User API Calls

This chapter describes the supported API calls for customer integration using the API. If the call does not appear in this document, then it is unsupported.

Create User without Password

This call creates a user without a password.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

api/v1/accounts

Request Parameters

Parameter

Argument Type

Description

Sample Value

sendInvite

Path

True if we want to send invite

true

emailAddress

Request body

Email address

[email protected]

accountSource

Request body

Type of user. LOCAL

LOCAL

uid

Request body

Same as the email address

[email protected]

Example Request

Example Request URL

https://cluster056.auto.acme.com/api/v1/accounts?sendInvite=true

Example Request Body

accounts[0][email protected]

accounts[0].accountSource=LOCAL

accounts[0][email protected]

Response Fields

Field

Description

errors

Errors returned by the call

result– Results container for user information

id

Internal ID for the user

createdAt

When created.

createdBy

Who created it.

modifiedAt

When modified.

modifiedBy

Who modified it.

displayName

Display name of account.

firstName

First name for the account.

lastName

Last name for the account.

ldapServerId

LDAP server ID for the account.

uid

UID for the account. Same as the email address.

emailAddress

Email address for the account Same as UID.

username

User name for the account.

accountSource

Account source. Can be LOCAL, and perhaps LDAP later.

inviteState

Has the user responded to the invitation?

inviteResendCount

How many times has the invite been resent?

inviteLastSentAt

When was the invite last sent?

locale

The account’s locale.

enabled

Is the account enabled?

locked

Is the account locked?

superUser

Is this account a superuser?

termsAccepted

Did this account accept the terms?

passwordExpiresAt

When does the password expire?

distinguishedName

 

objectGuid

 

trash

Has this account been discarded?

mutable

Can be modified by default.

loginFailureCount

How many times has the user unsuccessfully tried to login?

loginSuccessAt

 

passwordHistory

 

guid

 

actionExceptionCodes

 

Example Response

{

  "errors": null,

  "result": [

    {

      "id": 10023,

      "createdAt": null,

      "createdBy": 10001,

      "modifiedAt": null,

      "modifiedBy": 10001,

      "displayName": null,

      "firstName": null,

      "lastName": null,

      "ldapServerId": null,

      "uid": "[email protected]",

      "emailAddress": "[email protected]",

      "username": null,

      "accountSource": "LOCAL",

      "inviteState": null,

      "inviteResendCount": 0,

      "inviteLastSentAt": null,

      "locale": "en_US",

      "enabled": false,

      "locked": false,

      "superUser": false,

      "termsAccepted": false,

      "passwordExpiresAt": null,

      "distinguishedName": null,

      "objectGuid": null,

      "trash": false,

      "mutable": true,

      "loginFailureCount": 0,

      "loginSuccessAt": null,

      "passwordHistory": "{\"passwords\":[]}",

      "guid": null,

      "actionExceptionCodes": null

    }

  ]

}

Create User with Password

This call creates a user with a password.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

api/v1/account

Request Parameters

Parameter

Argument Type

Description

Example Value

sendInvite

Path

True if we want to send invite

true

accountSource: LOCAL

 

Request body

Email address

[email protected]

accountSource

Request body

Type of user. Can be LOCAL or LDAP

LOCAL

uid

Request body

Same as the email address

[email protected]

emailAddress

Request body

email address of the user

 

firstName

Request body

first name

 

lastName

Request body

last name

 

displayName

Request body

display name

 

password

Request body

password for the user

 

confirmPassword

Request body

confirm the password

 

Example Request

Example Request URL

https://cluster056.auto.acme.com/api/v1/account?sendInvite=true

Example Request Body

accountSource=LOCAL

[email protected]

[email protected]

firstName=Cool

lastName=Tester

displayName=Cool+Tester

password=Testing!23

confirmPassword=Testing!23

Response Fields

Field

Description

errors

Errors returned by the call

id

Internal ID for the user

createdAt

When the account was created.

createdBy

Who created the account?

modifiedAt

When was the account modified?

modifiedBy

Who modified the account?

displayName

Display name for account.

firstName

First name of account.

lastName

Last name of account.

ldapServerId

LDAP server ID for the account.

uid

UID for the account.

emailAddress

Email address for the account.

username

Username for the account.

accountSource

Source for the account. Can be LOCAL. LDAP may be supported later.

inviteState

Has the use been invited?

inviteResendCount

How many times has the invitation been resent?

inviteLastSentAt

When was the invitation last sent?

locale

What is the account locale?

enabled

Is the account enabled?

locked

Is the account locked?

superUser

Is the user a supersuer?

termsAccepted

Has the user accepted the terms?

passwordExpiresAt

When does the password expire?

distinguishedName

 

objectGuid

 

trash

Has the account been discarded?

mutable

Can be modified by default.

loginFailureCount

 

loginSuccessAt

 

passwordHistory

 

guid

 

actionExceptionCodes

 

Example Response

{

  "errors": null,

  "result": {

    "id": 10024,

    "createdAt": null,

    "createdBy": 10001,

    "modifiedAt": null,

    "modifiedBy": 10001,

    "displayName": "TestFName TestLame",

    "firstName": "TestFName",

    "lastName": "TestLame",

    "ldapServerId": null,

    "uid": "[email protected]",

    "emailAddress": "[email protected]",

    "username": null,

    "accountSource": "LOCAL",

    "inviteState": null,

    "inviteResendCount": 0,

    "inviteLastSentAt": null,

    "locale": "en_US",

    "enabled": true,

    "locked": false,

    "superUser": false,

    "termsAccepted": false,

    "passwordExpiresAt": null,

    "distinguishedName": null,

    "objectGuid": null,

    "trash": false,

    "mutable": true,

    "loginFailureCount": 0,

    "loginSuccessAt": null,

    "passwordHistory": "{\"passwords\":[]}",

    "guid": null,

    "actionExceptionCodes": null

  }

}

Invite User

This call invites a user to register with Ivanti Neurons for MDM, optionally setting device ownership to EMPLOYEE, COMPANY, or UNKNOWN.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

/api/v1/invite/enduser

Request Parameters

Parameter

Argument Type

Description

Example Value

accountIds

Request body

The accounts you wish to invite.

10552

deviceOwnershipType

Request body

Optional. Sets the device ownership.

Valid values are:

    EMPLOYEE

    COMPANY

    UNKNOWN

EMPLOYEE

Example Request

curl "https://[Ivanti Neurons for MDM]/api/v1/invite/enduser" -H "Accept: application/json, text/plain, */*" --data "accountIds=10552&deviceOwnershipType=EMPLOYEE" --compressed

Response Fields

Field

Description

errors

Errors returned by the call

result

The result set container

Example Response

{

    "errors": null,

    "result": true

}

Get Enrollment URL

This call creates an enrollment URL that enrolls a user without the user having to enter a pin.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

/api/v1/tenant/enrollment/url

Request Parameters

Parameter

Argument Type

Description

Example Value

accountIds

Request body

The accounts for which you want to create the enrollment URL.

10022

tokenLifetime

Request body

The token lifetime.

604800000

Example Request

cURL 'https://[Ivanti Neurons for MDM]/api/v1/tenant/enrollment/url' -d'{"accountIds": [ 10022 ], "tokenLifetime": 604800000}' -H 'Content-Type: application/json'

Response Fields

Field

Description

errors

Errors returned by the call

result

The result set container

accountId

The account Id and corresponding enrollment URL.

Example Response

{

    "errors": null,

    "result": {

        "10022": "https://[Ivanti Neurons for MDM]/c/i/reg/enroll.mobileconfig?token=7F7F00009C44AFBE0001000600108EAB34439F38473CAC15E4A6A10B69D8BEAF04474710AE859B37454248922171D5A969B312C66E844678C80800E7DF7E3EAABF8E35E12322E4ABD6988314AD333C3740B7DD9550F98EA78704CD1AD7D82636162CE31E85B857DF5EBC2636F161EF7713663361AFC93A03009307E2B70C37D893E55E5E659D6F34FF36C3A747E47640811F00FCF9F1537D5B20AD2EC3264775B45780B942EC3F3D6C790D3F38514F6EB274B463D1557CD68273FD325FB6FE006777499F70858B427CBCB67943F1070B6EDBAC1115C1"

    }

}

Get All Accounts

This call gets information about all accounts, including the id and emailAddress values that you can use in other calls.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/account

Request Parameters

Parameter

Argument Type

Description

Example Value

rows

Path

How many rows to return in the query.

Do not send a value larger than 500 with the rows parameter because the APIs do not permit a value of greater than 500. See Controlling Results.

50

start

Path

Integer. The row on which to start the display.

 0

searchAfterValues

Query

Useful in searches in environments with ten-thousand or more accounts. See Searching for users efficiently.

