User API Calls
This chapter describes the supported API calls for customer integration using the API. If the call does not appear in this document, then it is unsupported.
Create User without Password
This call creates a user without a password.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
api/v1/accounts
Request Parameters
Parameter |
Argument Type |
Description |
Sample Value |
sendInvite |
Path |
True if we want to send invite |
true |
emailAddress |
Request body |
Email address |
|
accountSource |
Request body |
Type of user. LOCAL |
LOCAL |
uid |
Request body |
Same as the email address |
Example Request
Example Request URL
https://cluster056.auto.acme.com/api/v1/accounts?sendInvite=true
Example Request Body
accounts[0][email protected]
accounts[0].accountSource=LOCAL
accounts[0][email protected]
Response Fields
Field |
Description |
---|---|
errors |
Errors returned by the call |
result– Results container for user information |
|
id |
Internal ID for the user |
createdAt |
When created. |
createdBy |
Who created it. |
modifiedAt |
When modified. |
modifiedBy |
Who modified it. |
displayName |
Display name of account. |
firstName |
First name for the account. |
lastName |
Last name for the account. |
ldapServerId |
LDAP server ID for the account. |
uid |
UID for the account. Same as the email address. |
emailAddress |
Email address for the account Same as UID. |
username |
User name for the account. |
accountSource |
Account source. Can be LOCAL, and perhaps LDAP later. |
inviteState |
Has the user responded to the invitation? |
inviteResendCount |
How many times has the invite been resent? |
inviteLastSentAt |
When was the invite last sent? |
locale |
The account’s locale. |
enabled |
Is the account enabled? |
locked |
Is the account locked? |
superUser |
Is this account a superuser? |
termsAccepted |
Did this account accept the terms? |
passwordExpiresAt |
When does the password expire? |
distinguishedName |
|
objectGuid |
|
trash |
Has this account been discarded? |
mutable |
Can be modified by default. |
loginFailureCount |
How many times has the user unsuccessfully tried to login? |
loginSuccessAt |
|
passwordHistory |
|
guid |
|
actionExceptionCodes |
|
Example Response
{
"errors": null,
"result": [
{
"id": 10023,
"createdAt": null,
"createdBy": 10001,
"modifiedAt": null,
"modifiedBy": 10001,
"displayName": null,
"firstName": null,
"lastName": null,
"ldapServerId": null,
"uid": "[email protected]",
"emailAddress": "[email protected]",
"username": null,
"accountSource": "LOCAL",
"inviteState": null,
"inviteResendCount": 0,
"inviteLastSentAt": null,
"locale": "en_US",
"enabled": false,
"locked": false,
"superUser": false,
"termsAccepted": false,
"passwordExpiresAt": null,
"distinguishedName": null,
"objectGuid": null,
"trash": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": null,
"passwordHistory": "{\"passwords\":[]}",
"guid": null,
"actionExceptionCodes": null
}
]
}
Create User with Password
This call creates a user with a password.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
api/v1/account
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
sendInvite |
Path |
True if we want to send invite |
true |
accountSource: LOCAL
|
Request body |
Email address |
|
accountSource |
Request body |
Type of user. Can be LOCAL or LDAP |
LOCAL |
uid |
Request body |
Same as the email address |
|
emailAddress |
Request body |
email address of the user |
|
firstName |
Request body |
first name |
|
lastName |
Request body |
last name |
|
displayName |
Request body |
display name |
|
password |
Request body |
password for the user |
|
confirmPassword |
Request body |
confirm the password |
|
Example Request
Example Request URL
https://cluster056.auto.acme.com/api/v1/account?sendInvite=true
Example Request Body
accountSource=LOCAL
firstName=Cool
lastName=Tester
displayName=Cool+Tester
password=Testing!23
confirmPassword=Testing!23
Response Fields
Field |
Description |
---|---|
errors |
Errors returned by the call |
id |
Internal ID for the user |
createdAt |
When the account was created. |
createdBy |
Who created the account? |
modifiedAt |
When was the account modified? |
modifiedBy |
Who modified the account? |
displayName |
Display name for account. |
firstName |
First name of account. |
lastName |
Last name of account. |
ldapServerId |
LDAP server ID for the account. |
uid |
UID for the account. |
emailAddress |
Email address for the account. |
username |
Username for the account. |
accountSource |
Source for the account. Can be LOCAL. LDAP may be supported later. |
inviteState |
Has the use been invited? |
inviteResendCount |
How many times has the invitation been resent? |
inviteLastSentAt |
When was the invitation last sent? |
locale |
What is the account locale? |
enabled |
Is the account enabled? |
locked |
Is the account locked? |
superUser |
Is the user a supersuer? |
