Managing users via REST APIs
You can programmatically manage users via REST APIs.
For all API calls related to user management, use type=user.
Creating a user
Use action=createupdate to create user accounts with a User Source=Local.
User authentication will depend on the email domain configuration (for example, local auth, SAML, auth AD auth) and password parameter will be discarded if user auth is not set to local.
POST https://portal.bitglass.com/api/bitglassapi/config/v1.1/?type=user&action=createupdate
| Parameter | Value | Description | Notes |
|---|---|---|---|
| username | string | The unique identifier for a user and primary email address. | required |
| password | string | Should be the password used by the user to access the account | optional |
| firstname | string | The first name for the user | required |
| lastname | string | The last name for the user | optional |
| primaryemail | string | Primary Email that the user may use within the company for work. This field might be the same as the username field but does not have to be. | optional |
| secondaryemail | string | Secondary Email is used to send you password reset instructions. | optional |
| netbiosdomain | string | The netbiosdomain of your organization that the user belongs to. | optional |
| samaccountname | string | The logon name used to support clients and servers from previous versions of Windows. | optional |
| userprincipalname | string | Also used commonly as the users login name especially if company email is not used. | optional |
| objectguid | string | ImmutableID used to uniquely identify a user when SSO is initiated to O365. | optional |
| countrycode | string | Should be the shortname of the coutnry. Can have values as specified in the attached list |
optional required if mobilenumber is not blank |
| mobilenumber | string | Mobile number is used to send tokens during two factor authentication. Should be entered with the country code. |
optional required if countrycode is not blank |
| adminrole | string |
Admin role that could be assigned to the user. Default "none". To remove an admin role from a user, specify a parameter of "null" (for example, "adminrole":null) |
optional |
| groupmembership | array | Includes an array of groupname strings the user should be added to | optional |
| customattribute1 | string | A custom attribute that admins can create and send during the SAML request for authentication or used to inherit permissions inside the application. | optional |
| customattribute2 | string | Another field to set another additional custom attribute. | optional |
{
"companyemail": "akohli@acme-gadget.com",
"password": "new password",
"firstname": "Amish",
"lastname": "Kohli",
"netbiosdomain": "ACME-GADGET",
"samaccountname": "akohli",
"userprincipalname": "akohli@acme-gadget.com",
"objectguid":"c82fea8c-ab5c-4a34-a533-a98cb68da858",
"countrycode":"US",
"mobilenumber": "+11234567890"
"adminrole": "None",
"groupmembership": [
"sales",
"product"],
"filepassword": "file password",
"customattribute1": "",
"customerattribute2": ""
}
Deactivating user
Use action=deactivate to deactivate user account.
POST https://portal.bitglass.com/api/bitglassapi/config/v1.1/?type=user&action=deactivate
| Parameter | Value | Description | Notes |
|---|---|---|---|
| companyemail | string | The unique identifier for a user, the primary email address | required |
Reactivating user
Use action=reactivate to reactivate user account.
POST https://portal.bitglass.com/api/bitglassapi/config/v1.1/?type=user&action=reactivate
| Parameter | Value | Description | Notes |
|---|---|---|---|
| companyemail | string | The unique identifier for a user, the primary email address | required |
Deleting user
Use action=delete to delete the deactivated user account.
POST https://portal.bitglass.com/api/bitglassapi/config/v1.1/?type=user&action=delete
| Parameter | Value | Description | Notes |
|---|---|---|---|
| companyemail | string | The unique identifier for a user, the primary email address | required |
Viewing details of a single user
- GET
https://portal.bitglass.com/api/bitglassapi/config/v2/user/<user_name>/ - GET
https://portal.bitglass.com/api/bitglassapi/config/v2.1/user/<user_name>/Note: When you use API v2.1, you will get a response with an additional field,Statusof the user, along with the other fields.
| Parameter | Value | Description | Notes |
|---|---|---|---|
| username | string | The unique identifier for a user, the primary email address | required |
{
"response":{
"username":"adas-demo@acme-gadget.com",
"firstname":"Amiya",
"lastname":"Demo",
"manager":"",
"primaryemail":"demo@acme-gadget.com",
"secondaryemail":"",
"netbiosdomain":"ACME_GADGET",
"samaccountName":"adas-demo",
"ms-ds-consistencyguid":"mS-DS-ConsistencyGuid",
"userprincipalname":"adas-demo@acme-gadget.com",
"objectguid":"0f32d700-a387-450e-b1f4-6-99595",
"objectsid":"object_sid",
"customattribute1":"custom-xyz",
"customattribute2":"custom-abc",
"countrycode":"+1",
"mobilenumber":"3737373222",
"source":"active directory",
"adminrole":"<manual admin role>",
"groupmembership":[
"group1",
"group2"
],
"date_joined":"19 Mar 2021 08:46:17",
"last_login":"19 Mar 2021 08:46:17",
"risk_score":"3",
"dataformat":"json",
"dataencoding":"utf-8",
"uuid": "9fc8b4cd-e9bf-4c4c-8c4b-64b71ad89673",
"status":"Active"
}
}