so far there is no rest api for this yet.

Based on the available documentation, there's no available REST API yet for pushing IP addresses. However, you may want to try to utilizing your existing firewall or security solution to block specific IP addresses.

Based on the information you provided, pushing IP addresses through the "Access Mgmt ->Web Authentication -> Authentication Policy -> Edit Policy -> Policy Name(xyz) -> Objects -> Push IP Addresss" path doesn't seem to have a dedicated REST API in Sangfor IAG. I reviewed the available documentation and found APIs for managing policies and objects, but none specifically for pushing IP addresses in this context.

However, there might be alternative approaches:

1. Scripting: You could explore scripting the manual steps using tools like Selenium or Puppeteer. This would involve simulating user interactions through the web interface to push the IP address. While not ideal, it could be a temporary solution if the volume of IP addresses is low.

2. Third-party tools: Check if any third-party security orchestration or SIEM tools you use integrate with Sangfor IAG. These tools might offer ways to push IP addresses through their own APIs or connectors.

3. Custom development: If your Sangfor IAG version allows custom development, you could potentially develop a custom REST API endpoint that interacts with the internal pushing mechanism. This would require in-depth knowledge of Sangfor IAG's internal workings and might not be feasible for all versions or environments.
Blocking IP addresses on specific instances

For blocking an IP address on a specific Sangfor IAG instance, there are better options:

1. REST API: Fortunately, Sangfor IAG does offer a REST API for managing IP address blocks. You can use the /security/policy/ipblacklist endpoint with appropriate permissions to add or remove IP addresses from the block list on specific instances.

2. CLI: If you prefer a command-line approach, Sangfor IAG also provides a CLI tool called sg_cli. This tool allows managing various configurations, including IP blocking, through commands.

3. Web interface: As a last resort, you can always use the web interface to manually add the IP address to the block list on the desired instance.

Remember, the best approach depends on your specific environment, technical expertise, and desired level of automation.

I recommend prioritizing the REST API or CLI for blocking IP addresses as they offer the most efficient and flexible methods. If pushing IP addresses is crucial, explore scripting or third-party tools as temporary workarounds while investigating potential custom development options.

We did not reset the API from iam

HI, as i far as i know, i never see a rest api for IAM for this scenario.

IAG, or Intelligent Access Gateway, doesn't have a dedicated REST API endpoint specifically designed for pushing or blocking IP addresses within the Web Authentication or Authentication Policy settings as per the path you've outlined. Typically, such granular manipulations within the authentication policy might not be directly exposed through an API. However, you might explore alternative methods leveraging broader security or network APIs that could indirectly affect access controls or firewall rules, depending on your infrastructure setup. Blocking an IP address on a specific instance might involve utilizing firewall APIs or security management tools that interact with IAG indirectly. Investigating broader security APIs or integrations with your network infrastructure could potentially offer solutions for IP blocking on a more specific level within your instance.