termsAccepted |
Has the user accepted the terms? |
passwordExpiresAt |
When does the password expire? |
distinguishedName |
|
objectGuid |
|
trash |
Has the account been discarded? |
mutable |
Can be modified by default. |
loginFailureCount |
|
loginSuccessAt |
|
passwordHistory |
|
guid |
|
actionExceptionCodes |
|
Example Response
{
"errors": null,
"result": {
"id": 10024,
"createdAt": null,
"createdBy": 10001,
"modifiedAt": null,
"modifiedBy": 10001,
"displayName": "TestFName TestLame",
"firstName": "TestFName",
"lastName": "TestLame",
"ldapServerId": null,
"uid": "[email protected]",
"emailAddress": "[email protected]",
"username": null,
"accountSource": "LOCAL",
"inviteState": null,
"inviteResendCount": 0,
"inviteLastSentAt": null,
"locale": "en_US",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"passwordExpiresAt": null,
"distinguishedName": null,
"objectGuid": null,
"trash": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": null,
"passwordHistory": "{\"passwords\":[]}",
"guid": null,
"actionExceptionCodes": null
}
}
Invite User
This call invites a user to register with Ivanti Neurons for MDM, optionally setting device ownership to EMPLOYEE, COMPANY, or UNKNOWN.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/invite/enduser
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
accountIds |
Request body |
The accounts you wish to invite. |
10552 |
deviceOwnershipType |
Request body |
Optional. Sets the device ownership. Valid values are: •EMPLOYEE •COMPANY •UNKNOWN |
EMPLOYEE |
Example Request
curl "https://[Ivanti Neurons for MDM]/api/v1/invite/enduser" -H "Accept: application/json, text/plain, */*" --data "accountIds=10552&deviceOwnershipType=EMPLOYEE" --compressed
Response Fields
Field |
Description |
---|---|
errors |
Errors returned by the call |
result |
The result set container |
Example Response
{
"errors": null,
"result": true
}
Get Enrollment URL
This call creates an enrollment URL that enrolls a user without the user having to enter a pin.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/tenant/enrollment/url
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
accountIds |
Request body |
The accounts for which you want to create the enrollment URL. |
10022 |
tokenLifetime |
Request body |
The token lifetime. |
604800000 |
Example Request
cURL 'https://[Ivanti Neurons for MDM]/api/v1/tenant/enrollment/url' -d'{"accountIds": [ 10022 ], "tokenLifetime": 604800000}' -H 'Content-Type: application/json'
Response Fields
Field |
Description |
---|---|
errors |
Errors returned by the call |
result |
The result set container |
accountId |
The account Id and corresponding enrollment URL. |
Example Response
{
"errors": null,
"result": {
"10022": "https://[Ivanti Neurons for MDM]/c/i/reg/enroll.mobileconfig?token=7F7F00009C44AFBE0001000600108EAB34439F38473CAC15E4A6A10B69D8BEAF04474710AE859B37454248922171D5A969B312C66E844678C80800E7DF7E3EAABF8E35E12322E4ABD6988314AD333C3740B7DD9550F98EA78704CD1AD7D82636162CE31E85B857DF5EBC2636F161EF7713663361AFC93A03009307E2B70C37D893E55E5E659D6F34FF36C3A747E47640811F00FCF9F1537D5B20AD2EC3264775B45780B942EC3F3D6C790D3F38514F6EB274B463D1557CD68273FD325FB6FE006777499F70858B427CBCB67943F1070B6EDBAC1115C1"
}
}
Get All Accounts
This call gets information about all accounts, including the id and emailAddress values that you can use in other calls.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
rows |
Path |
How many rows to return in the query. Do not send a value larger than 500 with the rows parameter because the APIs do not permit a value of greater than 500. See Controlling Results. |
50 |
start |
Path |
Integer. The row on which to start the display. |
0 |
searchAfterValues |
Query |
Useful in searches in environments with ten-thousand or more accounts. See Searching for users efficiently. |
|
Example Request
curl 'https://[Ivanti Neurons for MDM]/api/v1/account?q=&rows=50&start=0&sortFields%5B0%5D.name=displayName&sortFields%5B0%5D.order=ASC&nav=true' \
-H 'Accept: application/json, text/plain, */*' \
Example Response
{
"errors": null,
"result": {
"totalCount": 21,
"searchResults": [
{
"id": 6150167,
"createdAt": 1442949222375,
"displayName": "r m",
"firstName": "r",
"lastName": "m",
"uid": "[email protected]",
"emailAddress": "[email protected]",
"accountSource": "LOCAL",
"inviteState": "Expired",
"inviteResendCount": 0,
"accountType": "USER",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"accountSettings": "null",
"mutable": true,
"loginFailureCount": 0,
"passwordHistory": "{}",
"androidWorkUserStatus": "NONE",
"androidWorkRetryCount": 0,
"registrationPin": {
"createdAt": null,
"expiresAt": null,
"pin": null,
"used": false
},
"groups": [
"All Users"
],
"deviceCount": 0
},
…
],
"offset": 0,
"queryTime": 16,
"facetedResults": {
"ACCOUNTSOURCE": {
"LOCAL": 21
},
"TERMSACCEPTED": {
"false": 16,
"true": 5
},
