User management
Reference
Find users
Find users by default only returns an array of object with the least possible data (id, surname, firstname, an optional image and some important settings) for privacy reasons. If you want a detailed list, the requesting user must have IAM permission “user.extendedList” and you have to send the parameter “extended” as true in your request payload.
GET/v2/user
Return a user list based on the filter values.
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| clientId | string | ✗ | Filter users for the given clientId. Requires IAM permission for the given operation and clientId. |
| country | countryCode | ✗ | Filter user for the given countryCode Please do not use this field anymore |
| debug | boolean | ✗ | |
| deletedAt | boolean | ✗ | If true. deleted users are shown |
| ✗ | Filter user for the given id. Only one user is returned! | ||
| extended | boolean | ✗ | If set, response contains the extended user list. Requires admin level 1+ |
| extended | boolean | ✗ | Set to true to receive the extended user lists with more details. Requires the appropriate IAM permission |
| firstname | string | ✗ | Filter user for the given firstname. |
| flags | base64 | ✗ | Filter user-app-relation for the given flags – defaults to active (0), deactivated (1) and pending (2) |
| id | integer | ✗ | Filter user for the given id. Only one user is returned! |
| lastname | string | ✗ | Filter user for the given lastname. |
| responseFields | base64 | ✗ | Limit the response fields to the given, base64 encoded array. |
| securityGroupIds | array | ✗ | Filter user for the given securityGroupIds |
| uaflags | base64 | ✗ | |
| uiLanguage | string | ✗ | Filter user for the given uiLanguage |
Response
| Field | Type | Description |
|---|---|---|
| adminLevel | integer | AdminLevel for this user Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| apps | array | Array of objects of apps which are available for this user. |
| └ clientId | string | Client id of this app |
| └ customerId | integer | Customer Id for this app |
| └ uaflag | integer | See flag Use flag property |
| └ flag | integer | Flag of the relation between user and app. 0 = approved, 1 = deactivated, 2 = pending, 90 rejected, 99 deleted |
| └ authorizedTimestamp | integer | Unix timestamp when the decision for this user-app-relation was made |
| └ authorizedByUserId | integer | UserId of the user that made the decision. |
| └ reason | string | Reason for this user-app-relation |
| └ notes | string | Notes for this user-app-relation. Only visible in user manamgenet, not for user. |
| └ name | string | Name of this app |
| └ appname | string | See name |
| └ type | string | Type of this app |
| └ hasContributedData | integer | If set, the user has contributed data to the app |
| └ lastLogin | integer | Last login of the user to this app |
| └ lastInvite | integer | Last invitation of the user to this app |
| └ adminLevel | integer | Admin level of this user in this app |
| └ lastEditorId | integer | Last editor ID who changed this relation (especially when deleting with flag 99) |
| └ createdAt | date | Date this relation between user and app was created |
| └ updatedAt | date | Date this relation between user and app was last updated |
| country | countryCode | Country code of this user Please do not use this field anymore |
| createdAt | dateTime | Creation date and time of the user |
| creatorId | integer | CreatorId of the user. |
| customerId | integer | Customer id of the user |
| deactivatedAt | integer | Unix timestamp of the deactivation of this user Please use flag 1 in user-app-relation to deactivate a user in a specific app. |
| deletedAt | integer | Unix timestamp of the deletion of this user |
| E-Mail address of the user | ||
| firstname | string | Firstname of the user |
| flag | integer | Flag of this user. See table user flags for details/meaning. allowed values: 0910111213 |
| id | integer | Id of the user |
| image | integer | MediaContainer ID of the user's profile image. Please do not use this field anymore |
| individualConfiguration | object | Individual configuration for this user. |
| └ useBeta | boolean | |
| └ messageFeedback | object | Deprecated? |
| └ preferredAudioLanguages | array | Preferred audio languages allowed values: aaabafaksqamaranhyasavaeayazbabmeubebnbhbibobsbrbgmycacschcezhcucvkwcocrcycsdadedvnldzeleneoeteueefofafjfifrfrfyffkadegdgaglgvelgnguhthahehzhihohrhuhyigisioiiiuieiaidikisitjvjaklknkskakrkkkmkirwkykvkgkokjkulolalvlilnltlblulgmkmhmlmimrmsmkmgmtmnmimsmynanvnrndngnenlnnnbnonyocojoromospafapiplptpsqurmrorornrusgsasiskskslsesmsnsdsostessqscsrsssuswsvtytatttetgtlthbotitotntstktrtwugukuruzvevivocywawoxhyiyozazhzusilent |
| └ preferredControlGroups | array | Preferred control groups. |
| └ preferredCountries | array | Preferred countries. |
