Managing users and groups via REST APIs

Forcepoint ONE SSE' Configuration REST API supports creating users and groups programmatically for integration into external user management, governance, or scripted solutions.

For authorizing users, you need to setup OAuth.

API Calls

Each API call requires the following:

  • Method = HTTP POST or HTTP GET
    Note: Use HTTP POST to create or update a group or a user and use HTTP GET to view details of a group or a user.
  • URI Params define the type of operation and action to perform
  • HTTP body as JSON

URL

https://portal.bitglass.com/api/bitglassapi/config/v1.1/

Response Codes

Response Code Message Notes Groups User
200 Request was successful X X
400 Required parameters missing Required parameters to create/delete a user are missing X
400 Invalid type: <type>. Supported types are: user, group Invalid value for type X X
400

Invalid action: <action>. Supported action for users are: createupdate, deactivate, reactivate, addtogroup & removefromgroup

Supported action for groups are: createupdate, delete, addmembers & removemembers

Invalid value for action X X
400 Company email needs to be in your company's domain If the company email domain is not in the company domain X
400 Invalid mobile number. Make sure that the mobile number should not contain country code. If the mobile number is sent with country code. X
400 Invalid country code: <countrycode>. Make sure that it is a valid country code. If the country code does not exist in the countries list. X
400 Invalid mobile number and country code. If the mobile number and the country code are invalid. X
400 Mobile number needs to be accompanied by the country code. If mobile number is included in the request but country code is blank X
400 User <user email> is already deactivated If an already deactivated user is deactivated. X
400 Invalid admin role: <adminrole> Admin role in the request does not exist. X
400 Group name: <groupname> does not exist. If the group to which users are being added does not exist X
400 Invalid group name: <groupname>. Make sure that the group you are trying to rename is valid. If the group to be renamed does not exist. X
400 Invalid action. Admin cannot be deactivated. If the admin is the only user in the company he/she cannot be deactivated. X
400 Unable to remove yourself as a Forcepoint ONE SSE administrator If the admin tries to remove his/her admin role from his assigned roles. X
401 Authorization required Authorization header missing X X
401 Invalid credentials User does not exist or invalid password X X
401 Basic auth required Authorization is not basic X X
403 Unauthorized User is not a sysadmin or API livesetting is not enabled for the company X X
503 Temporarily unavailable X X