Device Group Import REST Service

Use Device Group Import REST Service to import device group data into IBM® Security Guardium® Key Lifecycle Manager server from the export file. The export file is an encrypted archive that contains device group data from a different instance of IBM Security Guardium Key Lifecycle Manager.

Operation: POST
URL: https://<host>:<port>/SKLM/rest/v1/ckms/deviceGroupsImport

By default, Guardium Key Lifecycle Manager server listens to non-secure port 9080 (HTTP) and secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify these default ports.

Note: The non-secure port 9080 is not applicable when IBM Security Guardium Key Lifecycle Manager is deployed in a containerized environment.

Request

Request Parameters

Parameter	Description
host	Specify the IP address or host name of the IBM Security Guardium Key Lifecycle Manager server.
port	Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.

Request Headers

Header name	Value
Content-Type	`application/json`
Accept	`application/json`
Authorization	`SKLMAuth userAuthId=<authIdValue>`
Accept-Language	Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example: `en` or `de`

Request body

JSON object with the following specification:

Property name	Description
importFilePath	Specifies the location of the export file that contains device group data for importing into current instance of IBM Security Guardium Key Lifecycle Manager.
password	Specifies the password that was used to encrypt the export file for importing and decrypting device group data into current instance of IBM Security Guardium Key Lifecycle Manager.
ignoreDeviceGroupConflict	Specifies whether to ignore the device group conflict. The expected values are `true` and `false`. By default, it is set to `false`. To ignore the data conflict, set this property to `true`. The data conflict is ignored only when the following conditions are met: The UUID and name of the device group are same on source and destination servers. No other data conflicts are present.

Response

Response Headers

Header name	Value and description
Status Code	200 OK The request was successful. The response body contains the requested representation. 400® Bad Request The authentication information was not provided in the correct format. 401 Unauthorized The authentication credentials were missing or incorrect. 404 Not Found Error The processing of the request fails. 500 Internal Server Error The processing of the request fails because of an unexpected condition on the server.
Content-Type	`application/json`
Content-Language	Locale for the response message.

Success response body

JSON object with the following specification:

JSON property name	Description
code	Returns the value that is specified by the status property.
status	Returns the status to indicate whether the device group data is imported into IBM Security Guardium Key Lifecycle Manager from the export file with an appropriate message.

Error Response Body

JSON object with the following specification.

JSON property name	Description
code	Returns the application error code.
message	Returns a message that describes the error.

If the import operation fails, you can run the Device Group Import Conflicts REST Service to check for any data conflicts.

Examples

Service request to import device group data

POST https://localhost:<port>/SKLM/rest/v1/ckms/deviceGroupsImport
Content-Type: application/json
Accept: application/json
Authorization: SKLMAuth userAuthId=139aeh34567m
{"importFilePath": "C:\\BackupDir\\sklm_v3.0.0.0_20170728040703-1200_export.exp", 
"password": "passw0rd123"}

Success response

Status Code : 200 OK
{"code":"0","status":"Import operation succeeded."}

Error response

Status Code : 400 Bad Request
{"code":"CTGKM0550E","message":"CTGKM0550E  Input value cannot be an 
empty string for parameter password "}

Table 1. Topic change log
Date	Change description
28 Sept 2021	Added the ignoreDeviceGroupConflict request parameter.
08 Dec 2020	Initial version.