 

Example Request

curl 'https://[Ivanti Neurons for MDM]/api/v1/account?q=&rows=50&start=0&sortFields%5B0%5D.name=displayName&sortFields%5B0%5D.order=ASC&nav=true' \

-H 'Accept: application/json, text/plain, */*' \

Example Response

{

"errors": null,

"result": {

"totalCount": 21,

"searchResults": [

{

"id": 6150167,

"createdAt": 1442949222375,

"displayName": "r m",

"firstName": "r",

"lastName": "m",

"uid": "[email protected]",

"emailAddress": "[email protected]",

"accountSource": "LOCAL",

"inviteState": "Expired",

"inviteResendCount": 0,

"accountType": "USER",

"enabled": true,

"locked": false,

"superUser": false,

"termsAccepted": false,

"accountSettings": "null",

"mutable": true,

"loginFailureCount": 0,

"passwordHistory": "{}",

"androidWorkUserStatus": "NONE",

"androidWorkRetryCount": 0,

"registrationPin": {

"createdAt": null,

"expiresAt": null,

"pin": null,

"used": false

},

"groups": [

"All Users"

],

"deviceCount": 0

},

],

"offset": 0,

"queryTime": 16,

"facetedResults": {

"ACCOUNTSOURCE": {

"LOCAL": 21

},

"TERMSACCEPTED": {

"false": 16,

"true": 5

},

"INVITESTATE": {

"Completed": 9,

"Expired": 5,

"None": 6,

"Pending": 1

},

"ANDROIDWORKSTATUS": {

"NONE": 21

},

"ACCOUNTGROUP": {

"ForDocs": 1,

"Group 8": 2,

"All Users": 21,

"North American Users": 1,

"European Users": 1,

"Appusers": 1

}

},

"totalUnfilteredResultCount": 0

}

}

 

}

Check Delete User Viability

This call informs you whether you can delete a specific user.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/account?checkDeleteViability=true&ids={id}

Request Parameters

Parameter

Argument Type

Description

Example Value

ids

Query

ID of the target account. You get it with the Get All Accounts call.

47253017

Example Request

curl 'https://[Ivanti Neurons for MDM]/api/v1/account?checkDeleteViability=true&ids=47253017'

Example Response

{

    "errors": null,

    "result": {

        "searchResults": [ ],

        "totalCount": 0,

        "offset": 0,

        "limit": 0

    }

}

Delete Users

This call deletes one or more users. You should run the Check Delete User Viability call first to determine whether you can delete the target users.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

DELETE

Request URI

/api/v1/account?id={id}

Request Parameters

Parameter

Argument Type

Description

Example Value

id

Request body

IDs of the target accounts. You get them with the Get All Accounts call.

Separate multiple accounts with commas, url encoded, meaning use %2C for the comma.

One account:

47253017

 

Two accounts:

11193157%2C1516548

Example Request

curl 'https://[Ivanti Neurons for MDM]/api/v1/account?id=47252222' -X DELETE

Example Response

{

    "errors": null,

    "result": 1

}

User Exists

This call verifies if a user account exists or not.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/account

Request Parameters

Parameter

Argument Type

Description

Example Value

uid

Request Body

User account

[email protected]

Example Request

curl -X GET 'https://<hostname>/api/v1/account?uid=<user account>’ \

--header 'Authorization: Basic Auth =='\

Example Response

{

    "errors": null,

    "result": true

}

Update User Account

This call updates a user’s account information.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

PUT

Request URI

/api/v1/account

Request Parameters

Parameter

Argument Type

Description

Example Value

displayName

Request body

New value for the display name. Cleared if not present in the call.

John Doe

androidWorkDeviceAccountEnabled

Request body

New value to enable use of Android Work Device Account instead of User Account.

false

emailAddress

Request body

New value for email address. Cleared if not present in the call.

[email protected]

firstName

Request body

New value for first name. Cleared if not present in the call.

John

lastName

Request body

New value for last name. Cleared if not present in the call.

Doe

enabled

Request body

New value to enable/disable the account. true or false. Cleared if not present in the call.

true

passwordNeverExpire

Request body

New value to indicate if password never expires for the account. true or false. Cleared if not present in the call.

false

gdprProfileId

Request body

New value for GDPR profile identifier. Cleared if not present in the call.

259

managedAppleId

Request body

New value for managed Apple identifier. Cleared if not present in the call.

[email protected]

edipi

Request body

New value for Electronic Data Interchange Personal Identifier. Cleared if not present in the call.

1234567899

password

Request body

New value for password.

Letme77in@

confirmPassword

Request body

New value for password.

Letme77in@

id

Request body

ID of the target account. You get it with the Get All Accounts call.

11193157

Example Request

curl --location --request PUT 'https://[Ivanti Neurons for MDM]/api/v1/account' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic <token>' \
--data-urlencode 'firstName=John' \
--data-urlencode 'lastName=Doe' \
--data-urlencode '[email protected]' \
--data-urlencode '[email protected]' \
--data-urlencode 'displayName=John Doe' \
--data-urlencode 'id=11193157' \
--data-urlencode 'accountSource=LOCAL' \
--data-urlencode 'enabled=true' \
--data-urlencode '[email protected]' \
--data-urlencode 'mamWithOutMDM=' \
--data-urlencode 'password=Letme77in@' \
--data-urlencode 'confirmPassword=Letme77in@' \
--data-urlencode 'edipi=1234567895' \
--data-urlencode 'androidWorkDeviceAccountEnabled=false' \
--data-urlencode 'gdprProfileId=' \
--data-urlencode 'passwordNeverExpire=true'

Example Response

{

    "errors": null,

    "result": 1

}

Import LDAP User

There are two calls you use to accomplish the user import:

A suggested choreography is that after having issued the Import LDAP User call, you wait fifteen seconds and then issue the Check LDAP Import Status call. You can then re-issue the Check LDAP Import Status call every fifteen seconds until ninety seconds have elapsed.

This call sends a request to import an LDAP user.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

/api/v1/ldap/import/user

Request Parameters

Parameter

Argument Type

Description

Example Value

uidOrEmail

Path

User ID of the LDAP user to import.

testuser123623@ auto12.mobileiron.com

ldapServerName

Path

Optional. Name of the LDAP server. If no ldapServerName is specified, then the tenant should have a single LDAP server added and it will be used for the user search & import.

ldap-2k

sendInvite

Path

Optional. Specifies whether to send the user an email invitation.

Valid values:

    true

    false

true

deviceOwnershipType

Path

Optional. Specifies whether to set device ownership.

Valid values:

    EMPLOYEE

    COMPANY

EMPLOYEE

Example Request

$curl -X POST -u username:password -kv "https://[Ivanti Neurons for MDM]/api/v1/ldap/import/user? [email protected]&ldapServerName=ldap-2k&sendInvite=true"

Response Fields

Field

Description

errors

Errors returned by the call.

result

Returned request ID. You will use this value in the Check LDAP Import Status call.

Example Response

{

    "errors": null,

    "result": 1

}

Check LDAP Import Status

This call checks whether the Import LDAP User call was successful.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/ldap/import/user/status

Request Parameters

Parameter

Argument Type

Description

Example Value

requestId

Path

The request Id returned by the Import LDAP User call.

1

Example Request

$curl -X GET -u username:password -kv "https://Ivanti Neurons for MDM/api/v1/ldap/import/user/status?requestId=1"

Response Fields

Field

Description

requestId

Errors returned by the call

status

The result set container

errorCode

The error code returned by the call. See the Example Responses below for the kinds of error codes the call may return.

errorMessage

The error message returned by the call. See the Example Responses below for the kinds of error messages the call may return.

Example Responses

User import successfully completed

{

    "requestId": 1,

    "status": "COMPLETED",

    "errorCode": "",

    "errorMessage": ""

}

User import in-progress

{

    "requestId": 1,

    "status": "IN_PROGRESS",

    "errorCode": "",

    "errorMessage": ""

}

User import failed - User not found

{

    "requestId": 1,

    "status": "FAILED",

    "errorCode": "LDAP_USER_IMPORT-106",

    "errorMessage": "The LDAP user [email protected] not found to import."

}

User import failed - Invalid Entry

{

    "requestId": 1,

    "status": "FAILED",

    "errorCode": "KC-103",

    "errorMessage": "The LDAP entry has invalid attribute to be imported."

}

Invalid LDAP server name

{

    "errors": {

        "globalErrors": [

            {

                "code": "LDAP_USER_IMPORT-103",

                "message": "No LDAP server with name invalid-ldap found."

            }

        ],

        "fieldErrors": null

    },

    "result": null

}

Request not found

{

    "errors": {

        "globalErrors": [

            {

                "code": "LDAP_USER_IMPORT-100",

                "message": "The LDAP user import request id 1 not found."

            }

        ],

        "fieldErrors": null

    },

    "result": null

}

Get Account Metadata

This gets account metadata for the current user. This is a useful call for finding the default content and space IDs for a user.

