1. REST API for Oracle Enterprise Performance Management Cloud
  2. Managing Users
  3. Invalid Login Report for OCI (Gen 2) Environments

Invalid Login Report for OCI (Gen 2) Environments

Users who have both a Service Administrator role and an Identity Domain Administrator role can use this API to generate an Invalid Login Report on OCI (Gen 2) environments. This allows you to automate reporting on unsuccessful login attempts. This report shows unsuccessful login attempts for users within the provided time frame. This report can be generated for the previous 90 days from the current date. You can download the report using the Download REST API. This report shows all the unsuccessful login attempts to the corresponding Identity Cloud Service. These may not all be to this particular EPM Cloud instance.

This is an asynchronous job and uses the job status URI to determine if the operation is complete.

The presence of status -1 in the response indicates that the generation of the report is in progress. Use the job status URI to determine whether the generation of the report is complete. Any non-zero status except -1 indicates failure of generating the report.

The default retention period for audit data is 30 days; however, you can extend the retention period up to a maximum of 90 days from the Identity Console. If you want a longer duration of audit data, download an Invalid Login Report and archive it.

This API is version v1.

Required Roles

Identity Domain Administrator and any predefined role (Service Administrator, Power User, User, or Viewer)

Table 12-85 Invalid Login Report for OCI (Gen 2) Environments

Task Request REST Resource
Invalid Login Report POST

/interop/rest/security/{api_version}/invalidloginreport/
Invalid Login Report Status GET

/interop/rest/security/{api_version}/jobs/{jobId}

REST Resource

POST /interop/rest/security/{api_version}/invalidloginreport

Note:

Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.

Request

Supported Media Types: application/x-www-form-urlencoded

The following table summarizes the request parameters.

Table 12-86 Parameters

Name Description Type Required Default
api_version Specific API version Path Yes None
from_date The start date for the report (in YYYY-MM-DD format) Form Yes None
to_date The end date for the report (in YYYY-MM-DD format) Form Yes None
filename CSV file where the report is to be populated, such as InvalidLoginReport.csv Form Yes None

Response

Supported Media Types: application/json

Example report:


Sample Invalid Login report

Table 12-87 Parameters

Parameters Description
details In case of errors, details are published with the error string
status See Migration Status Codes
links Detailed information about the link
href Links to API call
action The HTTP call type
rel Can be self and/or Job Status. If set to Job Status, you can use the href to get the status
data Parameters as key value pairs passed in the request

Examples of Response Body

The following show examples of the response body in JSON format.

Response 1: Example When Job is in Progress: 

{
    "links": [
        {
            "rel": "self",
            "href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/invalidloginreport",
            "data": {
                "jobType": "GENERATE_INVALID_LOGIN_REPORT",
                "to_date": "<toDate>",
                "filename": "<filename>",
                "from_date": "<fromDate>"
            },
            "action": "POST"
        },
        {
            "rel": "Job Status",
            "href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/jobs/<job_id>",
            "data": null,
            "action": "GET"
        }
    ],
    "details": null,
    "status": -1,
    "items": null
}

Response 2: Example When Job Completes with Errors: 

{
    "links": [
        {
            "data": {
                "jobType": "GENERATE_INVALID_LOGIN_REPORT",
		    "from_date": " ",
		    "to_date": " ",
                "filename": " "
            },
            "action": "POST",
            "href": "https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/{api_version}/invalidloginreport",
            "rel": "self"
        }
    ],
    "status": 1,
    "details": "EPMCSS-20679: Failed to generate Invalid Login Report. Invalid or insufficient parameters specified. Provide all required parameters for the REST API. ",
    "items": null
}

Response 3: Example When Job Completes without Errors: 

{
    "links": [
        {
            "data": null,
            "action": "GET",
            "href": " https://<SERVICE_NAME>-<TENANT_NAME>.<SERVICE_TYPE>.<dcX>.oraclecloud.com/interop/rest/security/<api_version>/jobs/<jobID>",
            "rel": "self"
        }
    ],
    "status": 0,
    "details": null,
    "items": null
}

Example 12-40 Java Sample Code

Prerequisites: json.jar

Common Functions: See CSS Common Helper Functions for Java

public void generateInvalidLoginReport(String fromDate, String toDate, String fileName) {
		try {
			String url = this.serverUrl + "/interop/rest/security/" + apiVersion + "/invalidloginreport";
			Map<String, String> reqHeaders = new HashMap<String, String>();
			reqHeaders.put("Authorization", "Basic " + DatatypeConverter
					.printBase64Binary((this.userName + ":" + this.password).getBytes(Charset.defaultCharset())));

			Map<String, String> reqParams = new HashMap<String, String>();
			reqParams.put("from_date", fromDate);
			reqParams.put("to_date", toDate);
			reqParams.put("filename", fileName);
		
			Map<String, String> restResult = CSSRESTHelper.callRestApi(new HashMap(), url, reqHeaders, reqParams,
					"POST");
			String jobStatus = CSSRESTHelper.getCSSRESTJobCompletionStatus(restResult, reqHeaders);
			System.out.println(jobStatus);
		} catch (Exception e) {
			e.printStackTrace();
		}
	}

Example 12-41 Shell Script Sample code

Prerequisites: jq (http://stedolan.github.io/jq/download/linux64/jq)

Common Functions: See CSS Common Helper Functions for cURL


funcGenerateInvalidLoginReport() {
        url="$SERVER_URL/interop/rest/security/$API_VERSION/invalidloginreport"
	 params="from_date=$1&to_date=$2&filename=$3"	 
        header="Content-Type: application/x-www-form-urlencoded;charset=UTF-8"
        cssRESTAPI="generateInvalidLoginReport"
        statusMessage=$(funcCSSRESTHelper "POST" "$url" "$header" "$USERNAME" "$PASSWORD" "$params" "$cssRESTAPI")
        echo $statusMessage
}

Example 12-42 Groovy Sample Code

Common Functions: See CSS Common Helper Functions for Groovy

def generateInvalidLoginReport(from_date,to_date,fileName) {

	String scenario = "Generating Invalid Login report in" + fileName;
	String params = "jobtype=GENERATE_INVALID_LOGIN_REPORT&from_date="+from_date+"&to_date="+to_date+"&filename="+ fileName;
	def url = null;
	def response = null;
	try {
		url = new URL(serverUrl + "/interop/rest/security/" + apiVersion + "/invalidloginreport");
	} catch (MalformedURLException e) {
		println "Please enter a valid URL"
		System.exit(0);
	}
	response = executeRequest(url, "POST", params, "application/x-www-form-urlencoded");
	if (response != null) {
		getJobStatus(getUrlFromResponse(scenario, response, "Job Status"), "GET");
	}
}