PrivX local and remote users and role mappings

get /role-store/api/v1/users/{user_id}

Get specific user & roles.

user_id

string

required

User ID

Response

ExamplesSchema

Successful response, returns user info

{
  "id": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "source_user_id": null,
  "created": "2017-01-01T15:05:05Z",
  "updated": "2017-01-01T15:05:05Z",
  "updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "author": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "comment": "A comment",
  "tags": [
    "string"
  ],
  "principal": "string",
  "distinguished_name": "string",
  "given_name": "string",
  "full_name": "string",
  "job_title": "string",
  "company": "string",
  "department": "string",
  "email": "string",
  "telephone": "string",
  "locale": "fi_FI",
  "roles": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "string",
      "comment": "A comment",
      "principal_public_key_strings": [
        "string"
      ],
      "permit_agent": true,
      "access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "permissions": [
        "licenses-manage"
      ],
      "context": {
        "enabled": true,
        "block_role": true,
        "validity": [
          "MON"
        ],
        "start_time": "string",
        "end_time": "string",
        "timezone": "string",
        "ip_masks": [
          "string"
        ]
      },
      "explicit": true,
      "implicit": true,
      "system": true,
      "grant_type": "PERMANENT",
      "grant_validity_periods": [
        {
          "grant_start": "2017-01-01T15:05:05Z",
          "grant_end": "2017-01-02T15:05:05Z"
        }
      ],
      "floating_length": 24
    }
  ],
  "attributes": [
    {
      "key": "aws_account",
      "value": "admin-bob"
    }
  ],
  "permissions": [
    "licenses-manage"
  ],
  "source": "string",
  "mfa": {
    "status": "ENABLED",
    "seed": {
      "seed_string": "string",
      "seed_qr_code": "string"
    }
  },
  "stale_access_token": true,
  "authorized_keys": [
    {
      "id": "2765b005-4ce1-4b2b-a9ca-ee6c4d6f2792",
      "username": "joe@privx.com",
      "user_id": "f2f448d8-0397-4894-982f-9a58a43921db",
      "source": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "work",
      "comment": "Joe's work laptop key",
      "public_key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDqoMogqErOw7lL3GD6Ez7Hv1FZBk0Iyk2pBFUhqb9sjY9IEw8P9OWFwLMhWQ4LNvekPAnmr03pMHSSP7Pw98+Izy0HxcHZGKcrDOIjnHF5Fog3w4rBYa6OxdcJRxctifx5szqmM4JkUNS1RJY5E4ns4xCgFV46Satph02M+eP9PXGh+ZecSNtdLoOovVuolEUdb8dINgto8zsjEuAQ+76qOEgAIuSsYlzGGZPyPnATtkUi/rK9fcAfbhSqSXNxFqf7wejEKwA1kFt8hSW2bUWJH268fqnejFwHjBTzjBw89dji6141ajAP8/Q2gZug0bb1U70PE4afE3fFh2VCfhwT",
      "not_before": "2020-07-31T17:32:28Z",
      "not_after": "2022-07-31T17:32:28Z",
      "expires_in": 123,
      "source_address": [
        "192.168.100.0/24"
      ],
      "fingerprints": [
        "SHA256:bdeYZ2qiEwCOCuf0oTvya/aH4Vo+nJLIauDKm/D8btM"
      ]
    }
  ],
  "webauthn_credentials": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "credential_id": "string",
      "name": "string",
      "comment": "string",
      "last_used": "2017-01-01T15:05:05Z",
      "created": "2017-01-01T15:05:05Z",
      "author": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated": "2017-01-01T15:05:05Z",
      "updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059"
    }
  ]
}

get /role-store/api/v1/users/{user_id}/settings

Get specific user settings.

user_id

string

required

User id

Response

ExamplesSchema

Successful response, returns user's settings

{}

put /role-store/api/v1/users/{user_id}/settings

Set specific user's settings.

Request

{}

Response

ExamplesSchema

Successful response.