"INVITESTATE": {
"Completed": 9,
"Expired": 5,
"None": 6,
"Pending": 1
},
"ANDROIDWORKSTATUS": {
"NONE": 21
},
"ACCOUNTGROUP": {
"ForDocs": 1,
"Group 8": 2,
"All Users": 21,
"North American Users": 1,
"European Users": 1,
"Appusers": 1
}
},
"totalUnfilteredResultCount": 0
}
}
}
Check Delete User Viability
This call informs you whether you can delete a specific user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account?checkDeleteViability=true&ids={id}
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
ids |
Query |
ID of the target account. You get it with the Get All Accounts call. |
47253017 |
Example Request
curl 'https://[Ivanti Neurons for MDM]/api/v1/account?checkDeleteViability=true&ids=47253017'
Example Response
{
"errors": null,
"result": {
"searchResults": [ ],
"totalCount": 0,
"offset": 0,
"limit": 0
}
}
Delete Users
This call deletes one or more users. You should run the Check Delete User Viability call first to determine whether you can delete the target users.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
DELETE
Request URI
/api/v1/account?id={id}
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
id |
Request body |
IDs of the target accounts. You get them with the Get All Accounts call. Separate multiple accounts with commas, url encoded, meaning use %2C for the comma. |
One account: 47253017
Two accounts: 11193157%2C1516548 |
Example Request
curl 'https://[Ivanti Neurons for MDM]/api/v1/account?id=47252222' -X DELETE
Example Response
{
"errors": null,
"result": 1
}
User Exists
This call verifies if a user account exists or not.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
uid |
Request Body |
User account |
Example Request
curl -X GET 'https://<hostname>/api/v1/account?uid=<user account>’ \
--header 'Authorization: Basic Auth =='\
Example Response
{
"errors": null,
"result": true
}
Update User Account
This call updates a user’s account information.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
PUT
Request URI
/api/v1/account
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
displayName |
Request body |
New value for the display name. Cleared if not present in the call. |
John Doe |
androidWorkDeviceAccountEnabled |
Request body |
New value to enable use of Android Work Device Account instead of User Account. |
false |
emailAddress |
Request body |
New value for email address. Cleared if not present in the call. |
|
firstName |
Request body |
New value for first name. Cleared if not present in the call. |
John |
lastName |
Request body |
New value for last name. Cleared if not present in the call. |
Doe |
enabled |
Request body |
New value to enable/disable the account. true or false. Cleared if not present in the call. |
true |
passwordNeverExpire |
Request body |
New value to indicate if password never expires for the account. true or false. Cleared if not present in the call. |
false |
gdprProfileId |
Request body |
New value for GDPR profile identifier. Cleared if not present in the call. |
259 |
managedAppleId |
Request body |
New value for managed Apple identifier. Cleared if not present in the call. |
|
edipi |
Request body |
New value for Electronic Data Interchange Personal Identifier. Cleared if not present in the call. |
1234567899 |
password |
Request body |
New value for password. |
Letme77in@ |
confirmPassword |
Request body |
New value for password. |
Letme77in@ |
id |
Request body |
ID of the target account. You get it with the Get All Accounts call. |
11193157 |
Example Request
curl --location --request PUT 'https://[Ivanti Neurons for MDM]/api/v1/account' \ --header 'Accept: application/json, text/plain, */*' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Basic <token>' \ --data-urlencode 'firstName=John' \ --data-urlencode 'lastName=Doe' \ --data-urlencode '[email protected]' \ --data-urlencode '[email protected]' \ --data-urlencode 'displayName=John Doe' \ --data-urlencode 'id=11193157' \ --data-urlencode 'accountSource=LOCAL' \ --data-urlencode 'enabled=true' \ --data-urlencode '[email protected]' \ --data-urlencode 'mamWithOutMDM=' \ --data-urlencode 'password=Letme77in@' \ --data-urlencode 'confirmPassword=Letme77in@' \ --data-urlencode 'edipi=1234567895' \ --data-urlencode 'androidWorkDeviceAccountEnabled=false' \ --data-urlencode 'gdprProfileId=' \ --data-urlencode 'passwordNeverExpire=true'
Example Response
{
"errors": null,
"result": 1
}
Import LDAP User
There are two calls you use to accomplish the user import:
•Import LDAP User: Sends a request to import a specific LDAP user.
•Check LDAP Import Status: Checks the status of the import request.
•A suggested choreography is that after having issued the Import LDAP User call, you wait fifteen seconds and then issue the Check LDAP Import Status call. You can then re-issue the Check LDAP Import Status call every fifteen seconds until ninety seconds have elapsed.