Authentication

This call requires Tenant Admin credentials

HTTP Method

GET

Request URI

api/v1/account/metadata

Request Parameter

Parameter

Description

Example Value

metadata

Instructs the API to get account metadata for the current user.

metadata

Example Request

https://[Ivanti Neurons for MDM]/api/v1/account?metadata

Response Fields

Field

Description

errors

 

result

 

    accountId

 

    displayName

 

    lastName

 

    firstName

 

    emailAddress

 

    defaultCmPartitionId

 

    defaultDmPartitionId

 

    globalAuthorities

 

        accountRole.to.group.update

 

        kocab.update

 

        contentstore.preview

 

        ldap.authenticate.user

 

        app.store.settings.update

 

        configurator.authtoken.read

 

        account.invite.admin

 

        accountGroup.delete

 

        ldap.server.sync

 

        sfdc.oauth.profile.update

 

        account.permission.tenant.read

 

        accountRole.delete

 

        accountGroup.create

 

        mizar.delete

 

        account.read

 

        account.password.reset

 

        partition.device.delete

 

        app.category.delete

 

        account.delete

 

        partition.device.update

 

        message.delete

 

        whitelabel.resource.tenant.read

 

        account.invite.enduser

 

        kocab.delete

 

        message.read

 

        partition.device.create

 

        sfdc.oauth.profile.read

 

        mizar.read

 

        accountRole.read

 

        alcor.update

 

        configurator.authtoken.create

 

        mizar.create

 

        partition.content.update

 

        alcor.delete

 

        app.search.googleplay

 

        accountRole.to.permission.update

 

        partition.content.read

 

        account.update

 

        account.send.message

 

        accountGroup.update

 

        message.create

 

        policy.certificate.store.read.all

 

        account.to.group.update

 

        partition.content.create

 

        alcor.create

 

        account.preferences.change

 

        ldap.search.group

 

        policy.template.tenant.read

 

        report.snapshot.read

 

        configurator.authtoken.delete

 

        accountRole.update

 

        account.password.change

 

        kocab.create

 

        appstore.preview

 

        ldap.server.persist.generic

 

        device.register

 

        eula.tenant.read

 

        accountRole.to.account.update

 

        kocab.read

 

        app.category.create

 

        app.category.update

 

        open.sfdc.support.case

 

        tenant.settings.update

 

        mizar.update

 

        report.metadata.read

 

        ldap.server.default.read

 

        ldap.persist.organizationalUnit

 

        ldap.search.generic

 

        accountGroup.to.role.update

 

        alcor.read

 

        audit.account.read

 

        account.generate.pin

 

        ldap.server.test.connection

 

        accountRole.create

 

        ldap.server.read

 

        report.trending.read

 

        ldap.server.update

 

        content.category.update

 

        accountGroup.to.account.update

 

        content.category.delete

 

        account.create

 

        app.category.read

 

        ldap.search.organizationalUnit

 

        configurator.plist.read

 

        ldap.server.delete

 

        tenant.settings.read

 

        ldap.persist.group

 

        ldap.server.decouple.generic

 

        partition.device.read

 

        ldap.persist.user

 

        app.store.settings.read

 

        message.update

 

        content.category.create

 

        accountGroup.read

 

        content.category.read

 

        audit.accountGroup.read

 

        eula.tenant.accept

 

        utils.x509.fingerprint.read

 

        ldap.search.user

 

        app.search.itunes

 

        ldap.server.create

 

        account.to.role.update

 

        accountGroup.to.group.update

 

    dmPartitions

 

        23000

 

            name

 

            authorities

 

                policy.subscribedCalendar.create

 

                policy.passcode.delete

 

                policy.sso.account.update

 

                policy.scep.to.ruleGroup.update

 

                policy.identity.certificate.dg.to.ruleGroup.update

 

                policy.subscribedCalendar.update

 

                policy.opaque.ios.create

 

                policy.cellular.create

 

                policy.aim.audit.read

 

                policy.jabber.delete

 

                policy.appconnect.zone.config.update

 

                policy.certificate.create

 

                mdm.queue.delete

 

                policy.device.registration.audit.read

 

                policy.user.interface.settings.delete

 

                policy.apn.to.ruleGroup.update

 

                policy.identity.certificate.dg.update

 

                policy.app.lock.delete

 

                policy.air.play.read

 

                policy.android.lockdown.create

 

                policy.webclip.read

 

                policy.email.read

 

                policy.identityCertificate.to.ruleGroup.update

 

                policy.mdm.audit.read

 

                policy.android.kiosk.create

 

                policy.opaque.ios.delete

 

                device.stop.mirroring

 

                device.delete

 

                policy.device.registration.read

 

                policy.org.info.setting.update

 

                policy.appconnect.zone.config.delete

 

                policy.android.kiosk.to.ruleGroup.update

 

                policy.email.delete

 

                policy.apn.read

 

                policy.exchange.update

 

                policy.vpn.read

 

                policy.air.print.to.ruleGroup.update

 

                policy.font.delete

 

                policy.web.content.filter.to.ruleGroup.update

 

                policy.subscribedCalendar.read

 

                policy.telecom.settings.delete

 

                policy.apn.update

 

                policy.android.encryption.create

 

                policy.certificate.audit.read

 

                policy.web.content.filter.audit.read

 

                policy.provisioningProfile.create

 

                policy.jabber.audit.read

 

                policy.font.read

 

                policy.localCa.audit.read

 

                ca.create

 

                policy.exchange.delete

 

                policy.vpn.ondemand.update

 

                policy.application.access.audit.read

 

                policy.android.kiosk.delete

 

                policy.cellular.delete

 

                policy.localCa.to.ruleGroup.update

 

                policy.restrictions.read

 

                policy.cellular.update

 

                policy.jabber.update

 

                policy.email.to.ruleGroup.update

 

                policy.vpn.ondemand.read

 

                policy.org.info.setting.to.rule.group.update

 

                policy.device.registration.create

 

                policy.telecom.settings.update

 

                policy.appconnect.app.config.audit.read

 

                policy.vpn.per.app.read

 

                policy.vpn.per.app.update

 

                policy.scep.create

 

                policy.osx.restrictions.audit.read

 

                policy.caldav.create

 

                policy.app.lock.create

 

                policy.osx.restrictions.to.ruleGroup.update

 

                policy.sso.account.to.ruleGroup.update

 

                policy.app.lock.read

 

                policy.caldav.to.ruleGroup.update

 

                policy.certificate.store.create

 

                policy.appconnect.app.policy.delete

 

                policy.webclip.to.ruleGroup.update

 

                policy.email.update

 

                policy.apn.create

 

                device.retire

 

                policy.osx.restrictions.update

 

                policy.application.access.update

 

                policy.appconnect.app.policy.audit.read

 

                policy.webclip.create

 

                policy.ldap.audit.read

 

                policy.app.lock.update

 

                policy.sync.delete

 

                policy.identityCertificate.audit.read

 

                policy.vpn.per.app.delete

 

                policy.appconnect.zone.config.read

 

                policy.android.lockdown.audit.read

 

                policy.aim.to.ruleGroup.update

 

                policy.exchange.read

 

                ruleGroup.update

 

                policy.vpn.ondemand.audit.read

 

                policy.carddav.create

 

                policy.restrictions.delete

 

                policy.vpn.to.ruleGroup.update

 

                policy.vpn.create

 

                policy.user.interface.settings.update

 

                policy.web.content.filter.create

 

                policy.appconnect.app.config.read

 

                app.inventory.read

 

                device.push.profile

 

                policy.jabber.to.ruleGroup.update

 

                policy.aim.update

 

                policy.sync.audit.read

 

                policy.device.registration.to.ruleGroup.update

 

                policy.scep.read

 

                policy.osx.restrictions.read

 

                policy.certificate.store.read

 

                policy.org.info.setting.read

 

