POST RecycleBin/GetContents

Lists deleted items that are in the Recycle Bin. The Recycle Bin appears in CyberArk Configuration Console or in the Trust Protection Foundation MMC Snap-In Collection. You can use this endpoint to discover items in the Recycle Bin and determine whether an item and its children are restorable via POST RecycleBin/Restore. Based on the RestoreState, recovery may be possible.

VCC Recycle Bin

Requirements

  • Permissions: The caller must have Master Admin permission
  • Token scope:  Admin:RecycleBin

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

Limit

(Optional) The maximum number of entries to return in the response. If the value is 0, the response only contains Total and Result.

Returns

TIP  Remember that the Recycle Bin retains deleted items based on the current Purge Process settings.

Response description

Name

Description

HTTP 200

For valid requests, this call returns a HTTP 200 message and the following data in the message body:

  • Items array of deleted items. If you did not pass any parameters, this array is empty. Otherwise:
    • ChildCount: Appears only when the deleted item is a Config object with subordinate objects.
    • DN: If the Type is a Config Object, the Distinguished Name (DN) of the object before it was deleted. Otherwise, the DN is the owner of the deleted item.
    • DeletedBy: The Deletion Task or identity that deleted the item. For more information, see Identity Entry object.
      • Prefix: If a task deleted the item, Internal. Otherwise, the identity provider prefix that manages the account or group Name. For more information, see Identity Information.
      • PrefixedName: If a task deleted the item, Internal. Otherwise, the concatenated Prefix: and account Name.
      • PrefixedUniversal: If a task deleted the item, Internal:[Task Name]. Otherwise, the concatenated Prefix: and Universal
      • Universal: If a task deleted the item, Task Name. Otherwise, the Universal Unique ID that identifies a user or group identity.
    • DeletedOn: The date of deletion.
    • Guid: The Recycle Bin Item GUID, representing the deleted item. Valid only while a deleted item and its children are in the Recycle Bin.
    • Name: The Certificate Name (CN) of the DN.
    • PurgeOn: The remaining number of days until the Purge process permanently deletes the item and its children. The value can change based on Purge Process settings.
    • RestorationDN: If the Type is a Config Object, the DN location where the item can be restored. If the Type is a Vault Entry, the owner DN where it will be restored. If the name changed after you deleted the item, the value is the most current name of the object if it still exists.
    • RestoreState: The restoration status that describes whether the item can be restored, if the object still exists. For more information, see Recycle Bin restore state.
    • Type: The kind of Recycle Bin item:
      • Config Object: The item represents a deleted Config object.

      • Vault Entry: The item represents a single deleted SecretStore vault entry.

      • Owner Entry: The item represents all SecretStore vault entries of a previous owner.

    • TypeDetail: If the Type is Config Object, the Config class of the deleted object. Otherwise, null for other item types.
  • For valid requests, this API call returns Result: 0.
  • Total: The total number of items in the Recycle Bin, NOT the number of records in the response.
HTTP 400

For invalid requests, this call returns HTTP 400 Bad Request and the following data in the message body:

  • error: The reason for the error.

  • error_description: If available, additional information about how to retry the request.

Example: Show Recycle Bin items

Request

POST https://tpp.venafi.example/vedsdk/RecycleBin/GetContents
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "Limit": "50"
}

Response

HTTP/1.1 200 OK
{
   "Items":[
      {
         "ChildCount":4,
         "DN":"\\VED\\Policy\\certificates_data\\cred_msca",
         "DeletedBy":{
            "FullName":"\\VED\\Identity\\admin",
            "Name":"admin",
            "Prefix":"local",
            "PrefixedName":"local:admin",
            "PrefixedUniversal":"local:{7492e6c1-9f96-4927-8ea0-1a720aa28380}",
            "Type":1,
            "Universal":"{7492e6c1-9f96-4927-8ea0-1a720aa28380}"
         },
         "DeletedOn":"05/27/2022 20:21:51",
         "Guid":"82f8d7c9-1ece-4a8c-bf3a-2821f3fb7f2d",
         "Name":"cred_msca",
         "PurgeOn":"08/25/2022 20:21:51",
         "RestorationDN":"\\VED\\Policy\\certificates_data\\cred_msca",
         "RestoreState":1,
         "Type":"Config Object",
         "TypeDetail":"Username Password Credential"
      },      
      {
         "DN":"\\VED\\Policy\\test4\\delete4",
         "DeletedBy":{
            "Prefix":"Internal",
            "PrefixedName":"Internal:",
            "PrefixedUniversal":"Internal:CertificateAge",
            "Universal":"CertificateAge"
      },
         "DeletedOn":"06\/02\/2022",
         "Guid":"1b837de7-121b-4756-aced-ba1112f4286a",
         "Name":"CA_templ_StandardSSL(1year)",
         "PurgeOn":"08/25/2022 20:22:09",
         "RestorationDN":"\\VED\\Policy\\certificates_data\\CA_templ_StandardSSL(1year)",
         "RestoreState":1,
         "Type":"Config Object",
         "TypeDetail":"Microsoft CA"
      },
      {
         "DN":"\\VED\\Discovery\\MyCAImportDiscoveryJob",
         "DeletedBy":{
            "FullName":"\\VED\\Identity\\admin",
            "Name":"admin",
            "Prefix":"local",
            "PrefixedName":"local:admin",
            "PrefixedUniversal":"local:{7492e6c1-9f96-4927-8ea0-1a720aa28380}",
            "Type":1,
            "Universal":"{7492e6c1-9f96-4927-8ea0-1a720aa28380}"
         },
         "DeletedOn":"05/27/2022 20:25:05",
         "Guid":"7fbf844b-024a-411f-b6bc-1e320832a107",
         "Name":"MyCAImportDiscoveryJob",
         "PurgeOn":"08/25/2022 20:25:05",
         "RestorationDN":"\\VED\\Discovery\\MyCAImportDiscoveryJob",
         "RestoreState":1,
         "Type":"Config Object",
         "TypeDetail":"CA Import"
      },
      {
         "DN":"\\VED\\Logging\\Notification Rules\\LogNotficationHeartBeat",
         "DeletedBy":{
            "FullName":"\\VED\\Identity\\admin",
            "Name":"admin",
            "Prefix":"local",
            "PrefixedName":"local:admin",
            "PrefixedUniversal":"local:{7492e6c1-9f96-4927-8ea0-1a720aa28380}",
            "Type":1,
            "Universal":"{7492e6c1-9f96-4927-8ea0-1a720aa28380}"
         },
         "DeletedOn":"05/27/2022 20:26:46",
         "Guid":"8ac7fc18-db93-4efd-8c96-9d97df14304b",
         "Name":"LogNotficationHeartBeat",
         "PurgeOn":"08/25/2022 20:26:46",
         "RestorationDN":"\\VED\\Logging\\Notification Rules\\LogNotficationHeartBeat",
         "RestoreState":1,
         "Type":"Config Object",
         "TypeDetail":"Log Heartbeat"
      }
   ],
   "Result":0,
   "Total":4
}