RSA SecurID Access User Details API

Document created by RSA Information Design and Development on Oct 19, 2018Last modified by Joyce Cohen on Mar 4, 2019
Version 5Show Document
  • View in full screen mode

The RSA SecurID Access User Details API enables Help Desk administrators to look up a single user without logging into the Cloud Administration Console. The User Details API can only look up one user at a time.

 

Note:   Confirm that RSA has enabled SMS Tokencode and Voice Tokencode authentication for your company. Otherwise, the User Details API does not include the smsNumber and voiceNumber in the response.

 

Authentication

 

Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration REST APIs .

 

Administrative Roles

 

This API can use an API Key that is associated with either the Super Administrator or Help Desk Administrator role. For more information, see Manage the Cloud Administration REST API Keys.

 

Software Developer Kit

 

You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.

 

Request Requirements

 

Use the following information to retrieve information about a particular user.

 

MethodRequest URLResponse Content TypeResponse BodyResponse Codes
POST/AdminInterface/restapi/v1/users/lookupapplication/jsonUser details with property200, 400, 403, 404, 415, 500

 

Example Request Data

 

The User Details request does not contain any parameters. The following example displays a request.

 

POST /AdminInterface/restapi/v1/users/lookup

 

Accept: application/json

 

Authorization: Bearer <JWT token>

 

Example Request Body

 

{

 

"email": "user.one@mycompany.com"

 

}

 

Example Response

 

The following example response shows the status of a single user on 31 May 2018:

 

{

 

"id": "f85b6e95-f41f-45b4-bc84-559fead6460c",

 

"emailAddress": "user.one@mycompany.com",

 

"firstName": "User",

 

"lastName:" "One",

 

"creationDate": "2018-08-31T19:10:30.045Z",

 

"identitySource": "My Company AD",

 

"userStatus": "Enabled",

 

"markDeleted": false,

 

"markDeletedAt": null,

 

"markDeletedBy": null,

 

"smsNumber": "+11235556799",

 

"voiceNumber": "+1 774 291 4444",

 

"isTokenLocked": false,

 

"isSmsLocked": false,

 

"isVoiceLocked": false,

 

"lastSyncTime": "2018-08-31T19:20:30.045Z"

 

}

 

Property Response Descriptions

 

The following table shows property descriptions and data types.

 

PropertyDescriptionData Type
idIdentifies the user.String
emailAddressUser's email address.String
firstNameUser's first name.String
lastNameUser's last name.String
creationDate

Date when the user account was added to the Cloud Authentication Service.
See https://www.w3.org/TR/NOTE-datetime

for information on formatting timestamps in ISO 8601 format.
String
identitySourceName of identity source.String
userStatus

Enabled. Users can access protected resources.

Disabled. Users cannot access protected resources or register devices.

Pending Deletion. The user and all associated data and devices are automatically deleted from the Cloud Authentication Service seven days after being marked for deletion in the Cloud Administration Console.

String
markDeletedIndicates whether the user is marked deleted.Boolean
markDeletedAtDate when a user is marked deleted.
See https://www.w3.org/TR/NOTE-datetime .
String
markDeletedByAdministrator who initiated mark for delete.String
smsNumberDisplays user phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.String
voiceNumberDisplays user voice phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.String
isTokenLockedToken locked status is either true (locked) or false (unlocked).Boolean
isSmsLockedSMS phone locked status is either true (locked) or false (unlocked).Boolean
isVoiceLocked

Voice phone locked status is either true (locked) or false (unlocked).

Boolean
lastSyncTimeMost recent time when user details were synchronized with an identity source.
See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format.
String

 

Response Codes

 

The following table shows response codes and descriptions for the User Details API.

 

CodeDescription
200User is successfully found.
400User ID not provided as parameter.
403Not authorized to perform the request.
404User is not found.
415Unsupported media type (must be JSON).
500Internal error occurred when processing the request.

 

 

 

 

 

You are here

Table of Contents > Cloud Administration REST APIs > RSA SecurID Access User Details API

Attachments

    Outcomes