Use the Cloud Administration Retrieve High-Risk User List API to retrieve users who have been marked as high risk. Accounts for these users may have been compromised. A security information and event management (SIEM) solution, such as RSA NetWitness, may mark users with suspicious activity as high risk.
Note: This API is available only for Premium Edition.
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration APIs .
This API must use an API key that is associated with the Super Administrator role. For more information, see Manage the Cloud Administration API Keys.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from RSA SecurID Access Administration REST API Download.
Use the following information to retrieve a list of users who are marked as high risk.
|Method||Request URL||Response Content Type||Response Body||Response Codes|
|GET||/AdminInterface/restapi/v1/users/highrisk||application/json||List of user emails that contains a high-risk flag set to true.||200, 400, 403, 500|
Request Body Parameters
No query parameters are supported at this time.
Example Request Body
The following example displays a request.
Authorization: Bearer <JWT token>
Example Response Body
The following example displays a response body.
The following table shows response codes for this API.
|200||Operation completed successfully.|
|400||Operation not performed because of client syntax errors.|
|403||Not authorized to perform the request.|
Internal error occurred.