| └ preferredTemplates | array | Preferred template. |
| └ preferredEditorLanguage | iso-639-1 | Preferred editor language. If not set, uni is the preferred editor language |
| └ preferredAssetOverviewSorting | string | Preferred Asset Overview Sorting. |
| └ preferredAssetSearchSorting | string | Preferred Asset Search Sorting. |
| └ preferredProjectOverviewSorting | string | Preferred Project Overview Sorting. |
| └ preferredProjectSearchSorting | string | Preferred Project Search Sorting. |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| lastInviteAt | integer | Unix timestamp of the last invite for this user Please use lastInvite from app in apps array instead |
| lastLoginAt | integer | Unix timestamp of the last login of this user Please use lastLogin from app in apps array instead |
| lastname | string | Lastname of the user |
| memberGroupHierarchy | array | Hierachy of membergroups for this user |
| memberGroupIds | array | Implicit and explicit membergroupids for this user |
| memberGroups | array | Securtity group ids this user belongs to. Use memberGroupIds array instead. It contains all groups, including implicit ones |
| mfaKey | boolean | If true, MFA is active for this user |
| origin | string | Identifier for the origin of the user |
| passwordChanged | integer | Unix timestamp of the last password change |
| permissions | array | IAM Permissions for this user |
| searchConfiguration | object | Search configuration for this user Experimental |
| settings | object | Settings for this user. See properties. |
| └ accountContact | object | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | Deprecated |
| └ licenseAdmin | boolean | Deprecated |
| └ developerAccount | object | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | Deprecated |
| └ disabled | boolean | |
| └ reason | string | |
| └ forceDeleteMediaContainer | boolean | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | If true, this user can resetMFA for other users. |
| timezone | string | Timezone of the user Please do not use this field anymore |
| uiLanguage | string | UI Language of this user |
| updatedAt | dateTime | Latest date and time this user was updated. |
| useraccesskeys | array | Access keys for this user (used for API access). A maximum of 2 active keys per user are possible. |
| └ accessKey | string | Access key for this user |
| └ notes | string | Notes for this access key |
| └ lastUsed | integer | Unix timestamp of last usage of this access key |
| └ flag | integer | See UserAccessKey creation function for values |
| └ createdAt | date | Creation date for this access key |
| welcomeBackground | integer | Identifier for the background image of the welcome screen. MediaId of an image, -1 random image from library, -2 random imageg from favorites Experimental |
| welcomeMessage | string | Welcome message for this user. Can only be changed by the user. Experimental |
Examples
User list (standard)
Request
/v5/user
Response
{
"body": [
{
"id": 123,
"firstname": "Jane",
"lastname": "Doe",
"email": "jane@admiralcloud.com",
"country": "LA",
"uiLanguage": "en"
}
]
}User list (extended)
Request
/v5/user
Response
{
"body": [
{
"id": 123,
"firstname": "Jane",
"lastname": "Doe",
"email": "jane@admiralcloud.com",
"passwordChanged": 1595764541,
"country": "DE",
"uiLanguage": "de",
"timezone": "Europe\/Berlin",
"mfakey": false,
"individualConfiguration": {
"useBeta": false
},
"searchConfiguration": [],
"image": null,
"welcomeMessage": "Hey",
"welcomeBackground": -2,
"settings": {
"releaseMediaContainer": false,
"forceDeleteMediaContainer": true,
"developerAccount": {
"enabled": true
}
},
"lastLoginAt": 1595757588,
"lastInviteAt": 1595138302,
"deletedAt": 0,
"deactivatedAt": 0,
"flag": 0,
"adminLevel": 1,
"lastEditorId": 1,
"creatorId": 121,
"memberGroups": [
123,
457
],
"apps": [
{
"clientId": "12345-c132-4b5e-9da4-7346437",
"customerId": 147,
"uaflag": 0,
"authorizedTimestamp": 1595268217,
"authorizedByUserId": 1,
"reason": "Automatic approval for everyone",
"appname": "Generic Mediahub",
"hasContributedData": 1406573883
}
],
"updatedAt": "2020-07-09T10:41:47.000Z",
"createdAt": "2009-05-20T14:19:57.000Z"
}
]
}Create a new user
POST/v2/user
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| adminLevel | integer | ✗ | AdminLevel for this user. Replaced with IAM. Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| clientId | string | ✗ | ClientId of the original request – only required if the request is proxied, e.g. through API. Otherweise the header is used. |
| country | countryCode | ✗ | Country code of this user Please do not use this field anymore |
| ✓ | E-Mail address of the user | ||
| firstname | string | ✓ | Firstname of the user |
| flag | integer | ✗ | allowed values: 0910111213 |
| lastname | string | ✓ | Lastname of the user |
| origin | string | ✗ | Identifier for the origin of the user |