This call sends a request to import an LDAP user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/ldap/import/user
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
uidOrEmail |
Path |
User ID of the LDAP user to import. |
testuser123623@ auto12.mobileiron.com |
ldapServerName |
Path |
Optional. Name of the LDAP server. If no ldapServerName is specified, then the tenant should have a single LDAP server added and it will be used for the user search & import. |
ldap-2k |
sendInvite |
Path |
Optional. Specifies whether to send the user an email invitation. Valid values: •true •false |
true |
deviceOwnershipType |
Path |
Optional. Specifies whether to set device ownership. Valid values: •EMPLOYEE •COMPANY |
EMPLOYEE |
Example Request
$curl -X POST -u username:password -kv "https://[Ivanti Neurons for MDM]/api/v1/ldap/import/user? [email protected]&ldapServerName=ldap-2k&sendInvite=true"
Response Fields
Field |
Description |
---|---|
errors |
Errors returned by the call. |
result |
Returned request ID. You will use this value in the Check LDAP Import Status call. |
Example Response
{
"errors": null,
"result": 1
}
Check LDAP Import Status
This call checks whether the Import LDAP User call was successful.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/ldap/import/user/status
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
requestId |
Path |
The request Id returned by the Import LDAP User call. |
1 |
Example Request
$curl -X GET -u username:password -kv "https://Ivanti Neurons for MDM/api/v1/ldap/import/user/status?requestId=1"
Response Fields
Field |
Description |
---|---|
requestId |
Errors returned by the call |
status |
The result set container |
errorCode |
The error code returned by the call. See the Example Responses below for the kinds of error codes the call may return. |
errorMessage |
The error message returned by the call. See the Example Responses below for the kinds of error messages the call may return. |
Example Responses
User import successfully completed
{
"requestId": 1,
"status": "COMPLETED",
"errorCode": "",
"errorMessage": ""
}
User import in-progress
{
"requestId": 1,
"status": "IN_PROGRESS",
"errorCode": "",
"errorMessage": ""
}
User import failed - User not found
{
"requestId": 1,
"status": "FAILED",
"errorCode": "LDAP_USER_IMPORT-106",
"errorMessage": "The LDAP user [email protected] not found to import."
}
User import failed - Invalid Entry
{
"requestId": 1,
"status": "FAILED",
"errorCode": "KC-103",
"errorMessage": "The LDAP entry has invalid attribute to be imported."
}
Invalid LDAP server name
{
"errors": {
"globalErrors": [
{
"code": "LDAP_USER_IMPORT-103",
"message": "No LDAP server with name invalid-ldap found."
}
],
"fieldErrors": null
},
"result": null
}
Request not found
{
"errors": {
"globalErrors": [
{
"code": "LDAP_USER_IMPORT-100",
"message": "The LDAP user import request id 1 not found."
}
],
"fieldErrors": null
},
"result": null
}
Get Account Metadata
This gets account metadata for the current user. This is a useful call for finding the default content and space IDs for a user.
Authentication
This call requires Tenant Admin credentials
HTTP Method
GET
Request URI
api/v1/account/metadata
Request Parameter
Parameter |
Description |
Example Value |
metadata |
Instructs the API to get account metadata for the current user. |
metadata |
Example Request
https://[Ivanti Neurons for MDM]/api/v1/account?metadata
Response Fields
Field |
Description |
---|---|
errors |
|
result |
|
accountId |
|
displayName |
|
lastName |
|
firstName |
|
emailAddress |
|
defaultCmPartitionId |
|
defaultDmPartitionId |
|
globalAuthorities |
|
accountRole.to.group.update |
|
kocab.update |
|
contentstore.preview |
|
ldap.authenticate.user |
|
app.store.settings.update |
|
configurator.authtoken.read |
|
account.invite.admin |
|
accountGroup.delete |
|
ldap.server.sync |
|
sfdc.oauth.profile.update |
|
account.permission.tenant.read |
|
accountRole.delete |
|
accountGroup.create |
|
mizar.delete |
|
account.read |
|
account.password.reset |
|
partition.device.delete |
|
app.category.delete |
|
account.delete |
|
partition.device.update |
|
message.delete |
|
whitelabel.resource.tenant.read |
|
account.invite.enduser |
|
kocab.delete |
|
message.read |
|
partition.device.create |
|
sfdc.oauth.profile.read |
|
mizar.read |
|
accountRole.read |
|
alcor.update |
|
configurator.authtoken.create |
|
mizar.create |
|
partition.content.update |
|
alcor.delete |
|
app.search.googleplay |
|
accountRole.to.permission.update |
|
partition.content.read |
|
account.update |
|
account.send.message |
|
accountGroup.update |
|
message.create |
|
policy.certificate.store.read.all |
|
account.to.group.update |
|
partition.content.create |
|
alcor.create |
|
account.preferences.change |
|
ldap.search.group |