       &# 160;        policy.appconnect.app.policy.to.ruleGroup.update

 

                device.send.message

 

                policy.android.lockdown.read

 

                policy.vpn.per.app.audit.read

 

                policy.android.encryption.to.ruleGroup.update

 

                policy.jabber.read

 

                policy.identityCertificate.read

 

                policy.sync.update

 

                policy.vpn.audit.read

 

                policy.policy.delete

 

                policy.sharepoint.create

 

                policy.user.interface.settings.read

 

                policy.general.ios.read

 

                policy.sharepoint.delete

 

                policy.vpn.delete

 

                ca.delete

 

                policy.ldap.update

 

                policy.sharepoint.update

 

                policy.sync.to.ruleGroup.update

 

                policy.osx.restrictions.create

 

                policy.scep.update

 

                policy.web.content.filter.delete

 

                policy.android.lockdown.to.ruleGroup.update

 

                policy.policy.create

 

                policy.scep.delete

 

                policy.font.create

 

                policy.cellular.audit.read

 

                policy.certificate.store.delete

 

                policy.app.lock.audit.read

 

                policy.general.ios.audit.read

 

                ruleGroup.read

 

                policy.font.to.ruleGroup.update

 

                policy.appconnect.zone.config.to.ruleGroup.update

 

                policy.general.ios.update

 

                policy.passcode.to.ruleGroup.update

 

                policy.org.info.setting.audit.read

 

                policy.sync.create

 

                policy.email.create

 

                policy.android.encryption.read

 

                policy.carddav.read

 

                policy.provisioningProfile.delete

 

                ca.read

 

                policy.wifi.to.ruleGroup.update

 

                policy.appconnect.app.config.create

 

                policy.identity.certificate.dg.read

 

                device.read

 

                policy.android.encryption.audit.read

 

                policy.certificate.store.update

 

                policy.android.encryption.update

 

                policy.restrictions.audit.read

 

                policy.identity.certificate.dg.delete

 

                policy.webclip.update

 

                device.force.checkin

 

                policy.restrictions.update

 

                policy.identityCertificate.delete

 

                policy.carddav.audit.read

 

                policy.application.access.create

 

                policy.sso.account.read

 

                policy.opaque.ios.to.ruleGroup.update

 

                policy.restrictions.to.ruleGroup.update

 

                policy.air.print.create

 

                ruleGroup.create

 

                policy.web.content.filter.read

 

                policy.appconnect.app.config.to.ruleGroup.update

 

                policy.passcode.create

 

                policy.webclip.delete

 

                policy.apn.delete

 

                policy.provisioningProfile.update

 

                policy.air.print.update

 

                policy.appconnect.app.policy.read

 

                device.wipe

 

                policy.vpn.ondemand.to.ruleGroup.update

 

                policy.ldap.delete

 

                policy.passcode.update

 

                policy.localCa.create

 

                policy.exchange.to.ruleGroup.update

 

                policy.exchange.create

 

                policy.global.proxy.delete

 

                policy.air.play.to.ruleGroup.update

 

                policy.org.info.setting.delete

 

                policy.android.kiosk.audit.read

 

                policy.cellular.to.ruleGroup.update

 

                policy.sharepoint.read

 

                policy.user.interface.settings.audit.read

 

                policy.wifi.update

 

                policy.telecom.settings.read

 

                policy.apn.audit.read

 

                policy.scep.audit.read

 

                policy.global.proxy.audit.read

 

                ca.update

 

                policy.policy.to.ruleGroup.update

 

                policy.carddav.to.ruleGroup.update

 

                policy.mdm.read

 

                policy.certificate.delete

 

                policy.font.audit.read

 

                policy.device.registration.update

 

                policy.telecom.settings.to.ruleGroup.update

 

                policy.web.content.filter.update

 

                policy.jabber.create

 

                policy.provisioningProfile.to.ruleGroup.update

 

                policy.device.registration.delete

 

                policy.localCa.read

 

                device.create

 

                policy.caldav.read

 

                policy.application.access.to.ruleGroup.update

 

                policy.air.print.read

 

                policy.email.audit.read

 

                policy.wifi.delete

 

                policy.identityCertificate.update

 

                policy.global.proxy.to.ruleGroup.update

 

                policy.android.lockdown.delete

 

                policy.identityCertificate.create

 

                policy.appconnect.app.config.delete

 

                policy.localCa.update

 

                policy.identity.certificate.dg.create

 

                policy.wifi.audit.read

 

                policy.sync.read

 

                policy.certificate.read

 

               policy.air.play.create

 

                policy.carddav.update

 

                policy.opaque.ios.read

 

                policy.air.print.delete

 

                policy.caldav.audit.read

 

                policy.app.lock.to.ruleGroup.update

 

                policy.passcode.audit.read

 

                device.start.mirroring

 

                policy.caldav.delete

 

                policy.sso.account.delete

 

                device.unlock

 

                policy.caldav.update

 

                policy.global.proxy.update

 

                device.wipe.cancel

 

                policy.subscribedCalendar.to.ruleGroup.update

 

                policy.general.ios.to.ruleGroup.update

 

                policy.cellular.read

 

                policy.appconnect.zone.config.audit.read

 

                policy.read

 

                policy.vpn.per.app.to.ruleGroup.update

 

                policy.sharepoint.to.ruleGroup.update

 

                policy.ldap.to.ruleGroup.update

 

                policy.policy.read

 

                policy.carddav.delete

 

                policy.webclip.audit.read

 

                policy.sso.account.audit.read

 

                policy.mdm.delete

 

                policy.opaque.ios.update

 

                policy.localCa.delete

 

                policy.general.ios.delete

 

                policy.restrictions.create

 

                policy.global.proxy.read

 

                policy.user.interface.settings.create

 

                policy.identity.certificate.dg.audit.read

 

                policy.subscribedCalendar.audit.read

 

                policy.air.play.delete

 

                policy.application.access.read

 

                policy.air.play.update

 

                policy.appconnect.zone.config.create

 

                policy.exchange.audit.read

 

                policy.user.interface.settings.to.ruleGroup.update

 

                policy.mdm.update

 

                device.lock

 

                policy.policy.update

 

                device.update

 

                policy.aim.create

 

                policy.policy.audit.read

 

                policy.sso.account.create

 

                ruleGroup.delete

 

                policy.telecom.settings.create

 

                policy.vpn.update

 

                policy.ldap.create

 

                policy.android.lockdown.update

 

                policy.certificate.update

 

                device.locate

 

                policy.mdm.to.ruleGroup.update

 

                policy.global.proxy.create

 

                policy.sharepoint.audit.read

 

                policy.org.info.setting.create

 

                policy.ldap.read

 

                policy.osx.restrictions.delete

 

                policy.subscribedCalendar.delete

 

                policy.passcode.read

 

                policy.provisioningProfile.audit.read

 

                policy.provisioningProfile.read

 

                policy.vpn.ondemand.create

 

                policy.certificate.to.ruleGroup.update

 

                policy.android.kiosk.read

 

                policy.vpn.ondemand.delete

 

                policy.aim.delete

 

                policy.android.kiosk.update

 

                policy.vpn.per.app.create

 

                policy.appconnect.app.config.update

 

                mdm.queue.read

 

                device.retire.cancel

 

                policy.air.print.audit.read

 

                policy.application.access.delete

 

                policy.appconnect.app.policy.create

 

                policy.android.encryption.delete

 

                policy.wifi.create

 

                policy.appconnect.app.policy.update

 

                policy.mdm.create

 

                policy.air.play.audit.read

 

                policy.opaque.ios.audit.read

 

                policy.wifi.read

 

                policy.font.update

 

                policy.telecom.settings.audit.read

 

                policy.aim.read

 

                policy.general.ios.create

 

    cmPartitions

 

        20000

 

            name

 

            authorities

 

                vpp.order.delete

 

                vpp.code.read

 

                content.update

 

                content.delete

 

                app.distribution.read

 

                app.distribution.update

 

                vpp.license.delete

 

                vpp.license.sync

 

                vpp.license.update

 

                app.read

 

                vpp.profile.read

 

                vpp.profile.create

 

                audit.app.read

 

                app.review.update

 

                app.review.delete

 

                app.update

 

                vpp.license.read

 

                app.review.read

 

                audit.content.read

 

                content.read

 

                vpp.code.update

 

                app.delete

 

                vpp.order.read

 

                content.distribution.update

 

                vpp.order.update

 

                content.create

 

                vpp.order.create

 

                content.distribution.read

 

                app.rating.update

 

                app.rating.read

 

                app.create"

 

    groupIdAllUsers

 

    allDevicesRuleGroupId

 

    preferences

 

        reportDefinitions

 

                reportName

 

                dimName

 

                dimKeys

 

                dim2Name

 

                dim2Keys

 

                rangeStart

 

                rangeEnd

 

                chartUuid

 

                chartName

 

                chartType

 

                chartSubType

 

                chartTimeRangeMillis

 

                reportName

 

                dimName

 

                dimKeys

 

                dim2Name

 

                dim2Keys

 

                rangeStart

 

                rangeEnd

 

                chartUuid

 

                chartName

 

                chartType

 

                chartSubType

 

                chartTimeRangeMillis

 

                reportName

 

                dimName

 

                dimKeys

 

                dim2Name

 

                dim2Keys

 

                rangeStart

 

                rangeEnd

 

                chartUuid

 

                chartName

 

                chartType

 

                chartSubType

 

                chartTimeRangeMillis

 

        userTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        deviceTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        appTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        configTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        appInventoryTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        userGroupTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        deviceGroupTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        contentTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        policyTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        appReviewTableColumnDefinition

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

                name

 

                show

 

        uiDefaultDmPartitionId

 

        uiDefaultCmPartitionId

 

 