{
  "id": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "source_user_id": null,
  "created": "2017-01-01T15:05:05Z",
  "updated": "2017-01-01T15:05:05Z",
  "updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "author": "eef4aefc-d64e-4c2c-aba4-4914c86ce059",
  "comment": "A comment",
  "tags": [
    "string"
  ],
  "principal": "string",
  "distinguished_name": "string",
  "given_name": "string",
  "full_name": "string",
  "job_title": "string",
  "company": "string",
  "department": "string",
  "email": "string",
  "telephone": "string",
  "locale": "fi_FI",
  "roles": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "string",
      "comment": "A comment",
      "principal_public_key_strings": [
        "string"
      ],
      "permit_agent": true,
      "access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "permissions": [
        "licenses-manage"
      ],
      "context": {
        "enabled": true,
        "block_role": true,
        "validity": [
          "MON"
        ],
        "start_time": "string",
        "end_time": "string",
        "timezone": "string",
        "ip_masks": [
          "string"
        ]
      },
      "explicit": true,
      "implicit": true,
      "system": true,
      "grant_type": "PERMANENT",
      "grant_validity_periods": [
        {
          "grant_start": "2017-01-01T15:05:05Z",
          "grant_end": "2017-01-02T15:05:05Z"
        }
      ],
      "floating_length": 24
    }
  ],
  "attributes": [
    {
      "key": "aws_account",
      "value": "admin-bob"
    }
  ],
  "permissions": [
    "licenses-manage"
  ],
  "source": "string",
  "mfa": {
    "status": "ENABLED",
    "seed": {
      "seed_string": "string",
      "seed_qr_code": "string"
    }
  },
  "stale_access_token": true,
  "authorized_keys": [
    {
      "id": "2765b005-4ce1-4b2b-a9ca-ee6c4d6f2792",
      "username": "joe@privx.com",
      "user_id": "f2f448d8-0397-4894-982f-9a58a43921db",
      "source": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "work",
      "comment": "Joe's work laptop key",
      "public_key": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDqoMogqErOw7lL3GD6Ez7Hv1FZBk0Iyk2pBFUhqb9sjY9IEw8P9OWFwLMhWQ4LNvekPAnmr03pMHSSP7Pw98+Izy0HxcHZGKcrDOIjnHF5Fog3w4rBYa6OxdcJRxctifx5szqmM4JkUNS1RJY5E4ns4xCgFV46Satph02M+eP9PXGh+ZecSNtdLoOovVuolEUdb8dINgto8zsjEuAQ+76qOEgAIuSsYlzGGZPyPnATtkUi/rK9fcAfbhSqSXNxFqf7wejEKwA1kFt8hSW2bUWJH268fqnejFwHjBTzjBw89dji6141ajAP8/Q2gZug0bb1U70PE4afE3fFh2VCfhwT",
      "not_before": "2020-07-31T17:32:28Z",
      "not_after": "2022-07-31T17:32:28Z",
      "expires_in": 123,
      "source_address": [
        "192.168.100.0/24"
      ],
      "fingerprints": [
        "SHA256:bdeYZ2qiEwCOCuf0oTvya/aH4Vo+nJLIauDKm/D8btM"
      ]
    }
  ],
  "webauthn_credentials": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "credential_id": "string",
      "name": "string",
      "comment": "string",
      "last_used": "2017-01-01T15:05:05Z",
      "created": "2017-01-01T15:05:05Z",
      "author": "5bf77342-221c-11ee-be56-0242ac120002",
      "updated": "2017-01-01T15:05:05Z",
      "updated_by": "eef4aefc-d64e-4c2c-aba4-4914c86ce059"
    }
  ]
}

get /role-store/api/v1/users/{user_id}/roles

Get specific user's roles.

user_id

string

required

User ID

Response

ExamplesSchema

Successful response, returns user's role IDs & indication if the role is explicitly granted or implicitly mapped

{
  "count": 123,
  "items": [
    {
      "id": "5bf77342-221c-11ee-be56-0242ac120002",
      "name": "string",
      "comment": "A comment",
      "principal_public_key_strings": [
        "string"
      ],
      "permit_agent": true,
      "access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
      "permissions": [
        "licenses-manage"
      ],
      "context": {
        "enabled": true,
        "block_role": true,
        "validity": [
          "MON"
        ],
        "start_time": "string",
        "end_time": "string",
        "timezone": "string",
        "ip_masks": [
          "string"
        ]
      },
      "explicit": true,
      "implicit": true,
      "system": true,
      "grant_type": "PERMANENT",
      "grant_validity_periods": [
        {
          "grant_start": "2017-01-01T15:05:05Z",
          "grant_end": "2017-01-02T15:05:05Z"
        }
      ],
      "floating_length": 24
    }
  ]
}

put /role-store/api/v1/users/{user_id}/roles

Set specific user's roles. These are granted in addition to mapped roles.

array[object]

Request

[
  {
    "id": "5bf77342-221c-11ee-be56-0242ac120002",
    "name": "string",
    "comment": "A comment",
    "principal_public_key_strings": [
      "string"
    ],
    "permit_agent": true,
    "access_group_id": "5bf77342-221c-11ee-be56-0242ac120002",
    "permissions": [
      "licenses-manage"
    ],
    "context": {
      "enabled": true,
      "block_role": true,
      "validity": [
        "MON"
      ],
      "start_time": "string",
      "end_time": "string",
      "timezone": "string",
      "ip_masks": [
        "string"
      ]
    },
    "explicit": true,
    "implicit": true,
    "system": true,
    "grant_type": "PERMANENT",
    "grant_validity_periods": [
      {
        "grant_start": "2017-01-01T15:05:05Z",
        "grant_end": "2017-01-02T15:05:05Z"
      }
    ],
    "floating_length": 24
  }
]

Response

ExamplesSchema

Successful response, user updated

Empty response

post /role-store/api/v1/users/mfa/enable

Turn on multifactor authentication for an array of user IDs.

array[string]

Request

[
  "5bf77342-221c-11ee-be56-0242ac120002"
]

Response

ExamplesSchema

Successful response, MFA turned on for the requested user IDs

Empty response

post /role-store/api/v1/users/mfa/disable

Turn off multifactor authentication for an array of user IDs

array[string]

Request

[
  "5bf77342-221c-11ee-be56-0242ac120002"
]

Response

ExamplesSchema

Successful response, MFA turned off for the requested user IDs

Empty response