User Operation
User operations provide CRUD access to users, credentials, and roles and groups associated with users. The users are synchronized with the vManage platform PAM.
User
Get all users
GET https://{vmanage-ip-address}/dataservice/admin/userwith response body:
{ "header": { "generatedOn": {timstamp}, "fields": [ { "property": "description", "dataType": "string" }, { "property": "userName", "dataType": "string" }, { "property": "group", "dataType": "array" } ] }, "data": [ { "userName": {username}, "group": [{groupname}] }, { "userName": "ciscotacro", "description": "CiscoTACReadOnly", "status": "enabled", "group": [ "operator" ] }, { "userName": "ciscotacrw", "description": "CiscoTACReadWrite", "status": "enabled", "group": [ "netadmin" ] } ] }Create user
POST https://{vmanage-ip-address}/dataservice/admin/userwith request body:
{ "group": [ "usergroup" ], "description": "Demo User", "userName": "demouser", "password": "password" }Modify user
PUT https://{vmanage-ip-address}/dataservice/admin/user/{username}with request body:
{"userName": "demouser", "password": "newpasswd"}Delete user
DELETE https://{vmanage-ip-address}/dataservice/admin/user/{username}
Credentials
Set password
PUT https://{vmanage-ip-address}/dataservice/admin/user/password/{username}with request body:
{"userName": "demouser", "password": "default"}Validate password
POST https://{vmanage-ip-address}/dataservice/admin/user/password/validatewith request body:
{"userName": "demouser", "password": "default"}Unlock user
POST https://{vmanage-ip-address}/dataservice/admin/user/resetwith request body:
{"userName": "demouser", "password": "default"}
User Sessions
Get active sessions
GET https://{vmanage-ip-address}/dataservice/admin/user/activeSessionsresponse body:
{ "header": { "fields": [ { "property": "rawUserName", "dataType": "string" }, { "property": "uuid", "dataType": "string" }, { "property": "sourceIp", "dataType": "string" }, { "property": "remoteHost", "dataType": "string" }, { "property": "tenantDomain", "dataType": "string" }, { "property": "tenantId", "dataType": "string" }, { "property": "rawId", "dataType": "string" }, { "property": "userMode", "dataType": "string" }, { "property": "userGroup", "dataType": "string" }, { "property": "createDateTime", "dataType": "date" }, { "property": "lastAccessedTime", "dataType": "date" } ] }, "data": [ { "uuid": "6c59edaef68c82d93de59b2cd641c32e8b2627b0ccf333b5ce2c79803ddb3312", "sourceIp": "127.0.0.1", "remoteHost": "127.0.0.1", "rawUserName": "demouser", "rawId": "demouser", "tenantDomain": "10.195.86.175", "userGroup": "[\"demogrp\"]", "userMode": "tenant", "createDateTime": 1593978137921, "tenantId": "default", "lastAccessedTime": 1593978138068 } ] }Deactivate sessions
DELETE https://{vmanage-ip-address}/dataservice/admin/user/removeSessionswith request body:
{ "data":[ { "tenantId":"default", "rawId":"demouser", "uuid":"6c59edaef68c82d93de59b2cd641c32e8b2627b0ccf333b5ce2c79803ddb3312" } ] }
User Roles
There are three default roles that can be associated with a user; from higher to lower privilege, they are netadmin, operator, and basic user.
Get role associated with current user
GET https://{vmanage-ip-address}/dataservice/admin/user/rolewith response body:
{isAdmin: true}
User Group Operation
User group defines privilege for a set of tasks. A user can belong to multiple groups.
