/user

Methods

GET

Gets the list of Users. Depending on your role, this resource will return the following:

  • A list of all Administrators if the session user has the Administrator Role. If the optional field orgID is provided, then all Security Managers for the organization will be returned instead.
  • A list of all Users within the Organization's context if the session user is not an Administrator

Note: All Users returned are "active" Users.

Fields Parameter

The fields parameter should be specified along the query string, and it takes the syntax

?fields=<field>,...

Allowed Fields

*id

**firstname

**lastname

**role

**status

**username

**title

**email

**address

**city

**state

**country

**phone

**fax

**createdTime

**modifiedTime

**lastLogin

**lastLoginIP

**mustChangePassword

**locked

**failedLogins

**authType

**fingerprint

**password

**description

**canUse

**canManage

**managedUsersGroups

**managedObjectsGroups

Session user is not role "1" (Administrator)

**responsibleAsset

**group

Legend

* = always comes back

** = comes back if fields list not specified on GET all

Request User Parameters

Session user is an Administrator

{

"orgID" : <number> OPTIONAL

}

Session user is not an Administrator

None

Example Response

Administrator

{

"type" : "regular",

"response" : [

{

"id" : "1",

"status" : "0",

"username" : "admin",

"firstname" : "Admin",

"lastname" : "User",

"title" : "Application Administrator",

"email" : "",

"address" : "",

"city" : "",

"state" : "",

"country" : "",

"phone" : "",

"fax" : "",

"createdTime" : "1402931602",

"modifiedTime" : "1402931602",

"lastLogin" : "1426881108",

"lastLoginIP" : "192.168.1.145",

"mustChangePassword" : "false",

"locked" : "false",

"failedLogins" : "0",

"authType" : "tns",

"fingerprint" : null,

"password" : "SET",

"canUse" : true,

"canManage" : true,

"role" : {

"id" : "1",

"name" : "Administrator",

"description" : "Role defining an administrator of the application"

}

}

],

"error_code" : 0,

"error_msg" : "",

"warnings" : [],

"timestamp" : 1426883881

}

Organization User

{

"type" : "regular",

"response" : [

{

"id" : "1",

"status" : "0",

"username" : "orghead",

"firstname" : "Johnny",

"lastname" : "Begood",

"title" : "",

"email" : "",

"address" : "",

"city" : "",

"state" : "",

"country" : "",

"phone" : "",

"fax" : "",

"createdTime" : "1418787391",

"modifiedTime" : "1418787391",

"lastLogin" : "1426884373",

"lastLoginIP" : "192.168.1.145",

"mustChangePassword" : "false",

"locked" : "false",

"failedLogins" : "0",

"authType" : "tns",

"fingerprint" : null,

"password" : "SET",

"managedUsersGroups" : [

{

"id" : "-1",

"name" : "All Groups",

"description" : "All Groups"

}

],

"managedObjectsGroups" : [

{

"id" : "-1",

"name" : "All Groups",

"description" : "All Groups"

}

],

"canUse" : true,

"canManage" : true,

"role" : {

"id" : "2",

"name" : "Security Manager",

"description" : "System Role for the head of an organization"

},

"responsibleAsset" : {

"id":-1,

"name" : "",

"description" : ""

},

"group" : {

"id" : "0",

"name" : "Full Access",

"description" : "Full Access group"

}

}

],

"error_code" : 0,

"error_msg" : "",

"warnings" : [],

"timestamp" : 1426884374

}

Copyright © 2016. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. SecurityCenter Continuous View, Passive Vulnerability Scanner, and Log Correlation Engine are trademarks of Tenable Network Security, Inc. All other products or services are trademarks of their respective owners.