API: Users & Authorities

List of available authorities:

Authority	Description
MANAGE_USERS	Authority to manage users, e.g., change password, grant/remove authorities
MANAGE_LISTENERS	Authority to manage listeners
MANAGE_PAYLOADS	Authority to manage payloads
MANAGE_AGENTS	Authority to manage agents
SEND_COMMANDS	Authority to send commands
MODIFY_FILES	Authority to modify files
VIEW_RESOURCES	Base authority to view agents, listeners, files, commands (not users); Can't be removed

List of all users

Request

GET /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Get user information

Request

GET /api/v1/users/{USER_NAME} HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Get my user info

Request

GET /api/v1/users/me HTTP/1.1
Authorization: Bearer {JWT_TOKEN}

Change my password

Request

PUT /api/v1/users/me/password HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json

{
  "oldPassword": "{OLD_PASSWORD}",
  "newPassword": "{NEW_PASSWORD}"
}

Add new user

Request

POST /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json

{
  "username": "{USER_NAME}",
  "password": "{USER_PASSWORD}",
  "authorities": {LIST_OF_AUTHORITIES}
}

Edit existing user

Request

PUT {{url}}/api/v1/users/{USER_NAME} HTTP/1.1
Authorization: Bearer {{auth_token}}
Content-Type: application/json

{
  "enabled": {SHOULD_USER_BE_ENABLED},
  "authorities": {LIST_OF_AUTHORITIES}
}