| securityGroupIds | array | ✗ | SecurityGroupIds for this user. Might be required based on app settings |
| sendNotification | boolean | ✗ | If true, the user automatically receives an invitation email. |
| settings | object | ✗ | Settings for this user. See properties. |
| └ accountContact | object | ✗ | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | ✗ | Deprecated |
| └ licenseAdmin | boolean | ✗ | Deprecated |
| └ developerAccount | object | ✗ | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | ✗ | Deprecated |
| ✗ | |||
| └ forceDeleteMediaContainer | boolean | ✗ | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | ✗ | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | ✗ | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | ✗ | If true, this user can resetMFA for other users. |
| uiLanguage | string | ✓ | UI Language of this user |
| userappauthorization | object | ✗ | update or add user-app-relation |
| └ reason | string | ✗ | Reason for this user-app-relation |
| └ notes | string | ✗ | Notes for this user-app-relation |
| └ clientId | string | ✗ | ClientId for the new user-app-relation |
| └ adminLevel | integer | ✗ | AdminLevel for this app range: 0 to 9 |
| └ flag | integer | ✗ | Set flag 0 to activate a user and flag 5 to deactivate. allowed values: 05 |
Response
| Field | Type | Description |
|---|---|---|
| adminLevel | integer | AdminLevel for this user Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| apps | array | Array of objects of apps which are available for this user. |
| └ clientId | string | Client id of this app |
| └ customerId | integer | Customer Id for this app |
| └ uaflag | integer | See flag Use flag property |
| └ flag | integer | Flag of the relation between user and app. 0 = approved, 1 = deactivated, 2 = pending, 90 rejected, 99 deleted |
| └ authorizedTimestamp | integer | Unix timestamp when the decision for this user-app-relation was made |
| └ authorizedByUserId | integer | UserId of the user that made the decision. |
| └ reason | string | Reason for this user-app-relation |
| └ notes | string | Notes for this user-app-relation. Only visible in user manamgenet, not for user. |
| └ name | string | Name of this app |
| └ appname | string | See name |
| └ type | string | Type of this app |
| └ hasContributedData | integer | If set, the user has contributed data to the app |
| └ lastLogin | integer | Last login of the user to this app |
| └ lastInvite | integer | Last invitation of the user to this app |
| └ adminLevel | integer | Admin level of this user in this app |
| └ lastEditorId | integer | Last editor ID who changed this relation (especially when deleting with flag 99) |
| └ createdAt | date | Date this relation between user and app was created |
| └ updatedAt | date | Date this relation between user and app was last updated |
| country | countryCode | Country code of this user Please do not use this field anymore |
| createdAt | dateTime | Creation date and time of the user |
| creatorId | integer | CreatorId of the user. |
| customerId | integer | Customer id of the user |
| deactivatedAt | integer | Unix timestamp of the deactivation of this user Please use flag 1 in user-app-relation to deactivate a user in a specific app. |
| deletedAt | integer | Unix timestamp of the deletion of this user |
| E-Mail address of the user | ||
| firstname | string | Firstname of the user |
| flag | integer | Flag of this user. See table user flags for details/meaning. allowed values: 0910111213 |
| id | integer | Id of the user |
| image | integer | MediaContainer ID of the user's profile image. Please do not use this field anymore |
| individualConfiguration | object | Individual configuration for this user. |
| └ useBeta | boolean | |
| └ messageFeedback | object | Deprecated? |
| └ preferredAudioLanguages | array | Preferred audio languages allowed values: aaabafaksqamaranhyasavaeayazbabmeubebnbhbibobsbrbgmycacschcezhcucvkwcocrcycsdadedvnldzeleneoeteueefofafjfifrfrfyffkadegdgaglgvelgnguhthahehzhihohrhuhyigisioiiiuieiaidikisitjvjaklknkskakrkkkmkirwkykvkgkokjkulolalvlilnltlblulgmkmhmlmimrmsmkmgmtmnmimsmynanvnrndngnenlnnnbnonyocojoromospafapiplptpsqurmrorornrusgsasiskskslsesmsnsdsostessqscsrsssuswsvtytatttetgtlthbotitotntstktrtwugukuruzvevivocywawoxhyiyozazhzusilent |
| └ preferredControlGroups | array | Preferred control groups. |
| └ preferredCountries | array | Preferred countries. |
| └ preferredTemplates | array | Preferred template. |
| └ preferredEditorLanguage | iso-639-1 | Preferred editor language. If not set, uni is the preferred editor language |
| └ preferredAssetOverviewSorting | string | Preferred Asset Overview Sorting. |
| └ preferredAssetSearchSorting | string | Preferred Asset Search Sorting. |
| └ preferredProjectOverviewSorting | string | Preferred Project Overview Sorting. |