Example Response

{

    "errors": null,

    "result": {

        "accountId": 10001,

        "displayName": null,

        "lastName": "LastName0001",

        "firstName": "FirstName0001",

        "emailAddress": "[email protected]",

        "defaultCmPartitionId": 20000,

        "defaultDmPartitionId": 23000,

        "globalAuthorities": [

            "accountRole.to.group.update",

            "kocab.update",

            "contentstore.preview",

            "ldap.authenticate.user",

            "app.store.settings.update",

            "configurator.authtoken.read",

            "account.invite.admin",

            "accountGroup.delete",

            "ldap.server.sync",

            "sfdc.oauth.profile.update",

            "account.permission.tenant.read",

            "accountRole.delete",

            "accountGroup.create",

            "mizar.delete",

            "account.read",

            "account.password.reset",

            "partition.device.delete",

            "app.category.delete",

            "account.delete",

            "partition.device.update",

            "message.delete",

            "whitelabel.resource.tenant.read",

            "account.invite.enduser",

            "kocab.delete",

            "message.read",

            "partition.device.create",

            "sfdc.oauth.profile.read",

            "mizar.read",

            "accountRole.read",

            "alcor.update",

            "configurator.authtoken.create",

            "mizar.create",

            "partition.content.update",

            "alcor.delete",

            "app.search.googleplay",

            "accountRole.to.permission.update",

            "partition.content.read",

            "account.update",

            "account.send.message",

            "accountGroup.update",

            "message.create",

            "policy.certificate.store.read.all",

            "account.to.group.update",

            "partition.content.create",

            "alcor.create",

            "account.preferences.change",

            "ldap.search.group",

            "policy.template.tenant.read",

            "report.snapshot.read",

            "configurator.authtoken.delete",

            "accountRole.update",

            "account.password.change",

            "kocab.create",

            "appstore.preview",

            "ldap.server.persist.generic",

            "device.register",

            "eula.tenant.read",

            "accountRole.to.account.update",

            "kocab.read",

            "app.category.create",

            "app.category.update",

            "open.sfdc.support.case",

            "tenant.settings.update",

            "mizar.update",

            "report.metadata.read",

            "ldap.server.default.read",

            "ldap.persist.organizationalUnit",

            "ldap.search.generic",

            "accountGroup.to.role.update",

            "alcor.read",

            "audit.account.read",

            "account.generate.pin",

            "ldap.server.test.connection",

            "accountRole.create",

            "ldap.server.read",

            "report.trending.read",

            "ldap.server.update",

            "content.category.update",

            "accountGroup.to.account.update",

            "content.category.delete",

            "account.create",

            "app.category.read",

            "ldap.search.organizationalUnit",

            "configurator.plist.read",

            "ldap.server.delete",

            "tenant.settings.read",

            "ldap.persist.group",

            "ldap.server.decouple.generic",

            "partition.device.read",

            "ldap.persist.user",

            "app.store.settings.read",

            "message.update",

            "content.category.create",

            "accountGroup.read",

            "content.category.read",

            "audit.accountGroup.read",

            "eula.tenant.accept",

            "utils.x509.fingerprint.read",

            "ldap.search.user",

            "app.search.itunes",

            "ldap.server.create",

            "account.to.role.update",

            "accountGroup.to.group.update"

