The RSA SecurID Access User Details API enables Help Desk administrators to look up a single user without logging into the Cloud Administration Console.
Note: The User Details API can only look up one user at a time.
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration REST APIs .
Software Developer Kit
You can download the API Software Developer Kit (SDK) from RSA SecurID Access Administration REST API Download.
Use the following information to retrieve information about a particular user.
|Method||Request URL||Response Content Type||Response Body||Response Codes|
|POST||/AdminInterface/restapi/v1/users/lookup||application/json||User details with property||200, 400, 403, 404, 415, 500|
Example Request Data
The User Details request does not contain any parameters. The following example displays a request.
Authorization: Bearer <JWT token>
Example Request Body
The following example response shows the status of a single user on 31 May 2018:
"identitySource": "My Company AD",
"voiceNumber": "+1 774 291 4444",
Property Response Descriptions
The following table shows property descriptions and data types.
|id||Identifies the user.||String|
|emailAddress||User's email address.||String|
|firstName||User's first name.||String|
|lastName||User's last name.||String|
Date when the user account was added to the Cloud Authentication Service.
|identitySource||Name of identity source.||String|
Enabled. Users can access protected resources.
Disabled. Users cannot access protected resources or register devices.
Pending Deletion. The user and all associated data and devices are automatically deleted from the Cloud Authentication Service seven days after being marked for deletion in the Cloud Administration Console.
|markDeleted||Indicates whether the user is marked deleted.||Boolean|
|markDeletedAt||Date when a user is marked deleted. |
See https://www.w3.org/TR/NOTE-datetime .
|markDeletedBy||Administrator who initiated mark for delete.||String|
|smsNumber||Displays user phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.||String|
|voiceNumber||Displays user voice phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized.||String|
|isTokenLocked||Token locked status is either true (locked) or false (unlocked).||Boolean|
|isSmsLocked||SMS phone locked status is either true (locked) or false (unlocked).||Boolean|
Voice phone locked status is either true (locked) or false (unlocked).
|lastSyncTime||Most recent time when user details were synchronized with an identity source. |
See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format.
The following table shows response codes and descriptions for the User Details API.
|200||User is successfully found.|
|400||User ID not provided as parameter.|
|403||Not authorized to perform the request.|
|404||User is not found.|
|415||Unsupported media type (must be JSON).|
|500||Internal error occurred when processing the request.|