|
policy.template.tenant.read |
|
report.snapshot.read |
|
configurator.authtoken.delete |
|
accountRole.update |
|
account.password.change |
|
kocab.create |
|
appstore.preview |
|
ldap.server.persist.generic |
|
device.register |
|
eula.tenant.read |
|
accountRole.to.account.update |
|
kocab.read |
|
app.category.create |
|
app.category.update |
|
open.sfdc.support.case |
|
tenant.settings.update |
|
mizar.update |
|
report.metadata.read |
|
ldap.server.default.read |
|
ldap.persist.organizationalUnit |
|
ldap.search.generic |
|
accountGroup.to.role.update |
|
alcor.read |
|
audit.account.read |
|
account.generate.pin |
|
ldap.server.test.connection |
|
accountRole.create |
|
ldap.server.read |
|
report.trending.read |
|
ldap.server.update |
|
content.category.update |
|
accountGroup.to.account.update |
|
content.category.delete |
|
account.create |
|
app.category.read |
|
ldap.search.organizationalUnit |
|
configurator.plist.read |
|
ldap.server.delete |
|
tenant.settings.read |
|
ldap.persist.group |
|
ldap.server.decouple.generic |
|
partition.device.read |
|
ldap.persist.user |
|
app.store.settings.read |
|
message.update |
|
content.category.create |
|
accountGroup.read |
|
content.category.read |
|
audit.accountGroup.read |
|
eula.tenant.accept |
|
utils.x509.fingerprint.read |
|
ldap.search.user |
|
app.search.itunes |
|
ldap.server.create |
|
account.to.role.update |
|
accountGroup.to.group.update |
|
dmPartitions |
|
23000 |
|
name |
|
authorities |
|
policy.subscribedCalendar.create |
|
policy.passcode.delete |
|
policy.sso.account.update |
|
policy.scep.to.ruleGroup.update |
|
policy.identity.certificate.dg.to.ruleGroup.update |
|
policy.subscribedCalendar.update |
|
policy.opaque.ios.create |
|
policy.cellular.create |
|
policy.aim.audit.read |
|
policy.jabber.delete |
|
policy.appconnect.zone.config.update |
|
policy.certificate.create |
|
mdm.queue.delete |
|
policy.device.registration.audit.read |
|
policy.user.interface.settings.delete |
|
policy.apn.to.ruleGroup.update |
|
policy.identity.certificate.dg.update |
|
policy.app.lock.delete |
|
policy.air.play.read |
|
policy.android.lockdown.create |
|
policy.webclip.read |
|
policy.email.read |
|
policy.identityCertificate.to.ruleGroup.update |
|
policy.mdm.audit.read |
|
policy.android.kiosk.create |
|
policy.opaque.ios.delete |
|
device.stop.mirroring |
|
device.delete |
|
policy.device.registration.read |
|
policy.org.info.setting.update |
|
policy.appconnect.zone.config.delete |
|
policy.android.kiosk.to.ruleGroup.update |
|
policy.email.delete |
|
policy.apn.read |
|
policy.exchange.update |
|
policy.vpn.read |
|
policy.air.print.to.ruleGroup.update |
|
policy.font.delete |
|
policy.web.content.filter.to.ruleGroup.update |
|
policy.subscribedCalendar.read |
|
policy.telecom.settings.delete |
|
policy.apn.update |
|
policy.android.encryption.create |
|
policy.certificate.audit.read |
|
policy.web.content.filter.audit.read |
|
policy.provisioningProfile.create |
|
policy.jabber.audit.read |
|
policy.font.read |
|
policy.localCa.audit.read |
|
ca.create |
|
policy.exchange.delete |
|
policy.vpn.ondemand.update |
|
policy.application.access.audit.read |
|
policy.android.kiosk.delete |
|
policy.cellular.delete |
|
policy.localCa.to.ruleGroup.update |
|
policy.restrictions.read |
|
policy.cellular.update |
|
policy.jabber.update |
|
policy.email.to.ruleGroup.update |
|
policy.vpn.ondemand.read |
|
policy.org.info.setting.to.rule.group.update |
|
policy.device.registration.create |
|
policy.telecom.settings.update |
|
policy.appconnect.app.config.audit.read |
|
policy.vpn.per.app.read |
|
policy.vpn.per.app.update |
|
policy.scep.create |
|
policy.osx.restrictions.audit.read |
|
policy.caldav.create |
|
policy.app.lock.create |
|
policy.osx.restrictions.to.ruleGroup.update |
|
policy.sso.account.to.ruleGroup.update |
|
policy.app.lock.read |
|
policy.caldav.to.ruleGroup.update |
|
policy.certificate.store.create |
|
policy.appconnect.app.policy.delete |
|
policy.webclip.to.ruleGroup.update |
|
policy.email.update |
|
policy.apn.create |
|
device.retire |
|
policy.osx.restrictions.update |
|
policy.application.access.update |
|
policy.appconnect.app.policy.audit.read |
|
policy.webclip.create |
|
policy.ldap.audit.read |
|
policy.app.lock.update |
|
policy.sync.delete |
|
policy.identityCertificate.audit.read |
|
policy.vpn.per.app.delete |
|
policy.appconnect.zone.config.read |
|
policy.android.lockdown.audit.read |
|
policy.aim.to.ruleGroup.update |
|
policy.exchange.read |
|
ruleGroup.update |
|
policy.vpn.ondemand.audit.read |
|
policy.carddav.create |
|
policy.restrictions.delete |
|
policy.vpn.to.ruleGroup.update |
|
policy.vpn.create |
|
policy.user.interface.settings.update |
|
policy.web.content.filter.create |
|