        ],

        "dmPartitions": {

            "23000": {

                "name": "Default Partition",

                "authorities": [

                    "policy.subscribedCalendar.create",

                    "policy.passcode.delete",

                    "policy.sso.account.update",

                    "policy.scep.to.ruleGroup.update",

                    "policy.identity.certificate.dg.to.ruleGroup.update",

                    "policy.subscribedCalendar.update",

                    "policy.opaque.ios.create",

                    "policy.cellular.create",

                    "policy.aim.audit.read",

                    "policy.jabber.delete",

                    "policy.appconnect.zone.config.update",

                    "policy.certificate.create",

                    "mdm.queue.delete",

                    "policy.device.registration.audit.read",

                    "policy.user.interface.settings.delete",

                    "policy.apn.to.ruleGroup.update",

                    "policy.identity.certificate.dg.update",

                    "policy.app.lock.delete",

                    "policy.air.play.read",

                    "policy.android.lockdown.create",

                    "policy.webclip.read",

                    "policy.email.read",

                    "policy.identityCertificate.to.ruleGroup.update",

                    "policy.mdm.audit.read",

                    "policy.android.kiosk.create",

                    "policy.opaque.ios.delete",

                    "device.stop.mirroring",

                    "device.delete",

                    "policy.device.registration.read",

                    "policy.org.info.setting.update",

                    "policy.appconnect.zone.config.delete",

                    "policy.android.kiosk.to.ruleGroup.update",

                    "policy.email.delete",

                    "policy.apn.read",

                    "policy.exchange.update",

                    "policy.vpn.read",

                    "policy.air.print.to.ruleGroup.update",

                    "policy.font.delete",

                    "policy.web.content.filter.to.ruleGroup.update",

                    "policy.subscribedCalendar.read",

                    "policy.telecom.settings.delete",

                    "policy.apn.update",

                    "policy.android.encryption.create",

                    "policy.certificate.audit.read",

                    "policy.web.content.filter.audit.read",

                    "policy.provisioningProfile.create",

                    "policy.jabber.audit.read",

                    "policy.font.read",

                    "policy.localCa.audit.read",

                    "ca.create",

                    "policy.exchange.delete",

                    "policy.vpn.ondemand.update",

                    "policy.application.access.audit.read",

                    "policy.android.kiosk.delete",

                    "policy.cellular.delete",

                    "policy.localCa.to.ruleGroup.update",

                    "policy.restrictions.read",

                    "policy.cellular.update",

                    "policy.jabber.update",

                    "policy.email.to.ruleGroup.update",

                    "policy.vpn.ondemand.read",

                    "policy.org.info.setting.to.rule.group.update",

                    "policy.device.registration.create",

                    "policy.telecom.settings.update",

                    "policy.appconnect.app.config.audit.read",

                    "policy.vpn.per.app.read",

                    "policy.vpn.per.app.update",

                    "policy.scep.create",

                    "policy.osx.restrictions.audit.read",

                    "policy.caldav.create",

                    "policy.app.lock.create",

                    "policy.osx.restrictions.to.ruleGroup.update",

                    "policy.sso.account.to.ruleGroup.update",

                    "policy.app.lock.read",

                    "policy.caldav.to.ruleGroup.update",

                    "policy.certificate.store.create",

                    "policy.appconnect.app.policy.delete",

                    "policy.webclip.to.ruleGroup.update",

                    "policy.email.update",

                    "policy.apn.create",

                    "device.retire",

                    "policy.osx.restrictions.update",

                    "policy.application.access.update",

                    "policy.appconnect.app.policy.audit.read",

                    "policy.webclip.create",

                    "policy.ldap.audit.read",

                    "policy.app.lock.update",

                    "policy.sync.delete",

                    "policy.identityCertificate.audit.read",

                    "policy.vpn.per.app.delete",

                    "policy.appconnect.zone.config.read",

                    "policy.android.lockdown.audit.read",

                    "policy.aim.to.ruleGroup.update",

                    "policy.exchange.read",

                    "ruleGroup.update",

                    "policy.vpn.ondemand.audit.read",

                    "policy.carddav.create",

                    "policy.restrictions.delete",

                    "policy.vpn.to.ruleGroup.update",

                    "policy.vpn.create",

                    "policy.user.interface.settings.update",

                    "policy.web.content.filter.create",

                    "policy.appconnect.app.config.read",

                    "app.inventory.read",

                    "device.push.profile",

                    "policy.jabber.to.ruleGroup.update",

                    "policy.aim.update",

                    "policy.sync.audit.read",

                    "policy.device.registration.to.ruleGroup.update",

                    "policy.scep.read",

                    "policy.osx.restrictions.read",

                    "policy.certificate.store.read",

                    "policy.org.info.setting.read",

                    "policy.appconnect.app.policy.to.ruleGroup.update",

                    "device.send.message",

                    "policy.android.lockdown.read",

                    "policy.vpn.per.app.audit.read",

                    "policy.android.encryption.to.ruleGroup.update",

                    "policy.jabber.read",

                    "policy.identityCertificate.read",

                    "policy.sync.update",

                    "policy.vpn.audit.read",

                    "policy.policy.delete",

                    "policy.sharepoint.create",

                    "policy.user.interface.settings.read",

                    "policy.general.ios.read",

                    "policy.sharepoint.delete",

                    "policy.vpn.delete",

                    "ca.delete",

                    "policy.ldap.update",

                    "policy.sharepoint.update",

                    "policy.sync.to.ruleGroup.update",

                    "policy.osx.restrictions.create",

                    "policy.scep.update",

                    "policy.web.content.filter.delete",

                    "policy.android.lockdown.to.ruleGroup.update",

                    "policy.policy.create",

                    "policy.scep.delete",

                    "policy.font.create",

                    "policy.cellular.audit.read",

                    "policy.certificate.store.delete",

                    "policy.app.lock.audit.read",

                    "policy.general.ios.audit.read",

                    "ruleGroup.read",

                    "policy.font.to.ruleGroup.update",

                    "policy.appconnect.zone.config.to.ruleGroup.update",

                    "policy.general.ios.update",

                    "policy.passcode.to.ruleGroup.update",

                    "policy.org.info.setting.audit.read",

                    "policy.sync.create",

                    "policy.email.create",

                    "policy.android.encryption.read",

                    "policy.carddav.read",

                    "policy.provisioningProfile.delete",

                    "ca.read",

                    "policy.wifi.to.ruleGroup.update",

                    "policy.appconnect.app.config.create",

                    "policy.identity.certificate.dg.read",

                    "device.read",

                    "policy.android.encryption.audit.read",

                    "policy.certificate.store.update",

                    "policy.android.encryption.update",

                    "policy.restrictions.audit.read",

                    "policy.identity.certificate.dg.delete",

                    "policy.webclip.update",

                    "device.force.checkin",

                    "policy.restrictions.update",

                    "policy.identityCertificate.delete",

                    "policy.carddav.audit.read",

                    "policy.application.access.create",

                    "policy.sso.account.read",

                    "policy.opaque.ios.to.ruleGroup.update",

                    "policy.restrictions.to.ruleGroup.update",

                    "policy.air.print.create",

                    "ruleGroup.create",

                    "policy.web.content.filter.read",

                    "policy.appconnect.app.config.to.ruleGroup.update",

                    "policy.passcode.create",

                    "policy.webclip.delete",

                    "policy.apn.delete",

                    "policy.provisioningProfile.update",

                    "policy.air.print.update",

                    "policy.appconnect.app.policy.read",

                    "device.wipe",

                    "policy.vpn.ondemand.to.ruleGroup.update",

                    "policy.ldap.delete",

                    "policy.passcode.update",

                    "policy.localCa.create",

                    "policy.exchange.to.ruleGroup.update",

                    "policy.exchange.create",

                    "policy.global.proxy.delete",

                    "policy.air.play.to.ruleGroup.update",

                    "policy.org.info.setting.delete",

                    "policy.android.kiosk.audit.read",

                    "policy.cellular.to.ruleGroup.update",

                    "policy.sharepoint.read",

                    "policy.user.interface.settings.audit.read",

                    "policy.wifi.update",

                    "policy.telecom.settings.read",

                    "policy.apn.audit.read",

                    "policy.scep.audit.read",

                    "policy.global.proxy.audit.read",

                    "ca.update",

                    "policy.policy.to.ruleGroup.update",

                    "policy.carddav.to.ruleGroup.update",

                    "policy.mdm.read",

                    "policy.certificate.delete",

                    "policy.font.audit.read",

                    "policy.device.registration.update",

                    "policy.telecom.settings.to.ruleGroup.update",

                    "policy.web.content.filter.update",

                    "policy.jabber.create",

                    "policy.provisioningProfile.to.ruleGroup.update",

                    "policy.device.registration.delete",

                    "policy.localCa.read",

                    "device.create",

                    "policy.caldav.read",

                    "policy.application.access.to.ruleGroup.update",

                    "policy.air.print.read",

                    "policy.email.audit.read",

                    "policy.wifi.delete",

                    "policy.identityCertificate.update",

                    "policy.global.proxy.to.ruleGroup.update",

                    "policy.android.lockdown.delete",

                    "policy.identityCertificate.create",

                    "policy.appconnect.app.config.delete",

                    "policy.localCa.update",

                    "policy.identity.certificate.dg.create",

                    "policy.wifi.audit.read",

                    "policy.sync.read",

                    "policy.certificate.read",

                    "policy.air.play.create",

                    "policy.carddav.update",

                    "policy.opaque.ios.read",

                    "policy.air.print.delete",

                    "policy.caldav.audit.read",

                    "policy.app.lock.to.ruleGroup.update",

                    "policy.passcode.audit.read",

                    "device.start.mirroring",

                    "policy.caldav.delete",

                    "policy.sso.account.delete",

                    "device.unlock",

                    "policy.caldav.update",

                    "policy.global.proxy.update",

                    "device.wipe.cancel",

                    "policy.subscribedCalendar.to.ruleGroup.update",

                    "policy.general.ios.to.ruleGroup.update",

                    "policy.cellular.read",

                    "policy.appconnect.zone.config.audit.read",

                    "policy.read",

                    "policy.vpn.per.app.to.ruleGroup.update",

                    "policy.sharepoint.to.ruleGroup.update",

                    "policy.ldap.to.ruleGroup.update",

                    "policy.policy.read",

                    "policy.carddav.delete",

                    "policy.webclip.audit.read",

                    "policy.sso.account.audit.read",

                    "policy.mdm.delete",

                    "policy.opaque.ios.update",

                    "policy.localCa.delete",

                    "policy.general.ios.delete",

                    "policy.restrictions.create",

                    "policy.global.proxy.read",

                    "policy.user.interface.settings.create",

                    "policy.identity.certificate.dg.audit.read",

                    "policy.subscribedCalendar.audit.read",

                    "policy.air.play.delete",

                    "policy.application.access.read",

                    "policy.air.play.update",

                    "policy.appconnect.zone.config.create",

                    "policy.exchange.audit.read",

                    "policy.user.interface.settings.to.ruleGroup.update",

                    "policy.mdm.update",

                    "device.lock",

                    "policy.policy.update",

                    "device.update",

                    "policy.aim.create",

                    "policy.policy.audit.read",

                    "policy.sso.account.create",

                    "ruleGroup.delete",

                    "policy.telecom.settings.create",

                    "policy.vpn.update",

                    "policy.ldap.create",

                    "policy.android.lockdown.update",

                    "policy.certificate.update",

                    "device.locate",

                    "policy.mdm.to.ruleGroup.update",

                    "policy.global.proxy.create",

                    "policy.sharepoint.audit.read",

                    "policy.org.info.setting.create",

                    "policy.ldap.read",

                    "policy.osx.restrictions.delete",

                    "policy.subscribedCalendar.delete",

                    "policy.passcode.read",

                    "policy.provisioningProfile.audit.read",

                    "policy.provisioningProfile.read",

                    "policy.vpn.ondemand.create",

                    "policy.certificate.to.ruleGroup.update",

                    "policy.android.kiosk.read",

                    "policy.vpn.ondemand.delete",

                    "policy.aim.delete",

                    "policy.android.kiosk.update",

                    "policy.vpn.per.app.create",

                    "policy.appconnect.app.config.update",

                    "mdm.queue.read",

                    "device.retire.cancel",

                    "policy.air.print.audit.read",

                    "policy.application.access.delete",

                    "policy.appconnect.app.policy.create",

                    "policy.android.encryption.delete",

                    "policy.wifi.create",

                    "policy.appconnect.app.policy.update",

                    "policy.mdm.create",

                    "policy.air.play.audit.read",

                    "policy.opaque.ios.audit.read",

                    "policy.wifi.read",

                    "policy.font.update",

                    "policy.telecom.settings.audit.read",

                    "policy.aim.read",

                    "policy.general.ios.create"

                ]

            }

        },

        "cmPartitions": {

            "20000": {

                "name": "Root Partition",

                "authorities": [

                    "vpp.order.delete",

                    "vpp.code.read",

                    "content.update",

                    "content.delete",

                    "app.distribution.read",

                    "app.distribution.update",

                    "vpp.license.delete",

                    "vpp.license.sync",

                    "vpp.license.update",

                    "app.read",

                    "vpp.profile.read",

                    "vpp.profile.create",

                    "audit.app.read",

                    "app.review.update",

                    "app.review.delete",

                    "app.update",

                    "vpp.license.read",

                    "app.review.read",

                    "audit.content.read",

                    "content.read",

                    "vpp.code.update",

                    "app.delete",

                    "vpp.order.read",

                    "content.distribution.update",

                    "vpp.order.update",

                    "content.create",

                    "vpp.order.create",

                    "content.distribution.read",

                    "app.rating.update",

                    "app.rating.read",

                    "app.create"

                ]

