Users and Roles - User Retrieve, Update, and Delete Methods

URI

https://164.99.19.131:8443/SentinelRESTServices/objects/user/{UserId}

Supported Methods

GET
PUT
DELETE
GET

Authentication

Authentication Types
Sentinel Permissions Needed

Supported Formats

Response

URL Parameters

None.

Success Codes

Fault Codes

Response Data

Object type: user
A User object contains information about a user account in the Sentinel system.
FieldDescription
auth-dnIf a user has an authentication source other than "DATABASE"" (e.g., "LDAP") this value can be used to identify the corresponding user account in the authentication source.
auth-sourceThe source used by Sentinel to authenticate a user's password during an authentication request.
cellThe user's mobile phone number.
createdateThe date and time when the object was created.
creatorThe URL of the Sentinel User object that represents the creator of the object.
deptThe department to which the user belongs.
descA description of the user account.
emailThe user's contact email address.
faxA secondary contact number or other value. The Sentinel user interface displays this as "Fax".
givenThe user's given name.
metaThe metadata for an object, including the object type name and the URL reference to the object. Definition
moddateThe date and time when the object was last modified.
modifierThe URL of the Sentinel User object that represents the last modifier of the object.
nameThe name that the user supplies to log in to Sentinel.
old-passwordThe user's existing password value. This is treated as "write-only" and is only used when a user is changing the value of the user's own password. It is never returned from the server.
passwordThe user's password value. This is treated as "write-only". In other words, it is only used when creating a user account or when changing a user account's password. It is never returned from the server.
permsA description of the user's permissions in the Sentinel system. Definition
phoneThe user's contact telephone number.
rolesThe user's role memberships.
stateThe user's current state. One of the following three values: "ACTIVE", "LOCKED", "INACTIVE". "INACTIVE" indicates a "deleted" user account.
surnameThe user's family name.
sysIf this value is true it indicates that the user account is an internal account used by Sentinel. For example, a distributed search target creates a system user for the purposes of executing a search on behalf of a search console.
tagsThe user's "favorite" tags.
titleThe user's job title.
Object type: meta
The metadata for an object, including the object type name and the URL reference to the object.
FieldDescription
@hrefThe URL reference to the object.
typeThe name of the object type
Object type: permissions
The UserPermissions object contains the current permissions for a user in the Sentinel system.
FieldDescription
all-eventsIf true, the user can view all event records in the Sentinel system. If false, the filter value is used to determine the set of events the user is allowed to view.
chg-pwdIf true, a user can change his own password.
filterIf non-empty, and AllowAllEvents is false, this value is a filter expression that determines the set of events the user is allowed to view.
isadminIf true, the user has administrator privileges.
perm-setThis collection contains the calculated set of permissions effective for the user based on the user's role memberships.

Sample Request

GET https://164.99.19.131:8443/SentinelRESTServices/objects/user/42
Sample Response for application/json
Status: 200
{
   "meta":{
      "type":"user",
      "@href":"https://164.99.19.131:8443/SentinelRESTServices/objects/user/42"
   },
   "auth-dn":"cn=jdoe,dc=users,dc=somecompany,dc=com",
   "phone":"(212) 555-1212",
   "moddate":"2012-04-25T13:33:44.728Z",
   "perms":{
      "all-events":false,
      "perm-set":[
         "viewIdentityData",
         "eventActions",
         "runReportOnDB",
         "viewIncidents",
         "solutionDesigner",
         "_viewRawDataRole_",
         "viewInternalEvents",
         "distSearchInitiate",
         "createIncidents",
         "viewVulnerabilityData",
         "remediateIncidents",
         "viewAssetData",
         "activeViews",
         "shareFilters"
      ],
      "chg-pwd":true,
      "filter":"rv145:\"PCI\"",
      "isadmin":false
   },
   "desc":"This account is a sample user account.",
   "fax":"(212) 555-1212",
   "auth-source":"DATABASE",
   "sys":false,
   "old-password":"0ldp@$$w0rd",
   "cell":"(212) 555-1212",
   "createdate":"2012-04-25T13:33:44.728Z",
   "surname":"Doe",
   "password":"p@$$w0rd",
   "title":"PCI Compliance Manager",
   "given":"John",
   "email":"jdoe@somecompany.com",
   "name":"jdoe",
   "dept":"Accounting",
   "tags":[
      "PCI"
   ],
   "roles":[
      "https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
   ],
   "state":"INACTIVE"
}
PUT

Authentication

Authentication Types
Sentinel Permissions Needed

Supported Formats

Request

URL Parameters

None.

Success Codes

Fault Codes

Request Data

Object type: user
A User object contains information about a user account in the Sentinel system.
FieldRequiredDescription
auth-dnfalseIf a user has an authentication source other than "DATABASE"" (e.g., "LDAP") this value can be used to identify the corresponding user account in the authentication source.
auth-sourcetrueThe source used by Sentinel to authenticate a user's password during an authentication request.
cellfalseThe user's mobile phone number.
deptfalseThe department to which the user belongs.
descfalseA description of the user account.
emailfalseThe user's contact email address.
faxfalseA secondary contact number or other value. The Sentinel user interface displays this as "Fax".
givenfalseThe user's given name.
nametrueThe name that the user supplies to log in to Sentinel.
old-passwordfalseThe user's existing password value. This is treated as "write-only" and is only used when a user is changing the value of the user's own password. It is never returned from the server.
passwordfalseThe user's password value. This is treated as "write-only". In other words, it is only used when creating a user account or when changing a user account's password. It is never returned from the server.
phonefalseThe user's contact telephone number.
rolesfalseThe user's role memberships.
statefalseThe user's current state. One of the following three values: "ACTIVE", "LOCKED", "INACTIVE". "INACTIVE" indicates a "deleted" user account.
surnamefalseThe user's family name.
tagsfalseThe user's "favorite" tags.
titlefalseThe user's job title.

Object type: meta
The metadata for an object, including the object type name and the URL reference to the object.
FieldRequiredDescription
@hreffalseThe URL reference to the object.
typefalseThe name of the object type

Sample Request

PUT https://164.99.19.131:8443/SentinelRESTServices/objects/user/42
{
   "auth-dn":"cn=jdoe,dc=users,dc=somecompany,dc=com",
   "phone":"(212) 555-1212",
   "desc":"This account is a sample user account.",
   "fax":"(212) 555-1212",
   "auth-source":"DATABASE",
   "old-password":"0ldp@$$w0rd",
   "cell":"(212) 555-1212",
   "surname":"Doe",
   "password":"p@$$w0rd",
   "title":"PCI Compliance Manager",
   "given":"John",
   "email":"jdoe@somecompany.com",
   "name":"jdoe",
   "dept":"Accounting",
   "tags":[
      "PCI"
   ],
   "roles":[
      "https://164.99.19.131:8443/SentinelRESTServices/objects/role/79600390-9B73-102E-A3E2-001676E4A757"
   ],
   "state":"INACTIVE"
}
Sample Response for application/json
Status: 200

DELETE

Authentication

Authentication Types
Sentinel Permissions Needed

URL Parameters

None.

Success Codes

Fault Codes

Sample Request

DELETE https://164.99.19.131:8443/SentinelRESTServices/objects/user/42