Jump to content

Searching Password List based on List name, not ID Number with the API

Colin Hughes

Recommended Posts

New to this product so I hope someone out there can help, but here is our situation

We have a nested tree approach of folders for our clients that looks like this


Customer  -->  ABC  Then password lists start here. Example Domain Users.


So it looks like this


Customer --> ABC>Domain Users

Customer --> DEF>Domain Users

Customer --> HIJ>Domain Users

Etc, Etc.  


What we wanted to do is something like this with the API using Powershell on Server 2016


$PasswordstateUrl = 'https://web.company.com/api/searchpasswords/?username=bcrellin'
Invoke-Restmethod -Method GET -Uri $PasswordstateUrl -Header @{ "APIKey" = "1111111111111111111111111" }


This work fine, but returns all records that have that username in them, and what we want do is narrow it down to a specific List Name, not number  the name of the list is 'Domain Users'


The problem is I can find examples to say  search a specific list by PasswordListName,,   searchpasswords/?username=bcrellin' &PasswordList='Domain Users' 


Also when I search for it by using a PasswordListid  like this example



It generates an API Key error. Pull out the 1772 and it works just fine..


Any help folks could render would be appreciated greatly

Link to comment
Share on other sites

Unfortunately we don't have any search terms in this specific function you are referring to, but possibly you could return the ID of the Password List first by doing a search on the Password List itself?  Something like this could return the value for you, and you'll notice in my URL that I am searching for a List called "DomainAccounts" in a folder called "Test Folder".  This can be set to the full tree path to the list, but in my test case "Test Folder" was in the root of Passwords Home.


$PasswordstateUrl = "https://sandbox.halox.net"
$APIKey = "4ca37695823bdfe9285afe3bc3467d87"

# Construct full URL
$FullURL = "$PasswordstateUrl/api/searchpasswordlists/?PasswordList=DomainAccounts&treepath=Test Folder"

# Execute the script
$result = Invoke-Restmethod -Method GET -Uri $FullURL -Header @{ "APIKey" = $APIKey }
$PasswordListID = $result.PasswordListID




Link to comment
Share on other sites

@Colin Hughes

Are you looking for something like that (3 Examples, one with the List Name, one with the ID directly and one filtered by Username and later on by ListName)?



This powershell cmdlet is part of the Powershell Module passwordstate-management, you can just install and use it.

The module contains most of the possibilities of the API and you do not have to write it by yourself. It is also constantly being further developed.

Since we also use it for all automation jobs in the company where I work, I also have a vested interest in updating it constantly. (It is not my module, but i am one of the contributors to this module to keep it up-to-date)


This module also exports the password to a Powershell Secure String, so that you can use it directly inside your scripts.



Every cmdlet is documented, and you can read the documentation by running f.e.

help Get-PasswordStatePassword -Examples


If you need help, encounter some problems or you have feature requests for this module, feel free to contact me :). (Or open an issue on the official github repository passwordstate-management).
Of course, it uses the official API and WinAPI of PasswordState.

Your above mentioned example should work, but sometimes you need to urlencode your search string and the URL call on the searchpasswords API method. (The module always urlencode the search string).

Example Code, change it to your needs:

$Username = "Administrator"
$PasswordListID = 292

$PasswordstateHost = 'https://passwordstate.domain.local'
$ApiKey = "a12347123alkj21343248909234dasdf"
$uri = "/api/searchpasswords/$($PasswordListID)?UserName=$([System.Web.HttpUtility]::UrlEncode($UserName))"
$PasswordstateUrl = $PasswordstateHost + $uri

Invoke-RestMethod -Method GET -Uri $PasswordstateUrl -Header @{ "APIKey" = $ApiKey } -Verbose






Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...