| └ preferredProjectSearchSorting | string | Preferred Project Search Sorting. |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| lastInviteAt | integer | Unix timestamp of the last invite for this user Please use lastInvite from app in apps array instead |
| lastLoginAt | integer | Unix timestamp of the last login of this user Please use lastLogin from app in apps array instead |
| lastname | string | Lastname of the user |
| memberGroupHierarchy | array | Hierachy of membergroups for this user |
| memberGroupIds | array | Implicit and explicit membergroupids for this user |
| memberGroups | array | Securtity group ids this user belongs to. Use memberGroupIds array instead. It contains all groups, including implicit ones |
| mfaKey | boolean | If true, MFA is active for this user |
| origin | string | Identifier for the origin of the user |
| passwordChanged | integer | Unix timestamp of the last password change |
| permissions | array | IAM Permissions for this user |
| searchConfiguration | object | Search configuration for this user Experimental |
| settings | object | Settings for this user. See properties. |
| └ accountContact | object | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | Deprecated |
| └ licenseAdmin | boolean | Deprecated |
| └ developerAccount | object | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | Deprecated |
| └ disabled | boolean | |
| └ reason | string | |
| └ forceDeleteMediaContainer | boolean | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | If true, this user can resetMFA for other users. |
| timezone | string | Timezone of the user Please do not use this field anymore |
| uiLanguage | string | UI Language of this user |
| updatedAt | dateTime | Latest date and time this user was updated. |
| useraccesskeys | array | Access keys for this user (used for API access). A maximum of 2 active keys per user are possible. |
| └ accessKey | string | Access key for this user |
| └ notes | string | Notes for this access key |
| └ lastUsed | integer | Unix timestamp of last usage of this access key |
| └ flag | integer | See UserAccessKey creation function for values |
| └ createdAt | date | Creation date for this access key |
| welcomeBackground | integer | Identifier for the background image of the welcome screen. MediaId of an image, -1 random image from library, -2 random imageg from favorites Experimental |
| welcomeMessage | string | Welcome message for this user. Can only be changed by the user. Experimental |
Update an existing user
Updates existing user data. This includes changes in regard to user-app-relations (e.g. adminLevel for a certain app or adding a new app for the user).
Example
Make a self-registered or IDP created mediahub user a regular (paid) one
PUT IAM/v1/user/:id
{
"userappauthorization": {
"clientId": "CLIENT-ID-OF-APP-TO_ADD",
"reason": "Support request AC-123456",
"flag": 0,
"adminLevel": 0
},
// "securityGroupIds": [1] // optional, depending on app
}PUT/v2/user/:id
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| adminLevel | integer | ✗ | AdminLevel for this user. Replaced with IAM. Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| clientId | string | ✗ | ClientId of the original request – only required if the request is proxied, e.g. through API. Otherweise the header is used. |
| deactivatedAt | integer | ✗ | Unix timestamp of the deactivation of this user Please use flag 1 in user-app-relation to deactivate a user in a specific app. |
| firstname | string | ✗ | Firstname of the user |
| flag | integer | ✗ | Flag for this user. See table user flags for details/meaning. allowed values: 0910111213 |
| id | integer | ✓ | Id of the user you want to update |
| lastname | string | ✗ | Lastname of the user |
| releaseUser | boolean | ✗ | If set to TRUE, the user is released from customer and can be related to any customer/app. The user can no longer be managed by the customer! |
| resetMFA | boolean | ✗ | Reset MFA device for this user. Requires settings.resetMFA permission |
| securityGroupIds | array | ✗ | SecurityGroupIds for this user |
| settings | object | ✗ | Settings for this user. See properties. |
| └ accountContact | object | ✗ | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | ✗ | Deprecated |
| └ licenseAdmin | boolean | ✗ | Deprecated |
| └ developerAccount | object | ✗ | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | ✗ | Deprecated |
| ✗ | |||
| └ forceDeleteMediaContainer | boolean | ✗ | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | ✗ | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | ✗ | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | ✗ | If true, this user can resetMFA for other users. |
| uiLanguage | string | ✗ | UI Language of this user |
| userappauthorization | object | ✗ | update or add user-app-relation |
| └ reason | string | ✗ | Reason for this user-app-relation |