            }

        },

        "groupIdAllUsers": 11000,

        "allDevicesRuleGroupId": 38000,

        "preferences": {

            "reportDefinitions": [

                {

                    "reportName": "Devices",

                    "dimName": "platform",

                    "dimKeys": null,

                    "dim2Name": "all",

                    "dim2Keys": null,

                    "rangeStart": null,

                    "rangeEnd": null,

                    "chartUuid": "chartId-2",

                    "chartName": "Devices By OS Type",

                    "chartType": "pie",

                    "chartSubType": "pie",

                    "chartTimeRangeMillis": 604800000

                },

                {

                    "reportName": "Accounts",

                    "dimName": "invitestate",

                    "dimKeys": null,

                    "dim2Name": "all",

                    "dim2Keys": null,

                    "rangeStart": null,

                    "rangeEnd": null,

                    "chartUuid": "chartId-3",

                    "chartName": "Users by Invitation State",

                    "chartType": "pie",

                    "chartSubType": "pie",

                    "chartTimeRangeMillis": 604800000

                },

                {

                    "reportName": "Devices",

                    "dimName": "model",

                    "dimKeys": null,

                    "dim2Name": "all",

                    "dim2Keys": null,

                    "rangeStart": null,

                    "rangeEnd": null,

                    "chartUuid": "chartId-4",

                    "chartName": "Devices By Model",

                    "chartType": "pie",

                    "chartSubType": "pie",

                    "chartTimeRangeMillis": 604800000

                }

            ],

            "userTableColumnDefinition": [

                {

                    "name": "userTable_checkbox",

                    "show": true

                },

                {

                    "name": "userTable_displayName",

                    "show": true

                },

                {

                    "name": "userTable_uid",

                    "show": true

                },

                {

                    "name": "userTable_emailAddress",

                    "show": true

                },

                {

                    "name": "userTable_inviteState",

                    "show": true

                }

            ],

            "deviceTableColumnDefinition": [

                {

                    "name": "deviceList_checkbox",

                    "show": true

                },

                {

                    "name": "deviceList_displayName",

                    "show": true

                },

                {

                    "name": "deviceList_emailAddress",

                    "show": true

                },

                {

                    "name": "deviceList_phoneNumber",

                    "show": true

                },

                {

                    "name": "deviceList_platformType",

                    "show": true

                },

                {

                    "name": "deviceList_prettyModel",

                    "show": true

                },

                {

                    "name": "deviceList_registrationState",

                    "show": true

                },

                {

                    "name": "deviceList_lastCheckin",

                    "show": true

                },

                {

                    "name": "deviceList_violationCount",

                    "show": true

                }

            ],

            "appTableColumnDefinition": [

                {

                    "name": "appTable_name",

                    "show": true

                },

                {

                    "name": "appTable_platformType",

                    "show": true

                },

                {

                    "name": "appTable_avgRating",

                    "show": true

                },

                {

                    "name": "appTable_distribution",

                    "show": true

                },

                {

                    "name": "appTable_installed",

                    "show": true

                },

                {

                    "name": "appTable_appType",

                    "show": true

                },

                {

                    "name": "appTable_cost",

                    "show": true

                },

                {

                    "name": "appTable_size",

                    "show": true

                },

                {

                    "name": "appTable_license",

                    "show": true

                }

            ],

            "configTableColumnDefinition": [

                {

                    "name": "configTable_status",

                    "show": true

                },

                {

                    "name": "configTable_name",

                    "show": true

                },

                {

                    "name": "configTable_updated",

                    "show": true

                },

                {

                    "name": "configTable_policyType",

                    "show": true

                },

                {

                    "name": "configTable_devicesCount",

                    "show": true

                }

            ],

            "appInventoryTableColumnDefinition": [

                {

                    "name": "appInventoryTable_name",

                    "show": true

                },

                {

                    "name": "appInventoryTable_installCount",

                    "show": true

                },

                {

                    "name": "appInventoryTable_platformType",

                    "show": true

                },

                {

                    "name": "appInventoryTable_appType",

                    "show": true

                },

                {

                    "name": "appInventoryTable_version",

                    "show": true

                },

                {

                    "name": "appInventoryTable_size",

                    "show": true

                }

            ],

            "userGroupTableColumnDefinition": [

                {

                    "name": "userGroupTable_checkbox",

                    "show": true

                },

                {

                    "name": "userGroupTable_name",

                    "show": true

                },

                {

                    "name": "userGroupTable_modifiedAt",

                    "show": true

                },

                {

                    "name": "userGroupTable_userCount",

                    "show": true

                },

                {

                    "name": "userGroupTable_deviceCount",

                    "show": true

                },

                {

                    "name": "userGroupTable_applicationCount",

                    "show": true

                }

            ],

            "deviceGroupTableColumnDefinition": [

                {

                    "name": "deviceGroupsTable_checkbox",

                    "show": true

                },

                {

                    "name": "deviceGroupsTable_name",

                    "show": true

                },

                {

                    "name": "deviceGroupsTable_memberCount",

                    "show": true

                },

                {

                    "name": "deviceGroupsTable_assignedConfigs",

                    "show": true

                },

                {

                    "name": "deviceGroupsTable_assignedPolicies",

                    "show": true

                }

            ],

            "contentTableColumnDefinition": [

                {

                    "name": "contentTable_images",

                    "show": true

                },

                {

                    "name": "contentTable_name",

                    "show": true

                },

                {

                    "name": "contentTable_author",

                    "show": true

                },

                {

                    "name": "contentTable_prettyContentType",

                    "show": true

                },

                {

                    "name": "contentTable_modifiedAt",

                    "show": true

                }

            ],

            "policyTableColumnDefinition": [

                {

                    "name": "policyTable_name",

                    "show": true

                },

                {

                    "name": "policyTable_type",

                    "show": true

                },

                {

                    "name": "policyTable_distributionCount",

                    "show": true

                },

                {

                    "name": "policyTable_activeViolationsCount",

                    "show": true

                },

                {

                    "name": "policyTable_complianceAction",

                    "show": true

                }

            ],

            "appReviewTableColumnDefinition": [

                {

                    "name": "appReviewTable_checkbox",

                    "show": true

                },

                {

                    "name": "appReviewTable_name",

                    "show": true

                },

                {

                    "name": "appReviewTable_platformType",

                    "show": true

                },

                {

                    "name": "appReviewTable_modifiedBy",

                    "show": true

                },

                {

                    "name": "appReviewTable_reviewer",

                    "show": true

                },

                {

                    "name": "appReviewTable_rating",

                    "show": true

                },

                {

                    "name": "appReviewTable_title",

                    "show": true

                }

            ],

            "uiDefaultDmPartitionId": 23000,

            "uiDefaultCmPartitionId": 20000

        }

    }

}

Apply a Custom Attribute to a User

This applies a custom attribute to a single user.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

PATCH

Request URI

/api/v1/account/id/customattributes

Request Parameters

Parameter

Argument Type

Description

Example Value

id

Path

ID of the user to which you would like to assign a custom attribute.

739375

attrs

Request Body

Container for the custom attributes to apply

{"attrs":{"testUserAttribute":["forDocs"]}}

Example Request

cURL

curl --location --request PATCH 'https://Ivanti Neurons for MDM host/api/v1/account/739375/customattributes' \ --header 'Accept: application/json, text/plain, */*' \ --header 'Accept-Language: en,en-US;q=0.9,pt-BR;q=0.8,pt;q=0.7,fr;q=0.6' \ --header 'Content-Type: application/json;charset=UTF-8' \ --header 'Authorization: Basic <token>' \ --data-raw '{"attrs":{"testUserAttribute":["forDocs"]}}'

HTTP

PATCH /api/v1/account/739375/customattributes HTTP/1.1 Host: your Ivanti Neurons for MDM host in the form of, for example, sandbox.ivanti.com Accept: application/json, text/plain, */* Accept-Language: en,en-US;q=0.9,pt-BR;q=0.8,pt;q=0.7,fr;q=0.6 Content-Type: application/json;charset=UTF-8 Authorization: Basic <token> Content-Length: 43 {"attrs":{"testUserAttribute":["forDocs"]}}

Example Response

{ "errors": null, "result": 1 }

Search for a User by User ID (UID)

This call searches for a user by the user’s user ID (UID).

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/account?fq=UID%3DUID

Request Parameters

Parameter

Argument Type

Description

Example Value

fq=UID%3DUID

Query Path

The query searching for thje user by the user ID. %3D is = url encoded. UID is the user ID to search for.

fq=UID%[email protected]

Example Request

https://[Ivanti Neurons for MDM]/api/v1/account?fq=UID%[email protected]

Response Fields

Field

Description

errors

 

result

    totalCount

 

    queryTime

 

    searchResults

            id

 

            createdAt

 

            displayName

 

            firstName

 

            lastName

 

            uid

 

            emailAddress

 

            accountSource

 

            inviteState

 

            inviteResendCount

 

            accountType

 

            enabled

 

            locked

 

            superUser

 

            termsAccepted

 

            mutable

Can be modified by default.

            loginFailureCount

 

            loginSuccessAt

 

            passwordHistory

 

            registrationPin

                createdAt

 

                expiresAt

 

                used

 

            groups

                All Users"

 

                Engineering"

 

            deviceCount

 

    offset

 

    facetedResults

        ACCOUNTSOURCE

        ACCOUNTGROUP

        INVITESTATE

            Expired

 

            Completed

 

            None

 

            Pending

 

    totalUnfilteredResultCount

 

Example Response

{

    "errors": null,

    "result": {

        "totalCount": 1,

        "queryTime": 3,

        "searchResults": [

            {

                "id": 10022,

                "createdAt": 1372188681178,

                "displayName": "John Doe",

                "firstName": "John",

                "lastName": "Doe",

                "uid": "[email protected]",

                "emailAddress": "[email protected]",

                "accountSource": "LOCAL",

                "inviteState": "Completed",

                "inviteResendCount": 0,

                "accountType": "USER",

                "enabled": true,

                "locked": false,

                "superUser": false,

                "termsAccepted": false,

                "mutable": true,

                "loginFailureCount": 0,

                "loginSuccessAt": 1416614208360,

                "passwordHistory": "{}",

                "registrationPin": {

                    "createdAt": null,

                    "expiresAt": null,

                    "used": false

                },

                "groups": [

                    "All Users",

                    "Engineering"

