Skip to content

API: Users

Two of the following request require authorities. Currently there exists following ones:

  • **MANAGE_USERS - ** User can manage users
  • **MANAGE_LISTENERS - ** User can manage listeners
  • **MANAGE_PAYLOADS - ** User can manage payloads
  • **MANAGE_AGENTS - ** User can manage agents
  • **SEND_COMMANDS - ** User can send commands
  • **MODIFY_FILES - ** User can modify files
  • **VIEW_RESOURCES - ** Base authority to view agents, listeners, files, commands (but not users), all users must have this authority

List of all users

Request

GET /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Get user information

Request

GET /api/v1/users/{USER_NAME} HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Get my user info

Request

GET /api/v1/users/me HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Change my password

Request

1
2
3
4
5
6
7
8
PUT /api/v1/users/me/password HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json

{
  "oldPassword": "{OLD_PASSWORD}",
  "newPassword": "{NEW_PASSWORD}"
}

Add new user

Request

1
2
3
4
5
6
7
8
9
POST /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json

{
  "username": "{USER_NAME}",
  "password": "{USER_PASSWORD}",
  "authorities": {LIST_OF_AUTHORITIES}
}

Edit existing user

Request

1
2
3
4
5
6
7
8
PUT {{url}}/api/v1/users/{USER_NAME}
Authorization: Bearer {{auth_token}}
Content-Type: application/json

{
  "enabled": {SHOULD_USER_BE_ENABLED},
  "authorities": {LIST_OF_AUTHORITIES}
}