| └ notes | string | ✗ | Notes for this user-app-relation |
| └ clientId | string | ✗ | ClientId for the new user-app-relation |
| └ adminLevel | integer | ✗ | AdminLevel for this app range: 0 to 9 |
| └ flag | integer | ✗ | Set flag 0 to activate a user and flag 5 to deactivate. allowed values: 05 |
Response
| Field | Type | Description |
|---|---|---|
| adminLevel | integer | AdminLevel for this user Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| apps | array | Array of objects of apps which are available for this user. |
| └ clientId | string | Client id of this app |
| └ customerId | integer | Customer Id for this app |
| └ uaflag | integer | See flag Use flag property |
| └ flag | integer | Flag of the relation between user and app. 0 = approved, 1 = deactivated, 2 = pending, 90 rejected, 99 deleted |
| └ authorizedTimestamp | integer | Unix timestamp when the decision for this user-app-relation was made |
| └ authorizedByUserId | integer | UserId of the user that made the decision. |
| └ reason | string | Reason for this user-app-relation |
| └ notes | string | Notes for this user-app-relation. Only visible in user manamgenet, not for user. |
| └ name | string | Name of this app |
| └ appname | string | See name |
| └ type | string | Type of this app |
| └ hasContributedData | integer | If set, the user has contributed data to the app |
| └ lastLogin | integer | Last login of the user to this app |
| └ lastInvite | integer | Last invitation of the user to this app |
| └ adminLevel | integer | Admin level of this user in this app |
| └ lastEditorId | integer | Last editor ID who changed this relation (especially when deleting with flag 99) |
| └ createdAt | date | Date this relation between user and app was created |
| └ updatedAt | date | Date this relation between user and app was last updated |
| country | countryCode | Country code of this user Please do not use this field anymore |
| createdAt | dateTime | Creation date and time of the user |
| creatorId | integer | CreatorId of the user. |
| customerId | integer | Customer id of the user |
| deactivatedAt | integer | Unix timestamp of the deactivation of this user Please use flag 1 in user-app-relation to deactivate a user in a specific app. |
| deletedAt | integer | Unix timestamp of the deletion of this user |
| E-Mail address of the user | ||
| firstname | string | Firstname of the user |
| flag | integer | Flag of this user. See table user flags for details/meaning. allowed values: 0910111213 |
| id | integer | Id of the user |
| image | integer | MediaContainer ID of the user's profile image. Please do not use this field anymore |
| individualConfiguration | object | Individual configuration for this user. |
| └ useBeta | boolean | |
| └ messageFeedback | object | Deprecated? |
| └ preferredAudioLanguages | array | Preferred audio languages allowed values: aaabafaksqamaranhyasavaeayazbabmeubebnbhbibobsbrbgmycacschcezhcucvkwcocrcycsdadedvnldzeleneoeteueefofafjfifrfrfyffkadegdgaglgvelgnguhthahehzhihohrhuhyigisioiiiuieiaidikisitjvjaklknkskakrkkkmkirwkykvkgkokjkulolalvlilnltlblulgmkmhmlmimrmsmkmgmtmnmimsmynanvnrndngnenlnnnbnonyocojoromospafapiplptpsqurmrorornrusgsasiskskslsesmsnsdsostessqscsrsssuswsvtytatttetgtlthbotitotntstktrtwugukuruzvevivocywawoxhyiyozazhzusilent |
| └ preferredControlGroups | array | Preferred control groups. |
| └ preferredCountries | array | Preferred countries. |
| └ preferredTemplates | array | Preferred template. |
| └ preferredEditorLanguage | iso-639-1 | Preferred editor language. If not set, uni is the preferred editor language |
| └ preferredAssetOverviewSorting | string | Preferred Asset Overview Sorting. |
| └ preferredAssetSearchSorting | string | Preferred Asset Search Sorting. |
| └ preferredProjectOverviewSorting | string | Preferred Project Overview Sorting. |
| └ preferredProjectSearchSorting | string | Preferred Project Search Sorting. |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| lastInviteAt | integer | Unix timestamp of the last invite for this user Please use lastInvite from app in apps array instead |
| lastLoginAt | integer | Unix timestamp of the last login of this user Please use lastLogin from app in apps array instead |
| lastname | string | Lastname of the user |
| memberGroupHierarchy | array | Hierachy of membergroups for this user |
| memberGroupIds | array | Implicit and explicit membergroupids for this user |
| memberGroups | array | Securtity group ids this user belongs to. Use memberGroupIds array instead. It contains all groups, including implicit ones |
| mfaKey | boolean | If true, MFA is active for this user |
| origin | string | Identifier for the origin of the user |
| passwordChanged | integer | Unix timestamp of the last password change |
| permissions | array | IAM Permissions for this user |
