Skip to main content

GET /userAccounts

Use GET to retrieve information about all user accounts.

Authentication

Authentication with username and password is required.

Request URL

GET https://{management_server_IP}/userAccounts

Query parameters

None

Response codes

CodeDescriptionComments
200OKThe request completed successfully.
400Bad RequestA query parameter or request attribute is missing or not valid, or the operation is not supported. A descriptive error message is returned in the response body.
404Not foundA specified resource cannot be found. A descriptive error message is returned in the response body.
500Internal Server ErrorAn internal error occurred. A descriptive error message is returned in the response body.

Response body

AttributesTypeDescription
responseArray of objectsEach array element represents a user account
 activeSessionsIntegerNumber of currently active sessions for the user account
 createTimestampStringDate and time when the account was created. The timestamp is returned in ISO 8601 format (for example, 2014-02-05T15:54:13Z).
 descriptionStringDescription for the user account
 groupsArray of stringsThe list of role groups to which the user account belongs
 idStringHashed index uniquely identifying a user account
 lastLoginTimestampStringDate and time when the account was last successfully logged in. The timestamp is returned in ISO 8601 format (for example, 2014-02-05T15:54:13Z).
 ldapDnStringUser's LDAP distinguished name (for example, "cn=USERID,ou=Users,dc=ibmbase,dc=com").
 loginAttemptsIntegerNumber of times that the user has attempted to log in
 loginCountIntegerNumber of times the user has successfully logged in
 modifyTimestampStringDate and time when the account was last modified. The timestamp is returned in ISO 8601 format (for example, 2014-02-05T15:54:13Z).
 PasswordChangeFirstAccessBooleanIndicates if the user is required to change the password on the initial access. This can be one of the following values.
  • true. The password must be changed.
  • false. The password does not have to be changed.
 pwdAgeIntegerNumber of seconds that have elapsed since the password was last changed
 pwExpirationWarningBooleanIndicates if a password expiration warning is to be displayed when a user logs in. This can be one of the following values.
  • true. The password warning is to be displayed.
  • false. The password has not expired.
 pwExpiredBooleanIndicates if the password has expired. This can be one of the following values.
  • true. The password has expired.
  • false. The password has not expired.
 reservedBooleanIndicates whether the user account is reserved for use by the XClarity Administrator. This can be one of the following values.
  • true. The user account is reserved.
  • false. The user account is not reserved.
 stateStringUser-account state. This can be one of the following values.
  • Active. The user account is in an active state.
  • Inactive. The user account is in an inactive state (disabled).
  • Locked. The user account is locked
 supervisorBooleanIndicates whether the user is a supervisor. This can be one of the following values.
  • true. The user account is a supervisor.
  • false. The user account is not a supervisor.
 timeBeforeExpirationInDaysIntegerNumber of days remaining before a password expires
 userNameStringName of the user account
 userPwStringUser password. This value is always NA.
resultStringResults of the request. This can be one of the following values.
  • success. The request completed successfully.
  • failed. The request failed. A descriptive error message was returned.
messagesArray of objectsInformation about one or more messages
 explanationStringAdditional information to clarify the reason for the message
 idStringMessage identifier of a returned message
 recoveryArray of objectsRecovery information
  textStringUser actions that can be taken to recover from the event
  URLStringLink to the help system for more information, if available
 textStringMessage text associated with the message identifier
The following example is returned if the request is successful.
{
   "response": [{
      "activeSessions": 0,
      "createTimestamp": "2015-09-04T11:58:38Z",
      "description": "System Manager",
      "groups": ["lxc-sysmgr"],
      "id": "e1500a5d-7d78-464f-9b00-76d6ff8c3bc4",
      "lastLoginTimestamp": "",
      "ldapDn": "cn=SYSMGR_AXKVXE2I,ou=Users,dc=ibmbase,dc=com",
      "loginAttempts": 1,
      "loginCount": 1,
      "modifyTimestamp": "2015-09-04T11:58:38Z",
      "PasswordChangeFirstAccess": false,
      "pwdAge": 635303,
      "pwExpirationWarning": false,
      "pwExpired": false,
      "reserved": true,
      "state": "Active",
      "supervisor": false,
      "timeBeforeExpirationInDays": 82,
      "userName": "SYSMGR_AXKVXE2I",
      "userPw": "NA"
   },
   ...,
   {
      "activeSessions": 0,
      "createTimestamp": "2015-07-20T17:02:26Z",
      "description": "alanhawk",
      "groups": ["lxc-supervisor"],
      "id": "75d5aa42-266d-4241-ad5b-61f260dea827",
      "lastLoginTimestamp": "",
      "ldapDn": "cn=ALANHAWK,ou=Users,dc=ibmbase,dc=com",
      "loginAttempts": 0
      "loginCount": 0,
      "modifyTimestamp": "2015-07-20T17:02:26Z",
      "PasswordChangeFirstAccess": false,
      "pwdAge": 4591474,
      "pwExpirationWarning": false,
      "pwExpired": false,
      "reserved": false,
      "state": "Active",
      "supervisor": true,
      "timeBeforeExpirationInDays": 36,
      "userName": "ALANHAWK",
      "userPw": "NA",
   }],
   "result": "success",
   "messages": [{
      "id": "FQXHMSE0001I",
      "explanation": "",
      "recovery": {
         "text": "Information only; no action is required.",
         "URL": ""
      },
      "text": "The request completed successfully."
   }]
}