| Table of Contents |
|---|
A user is a child object of a domain or unit. A user belongs to a domain or unit, and only one domain or unit only. A user can belong to many groups, however. In a way, a group can be seen as one of the parents of a user.
| Anchor | ||||
|---|---|---|---|---|
|
Attribute | type | values | default | mandate | comment | ||||||
namefirstName | string | true | |||||||||
lastName | string | true | |||||||||
loginName | attribute istring | true | |||||||||
password | string | falsetrue |
| ||||||||
statusemail | string | INACTIVE, false ACTIVE, | |||||||||
mobile | LOCKED, string DISABLED | ||||||||||
ACTIVEstring | |||||||||||
telephone | string | ||||||||||
descriptioncanonicalName | string | ||||||||||
userPrincipalName | string | ||||||||||
falsepersonalEmail | string | ||||||||||
domainpersonalTelephone | objectstring | ||||||||||
personalTwitter | string | ||||||||||
personalMobile | string | ||||||||||
| userLocale | string | ||||||||||
status | string | INACTIVE, | ACTIVE | ||||||||
description | string | false | |||||||||
domain | object |
|
| true | the domain it belongs to | ||||||
unit | object |
| false | The parent unit | |||||||
groups | coll |
| false | Associated groups | |||||||
roles | coll |
|
| false | Assigned roles | ||||||
tokens | coll |
|
| false | Assigned tokens | ||||||
tokenAssignments | coll | ||||||||||
tempPasses | Coll<TempPass> | false |
| ||||||||
tempPasses | Coll<TempPass> |
|
| false |
| ||||||
qnas | coll | false | qnas | coll |
|
| false |
| |||
siteStamps | coll |
|
| false |
| ||||||
images | coll |
| false |
| |||||||
certificates | Coll<UserCertificate> |
|
|
|
| ||||||
lastLogin | date |
|
|
|
| ||||||
radiusAttributes | coll |
|
|
|
| ||||||
failCount | integer | 0 |
|
| |||||||
mustChangePassword | Boolean |
| False |
|
| ||||||
passwordNeverExpires | Boolean | False |
|
| |||||||
lastChangePassword | date |
|
|
|
|
| Anchor | ||||
|---|---|---|---|---|
|
Attribute | type | values | default | mandate | comment | |||
subjectDn | string |
|
|
| readOnly | |||
serialNumber | integer |
|
| readOnly | ||||
signature | string |
|
|
| readOnly | |||
issuerDn | string |
|
|
| readOnly | |||
startDate | date |
|
|
| readOnly | |||
expiryDate | date |
|
|
| readOnly | |||
certificatePem | string | readOnly |
|
| readOnly |
...
| Anchor | ||
|---|---|---|
|
...
|
To create a new user, we must specify the name of the user and its parent: either a domain or a userunit. On success, the method always returns the internal user id of the newly created user.
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"attrs": |
...
{
"domain.id": "parent domain id",
"loginName": "the login name",
"password": "the password",
"email": "the email",
...
}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
|
- Creating a user by specifying its parent domain.
...
"error":0, "result":{"id": |
...
- Creating a user specifying its parent unit.
Method:/user/create
Parameters:
{
"attrs":
{
"name":"Joe Blog",
"unit":1
}
}
Response: {"error":0, "result":{"id":2}}
- Creating a user with temppass
Method:/user/create
Parameters:
{
"attrs":
{
"name":"Joe Blog",
"unit":1,
"tempPass":
{
"password":"password",
"usageLimit":10
}
}
}
Response:{"error":0, "result":{"id":2}}
...
"the id of the newly created user"}
} |
| Anchor | ||||
|---|---|---|---|---|
|
| Anchor | ||||
|---|---|---|---|---|
|
Examples:
Note: in the following examples, you can use any "searchable" attributes in user as the match condition, not only the attributes in the example.
e.g.