Get user group
GET https://{vmanage-ip-address}/dataservice/admin/usergroupwith response body:
{ "header":{ "type":"list", "title":"User Group", "keyProperty":"groupName", }, "data":[ { "groupName":"basic", "tasks":[ { "feature":"Policy", "enabled":false, "read":false, "write":false }, { "feature":"Routing", "enabled":false, "read":false, "write":false }, { "feature":"Security", "enabled":false, "read":false, "write":false }, { "feature":"Interface", "enabled":true, "read":true, "write":false }, { "feature":"System", "enabled":true, "read":true, "write":false }, { "feature":"Alarms", "enabled":false, "read":false, "write":false }, { "feature":"Audit Log", "enabled":false, "read":false, "write":false }, { "feature":"Certificates", "enabled":false, "read":false, "write":false }, { "feature":"Cloud OnRamp", "enabled":false, "read":false, "write":false }, { "feature":"Cluster", "enabled":false, "read":false, "write":false }, { "feature":"Colocation", "enabled":false, "read":false, "write":false }, { "feature":"Device Inventory", "enabled":false, "read":false, "write":false }, { "feature":"Device Monitoring", "enabled":false, "read":false, "write":false }, { "feature":"Device Reboot", "enabled":false, "read":false, "write":false }, { "feature":"Disaster Recovery", "enabled":false, "read":false, "write":false }, { "feature":"Events", "enabled":false, "read":false, "write":false }, { "feature":"Integration Management", "enabled":false, "read":false, "write":false }, { "feature":"Manage Users", "enabled":false, "read":false, "write":false }, { "feature":"Policy Configuration", "enabled":false, "read":false, "write":false }, { "feature":"Policy Deploy", "enabled":false, "read":false, "write":false }, { "feature":"RBAC VPN", "enabled":false, "read":false, "write":false }, { "feature":"Security Policy Configuration", "enabled":false, "read":false, "write":false }, { "feature":"Session Management", "enabled":false, "read":false, "write":false }, { "feature":"Settings", "enabled":false, "read":false, "write":false }, { "feature":"Software Upgrade", "enabled":false, "read":false, "write":false }, { "feature":"Template Configuration", "enabled":false, "read":false, "write":false }, { "feature":"Template Deploy", "enabled":false, "read":false, "write":false }, { "feature":"Tools", "enabled":false, "read":false, "write":false }, { "feature":"vAnalytics", "enabled":false, "read":false, "write":false } ], "isRbacVpnGroup":false }, { "groupName":"netadmin", "tasks":[ { "feature":"Policy", "enabled":true, "read":true, "write":true }, { "feature":"Routing", "enabled":true, "read":true, "write":true }, { "feature":"Security", "enabled":true, "read":true, "write":true }, { "feature":"Interface", "enabled":true, "read":true, "write":true }, { "feature":"System", "enabled":true, "read":true, "write":true }, { "feature":"Alarms", "enabled":true, "read":true, "write":true }, { "feature":"Audit Log", "enabled":true, "read":true, "write":true }, { "feature":"Certificates", "enabled":true, "read":true, "write":true }, { "feature":"Cloud OnRamp", "enabled":true, "read":true, "write":true }, { "feature":"Cluster", "enabled":true, "read":true, "write":true }, { "feature":"Colocation", "enabled":true, "read":true, "write":true }, { "feature":"Device Inventory", "enabled":true, "read":true, "write":true }, { "feature":"Device Monitoring", "enabled":true, "read":true, "write":true }, { "feature":"Device Reboot", "enabled":true, "read":true, "write":true }, { "feature":"Disaster Recovery", "enabled":true, "read":true, "write":true }, { "feature":"Events", "enabled":true, "read":true, "write":true }, { "feature":"Integration Management", "enabled":true, "read":true, "write":true }, { "feature":"Manage Users", "enabled":true, "read":true, "write":true }, { "feature":"Policy Configuration", "enabled":true, "read":true, "write":true }, { "feature":"Policy Deploy", "enabled":true, "read":true, "write":true }, { "feature":"RBAC VPN", "enabled":true, "read":true, "write":true }, { "feature":"Security Policy Configuration", "enabled":true, "read":true, "write":true }, { "feature":"Session Management", "enabled":true, "read":true, "write":true }, { "feature":"Settings", "enabled":true, "read":true, "write":true }, { "feature":"Software Upgrade", "enabled":true, "read":true, "write":true }, { "feature":"Template Configuration", "enabled":true, "read":true, "write":true }, { "feature":"Template Deploy", "enabled":true, "read":true, "write":true }, { "feature":"Tools", "enabled":true, "read":true, "write":true }, { "feature":"vAnalytics", "enabled":true, "read":true, "write":true } ], "isRbacVpnGroup":false }, { "groupName":"operator", "tasks":[ { "feature":"Policy", "enabled":true, "read":true, "write":false }, { "feature":"Routing", "enabled":true, "read":true, "write":false }, { "feature":"Security", "enabled":true, "read":true, "write":false }, { "feature":"Interface", "enabled":true, "read":true, "write":false }, { "feature":"System", "enabled":true, "read":true, "write":false }, { "feature":"Alarms", "enabled":true, "read":true, "write":false }, { "feature":"Audit Log", "enabled":true, "read":true, "write":false }, { "feature":"Certificates", "enabled":true, "read":true, "write":false }, { "feature":"Cloud OnRamp", "enabled":true, "read":true, "write":false }, { "feature":"Cluster", "enabled":true, "read":true, "write":false }, { "feature":"Colocation", "enabled":true, "read":true, "write":false }, { "feature":"Device Inventory", "enabled":true, "read":true, "write":false }, { "feature":"Device Monitoring", "enabled":true, "read":true, "write":false }, { "feature":"Device