JSON Import

Automatic migration of passwords and PAM Resources from a JSON file

JSON Record Import

JSON import files can contain records, folders, subfolders, shared folders, default folder permissions and user/team permissions. JSON can also be used to structure KeeperPAM resources.

Below is a JSON import file with 2 records. The first record is added to a folder called "My Websites\\Online". The second record is added to "Social Media" and also added to a shared folder called "Shared Social".

The import file example below is an array of record objects which can import into private folders and shared folders. Note in the example that the Facebook record contains a TOTP seed which will render on the Vault user interface and Commander CLI.

{
  "records": [{
    "title":"Google",
    "folders": [
      {
        "folder": "My Websites\\Online"
      }
    ],
    "login": "testing",
    "password": "lk4j139sk4j",
    "login_url": "https://google.com",
    "notes": "These are some notes.",
    "custom_fields": {"Favorite Food":"Cheetos"}
  },
  {
    "title":"Facebook",
    "folders": [
      {
        "folder": "Social Media"
      },
      {
        "shared_folder": "Shared Social",
        "can_edit": false,
        "can_share": false
      }
    ],
    "login": "[email protected]",
    "password": "123123123123",
    "login_url": "https://facebook.com",
    "notes": "This is our corporate shared record.",
    "custom_fields": {
      "Facebook Application ID":"ABC12345",
      "$oneTimeCode": "otpauth://totp/Amazon:[email protected]?secret=JBSWY3DPEHPK3PXP&issuer=Amazon&algorithm=SHA1&digits=6&period=30"}
  }]
}

Another example below first creates shared folders that are shared to users and teams, then imports records into the shared folders. The format of the file is slightly different and allows you to separate the creation of shared folder objects and records:

{
  "shared_folders": [
    {
      "path": "My Customer 1",
      "manage_users": true,
      "manage_records": true,
      "can_edit": true,
      "can_share": true,
      "permissions": [
        {
          "uid": "kVM96KGEoGxhskZoSTd_jw",
          "manage_users": true,
          "manage_records": true
        },
        {
          "name": "[email protected]",
          "manage_users": true,
          "manage_records": true
        }
      ]
    },
    {
      "path": "Testing\\My Customer 2",
      "manage_users": true,
      "manage_records": true,
      "can_edit": true,
      "can_share": true,
      "permissions": [
        {
          "uid": "ih1CggiQ-3ENXcn4G0sl-g",
          "manage_users": true,
          "manage_records": true
        },
        {
          "name": "[email protected]",
          "manage_users": true,
          "manage_records": true
        }
      ]
    }
  ],
  "records": [
    {
      "title": "Bank Account 1",
      "login": "customer1234",
      "password": "4813fJDHF4239fdk",
      "login_url": "https://chase.com",
      "notes": "These are some notes.",
      "custom_fields": {
        "Account Number": "123-456-789"
      },
      "folders": [
        {
          "folder": "Optional Private Folder 1"
        }
      ]
    },
    {
      "title": "Bank Account 2",
      "login": "mybankusername",
      "password": "w4k4k193f$^&@#*%2",
      "login_url": "https://amex.com",
      "notes": "Some great information here.",
      "custom_fields": {
        "Security Group": "Public",
        "IP Address": "12.45.67.8"
      },
      "folders": [
        {
          "folder": "Optional Private Folder 1"
        },
        {
          "shared_folder": "My Customer 1",
          "can_edit": true,
          "can_share": true
        }
      ]
    }
  ]
}

The format must be strict JSON or it will fail parsing. To import this file:

import --format=json import.json

To apply the suggested user and team permissions, run the command a second time using the --users flag:

import --format=json --users import.json

The --users flag applies permissions similar to the apply-membership command. You can execute the command with the --users flag repeatedly.

There are more complex import file examples that supports shared folders, folder permissions, user permissions and team permissions located in the sample_data/ folder. To import the sample JSON file into your vault, type this command:

Example 1: import.json.txt
Example 2: import_records_existing_folders.json.txt
Example 3: import_records_into_folders.json.txt
Example 4: import_shared_folders.json.txt
Example 5: import_shared_folders_and_records.json.txt

import --format=json sample_data/import.json.txt
import --format=json --users sample_data/import.json.txt

The sample file contains "permissions" objects that contain email address or team names. If the email or team name exists in your Keeper enterprise account, they will be added to the shared folder, otherwise the information is ignored.

JSON PAM Resource Import

Keeper Commander's pam project import feature helps customers to automate the creation of PAM resources: folders, gateways, machines, users, connections, tunnels and (optionally) rotations.

See: pam project import command.

Import JSON Documentation

A step-by-step guide to importing Windows Servers as PAM Resources from a basic list of server hostnames can be found at this page: Importing PAM Resources
A more detailed specification for "pam project import" templates can be found at this GitHub README Page
If you require assistance, contact the Commander team ([email protected]).

PreviousCSV Import NextReporting Commands

Last updated 6 days ago

Was this helpful?