                ],

                "deviceCount": 0

            }

        ],

        "offset": 0,

        "facetedResults": {

            "ACCOUNTSOURCE": {

                "LDAP": 0,

                "LOCAL": 1,

                "SALESFORCE": 0

            },

            "TERMSACCEPTED": {

                "false": 0,

                "true": 1

            },

            "ACCOUNTGROUP": {

                "Professional Services": 0,

                "Sales": 0,

                "xteam": 0,

                "EMEA-ISR": 0,

                "UG2": 0,

                "Anyware-Validate": 0,

                "Demo Group": 0,

                "Russ": 0,

                "sbhasin": 0,

                "UX Team": 0,

                "Newell North America": 0,

                "洋一テストユーザーグループ": 0,

                "Customer Success": 0,

                "IT Test Group": 0,

                "Engineering": 1,

                "Business Development": 0,

                "Newell Georgia": 0,

                "Marketing": 0,

                "EMEA-Partner-Helpdesk": 0,

                "all-productmanagers": 0,

                "UX": 0,

                "Newell": 0,

                "RichardLi": 0,

                "SE": 0,

                "QA": 0,

                "SAFE - Native Samsung Users": 0,

                "Roupen Group": 0,

                "IT": 0,

                "Anyware-Validate2": 0,

                "System Administrators": 0,

                "Supervised Devices": 0,

                "Vinay Parihar": 0,

                "Tyson Wheeler - Android": 0,

                "UG1": 0,

                "RamseyNJesse": 0,

                "Default Group": 0,

                "All Users": 1,

                "Sales Ops": 0,

                "CN": 0,

                "Japan": 0,

                "Mirko": 0

            },

            "INVITESTATE": {

                "Expired": 0,

                "Completed": 1,

                "None": 0,

                "Pending": 0

            }

        },

        "totalUnfilteredResultCount": 261

    }

}

Configuring User Device Registration Settings

This call controls if the user should be prompted for a password, password and PIN, or PIN only when registering a device. You need to set this to PIN to enable the following call, Generate User Registration PIN, to be successful.

Authentication

This call requires tenant admin credentials.

HTTP Method

PUT

Request URI

/api/v1/userpolicy

Request Parameters

Parameter

Argument Type

Description

Example Value

policyType

Query string

 

REGISTRATION_AUTH

deletable

Request body

 

false

description

Request body

 

Pin Only

distributionMutable

Request body

 

false

enabled

Request body

 

true

name

Request body

 

Device Registration Authentication Type

pinLength

Request body

 

4

pinLifetimeMillis

Request body

 

 604800000

pinResetByUser

Request body

 

true

pinType

Request body

 

NUMERIC

policyDataMutable

Request body

 

true

priority

Request body

 

2147483647

priorityMutable

Request body

 

false

registrationAuthMode

Request body

 

PIN

systemName

Request body

 

registrationAuthUserPolicy

uuid

Request body

Read-only

e2f22cfe-2757-4256-b46e-a3011cdf6080

Example Request

Example Request URL

https://[Ivanti Neurons for MDM]/api/v1/userpolicy?policyType=REGISTRATION_AUTH

Example Request Body - Parsed

deletable: false

description: "PIN Only Setting"

distributionMutable: false

enabled: true

id: 50582

name: "Device Registration Authentication Type"

pinLength: 4

pinLifetimeMillis: 604800000

pinResetByUser: true

pinType: "NUMERIC"

policyDataMutable: true

policyType: "REGISTRATION_AUTH"

priority: 2147483647

priorityMutable: false

registrationAuthMode: "PIN"

systemName: "registrationAuthUserPolicy"

uuid: "65ca6590-b1a7-46d5-afcc-469c0f71526b"

Example Request Body - Source

{"systemName":"registrationAuthUserPolicy","name":"Device Registration Authentication Type","description":"PIN Only Setting","policyType":"REGISTRATION_AUTH","priority":2147483647,"enabled":true,"policyDataMutable":true,

"distributionMutable":false,"priorityMutable":false,"deletable":false,"registrationAuthMode":"PIN",

"pinType":"NUMERIC","pinLength":4,"pinLifetimeMillis":604800000,"pinResetByUser":true}

Example CURL

curl "https://[Ivanti Neurons for MDM]/api/v1/userpolicy?policyType=REGISTRATION_AUTH" -X PUT  --data-binary "{""id"":50582,""createdAt"":1395521907150,""createdBy"":1,""modifiedAt"":1395521907150,""modifiedBy"":null,""uuid"":""65ca6590-b1a7-46d5-afcc-469c0f71526b"",""systemName"":""registrationAuthUserPolicy"",""name"":""Device Registration Authentication Type"",""description"":""PIN Only Setting"",""policyType"":""REGISTRATION_AUTH"",""priority"":2147483647,""enabled"":true,""policyDataMutable"":true,""distributionMutable"":false,"

"priorityMutable"":false,""deletable"":false,""registrationAuthMode"":""PIN"",""pinType"":""NUMERIC"",""pinLength"":4,""pinLifetimeMillis"":604800000,"

"pinResetByUser"":true}"

Response Fields

Field

Description

errors

Describes whether there was an error

result

Describes the result

    importSuccessGroups

 

    importSuccessOus

 

    inviteSuccessUsers

 

    importFailUsers

 

    importFailGroups

 

    importFailOus

 

Example Response

{

  "errors": null,

  "result": 1

}

Generate User Registration PIN

This call generates a registration PIN for one or more accounts. You must use the Configuring User Device Registration Settings call to set the device registration type to PIN before using this call, or else the call will be unsuccessful. See Understanding Device Registration Authentication Type for more information.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

POST

Request URI

/api/v1/account/regpin

Request Parameters

Parameter

Argument Type

Description

Example Value

accountIds

Request body

Accounts for which to generate registration PINs

10004

Example Request

curl --location 'https://[Ivanti Neurons for MDM]/api/v1/account/regpin' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <token>' \
--form 'accountIds="38942135, 38942136"'

Response Fields

Field

Description

errors

result

    id

ID of the account for which the call created the registration pin.

    createdAt

 When the PIN was created.

    createdBy

 Who created the PIN.

    accountId

 Account for which the PIN was created

    pin

 The PIN itself.

    expiredAt

 When did the PIN expire?

    used

 Was the PIN used?

    ppkgPinStatus

 

Example Response

 

{
    "errors": null,
    "result": [
        {
            "id": 796902,
            "createdAt": 1681160105155,
            "createdBy": 38942135,
            "accountId": 38942135,
            "pin": "8731",
            "expiresAt": 1681764905157,
            "used": false,
            "ppkgPinStatus": "NOT_GENERATED"
        },
        {
            "id": 796903,
            "createdAt": 1681160105181,
            "createdBy": 38942136,
            "accountId": 38942136,
            "pin": "4825",
            "expiresAt": 1681764905183,
            "used": false,
            "ppkgPinStatus": "NOT_GENERATED"
        }
    ]
}

Get Reports List

This API lists the summary of available reports.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/report/flex/job/summary

Request Parameters

Parameter

Argument Type

Description

Sample Value

start

Query

Start value. Default value is 0.

 

rows

Query

Number of rows. Default value is 50.

 

Example Request

Example Request URL

https://<host>/api/v1/report/flex/job/summary?rows=50&start=0'

Response Fields

Field

Description

name

Name of the report

description

Description of the report

manualRunInProgress

Indicates the manual execution of the unscheduled report

status

Status of the report – Enabled / Disabled

startDate

Start date of the report

nextRunDate

Next execution date of the scheduled report

reportJobRunStatus

Different statuses of the job execution report:

  • Scheduled
  • Unscheduled
  • Processing
  • Stopped

outputFormats

PDF or CSV format

Example Response

{

  "errors": null,

  "result": {

"searchResults": [

{

"name": "users",

"description": "",

"manualRunInProgress": false,

"status": "ENABLED",

"startDate": 1691756796125,

"nextRunDate": 1691843196125,

"outputFormats": [

"CSV"

],

"reportJobRunStatus": "SCHEDULED"

}

],

"totalCount": 1,

"offset": 0,

"limit": 50

}

}

Download Latest Report

This API downloads the latest report.

Authentication

This call requires Tenant Admin credentials.

HTTP Method

GET

Request URI

/api/v1/report/flex/job/output/latest/download

Example Request

Example Request URL

https://<host>/api/v1/report/flex/job/output/latest/download?reportName=Users-1&fileType=CSV

Request Parameters

Parameter

Argument Type

Description

Sample Value

reportName

Query

Name of the report

 

fileType

Query

Download format – PDF or CSV

 

Example Request

File downloaded.