UsersApi
| Method | HTTP request | Description |
|---|---|---|
| create_magic_link_using_put | PUT /api/web/v1/users/{userid}/magiclink | Create and get the Magic Link for a user |
| create_user_using_post | POST /api/web/v3/users | Create a user |
| create_users_using_post | POST /api/web/v3/users/multiple | Create multiple users |
| delete_magic_link_using_delete | DELETE /api/web/v1/users/{userid}/magiclink | Delete the Magic Link for a given user |
| delete_user_using_delete | DELETE /api/web/v3/users/{id} | Delete a user |
| delete_users_using_delete | DELETE /api/web/v3/users/multiple | Delete multiple users |
| modify_user_a_organization_associations_using_put | PUT /api/web/v1/users/{userid}/organizations | Modify user organization membership |
| sync_user_using_post | POST /api/web/v1/syncusers/sync | Synchronize a new user or an existing user |
| unlock_user_using_put | PUT /api/web/v1/users/{id}/unlock | Unlock user |
| unsync_user_using_post | POST /api/web/v1/syncusers/unsync | Unsynchronize an existing user |
| update_user_state_using_put | PUT /api/web/v1/users/{id}/state | Update user state |
| update_user_using_put | PUT /api/web/v3/users/{id} | Update a user |
| update_users_using_put | PUT /api/web/v3/users/multiple | Update multiple users |
| user_by_external_id_using_post | POST /api/web/v3/users/externalid | Get a user by externalId |
| user_by_userid_using_post | POST /api/web/v3/users/userid | Get a user by userid or user alias |
| user_using_get | GET /api/web/v3/users/{id} | Get a user by UUID |
| users_paged_using_post | POST /api/web/v4/userspaged | Lists a page of users |
create_magic_link_using_put
MagicLinkResponse create_magic_link_using_put(userid, magic_link_create_parms)
Create and get the Magic Link for a user
Create and get the Magic Link for the specified user. Caller requires the MAGICLINKS:ADD permission.
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| userid | str | ||
| magic_link_create_parms | MagicLinkCreateParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
create_user_using_post
User create_user_using_post(user_parms)
Create a user
Create a user. Caller requires the USERS:ADD permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| user_parms | UserParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
create_users_using_post
List[CreateUserResult] create_users_using_post(create_users_parms)
Create multiple users
Create multiple users. Caller requires the USERS:ADD permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| create_users_parms | CreateUsersParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
delete_magic_link_using_delete
delete_magic_link_using_delete(userid)
Delete the Magic Link for a given user
Delete the Magic Link for the specified user. Caller requires the MAGICLINKS:REMOVE permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| userid | str | The UUID of the user to delete the Magic Link for. |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
delete_user_using_delete
delete_user_using_delete(id)
Delete a user
Delete the specified user. Caller requires the USERS:REMOVE permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | str | The UUID of the user to be deleted. |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
delete_users_using_delete
List[DeleteUserResult] delete_users_using_delete(delete_users_parms)
Delete multiple users
Delete multiple users. Caller requires the USERS:REMOVE permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| delete_users_parms | DeleteUsersParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
modify_user_a_organization_associations_using_put
modify_user_a_organization_associations_using_put(userid, user_organization_parms)
Modify user organization membership
Modify the list of organizations assigned to a specified user. Caller requires the USERS:EDIT permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| userid | str | The UUID of the user whose organization membership is to be modified. | |
| user_organization_parms | UserOrganizationParms |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
sync_user_using_post
SyncUser sync_user_using_post(sync_user_parms)
Synchronize a new user or an existing user
Synchronize a user. Caller requires the USERS:EDIT permission. An Identity as a Service directory must be configured and associated with an Identity as a Service Gateway 5.0 or later. If you unsynchronize a user using the unsync API, the user becomes locally managed. In order to set the user back to an AD Sync user, the user should be synchronized again using this API. Using an AD Sync crawl will only re-synchronize the user if the user is updated in AD (i.e., the user's last update time in AD is updated) or a new custom user attribute mapping is added for the directory (this resets The last update time for all users such that all AD users will be re-synchronlized).
The following response status attribute values are possible:
- CONVERTED: the locally managed Identity as a Service user was converted into an AD Sync user.
- CREATED: a new user was created as an AD Sync user.
- DELETED: the user was not found in AD and has been deleted in Identity as a Service.
- LOCALIZED_ENABLED: the user was not found in AD and has been set as locally managed and enabled in Identity as a Service.
- LOCALIZED_DISABLED: the user was not found in AD and has been set as locally managed and disabled in Identity as a Service.
