranteed delivery of audit data or third‑party alert systems to other programs.