Users and Roles - User List and Create Methods

URI

https://164.99.19.131:8443/SentinelRESTServices/objects/user

Supported Methods

GET
POST
GET

Authentication

Authentication Types
Sentinel Permissions Needed

Supported Formats

Response

URL Parameters

Required

None.

Optional

ParameterTypeDefault ValueDescription
query string [no filter] The TinyQ language filter that specifies a subset of all available records.
field string not present The name or names of fields whose values are to be returned. The field item may appear zero or more times in the URI query parameters. A single value of "[none]" indicates return only metadata. The absence of any field parameter indicates return all field values,
page integer 1 The 1-based offset into the total records based on page size. Actual offset is (page - 1) * pagesize.
pagesize integer [unlimited] The maximum number of object records to return as a result of the request.

Success Codes

Fault Codes

Response Data

Object type: page
A container for one or more objects in the result listing. There may be multiple pages in a listing if a page size is specified that is less than the total number of objects in the listing.
FieldDescription
nextA URL addressing the subsequent page of objects in the total set of available objects.
objectsThe list of objects returned in the page of results.
prevA URL addressing the previous page of objects in the total set of available objects.
Object type: user
A User object contains information about a user account in the Sentinel system.
FieldDescription
auth-dnIf a user has an authentication source other than "DATABASE"" (e.g., "LDAP") this value can be used to identify the corresponding user account in the authentication source.
auth-sourceThe source used by Sentinel to authenticate a user's password during an authentication request.
cellThe user's mobile phone number.
createdateThe date and time when the object was created.
creatorThe URL of the Sentinel User object that represents the creator of the object.
deptThe department to which the user belongs.
descA description of the user account.
emailThe user's contact email address.
faxA secondary contact number or other value. The Sentinel user interface displays this as "Fax".
givenThe user's given name.
metaThe metadata for an object, including the object type name and the URL reference to the object. Definition
moddateThe date and time when the object was last modified.
modifierThe URL of the Sentinel User object that represents the last modifier of the object.
nameThe name that the user supplies to log in to Sentinel.
old-passwordThe user's existing password value. This is treated as "write-only" and is only used when a user is changing the value of the user's own password. It is never returned from the server.
passwordThe user's password value. This is treated as "write-only". In other words, it is only used when creating a user account or when changing a user account's password. It is never returned from the server.
permsA description of the user's permissions in the Sentinel system. Definition
phoneThe user's contact telephone number.
rolesThe user's role memberships.
stateThe user's current state. One of the following three values: "ACTIVE", "LOCKED", "INACTIVE". "INACTIVE" indicates a "deleted" user account.
surnameThe user's family name.
sysIf this value is true it indicates that the user account is an internal account used by Sentinel. For example, a distributed search target creates a system user for the purposes of executing a search on behalf of a search console.
tagsThe user's "favorite" tags.
titleThe user's job title.
Object type: meta
The metadata for an object, including the object type name and the URL reference to the object.
FieldDescription
@hrefThe URL reference to the object.
typeThe name of the object type
Object type: permissions
The UserPermissions object contains the current permissions for a user in the Sentinel system.
FieldDescription
all-eventsIf true, the user can view all event records in the Sentinel system. If false, the filter value is used to determine the set of events the user is allowed to view.
chg-pwdIf true, a user can change his own password.
filterIf non-empty, and AllowAllEvents is false, this value is a filter expression that determines the set of events the user is allowed to view.
isadminIf true, the user has administrator privileges.
perm-setThis collection contains the calculated set of permissions effective for the user based on the user's role memberships.