- UPDATED: the user was synchronized.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| sync_user_parms | SyncUserParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
unlock_user_using_put
unlock_user_using_put(id)
Unlock user
Unlock the specified user. Caller requires the USERS:EDIT permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | str | The UUID of the user that will be unlocked. |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
unsync_user_using_post
unsync_user_using_post(unsync_user_parms)
Unsynchronize an existing user
Unsynchronize a user. Caller requires the USERS:EDIT permission. An Identity as a Service directory must be configured and associated with an Identity as a Service Gateway 5.0 or later. If you unsynchronize a user using this API, the user becomes locally managed. In order to set the user back to an AD Sync user, the user should be synchronized again using the sync API. Using an AD Sync crawl will only re-synchronize the user if the user is updated in AD (i.e., the user's last update time in AD is updated) or a new custom user attribute mapping is added for the directory (this resets the last update time for all users such that all AD users will be re-synchronlized).
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| unsync_user_parms | UnsyncUserParms |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
update_user_state_using_put
update_user_state_using_put(id, user_change_state_parms)
Update user state
Update the state of the specified user. Caller requires the USERS:EDIT permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | str | The UUID of the user whose state is to be updated. | |
| user_change_state_parms | UserChangeStateParms |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
update_user_using_put
update_user_using_put(id, user_parms)
Update a user
Update the specified user. Caller requires the USERS:EDIT permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | str | The UUID of the user to be updated. | |
| user_parms | UserParms |
Return type
void (empty response body)
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
update_users_using_put
List[UpdateUserResult] update_users_using_put(update_users_parms)
Update multiple users
Update multiple users. Caller requires the USERS:EDIT permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| update_users_parms | UpdateUsersParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
user_by_external_id_using_post
User user_by_external_id_using_post(user_get_parms)
Get a user by externalId
Get the user with the specified externalId. Caller requires the USERS:VIEW permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| user_get_parms | UserGetParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
user_by_userid_using_post
User user_by_userid_using_post(user_get_parms)
Get a user by userid or user alias
Get the specified user by userid or user alias. Caller requires the USERS:VIEW permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| user_get_parms | UserGetParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
user_using_get
User user_using_get(id)
Get a user by UUID
Get the specified user by UUID. Caller requires the USERS:VIEW permission.
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| id | str | The UUID of the user to be fetched. |
Return type
Authorization
HTTP request headers
- Content-Type: Not defined
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |
users_paged_using_post
UsersPage users_paged_using_post(search_parms)
Lists a page of users
Returns users for the provided search parameters. Caller requires the USERS:VIEW permission. The following searchByAttributes are supported:
- userId: a String value (it matches both the User ID or any alias). Allowed operators are: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS, STARTS_WITH, ENDS_WITH.
- groupId: a String value should be a UUID of an existing group. Allowed operator: EQUALS.
- roleId: a String value should be a UUID of an existing role. Allowed operator: EQUALS.
- authenticator: a String with value ENTRUST_SOFT_TOKEN or FIDO or GOOGLE_AUTHENTICATOR or GRID or HARDWARE_TOKEN or KBA or OTP or PASSWORD or SMARTCREDENTIALPUSH or TEMP_ACCESS_CODE or FACE. Allowed operator: EQUALS, NOT_EQUALS.
- state: ACTIVE or INACTIVE. Allowed operator: EQUALS.
- locked: 'true' is the only value allowed. Allowed operator: EQUALS.
- userType: a String with value LOCAL or SYNC or EXTERNAL. Allowed operator: EQUALS.
- registrationRequired: true or false. Allowed operator: EQUALS.
- verificationRequired: true or false. Allowed operator: EQUALS.
- lastAuthTime: a String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN, GREATER_THAN_OR_EQUAL, LESS_THAN, LESS_THAN_OR_EQUAL, EXISTS, NOT_EXISTS.
- passwordExpirationTime: a String value representing an ISO-8601 date in UTC time (e.g., 2018-08-04T18:15:30). Allowed operators are: GREATER_THAN, GREATER_THAN_OR_EQUAL, LESS_THAN, LESS_THAN_OR_EQUAL, EXISTS, NOT_EXISTS.
- organizationId: a String value should be a UUID of an existing organization. Allowed operator: EQUALS.
If you provide more than one search attribute, they are joined with an AND condition.
The orderByAttribute supports these attribute names: userId, state, lastAuthTime.
The following attributes can be optionally included in the returned User object: grids, tokens, smartCredentials, tempAccessCode, fidoTokens, userAttributeValues, userAliases, groups, oauthRoles, authenticatorLockoutStatus, organizations
Example
- Api Key Authentication (AdminAPIAuthentication):
Parameters
| Name | Type | Description | Notes |
|---|---|---|---|
| search_parms | SearchParms |
Return type
Authorization
HTTP request headers
- Content-Type: application/json
- Accept: application/json
HTTP response details
| Status code | Description | Response headers |
|---|---|---|
| 200 | Successful | - |
| 400 | Bad Request | - |
| 401 | Access denied | - |
| 403 | Forbidden | - |
| 404 | Not Found | - |
| 409 | Conflict | - |