The PingCastle API is something that definitely scares some people and today we had a support ticket to bulk update every domain to enable the option “Send a reminder to the domain operators if not report has been received in the last month” int he domains screen.
By default this can only be accessed by going to Infrastructure → Domains → For each domain → Click on the domain → Click Edit → Tick the box for the setting.
To save the customer manually going through each item, I put together a quick PowerShell script for them to help them do this which I hope may be useful to others out there 
# Configuration
$baseUri = "https://your-pingcastle-url" # The URL of your pingcastle enterprise instance
$apiKey = "your-api-key" # A "Perform Admin Actions" API Key from Configuration -> Agents
# Authenticate and get JWT token
Write-Host "Authenticating..."
$loginResponse = Invoke-RestMethod -Uri "$baseUri/api/Agent/Login" `
-Method Post `
-Body (@{ ApiKey = $apiKey; Location = $ENV:COMPUTERNAME } | ConvertTo-Json) `
-ContentType "application/json"
$token = $loginResponse
Write-Host "Authentication successful"
# Get list of all domains
Write-Host "Fetching domains..."
$domains = Invoke-RestMethod -Uri "$baseUri/api/domains" `
-Method Get `
-Headers @{ Authorization = $token }
Write-Host "Found $($domains.Count) domains"
# Loop through each domain and enable the reminder
foreach ($domainSummary in $domains) {
$domainId = $domainSummary.ID
$domainName = $domainSummary.Name
Write-Host "Processing domain: $domainName (ID: $domainId)"
try {
# Get the full domain details
$domain = Invoke-RestMethod -Uri "$baseUri/api/domains/$domainId" `
-Method Get `
-Headers @{ Authorization = $token }
# Check if already enabled
if ($domain.RemindReportsOlderThan1Month -eq $true) {
Write-Host " Already enabled, skipping" -ForegroundColor Yellow
continue
}
# Enable the reminder
$domain.RemindReportsOlderThan1Month = $true
# Update the domain
Invoke-RestMethod -Uri "$baseUri/api/domains/$domainId" `
-Method Put `
-Body ($domain | ConvertTo-Json -Depth 10) `
-ContentType "application/json" `
-Headers @{ Authorization = $token } | Out-Null
Write-Host " Successfully enabled reminder" -ForegroundColor Green
}
catch {
Write-Host " Error: $($_.Exception.Message)" -ForegroundColor Red
}
}
Write-Host "Completed processing all domains"
Flow Chart
So if PowerShell and APIs are new to you here is a little bit about what this is actually doing.
- You enter your PingCastle URL and ApiKey in the first two variables. This is how the script accesses PingCastle.
- Authentication to PingCastle happens via the
/api/Agent/Login
a. We then use the token (called a JWT) returned from that to authenticate the rest of our session - Request all Domains via the
/api/Domainsendpoint to get the Id of each domain - Loop through each domain and enable the reminder
a. Request the specific domain from/api/Domains/{Id}where{Id}is the numbered ID of the domain
b. Change theRemindReportsOlderThan1Monthproperty totrue
c. Execute a PUT request into/api/Domain/{Id}
Hope this helps!
Have you made something similar? Share it!