Accounts

Returns a list of Accounts

SecurityApiKeyAuth
Request
query Parameters
limit
integer [ 1 .. 1000 ]
Default: 100

Maximum number of objects to return per query. The value must be between 1 and 1000. Default is 100.

Example: limit=50
cursor
string [ 1 .. 4096 ] characters

Cursor to fetch the next or previous page of results. The value of this property must be extracted from the 'prev_cursor' or 'next_cursor' property of a PaginatedResponseMetadata which is contained in the response of list and search API endpoints.

sort
string or null

The field to sort results by. A property name with a prepended '-' signifies descending order.

Enum: "id" "-id" "api_client_id" "-api_client_id" "username" "first_name" "last_name" "email" "-username" "-first_name" "-last_name" "-email" "last_access_time" "-last_access_time" "creation_time" "-creation_time"
Example: sort=id
Responses
200

OK

get/management/accounts
Response samples
application/json
{
  • "items": [
    ],
  • "response_metadata": {
    }
}

Create a new Account

SecurityApiKeyAuth
Request
Request Body schema: application/json
required
is_admin
boolean
Default: false

Whether the created account must be granted to admin role.

generate_api_key
boolean
Default: false

Whether an API key must be generated for this Account. This must be set if the Account will be used for API key based authentication, and unset otherwise.

api_client_id
string [ 1 .. 1024 ] characters

The unique ID which is used to identify the identity of an API request. The web server (nginx) configuration must be configured so as to include the external ID as the value of the X_CLIENT_ID HTTP request header when requests are proxied. If this value isn't set, the application will automatically generate one. For OAuth2/JWT based authentication, this typically corresponds to a value extracted from the JWT, uniquely identifying the Account.

first_name
string [ 1 .. 1024 ] characters

An optional first name for the Account.

last_name
string [ 1 .. 1024 ] characters

An optional last name for the Account.

email
string [ 1 .. 1024 ] characters

An optional email for the Account.

username
string [ 1 .. 1024 ] characters

The username for username/password authentication. This can also be used to provide an optional logical name for the Account.

password
string [ 1 .. 1024 ] characters

The password for username/password authentication.

ldap_principal
string [ 1 .. 1024 ] characters

This value will be used for linking this account to an LDAP user when authenticated with the same LDAP principal. When accounts authenticate with LDAP, an LDAP principal value is calculated based on the username, msad_domain_name, search_base and username_pattern.

Array of objects (Tag)

The tags to be created for this Account.

Responses
201

The created Account id and if requested the generated API key token.

post/management/accounts
Request samples
application/json
{
  • "is_admin": false,
  • "generate_api_key": false,
  • "api_client_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "email": "string",
  • "username": "string",
  • "password": "string",
  • "ldap_principal": "string",
  • "tags": [
    ]
}
Response samples
application/json
{
  • "token": "string",
  • "id": 0,
  • "first_name": "string",
  • "last_name": "string",
  • "email": "string",
  • "username": "string",
  • "ldap_principal": "string",
  • "tags": [
    ]
}

Get an Account by id

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Responses
200

OK

get/management/accounts/{id}
Response samples
application/json
{
  • "id": 0,
  • "api_client_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "email": "string",
  • "username": "string",
  • "ldap_principal": "string",
  • "last_access_time": "2019-08-24T14:15:22Z",
  • "creation_time": "2019-08-24T14:15:22Z",
  • "effective_scopes": [
    ],
  • "tags": [
    ],
  • "enabled": true
}

Update an Account

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Request Body schema: application/json
required
api_client_id
string [ 1 .. 1024 ] characters

The unique ID which is used to identify the identity of an API request. The web server (nginx) configuration must be configured so as to include the external ID as the value of the X_CLIENT_ID HTTP request header when requests are proxied. For OAuth2/JWT based authentication, this typically corresponds to a value extracted from the JWT, uniquely identifying the Account.

first_name
string [ 1 .. 1024 ] characters

An optional first name for the Account.

last_name
string [ 1 .. 1024 ] characters

An optional last name for the Account.

email
string [ 1 .. 1024 ] characters

An optional email for the Account.

username
string [ 1 .. 1024 ] characters

The username for username/password authentication. This can also be used to provide an optional logical name for the Account.

ldap_principal
string [ 1 .. 1024 ] characters

This value will be used for linking this account to an LDAP user when authenticated with the same LDAP principal. When accounts authenticate with LDAP, an LDAP principal value is calculated based on the username, msad_domain_name, search_base and username_pattern.