| searchConfiguration | object | Search configuration for this user Experimental |
| settings | object | Settings for this user. See properties. |
| └ accountContact | object | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | Deprecated |
| └ licenseAdmin | boolean | Deprecated |
| └ developerAccount | object | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | Deprecated |
| └ disabled | boolean | |
| └ reason | string | |
| └ forceDeleteMediaContainer | boolean | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | If true, this user can resetMFA for other users. |
| timezone | string | Timezone of the user Please do not use this field anymore |
| uiLanguage | string | UI Language of this user |
| updatedAt | dateTime | Latest date and time this user was updated. |
| useraccesskeys | array | Access keys for this user (used for API access). A maximum of 2 active keys per user are possible. |
| └ accessKey | string | Access key for this user |
| └ notes | string | Notes for this access key |
| └ lastUsed | integer | Unix timestamp of last usage of this access key |
| └ flag | integer | See UserAccessKey creation function for values |
| └ createdAt | date | Creation date for this access key |
| welcomeBackground | integer | Identifier for the background image of the welcome screen. MediaId of an image, -1 random image from library, -2 random imageg from favorites Experimental |
| welcomeMessage | string | Welcome message for this user. Can only be changed by the user. Experimental |
Delete an existing user
Depending on several factors, the user will be marked as deleted, anonymized or finally deleted.
Generally, if you send a clientId with the delete request, only the relation between user and app (clientId) will be removed.
Bound to customer account
If a user is bound to a customer account (released is not set or 0), the customer account has all permissions to mange the user. If the user to be destroyed has contributed data to AdmiralCloud it will never be deleted but only anonymized (default setting) or just marked as deleted. Otherwise the user will be finally deleted. The same is true for user-app-relations: They will be marked as deleted (flag 99) if the user has contributed data to this app, otherwise the relation will be deleted from our database.
User without a customer account
If a user has no customer account or has been released destroying the user only has an affect on apps related to the customer account trying to destroy it. The user itself will never be changed or deleted. This kind of user can only delete themselves.
Anonymizing
If a user has contributed data, it is no longer possible to delete that user from the database. Instead, the default setting is to anonymize that user. The user will get a random name and firstname, as well as a random e-mail-address from domain “deactivatedusers.admiralcloud.com”. All settings of the user that can identify the user will be removed from the user model (e.g. individual configuration, location info).
ClientId is set
- only the relation between clientId and userId is deleted (no contribution) or marked deleted (user has made contribution)
- the user data is left intact
User belongs to customer
- relations between userId and all clientIds/apps are either deleted (no contribution) or marked deleted (contribution)
- user is anonymized (default) if the user has contributed to any application, if not the user will be completely deleted
User has no customerId
- user has usually registered himself
- user can also be released from a customer account by a customer admin
- only relations between userId and all clientIds/apps are either deleted (no contribution) or marked deleted (contribution)
- user data is left intact
DELETE/v2/user/:id
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| anonymize | boolean | ✗ | If true, the user will be anonymized |
| clientId | string | ✗ | ClientId of the original request – only required if the request is proxied, e.g. through API. Otherweise the header is used. |
| customerId | integer | ✗ | Customer Id of the user you want to delete |
| id | integer | ✓ | Id of the user you want to delete |
| move | integer | ✗ | id of a user to move the mediacontainers the destroyed user owns to |
Response
| Field | Type | Description |
|---|---|---|
| anonymize | boolean | If true, the user will be anonymized |
| customerId | integer | Customer id of the user |
| destroyed | boolean | If true, the user has been removed from our database. |
| id | integer | Id of the user |
| jobId | uuid | |
| move | integer | id of a user to move the mediacontainers the destroyed user owns to |
Invite User
POST/v2/user/invite
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| clientId | string | ✓ | ClientId/App to send an invitation for. |
| ✓ | Id of the user to send invitation to. | ||