["loginName", "=", "john"]
or
["email", "=", "john@acme.com"]
Search users in a domain
Code Block language js title Parameters { "match": [ [domain.id", "=", "domain id 1"], ["lastName", "=", "Smith"] ], "return":["id", "loginName", "email"], "sort":"loginName", "order":"asc", "max": 20, "offset": 0 }Code Block language js title Response { "error":0, "result": { "total": 20, "rows": [ { "id":"user id 1", "loginName":"John Smith", "email": "john.smith@acme.com" }, { "id":"user id 2", "loginName":"Alice Smith", "email": "alice.smith@acme.com" }, ... ] } }Search users in a unit
Code Block language js title Parameters { "match": [ [unit.id", "=", "unit id 1"], ], "return":["id", "loginName", "email"], "sort":"loginName", "order":"asc", "max": 20, "offset": 0 }Code Block language js title Response { "error":0, "result": { "total": 20, "rows": [ { "id":"user id 1", "loginName":"John Smith", "email": "john.smith@acme.com" }, { "id":"user id 3", "loginName":"Bob Smith", "email": "bob.smith@acme.com" }, ... ] } }Search users in a group
Code Block language js title Parameters { "match": [ [group.id", "=", "group id 1"], ], "return":["id", "loginName", "email"], "sort":"loginName", "order":"asc", "max": 20, "offset": 0 }Code Block language js title Response { "error":0, "result": { "total": 20, "rows": [ { "id":"user id 1", "loginName":"John Smith", "email": "john.smith@acme.com" }, { "id":"user id 2", "loginName":"Alice Smith", "email": "alice.smith@acme.com" }, ... ] } }
| Anchor | ||||
|---|---|---|---|---|
|
Method: /user/get
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"match":
[
[domain |
Examples:
- Searchusers in a domain
| Wiki Markup |
|---|
Method:/user/search
Parameters:
\{
"match":
\[
\[domain.id", "=", "1"\]
\],
"return":\["name", "id"\],
"sort":"name",
"order":"asc",
"max": 20,
"offset": 0
\}
Response:
\{
"error":0,
"result":
\[
\{
"name":"John Smith",
"id":"1",
\},
\{
...
\}
\]
\}
\\ |
- Search users in a unit
...
.id", "=", " |
...
domain id 1" |
...
] |
...
,
|
...
- Search users in a group
| Wiki Markup |
|---|
Method:/user/search
Parameters:
\{
"match":
\[
\[group.id", "=", "2"\]
\],
"return":\["name", "id"\],
"sort":"name",
"order":"asc",
"max": 20,
"offset": 0
\}
Response:
\{
"error":0,
"result":
\[
\{
"name":"Joe Blog",
"id":"2",
\},
\{
...
\}
\]
\}
\\ |
...
| Wiki Markup |
|---|
Method:/user/get
Parameters:
\{
"match":
\[
\["id", "=", 2\],
\],
"return":\["name", "id"\],
\}
Response:
\{
"error":0,
"result":
\{
"name":"Joe Blog",
"id":"2",
\}
\} |
...
[id", "=", "user id 1"] // or ["loginName", "=", "john"] etc, any searchable user attributes can be used as the match condition
],
"return":["id", "loginName", "email"]
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"error":0,
"result":
{
"id":"user id 1",
"loginName":"John Smith",
"email": "john.smith@acme.com"
}
} |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/set
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"id":"user id 1",
"attrs": {"email": "john.smith@acme.com"}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"error":0
} |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/disable
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"id":"user id 1"
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"error":0
} |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/enable
| Code Block | ||||
|---|---|---|---|---|
| ||||
{
"id":"user id",
"authorizationCode": "Authorization Code"
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0 } |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/delete
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"id": |
...
"user id 1"
} |
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"error":0 |
...
} |
...
- moveUnit
...
- joinGroup(join/unjoin)
| Anchor | ||||
|---|---|---|---|---|
|
Wiki Markup
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user": |
...