Responses
200

Returns the updated Account.

put/management/accounts/{id}
Request samples
application/json
{
  • "api_client_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "email": "string",
  • "username": "string",
  • "ldap_principal": "string"
}
Response samples
application/json
{
  • "id": 0,
  • "api_client_id": "string",
  • "first_name": "string",
  • "last_name": "string",
  • "email": "string",
  • "username": "string",
  • "ldap_principal": "string",
  • "last_access_time": "2019-08-24T14:15:22Z",
  • "creation_time": "2019-08-24T14:15:22Z",
  • "effective_scopes": [
    ],
  • "tags": [
    ],
  • "enabled": true
}

Delete an Account

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Responses
204

No Content

delete/management/accounts/{id}

Enable an Account.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Responses
200

OK

post/management/accounts/{id}/enable

Disable an Account.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Responses
200

OK

post/management/accounts/{id}/disable

Change Account Password.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Request Body schema: application/json
required
old_password
required
string [ 1 .. 1024 ] characters

Old password that needs to be changed for the Account.

new_password
string [ 1 .. 1024 ] characters

New password that needs to be set for the Account. Set this to null for unsetting the current password. Not including this property also results in unsetting of the current password.

Responses
204

Password changed.

post/management/accounts/{id}/change_password
Request samples
application/json
{
  • "old_password": "string",
  • "new_password": "string"
}

Reset Account Password.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Request Body schema: application/json
required
new_password
string [ 1 .. 1024 ] characters

New password that needs to be set for the Account. Set this to null for unsetting the current password. Not including this property also results in unsetting of the current password.

Responses
204

Password reset.

post/management/accounts/{id}/reset_password
Request samples
application/json
{
  • "new_password": "string"
}

Get tags for an Account.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Responses
200

Ok

get/management/accounts/{id}/tags
Response samples
application/json
{
  • "tags": [
    ]
}

Create tags for an Account.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Request Body schema: application/json
required

Tags information for Account.

required
Array of objects (Tag) [ 1 .. 1000 ] items unique

Array of tags with key value pairs

Responses
201

Created

post/management/accounts/{id}/tags
Request samples
application/json
{
  • "tags": [
    ]
}
Response samples
application/json
{
  • "tags": [
    ]
}

Delete tags for an Account.

SecurityApiKeyAuth
Request
path Parameters
id
required
integer <int64>

Numeric ID of the Account.

Request Body schema: application/json

The parameters to delete tags

key
string [ 1 .. 4000 ] characters

Key of the tag

value
string [ 1 .. 4000 ] characters

Value of the tag

Array of objects (Tag) [ 1 .. 1000 ] items unique

List of tags to be deleted

Responses
204

No Content

post/management/accounts/{id}/tags/delete
Request samples
application/json

Delete all tags for given object - No request body required

{ }

Returns the password policies

SecurityApiKeyAuth
Responses
200

OK

get/management/accounts/password-policies
Response samples
application/json
{
  • "enabled": false,
  • "min_length": 8,
  • "reuse_disallow_limit": 3,
  • "digit": false,
  • "uppercase_letter": false,
  • "lowercase_letter": false,
  • "special_character": false,
  • "disallow_username_as_password": false,
  • "maximum_password_attempts": 3
}

Update password policies.

SecurityApiKeyAuth
Request
Request Body schema: application/json
required

The parameters to update the password policies.

enabled
boolean
Default: true

True if password policies are enforced/enabled.

min_length
integer >= 0
Default: 15

Minimum length for password.

reuse_disallow_limit
integer [ 0 .. 20 ]
Default: 2

The password can not be the same as any of the previous n passwords.

digit
boolean
Default: true

Mandate at least one digit in password.

uppercase_letter
boolean
Default: true

Mandate at least one uppercase letter in password.

lowercase_letter
boolean
Default: true

Mandate at least one lower letter in password.

special_character
boolean
Default: true

Mandate at least one special character in password.

disallow_username_as_password
boolean
Default: true

Disallows password containing case-insensitive user name or reversed user name.

maximum_password_attempts
integer [ 0 .. 100 ]
Default: 5

The number of allowed attempts for incorrect password, after which the account gets locked.