| id | integer | ✓ | Id of the user to send invitation to. |
| redirect_uri | string | ✗ | Redirect URI to be used for the invitation |
Response
| Field | Type | Description |
|---|---|---|
| adminLevel | integer | AdminLevel for this user Please use adminLevel on userappauthorization level instead. range: 0 to 9 |
| apps | array | Array of objects of apps which are available for this user. |
| └ clientId | string | Client id of this app |
| └ customerId | integer | Customer Id for this app |
| └ uaflag | integer | See flag Use flag property |
| └ flag | integer | Flag of the relation between user and app. 0 = approved, 1 = deactivated, 2 = pending, 90 rejected, 99 deleted |
| └ authorizedTimestamp | integer | Unix timestamp when the decision for this user-app-relation was made |
| └ authorizedByUserId | integer | UserId of the user that made the decision. |
| └ reason | string | Reason for this user-app-relation |
| └ notes | string | Notes for this user-app-relation. Only visible in user manamgenet, not for user. |
| └ name | string | Name of this app |
| └ appname | string | See name |
| └ type | string | Type of this app |
| └ hasContributedData | integer | If set, the user has contributed data to the app |
| └ lastLogin | integer | Last login of the user to this app |
| └ lastInvite | integer | Last invitation of the user to this app |
| └ adminLevel | integer | Admin level of this user in this app |
| └ lastEditorId | integer | Last editor ID who changed this relation (especially when deleting with flag 99) |
| └ createdAt | date | Date this relation between user and app was created |
| └ updatedAt | date | Date this relation between user and app was last updated |
| country | countryCode | Country code of this user Please do not use this field anymore |
| createdAt | dateTime | Creation date and time of the user |
| creatorId | integer | CreatorId of the user. |
| customerId | integer | Customer id of the user |
| deactivatedAt | integer | Unix timestamp of the deactivation of this user Please use flag 1 in user-app-relation to deactivate a user in a specific app. |
| deletedAt | integer | Unix timestamp of the deletion of this user |
| E-Mail address of the user | ||
| firstname | string | Firstname of the user |
| flag | integer | Flag of this user. See table user flags for details/meaning. allowed values: 0910111213 |
| id | integer | Id of the user |
| image | integer | MediaContainer ID of the user's profile image. Please do not use this field anymore |
| individualConfiguration | object | Individual configuration for this user. |
| └ useBeta | boolean | |
| └ messageFeedback | object | Deprecated? |
| └ preferredAudioLanguages | array | Preferred audio languages allowed values: aaabafaksqamaranhyasavaeayazbabmeubebnbhbibobsbrbgmycacschcezhcucvkwcocrcycsdadedvnldzeleneoeteueefofafjfifrfrfyffkadegdgaglgvelgnguhthahehzhihohrhuhyigisioiiiuieiaidikisitjvjaklknkskakrkkkmkirwkykvkgkokjkulolalvlilnltlblulgmkmhmlmimrmsmkmgmtmnmimsmynanvnrndngnenlnnnbnonyocojoromospafapiplptpsqurmrorornrusgsasiskskslsesmsnsdsostessqscsrsssuswsvtytatttetgtlthbotitotntstktrtwugukuruzvevivocywawoxhyiyozazhzusilent |
| └ preferredControlGroups | array | Preferred control groups. |
| └ preferredCountries | array | Preferred countries. |
| └ preferredTemplates | array | Preferred template. |
| └ preferredEditorLanguage | iso-639-1 | Preferred editor language. If not set, uni is the preferred editor language |
| └ preferredAssetOverviewSorting | string | Preferred Asset Overview Sorting. |
| └ preferredAssetSearchSorting | string | Preferred Asset Search Sorting. |
| └ preferredProjectOverviewSorting | string | Preferred Project Overview Sorting. |
| └ preferredProjectSearchSorting | string | Preferred Project Search Sorting. |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| lastInviteAt | integer | Unix timestamp of the last invite for this user Please use lastInvite from app in apps array instead |
| lastLoginAt | integer | Unix timestamp of the last login of this user Please use lastLogin from app in apps array instead |
| lastname | string | Lastname of the user |
| memberGroupHierarchy | array | Hierachy of membergroups for this user |
| memberGroupIds | array | Implicit and explicit membergroupids for this user |
| memberGroups | array | Securtity group ids this user belongs to. Use memberGroupIds array instead. It contains all groups, including implicit ones |
| mfaKey | boolean | If true, MFA is active for this user |
| origin | string | Identifier for the origin of the user |
| passwordChanged | integer | Unix timestamp of the last password change |
| permissions | array | IAM Permissions for this user |
| searchConfiguration | object | Search configuration for this user Experimental |
| settings | object | Settings for this user. See properties. |
| └ accountContact | object | Use IAM defintiion instead Deprecated |
