The Cloud Administration User Details API enables Help Desk administrators to look up a single user without logging into the Cloud Administration Console. This API can look up only one user at a time.
Note: Confirm that RSA has enabled SMS Tokencode and Voice Tokencode authentication for your company. Otherwise, the User Details API does not include the smsNumber and voiceNumber in the response.
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration APIs .
This API can use an API Key that is associated with either the Super Administrator or Help Desk Administrator role. For more information, see Manage the Cloud Administration API Keys.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Use the following information to retrieve information about a particular user.
|Method||Request URL||Response Content Type||Response Body||Response Codes|
|POST||/AdminInterface/restapi/v1/users/lookup||application/json||User details with property||200, 400, 403, 404, 415, 500|
Example Request Data
The User Details request does not contain any parameters. The following example displays a request.
Authorization: Bearer <JWT token>
Example Request Body
The following example response shows the status of a single user on 31 May 2018:
"identitySource": "My Company AD",
"voiceNumber": "+1 774 291 4444",
Property Response Descriptions
The following table shows property descriptions and data types.
|id||Identifies the user.||String|
|emailAddress||User's email address.||String|
|firstName||User's first name.||String|
|lastName||User's last name.||String|
Date when the user account was added to the Cloud Authentication Service.
|identitySource||Name of identity source.||String|
Enabled. Users can access protected resources.
Disabled. Users cannot access protected resources or register devices.
Pending Deletion. The user and all associated data and devices are automatically deleted from the Cloud Authentication Service seven days after being marked for deletion in the Cloud Administration Console.
|markDeleted||Indicates whether the user is marked deleted.||Boolean|
|markDeletedAt||Date when a user is marked deleted. |
See https://www.w3.org/TR/NOTE-datetime .
|markDeletedBy||Administrator who initiated mark for delete.||String|
|smsNumber||Displays user phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.||String|
|voiceNumber||Displays user voice phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.||String|
|isTokenLocked||Token locked status is either true (locked) or false (unlocked).||Boolean|
|isSmsLocked||SMS phone locked status is either true (locked) or false (unlocked).||Boolean|
Voice phone locked status is either true (locked) or false (unlocked).
|lastSyncTime||Most recent time when user details were synchronized with an identity source. |
See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format.
True indicates the user is marked as high risk by an external third-party application. False indicates the user is not marked as high risk by an external third-party application.
The following table shows response codes and descriptions for the User Details API.
|200||User is successfully found.|
|400||User ID not provided as parameter.|
|403||Not authorized to perform the request.|
|404||User is not found.|
|415||Unsupported media type (must be JSON).|
|500||Internal error occurred when processing the request.|