policy.appconnect.app.config.read |
|
app.inventory.read |
|
device.push.profile |
|
policy.jabber.to.ruleGroup.update |
|
policy.aim.update |
|
policy.sync.audit.read |
|
policy.device.registration.to.ruleGroup.update |
|
policy.scep.read |
|
policy.osx.restrictions.read |
|
policy.certificate.store.read |
|
policy.org.info.setting.read |
|
&# 160; policy.appconnect.app.policy.to.ruleGroup.update |
|
device.send.message |
|
policy.android.lockdown.read |
|
policy.vpn.per.app.audit.read |
|
policy.android.encryption.to.ruleGroup.update |
|
policy.jabber.read |
|
policy.identityCertificate.read |
|
policy.sync.update |
|
policy.vpn.audit.read |
|
policy.policy.delete |
|
policy.sharepoint.create |
|
policy.user.interface.settings.read |
|
policy.general.ios.read |
|
policy.sharepoint.delete |
|
policy.vpn.delete |
|
ca.delete |
|
policy.ldap.update |
|
policy.sharepoint.update |
|
policy.sync.to.ruleGroup.update |
|
policy.osx.restrictions.create |
|
policy.scep.update |
|
policy.web.content.filter.delete |
|
policy.android.lockdown.to.ruleGroup.update |
|
policy.policy.create |
|
policy.scep.delete |
|
policy.font.create |
|
policy.cellular.audit.read |
|
policy.certificate.store.delete |
|
policy.app.lock.audit.read |
|
policy.general.ios.audit.read |
|
ruleGroup.read |
|
policy.font.to.ruleGroup.update |
|
policy.appconnect.zone.config.to.ruleGroup.update |
|
policy.general.ios.update |
|
policy.passcode.to.ruleGroup.update |
|
policy.org.info.setting.audit.read |
|
policy.sync.create |
|
policy.email.create |
|
policy.android.encryption.read |
|
policy.carddav.read |
|
policy.provisioningProfile.delete |
|
ca.read |
|
policy.wifi.to.ruleGroup.update |
|
policy.appconnect.app.config.create |
|
policy.identity.certificate.dg.read |
|
device.read |
|
policy.android.encryption.audit.read |
|
policy.certificate.store.update |
|
policy.android.encryption.update |
|
policy.restrictions.audit.read |
|
policy.identity.certificate.dg.delete |
|
policy.webclip.update |
|
device.force.checkin |
|
policy.restrictions.update |
|
policy.identityCertificate.delete |
|
policy.carddav.audit.read |
|
policy.application.access.create |
|
policy.sso.account.read |
|
policy.opaque.ios.to.ruleGroup.update |
|
policy.restrictions.to.ruleGroup.update |
|
policy.air.print.create |
|
ruleGroup.create |
|
policy.web.content.filter.read |
|
policy.appconnect.app.config.to.ruleGroup.update |
|
policy.passcode.create |
|
policy.webclip.delete |
|
policy.apn.delete |
|
policy.provisioningProfile.update |
|
policy.air.print.update |
|
policy.appconnect.app.policy.read |
|
device.wipe |
|
policy.vpn.ondemand.to.ruleGroup.update |
|
policy.ldap.delete |
|
policy.passcode.update |
|
policy.localCa.create |
|
policy.exchange.to.ruleGroup.update |
|
policy.exchange.create |
|
policy.global.proxy.delete |
|
policy.air.play.to.ruleGroup.update |
|
policy.org.info.setting.delete |
|
policy.android.kiosk.audit.read |
|
policy.cellular.to.ruleGroup.update |
|
policy.sharepoint.read |
|
policy.user.interface.settings.audit.read |
|
policy.wifi.update |
|
policy.telecom.settings.read |
|
policy.apn.audit.read |
|
policy.scep.audit.read |
|
policy.global.proxy.audit.read |
|
ca.update |
|
policy.policy.to.ruleGroup.update |
|
policy.carddav.to.ruleGroup.update |
|
policy.mdm.read |
|
policy.certificate.delete |
|
policy.font.audit.read |
|
policy.device.registration.update |
|
policy.telecom.settings.to.ruleGroup.update |
|
policy.web.content.filter.update |
|
policy.jabber.create |
|
policy.provisioningProfile.to.ruleGroup.update |
|
policy.device.registration.delete |
|
policy.localCa.read |
|
device.create |
|
policy.caldav.read |
|
policy.application.access.to.ruleGroup.update |
|
policy.air.print.read |
|
policy.email.audit.read |
|
policy.wifi.delete |
|
policy.identityCertificate.update |
|
policy.global.proxy.to.ruleGroup.update |
|
policy.android.lockdown.delete |
|
policy.identityCertificate.create |
|
policy.appconnect.app.config.delete |
|
policy.localCa.update |
|
policy.identity.certificate.dg.create |
|
policy.wifi.audit.read |
|
policy.sync.read |
|
policy.certificate.read |
|
policy.air.play.create |
|
policy.carddav.update |
|
policy.opaque.ios.read |
|
policy.air.print.delete |
|
policy.caldav.audit.read |
|
policy.app.lock.to.ruleGroup.update |
|
policy.passcode.audit.read |
|
device.start.mirroring |
|
policy.caldav.delete |
|
policy.sso.account.delete |
|
device.unlock |
|
policy.caldav.update |
|
policy.global.proxy.update |
|
device.wipe.cancel |
|
policy.subscribedCalendar.to.ruleGroup.update |
|
policy.general.ios.to.ruleGroup.update |
|
policy.cellular.read |
|
policy.appconnect.zone.config.audit.read |
|
policy.read |
|
policy.vpn.per.app.to.ruleGroup.update |
|
policy.sharepoint.to.ruleGroup.update |
|
policy.ldap.to.ruleGroup.update |