| └ accountAdmin | boolean | Deprecated |
| └ licenseAdmin | boolean | Deprecated |
| └ developerAccount | object | Use IAM defintiion instead Deprecated |
| └ enabled | boolean | Deprecated |
| └ disabled | boolean | |
| └ reason | string | |
| └ forceDeleteMediaContainer | boolean | If true, this user can delete mediaContainers even if they are linked to other resources. |
| └ providerConfig | string | Activate a specific provider configuration for this user, e.g. to use AWS transfer acceleration |
| └ releaseMediaContainer | boolean | If true, this user can releaseMediaContainer. |
| └ resetMFA | boolean | If true, this user can resetMFA for other users. |
| timezone | string | Timezone of the user Please do not use this field anymore |
| uiLanguage | string | UI Language of this user |
| updatedAt | dateTime | Latest date and time this user was updated. |
| useraccesskeys | array | Access keys for this user (used for API access). A maximum of 2 active keys per user are possible. |
| └ accessKey | string | Access key for this user |
| └ notes | string | Notes for this access key |
| └ lastUsed | integer | Unix timestamp of last usage of this access key |
| └ flag | integer | See UserAccessKey creation function for values |
| └ createdAt | date | Creation date for this access key |
| welcomeBackground | integer | Identifier for the background image of the welcome screen. MediaId of an image, -1 random image from library, -2 random imageg from favorites Experimental |
| welcomeMessage | string | Welcome message for this user. Can only be changed by the user. Experimental |
Find User AccessKeys
Get a list of user access keys. Please note that there can be only two (2) active user access keys per user. There are no parameters for this call
GET /v2/user/accessKeysInvalid API documentation data
Create User AccessKeys
Create a new user access key. Please note that there can be only two (2) active user access keys per user.
Attention: This is the only time you can and will retrieve the access secret for this access key. We cannot recover this secret.
POST/v2/user/accessKeys
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| notes | string | ✗ | Notes for this access key |
| userId | integer | ✗ | User ID you want to create an access key for. If not set, the current session user is used. |
Response
| Field | Type | Description |
|---|---|---|
| accessKey | string | |
| accessSecret | string | Access secret to use with signed calls/requests against our APIs. This is only shown once after creation. |
| flag | integer | Flag for this access key. 0 => active, 1 => inactive, 99 => deleted allowed values: 0199 |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| notes | string | Notes for this access key |
| userId | integer | User ID you want to create an access key for. If not set, the current session user is used. |
Update/Deactivate/Reactivate User AccessKeys
Use this endpoint to update notes for an existing access key. You can use it as well to deactivate or delete and access key or to reactivate a deactivated key.
PUT/v2/user/accessKeys
Request Parameters
| Field | Type | Required | Description |
|---|---|---|---|
| accessKey | string | ✗ | AccessKey to update |
| flag | integer | ✗ | Flag for this access key. 0 => active, 1 => inactive, 99 => deleted allowed values: 0199 |
| notes | string | ✗ | Notes for this access key |
| userId | integer | ✗ | User ID you want to update an access key for. If not set, the current session user is used. |
Response
| Field | Type | Description |
|---|---|---|
| accessKey | string | AccessKey to update |
| flag | integer | Flag for this access key. 0 => active, 1 => inactive, 99 => deleted allowed values: 0199 |
| lastEditorId | integer | Id of the user that made the last changes of the user data. |
| notes | string | Notes for this access key |
| userId | integer | User ID you want to update an access key for. If not set, the current session user is used. |
Data Model
Legacy documentation
Flags
Every user has a flag which is an indicator of the origin of the user. The origin of a user is stored in field “origin”. As a user can be authorized for many apps, the flag is now on user-app-relation level (see introduction at the top of this article)
| Flag | Meaning | Count* | Notes |
|---|---|---|---|
| 0 | Manually created user/created in AC web app | yes | This is the default flag for users |
| 1 | Users is in trash | yes | User is in trash but can be re-activated |
| 2 | Pending approval? | ||
| 9 | Users from AC-Team | no | This is usually a support user from AC Team |
| 10 | User created by IdP | pending | |
| 11 | External users with no login to AC client, they can be allowed to certain rules via app configuration | pending | |
| 12 | Self registered users | pending | |
| 13 | Users created by Dropsite | no |