API: Users & Authorities
List of available authorities:
| Authority |
Description |
| MANAGE_USERS |
Authority to manage users, e.g., change password, grant/remove authorities |
| MANAGE_LISTENERS |
Authority to manage listeners |
| MANAGE_PAYLOADS |
Authority to manage payloads |
| MANAGE_AGENTS |
Authority to manage agents |
| MANAGE_DISCOVERY |
Authority to manage discovery related data models: hosts, services and credentials. Grants authority to: Edit and Archive. |
| SEND_COMMANDS |
Authority to send commands |
| MODIFY_FILES |
Authority to modify files |
| VIEW_RESOURCES |
Base authority to view agents, listeners, files, commands (not users); Can't be removed |
List of all users
Request
| GET /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Request
| GET /api/v1/users/{USER_NAME} HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Get my user info
Request
| GET /api/v1/users/me HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
|
Change my password
Request
| PUT /api/v1/users/me/password HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"oldPassword": "{OLD_PASSWORD}",
"newPassword": "{NEW_PASSWORD}"
}
|
Add new user
Request
| POST /api/v1/users HTTP/1.1
Authorization: Bearer {JWT_TOKEN}
Content-Type: application/json
{
"username": "{USER_NAME}",
"password": "{USER_PASSWORD}",
"authorities": {LIST_OF_AUTHORITIES}
}
|
Edit existing user
Request
| PUT {{url}}/api/v1/users/{USER_NAME} HTTP/1.1
Authorization: Bearer {{auth_token}}
Content-Type: application/json
{
"enabled": {SHOULD_USER_BE_ENABLED},
"authorities": {LIST_OF_AUTHORITIES}
}
|