|
policy.policy.read |
|
policy.carddav.delete |
|
policy.webclip.audit.read |
|
policy.sso.account.audit.read |
|
policy.mdm.delete |
|
policy.opaque.ios.update |
|
policy.localCa.delete |
|
policy.general.ios.delete |
|
policy.restrictions.create |
|
policy.global.proxy.read |
|
policy.user.interface.settings.create |
|
policy.identity.certificate.dg.audit.read |
|
policy.subscribedCalendar.audit.read |
|
policy.air.play.delete |
|
policy.application.access.read |
|
policy.air.play.update |
|
policy.appconnect.zone.config.create |
|
policy.exchange.audit.read |
|
policy.user.interface.settings.to.ruleGroup.update |
|
policy.mdm.update |
|
device.lock |
|
policy.policy.update |
|
device.update |
|
policy.aim.create |
|
policy.policy.audit.read |
|
policy.sso.account.create |
|
ruleGroup.delete |
|
policy.telecom.settings.create |
|
policy.vpn.update |
|
policy.ldap.create |
|
policy.android.lockdown.update |
|
policy.certificate.update |
|
device.locate |
|
policy.mdm.to.ruleGroup.update |
|
policy.global.proxy.create |
|
policy.sharepoint.audit.read |
|
policy.org.info.setting.create |
|
policy.ldap.read |
|
policy.osx.restrictions.delete |
|
policy.subscribedCalendar.delete |
|
policy.passcode.read |
|
policy.provisioningProfile.audit.read |
|
policy.provisioningProfile.read |
|
policy.vpn.ondemand.create |
|
policy.certificate.to.ruleGroup.update |
|
policy.android.kiosk.read |
|
policy.vpn.ondemand.delete |
|
policy.aim.delete |
|
policy.android.kiosk.update |
|
policy.vpn.per.app.create |
|
policy.appconnect.app.config.update |
|
mdm.queue.read |
|
device.retire.cancel |
|
policy.air.print.audit.read |
|
policy.application.access.delete |
|
policy.appconnect.app.policy.create |
|
policy.android.encryption.delete |
|
policy.wifi.create |
|
policy.appconnect.app.policy.update |
|
policy.mdm.create |
|
policy.air.play.audit.read |
|
policy.opaque.ios.audit.read |
|
policy.wifi.read |
|
policy.font.update |
|
policy.telecom.settings.audit.read |
|
policy.aim.read |
|
policy.general.ios.create |
|
cmPartitions |
|
20000 |
|
name |
|
authorities |
|
vpp.order.delete |
|
vpp.code.read |
|
content.update |
|
content.delete |
|
app.distribution.read |
|
app.distribution.update |
|
vpp.license.delete |
|
vpp.license.sync |
|
vpp.license.update |
|
app.read |
|
vpp.profile.read |
|
vpp.profile.create |
|
audit.app.read |
|
app.review.update |
|
app.review.delete |
|
app.update |
|
vpp.license.read |
|
app.review.read |
|
audit.content.read |
|
content.read |
|
vpp.code.update |
|
app.delete |
|
vpp.order.read |
|
content.distribution.update |
|
vpp.order.update |
|
content.create |
|
vpp.order.create |
|
content.distribution.read |
|
app.rating.update |
|
app.rating.read |
|
app.create" |
|
groupIdAllUsers |
|
allDevicesRuleGroupId |
|
preferences |
|
reportDefinitions |
|
reportName |
|
dimName |
|
dimKeys |
|
dim2Name |
|
dim2Keys |
|
rangeStart |
|
rangeEnd |
|
chartUuid |
|
chartName |
|
chartType |
|
chartSubType |
|
chartTimeRangeMillis |
|
reportName |
|
dimName |
|
dimKeys |
|
dim2Name |
|
dim2Keys |
|
rangeStart |
|
rangeEnd |
|
chartUuid |
|
chartName |
|
chartType |
|
chartSubType |
|
chartTimeRangeMillis |
|
reportName |
|
dimName |
|
dimKeys |
|
dim2Name |
|
dim2Keys |
|
rangeStart |
|
rangeEnd |
|
chartUuid |
|
chartName |
|
chartType |
|
chartSubType |
|
chartTimeRangeMillis |
|
userTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
deviceTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
appTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
configTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
appInventoryTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
userGroupTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
deviceGroupTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
contentTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
policyTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
appReviewTableColumnDefinition |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
name |
|
show |
|
uiDefaultDmPartitionId |
|
uiDefaultCmPartitionId |
|
Example Response
{
"errors": null,
"result": {
"accountId": 10001,
"displayName": null,
"lastName": "LastName0001",
"firstName": "FirstName0001",
"emailAddress": "[email protected]",
"defaultCmPartitionId": 20000,
"defaultDmPartitionId": 23000,
"globalAuthorities": [
"accountRole.to.group.update",
"kocab.update",
"contentstore.preview",
"ldap.authenticate.user",
"app.store.settings.update",
"configurator.authtoken.read",
"account.invite.admin",
"accountGroup.delete",
"ldap.server.sync",
"sfdc.oauth.profile.update",
"account.permission.tenant.read",
"accountRole.delete",
"accountGroup.create",
"mizar.delete",
"account.read",
"account.password.reset",
"partition.device.delete",
"app.category.delete",
"account.delete",