Sample Request

GET https://164.99.19.131:8443/SentinelRESTServices/objects/user?page=2&pagesize=1
Sample Response for application/json
Status: 200
{
   "objects":[
      {
         "meta":{
            "type":"user",
            "@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/user/42"
         },
         "auth-dn":"cn=jdoe,dc=users,dc=somecompany,dc=com",
         "phone":"(212) 555-1212",
         "moddate":"2012-04-25T13:33:44.727Z",
         "perms":{
            "all-events":false,
            "perm-set":[
               "viewIdentityData",
               "eventActions",
               "runReportOnDB",
               "viewIncidents",
               "solutionDesigner",
               "_viewRawDataRole_",
               "viewInternalEvents",
               "distSearchInitiate",
               "createIncidents",
               "viewVulnerabilityData",
               "remediateIncidents",
               "viewAssetData",
               "activeViews",
               "shareFilters"
            ],
            "chg-pwd":true,
            "filter":"rv145:\"PCI\"",
            "isadmin":false
         },
         "desc":"This account is a sample user account.",
         "fax":"(212) 555-1212",
         "auth-source":"DATABASE",
         "sys":false,
         "old-password":"0ldp@$$w0rd",
         "cell":"(212) 555-1212",
         "createdate":"2012-04-25T13:33:44.727Z",
         "surname":"Doe",
         "password":"p@$$w0rd",
         "title":"PCI Compliance Manager",
         "given":"John",
         "email":"jdoe@somecompany.com",
         "name":"jdoe",
         "dept":"Accounting",
         "tags":[
            "PCI"
         ],
         "roles":[
            "https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
         ],
         "state":"INACTIVE"
      }
   ],
   "prev":{
      "@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/user?pagesize=1&page=1"
   },
   "next":{
      "@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/user?pagesize=1&page=3"
   }
}
POST

Authentication

Authentication Types
Sentinel Permissions Needed

Supported Formats

Request

Response

URL Parameters

None.

Success Codes

Fault Codes

Request Data

Object type: user
A User object contains information about a user account in the Sentinel system.
FieldRequiredDescription
auth-dnfalseIf a user has an authentication source other than "DATABASE"" (e.g., "LDAP") this value can be used to identify the corresponding user account in the authentication source.
auth-sourcetrueThe source used by Sentinel to authenticate a user's password during an authentication request.
cellfalseThe user's mobile phone number.
deptfalseThe department to which the user belongs.
descfalseA description of the user account.
emailfalseThe user's contact email address.
faxfalseA secondary contact number or other value. The Sentinel user interface displays this as "Fax".
givenfalseThe user's given name.
nametrueThe name that the user supplies to log in to Sentinel.
old-passwordfalseThe user's existing password value. This is treated as "write-only" and is only used when a user is changing the value of the user's own password. It is never returned from the server.
passwordfalseThe user's password value. This is treated as "write-only". In other words, it is only used when creating a user account or when changing a user account's password. It is never returned from the server.
phonefalseThe user's contact telephone number.
rolesfalseThe user's role memberships.
statefalseThe user's current state. One of the following three values: "ACTIVE", "LOCKED", "INACTIVE". "INACTIVE" indicates a "deleted" user account.
surnamefalseThe user's family name.
tagsfalseThe user's "favorite" tags.
titlefalseThe user's job title.

Object type: meta
The metadata for an object, including the object type name and the URL reference to the object.
FieldRequiredDescription
@hreffalseThe URL reference to the object.
typefalseThe name of the object type

Response Data

Object type:
The metadata representation of the newly-created user object, including the URL reference to the new object.
FieldDescription
metaThe metadata for an object, including the object type name and the URL reference to the object. Definition
Object type: meta
The metadata for an object, including the object type name and the URL reference to the object.
FieldDescription
@hrefThe URL reference to the object.
typeThe name of the object type
Object type: permissions
The UserPermissions object contains the current permissions for a user in the Sentinel system.
FieldDescription
all-eventsIf true, the user can view all event records in the Sentinel system. If false, the filter value is used to determine the set of events the user is allowed to view.
chg-pwdIf true, a user can change his own password.
filterIf non-empty, and AllowAllEvents is false, this value is a filter expression that determines the set of events the user is allowed to view.
isadminIf true, the user has administrator privileges.
perm-setThis collection contains the calculated set of permissions effective for the user based on the user's role memberships.

Sample Request

POST https://164.99.19.131:8443/SentinelRESTServices/objects/user
{
   "auth-dn":"cn=jdoe,dc=users,dc=somecompany,dc=com",
   "phone":"(212) 555-1212",
   "desc":"This account is a sample user account.",
   "fax":"(212) 555-1212",
   "auth-source":"DATABASE",
   "old-password":"0ldp@$$w0rd",
   "cell":"(212) 555-1212",
   "surname":"Doe",
   "password":"p@$$w0rd",
   "title":"PCI Compliance Manager",
   "given":"John",
   "email":"jdoe@somecompany.com",
   "name":"jdoe",
   "dept":"Accounting",
   "tags":[
      "PCI"
   ],
   "roles":[
      "https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
   ],
   "state":"INACTIVE"
}
Sample Response for application/json
Status: 201
Location:https://164.99.19.131:8443/SentinelRESTServices/objects/user/42
{
   "meta":{
      "type":"user",
      "@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/user/42"
   }
}