Responses
200

OK

patch/management/accounts/password-policies
Request samples
application/json
{
  • "enabled": false,
  • "min_length": 8,
  • "reuse_disallow_limit": 3,
  • "digit": false,
  • "uppercase_letter": false,
  • "lowercase_letter": false,
  • "special_character": false,
  • "disallow_username_as_password": false,
  • "maximum_password_attempts": 3
}
Response samples
application/json
{
  • "enabled": false,
  • "min_length": 8,
  • "reuse_disallow_limit": 3,
  • "digit": false,
  • "uppercase_letter": false,
  • "lowercase_letter": false,
  • "special_character": false,
  • "disallow_username_as_password": false,
  • "maximum_password_attempts": 3
}

Search for Accounts.

SecurityApiKeyAuth
Request
query Parameters
limit
integer [ 1 .. 1000 ]
Default: 100

Maximum number of objects to return per query. The value must be between 1 and 1000. Default is 100.

Example: limit=50
cursor
string [ 1 .. 4096 ] characters

Cursor to fetch the next or previous page of results. The value of this property must be extracted from the 'prev_cursor' or 'next_cursor' property of a PaginatedResponseMetadata which is contained in the response of list and search API endpoints.

sort
string or null

The field to sort results by. A property name with a prepended '-' signifies descending order.

Enum: "id" "-id" "api_client_id" "-api_client_id" "username" "first_name" "last_name" "email" "-username" "-first_name" "-last_name" "-email" "last_access_time" "-last_access_time" "creation_time" "-creation_time"
Example: sort=id
Request Body schema: application/json

A request body containing a filter expression. This enables searching for items matching arbitrarily complex conditions. The list of attributes which can be used in filter expressions is available in the x-filterable vendor extension.

Filter Expression Overview

Note: All keywords are case-insensitive

Comparison Operators

Operator Description Example
CONTAINS Substring or membership testing for string and list attributes respectively. field3 CONTAINS 'foobar', field4 CONTAINS TRUE
IN Tests if field is a member of a list literal. List can contain a maximum of 100 values field2 IN ['Goku', 'Vegeta']
GE Tests if a field is greater than or equal to a literal value field1 GE 1.2e-2
GT Tests if a field is greater than a literal value field1 GT 1.2e-2
LE Tests if a field is less than or equal to a literal value field1 LE 9000
LT Tests if a field is less than a literal value field1 LT 9.02
NE Tests if a field is not equal to a literal value field1 NE 42
EQ Tests if a field is equal to a literal value field1 EQ 42

Search Operator

The SEARCH operator filters for items which have any filterable attribute that contains the input string as a substring, comparison is done case-insensitively. This is not restricted to attributes with string values. Specifically SEARCH '12' would match an item with an attribute with an integer value of 123.

Logical Operators

Ordered by precedence.

Operator Description Example
NOT Logical NOT (Right associative) NOT field1 LE 9000
AND Logical AND (Left Associative) field1 GT 9000 AND field2 EQ 'Goku'
OR Logical OR (Left Associative) field1 GT 9000 OR field2 EQ 'Goku'

Grouping

Parenthesis () can be used to override operator precedence.

For example: NOT (field1 LT 1234 AND field2 CONTAINS 'foo')

Literal Values

Literal Description Examples
Nil Represents the absence of a value nil, Nil, nIl, NIL
Boolean true/false boolean true, false, True, False, TRUE, FALSE
Number Signed integer and floating point numbers. Also supports scientific notation. 0, 1, -1, 1.2, 0.35, 1.2e-2, -1.2e+2
String Single or double quoted "foo", "bar", "foo bar", 'foo', 'bar', 'foo bar'
Datetime Formatted according to RFC3339 2018-04-27T18:39:26.397237+00:00
List Comma-separated literals wrapped in square brackets [0], [0, 1], ['foo', "bar"]

Limitations

  • A maximum of 8 unique identifiers may be used inside a filter expression.
filter_expression
string [ 5 .. 2000 ] characters
Responses
200

OK

post/management/accounts/search
Request samples
application/json

An example of a nested Object comparison testing that at least one repository has a version which is equal to 19.0.0.

{
  • "filter_expression": "repositories CONTAINS {version eq '19.0.0'}"
}
Response samples
application/json
{
  • "items": [
    ],
  • "response_metadata": {
    }
}
➔ Next to Login