{"id":1 |
...
}, "groups": |
...
[ |
...
{"id": |
...
"id1"}, |
...
{"id": |
...
"id2"} ], "action":"join | unjoin" |
...
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0 |
...
} |
...
...
- assignToken(assign/unassign)
| Anchor | ||||
|---|---|---|---|---|
|
Method: /user/assignToken
Assign an existing token
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"user":{ |
...
"id": |
...
"user id 1"}, "token: { "id":"token 5 |
...
", "product.manufactureCode":mc, |
...
"product.productCode" |
...
:pc, "serial":xxx, |
...
}, |
...
"credential": |
...
// |
...
optional { "otp": |
...
"xxxx" }, "autoAssign":true|false, |
...
"action":"assign | unassign", |
...
"isOwner":true | false, |
...
"starts":xxx, |
...
"expires":xxx, |
...
"usageLimit":50, |
...
"status":"active | inactive | disabled", |
...
"pin":"the token pin" |
...
} |
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"error":0, |
...
"id":"tokenAssignmentId |
...
" } |
| Anchor | ||||
|---|---|---|---|---|
|
Method: /user/assignToken
Assign an existing token
Parameters:
{
resetPassword
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user":{"id":"user id 1"}, |
...
"attrs": |
...
{ "password":"new password", |
...
"userMustChangePassword":true|false |
...
}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0 |
...
} |
| Anchor | ||||
|---|---|---|---|---|
|
Examples:
Method:/user/getMessageTemplate
Parameters:
{
"user":
{
"domain.name":"xxx"
"loginName":"abc"
},
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user":{"id":"user id 1"}, "templateItemName":"SMTP_OTP" |
...
} |
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"error":0, |
...
"result":"template in json string" |
...
} |
| Anchor | ||||
|---|---|---|---|---|
|
...
...
/user/
...
listProvisioningUrls
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user": |
...
{ |
...
" |
...
id":" |
...
user id 1"}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0, "result": |
...
{ "total": 2, "rows": |
...
[ "http://provioning.deepnetsecurity.local:8072 |
...
", "http://provioning2.deepnetsecurity.local:8073" |
...
] |
...
} |
...
} |
...
| Anchor | ||||
|---|---|---|---|---|
|
This method is a task running in the background
Examples:
Method:/user/import/import
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"attrs": |
...
{ "format":"csv or xml", |
...
"data":"...", |
...
"charset":"UTF- |
...
8"// optional
}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0 |
...
} |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/issueCertificate Parameters:
{
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user": |
...
{"id":"user id 1"}, "csr":" |
...
csr data", |
...
"return":
[
"id", "subjectDn"
]
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0, "result": { "id": "cert id", "subjectDn": "the subject dn" } } |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/importCertificate
| Code Block | ||||
|---|---|---|---|---|
|
...
{
"user":{"id":"user id 1"},
"certificate":
{
"data":"data in PEM format"
},
"return":
[
"id", "subjectDn"
]
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0, "result": { "id": "cert id", "subjectDn": "the subject dn" } } |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/user/deleteCertificate
| Code Block | ||||
|---|---|---|---|---|
|
...
{ |
...
"user": |
...
{ |
...
" |
...
id":" |
...
user id 1"}, "certificate": |
...
{ "id":"cert id" |
...
}
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0 |
...
} |
| Anchor | ||||
|---|---|---|---|---|
|
Wiki Markup
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "user": |
...
{ |
...
" |
...
id":" |
...
user id 1"}, "category": |
...
{ "name":"logon" |
...
}, "return": |
...
["name", "id","options" |
...
]
|
...
} |
| Code Block | ||||
|---|---|---|---|---|
| ||||
{ "error":0, "result": |
...
{ "id": " |
...
policy id", "name |
...
: " |
...
policy |
...
name", "options": |
...
" |
...
options" |
...
} |
...
} |
...