Reboot", "enabled":true, "read":true, "write":false }, { "feature":"Disaster Recovery", "enabled":true, "read":true, "write":false }, { "feature":"Events", "enabled":true, "read":true, "write":false }, { "feature":"Integration Management", "enabled":true, "read":true, "write":false }, { "feature":"Manage Users", "enabled":true, "read":true, "write":false }, { "feature":"Policy Configuration", "enabled":true, "read":true, "write":false }, { "feature":"Policy Deploy", "enabled":true, "read":true, "write":false }, { "feature":"RBAC VPN", "enabled":true, "read":true, "write":false }, { "feature":"Security Policy Configuration", "enabled":true, "read":true, "write":false }, { "feature":"Session Management", "enabled":true, "read":true, "write":false }, { "feature":"Settings", "enabled":true, "read":true, "write":false }, { "feature":"Software Upgrade", "enabled":true, "read":true, "write":false }, { "feature":"Template Configuration", "enabled":true, "read":true, "write":false }, { "feature":"Template Deploy", "enabled":true, "read":true, "write":false }, { "feature":"Tools", "enabled":true, "read":true, "write":false }, { "feature":"vAnalytics", "enabled":true, "read":true, "write":false } ], "isRbacVpnGroup":false } ] }Create user group
POST https://{vmanage-ip-address}/admin/usergroupwith request body:
{ "groupName": "demogrp", "tasks": [ { "feature": "Interface", "read": true, "enabled": true, "write": true }, { "feature": "Routing", "read": true, "enabled": true, "write": true }, { "feature": "Security", "read": true, "enabled": true, "write": true }, { "feature": "System", "read": true, "enabled": true, "write": true }, { "feature": "Policy", "read": true, "enabled": true, "write": true }, { "feature": "Alarms", "read": true, "enabled": true, "write": true }, { "feature": "Audit Log", "read": true, "enabled": true, "write": true }, { "feature": "Device Monitoring", "read": true, "enabled": true, "write": true }, { "feature": "RBAC VPN", "read": true, "enabled": true, "write": true }, { "feature": "Certificates", "read": true, "enabled": true, "write": true }, { "feature": "Device Inventory", "read": true, "enabled": true, "write": true }, { "feature": "Template Configuration", "read": true, "enabled": true, "write": true }, { "feature": "Template Deploy", "read": true, "enabled": true, "write": true }, { "feature": "Policy Configuration", "read": true, "enabled": true, "write": true }, { "feature": "Security Policy Configuration", "read": true, "enabled": true, "write": true }, { "feature": "Policy Deploy", "read": true, "enabled": true, "write": true }, { "feature": "Cloud OnRamp", "read": true, "enabled": true, "write": true }, { "feature": "Software Upgrade", "read": true, "enabled": true, "write": true }, { "feature": "Device Reboot", "read": true, "enabled": true, "write": true }, { "feature": "Manage Users", "read": true, "enabled": true, "write": true }, { "feature": "Tools", "read": true, "enabled": true, "write": true }, { "feature": "Settings", "read": true, "enabled": true, "write": true }, { "feature": "Cluster", "read": true, "enabled": true, "write": true }, { "feature": "Colocation", "read": true, "enabled": true, "write": true }, { "feature": "vAnalytics", "read": true, "enabled": true, "write": true }, { "feature": "Events", "read": true, "enabled": true, "write": true } ] }Update user group
PUT https://{vmanage-ip-address}/dataservice/admin/usergroup/{groupname}with request body:
{ "groupName": "demogrp", "tasks": [ { "feature": "Policy", "enabled": true, "read": true, "write": true }, { "feature": "Routing", "enabled": true, "read": true, "write": false }, { "feature": "Security", "enabled": true, "read": true, "write": false }, { "feature": "Interface", "enabled": true, "read": true, "write": false }, { "feature": "System", "enabled": true, "read": true, "write": false }, { "feature": "Alarms", "enabled": true, "read": true, "write": false }, { "feature": "Audit Log", "enabled": true, "read": true, "write": false }, { "feature": "Certificates", "enabled": true, "read": true, "write": false }, { "feature": "Cloud OnRamp", "enabled": true, "read": true, "write": false }, { "feature": "Cluster", "enabled": true, "read": true, "write": false }, { "feature": "Colocation", "enabled": true, "read": true, "write": false }, { "feature": "Device Inventory", "enabled": true, "read": true, "write": false }, { "feature": "Device Monitoring", "enabled": true, "read": true, "write": false }, { "feature": "Device Reboot", "enabled": true, "read": true, "write": false }, { "feature": "Events", "enabled": true, "read": true, "write": false }, { "feature": "Manage Users", "enabled": true, "read": true, "write": false }, { "feature": "Policy Configuration", "enabled": true, "read": true, "write": false }, { "feature": "Policy Deploy", "enabled": true, "read": true, "write": false }, { "feature": "RBAC VPN", "enabled": true, "read": true, "write": false }, { "feature": "Security Policy Configuration", "enabled": true, "read": true, "write": false }, { "feature": "Settings", "enabled": true, "read": true, "write": false }, { "feature": "Software Upgrade", "enabled": true, "read": true, "write": false }, { "feature": "Template Configuration", "enabled": true, "read": true, "write": false }, { "feature": "Template Deploy", "enabled": true, "read": true, "write": false }, { "feature": "Tools", "enabled": true, "read": true, "write": false }, { "feature": "vAnalytics", "enabled": true, "read": true, "write": false } ] }Delete user group
DELETE /dataservice/admin/usergroup/{groupname}
User groups cannot be deleted if there are users associated with it.