Update User Details
Endpoint URL: https://<your server/rest/users/:username
Endpoint URI: users/:username
Action: PUT
Updates user details.
Note
Ensure that you have logged into the Cybereason platform. For details, see Log in with the API.
Request Headers
You must add an Content-Type:application/json header with the request.
Note
If you are using cURL, add the authorization cookie details or the path to the file with cookie details with every request.
Request Body
Input: JSON
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
{
"username":"<user name>",
"password":"<password>",
"roles":["<role>","<role>","<role>"],
"creationTime":1667834576988,
"lastUpdateTime":1667834576988,
"totpEnabled":true,
"changePasswordOnNextLogin":true,
"isDailyNotifications":true,
"allowedLoginMethod":"PASSWORD",
"groups":[]
}
Request Parameters
URL/URI parameters: You must provide the username parameter in the URL of the request.
Request Body Parameters: You must enter the following required parameters in the request body:
Field |
Type |
Description |
---|---|---|
username |
String |
The user name for the user to create. The value you enter here should be the same as the value you enter in the username parameter in the URL of the request. |
password |
String |
The default password to use for the user. |
roles |
Enum |
The possible roles for the user. Possible roles include:
The Sensor viewer role is disabled by default. Open a Technical Support case to enable this role. |
creationTime |
Integer |
The time (in milliseconds) when the user was created. |
lastUpdateTime |
Integer |
The time (in milliseconds) when the user details were last updated. |
totpEnabled |
Boolean |
Indicates whether two-factor authentication (TFA) is enabled for this user. |
changePasswordOnNextLogin |
Boolean |
Indicates whether to force the user to change their password the next time they log in. |
isDailyNotifications |
Boolean |
Indicates whether notifications are enabled for this user. |
allowedLoginMethod |
Enum |
The allowed login method for this user. Possible options include:
In order to use the SSO option, you must enable SSO in your environment. For details on SSO authentication, see SSO Authentication in the Cybereason product documentation. |
groups |
String |
A collection of the groups to which the user has privileges to view information. You only need to add the names of the groups to which this user has access if you assign the user the local_analyst_l1, local_analyst_l2, or local_responder roles. |
Response Status Codes
This request can return the following status codes:
200: Success OK with details on the operation
Response Success Schema
The response one of the following status messages:
success (Success)
Response Failure
The response one of the following status messages:
success (Success)
badUsername (Invalid username)
badBasicPassword (Invalid password when using the basic password complexity)
badStrictPassword (Invalid password when using the strict password complexity)
previousPassword (Password is the same as a previous password)
userExists (User already exists)
userNotChanged (No changes in user data)
userNotFound (Platform did not find the user)
staleUser (User marked as stale)
actionNotAllowed (Update action not allowed)
errorOccured (A general error occurred)
actionFailed (Creation action failed)
badTotpSid (The TFA secret key is not valid)
incorrectPassword (The password is not correct)
illegaleLocale (User locale is not valid)
Important Response Fields
You want to ensure that the request returns the success message.
Example: Update a user’s details
Request
curl --request POST \
--url https://12.34.56.78/rest/users/[email protected] \
--header 'Content-Type:application/json' \
--data '{
"username":"[email protected]",
"password":"password",
"roles":["analyst_l3","executive","analyst_hdl","policies_admin","sys_admin","system_viewer","user_admin","sensor_admin_l1","responder"],
"creationTime":1667834576988,
"lastUpdateTime":1667834576988,
"totpEnabled":false,
"changePasswordOnNextLogin":true,
"isDailyNotifications":true,
"allowedLoginMethod":"PASSWORD",
"groups":[]
}'
Response
"success"
Request
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
Use this request body:
{
"username":"[email protected]",
"password":"password",
"roles":["analyst_l3","executive","analyst_hdl","policies_admin","sys_admin","system_viewer","user_admin","sensor_admin_l1","responder"],
"creationTime":1667834576988,
"lastUpdateTime":1667834576988,
"totpEnabled":false,
"changePasswordOnNextLogin":true,
"isDailyNotifications":true,
"allowedLoginMethod":"PASSWORD",
"groups":[]
}
Response
"success"
Request
Depending on your browser settings, this linked file may open in a separate tab instead of downloading directly to your machine. If this happens, use the Save As option in your browser to save the file locally.
import requests
import json
# Login information
username = "[email protected]"
password = "mypassword"
server = "yourserver.com"
port = "443"
data = {
"username": username,
"password": password
}
headers = {"Content-Type": "application/json"}
base_url = "https://" + server + ":" + port
login_url = base_url + "/login.html"
session = requests.session()
login_response = session.post(login_url, data=data, verify=True)
print (login_response.status_code)
print (session.cookies.items())
# Request URL
username = "[email protected]"
endpoint_url = "/rest/users/"
api_url = base_url + endpoint_url + username
# These are the variables that represent different fields in the request.
password = "password"
role_1 = "analyst_l3"
role_2 = "executive"
role_3 = "analyst_hdl"
role_4 = "policies_admin"
role_5 = "sys_admin"
role_6 = "system_viewer"
role_7 = "user_admin"
role_8 = "sensor_admin_l1"
role_9 = "responder"
login_method = "PASSWORD"
reputation = json.dumps({"username":username,"password":password,"roles":[role_1,role_2,role_3,role_4,role_5,role_6,role_7,role_8,role_9],"totpEnabled":False,"changePasswordOnNextLogin":True,"isDailyNotifications":True,"allowedLoginMethod":login_method,"groups":[]})
api_response = session.request("POST", api_url, data=reputation, headers=headers)
your_response = json.loads(api_response.content)
print(json.dumps(your_response, indent=4, sort_keys=True))
Response
"success"