POST Metadata/ReadPolicy

Returns a Custom Field value that has been applied to a policy for inheritance by objects of a specific type. The caller must have Read permission to the Distinguished Name (DN) of a policy.

Requirements

  • Permissions:  The caller must have Read permission to the Distinguished Name (DN) of a policy.
  • Token scope:  Any valid scope, such as Agent, Certificate, or SSH

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

DN

The Distinguished name (DN) of a policy folder that has values for at least one Custom Field. If necessary, use the DN value from the GET Metadata/Items or POST Metadata/GetItemsForClass response.

ItemGuid

The globally unique identifier of a Custom Field. Depending on your environment, the GUID may be expressed with or without curly braces {}. For example, {3d6b61d-1c71-4603-883f-25b8c2ceecdd}. To get the GUIDs for a DN, use POST Metadata/GetItemGuids.

Type Object class. Note that only the Device and X509 Certificate classes are supported.

Returns

Response description

Name

Description

Locked

The status of the data:

  • true: The Policy value, which applies to the Custom Field, is locked.
  • false: The Custom Field value is capable of change.
Values Array of values applicable to the Custom Field type
Result The reason for success or failure. For more information, see Metadata Result Codes.

Example: Read a policy

Request

POST https://tpp.venafi.example/vedsdk/Metadata/ReadPolicy
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "DN": "\\VED\\Policy\\Certificates",
   "ItemGuid": "{a80714f0-565c-4bc2-9026-787cf076d764}",
   "Type": "X509 Certificate"
}

Response

HTTP/1.1 200 OK     
{
   "Locked": true,
   "Values": ["XYZ789"],
   "Result": 0
}