"partition.device.update",
"message.delete",
"whitelabel.resource.tenant.read",
"account.invite.enduser",
"kocab.delete",
"message.read",
"partition.device.create",
"sfdc.oauth.profile.read",
"mizar.read",
"accountRole.read",
"alcor.update",
"configurator.authtoken.create",
"mizar.create",
"partition.content.update",
"alcor.delete",
"app.search.googleplay",
"accountRole.to.permission.update",
"partition.content.read",
"account.update",
"account.send.message",
"accountGroup.update",
"message.create",
"policy.certificate.store.read.all",
"account.to.group.update",
"partition.content.create",
"alcor.create",
"account.preferences.change",
"ldap.search.group",
"policy.template.tenant.read",
"report.snapshot.read",
"configurator.authtoken.delete",
"accountRole.update",
"account.password.change",
"kocab.create",
"appstore.preview",
"ldap.server.persist.generic",
"device.register",
"eula.tenant.read",
"accountRole.to.account.update",
"kocab.read",
"app.category.create",
"app.category.update",
"open.sfdc.support.case",
"tenant.settings.update",
"mizar.update",
"report.metadata.read",
"ldap.server.default.read",
"ldap.persist.organizationalUnit",
"ldap.search.generic",
"accountGroup.to.role.update",
"alcor.read",
"audit.account.read",
"account.generate.pin",
"ldap.server.test.connection",
"accountRole.create",
"ldap.server.read",
"report.trending.read",
"ldap.server.update",
"content.category.update",
"accountGroup.to.account.update",
"content.category.delete",
"account.create",
"app.category.read",
"ldap.search.organizationalUnit",
"configurator.plist.read",
"ldap.server.delete",
"tenant.settings.read",
"ldap.persist.group",
"ldap.server.decouple.generic",
"partition.device.read",
"ldap.persist.user",
"app.store.settings.read",
"message.update",
"content.category.create",
"accountGroup.read",
"content.category.read",
"audit.accountGroup.read",
"eula.tenant.accept",
"utils.x509.fingerprint.read",
"ldap.search.user",
"app.search.itunes",
"ldap.server.create",
"account.to.role.update",
"accountGroup.to.group.update"
],
"dmPartitions": {
"23000": {
"name": "Default Partition",
"authorities": [
"policy.subscribedCalendar.create",
"policy.passcode.delete",
"policy.sso.account.update",
"policy.scep.to.ruleGroup.update",
"policy.identity.certificate.dg.to.ruleGroup.update",
"policy.subscribedCalendar.update",
"policy.opaque.ios.create",
"policy.cellular.create",
"policy.aim.audit.read",
"policy.jabber.delete",
"policy.appconnect.zone.config.update",
"policy.certificate.create",
"mdm.queue.delete",
"policy.device.registration.audit.read",
"policy.user.interface.settings.delete",
"policy.apn.to.ruleGroup.update",
"policy.identity.certificate.dg.update",
"policy.app.lock.delete",
"policy.air.play.read",
"policy.android.lockdown.create",
"policy.webclip.read",
"policy.email.read",
"policy.identityCertificate.to.ruleGroup.update",
"policy.mdm.audit.read",
"policy.android.kiosk.create",
"policy.opaque.ios.delete",
"device.stop.mirroring",
"device.delete",
"policy.device.registration.read",
"policy.org.info.setting.update",
"policy.appconnect.zone.config.delete",
"policy.android.kiosk.to.ruleGroup.update",
"policy.email.delete",
"policy.apn.read",
"policy.exchange.update",
"policy.vpn.read",
"policy.air.print.to.ruleGroup.update",
"policy.font.delete",
"policy.web.content.filter.to.ruleGroup.update",
"policy.subscribedCalendar.read",
"policy.telecom.settings.delete",
"policy.apn.update",
"policy.android.encryption.create",
"policy.certificate.audit.read",
"policy.web.content.filter.audit.read",
"policy.provisioningProfile.create",
"policy.jabber.audit.read",
"policy.font.read",
"policy.localCa.audit.read",
"ca.create",
"policy.exchange.delete",
"policy.vpn.ondemand.update",
"policy.application.access.audit.read",
"policy.android.kiosk.delete",
"policy.cellular.delete",
"policy.localCa.to.ruleGroup.update",
"policy.restrictions.read",
"policy.cellular.update",
"policy.jabber.update",
"policy.email.to.ruleGroup.update",
"policy.vpn.ondemand.read",
"policy.org.info.setting.to.rule.group.update",
"policy.device.registration.create",
"policy.telecom.settings.update",
"policy.appconnect.app.config.audit.read",
"policy.vpn.per.app.read",
"policy.vpn.per.app.update",
"policy.scep.create",
"policy.osx.restrictions.audit.read",
"policy.caldav.create",
"policy.app.lock.create",
"policy.osx.restrictions.to.ruleGroup.update",
"policy.sso.account.to.ruleGroup.update",
"policy.app.lock.read",
"policy.caldav.to.ruleGroup.update",
"policy.certificate.store.create",
"policy.appconnect.app.policy.delete",
"policy.webclip.to.ruleGroup.update",
"policy.email.update",
"policy.apn.create",
"device.retire",
"policy.osx.restrictions.update",
"policy.application.access.update",
"policy.appconnect.app.policy.audit.read",
"policy.webclip.create",
"policy.ldap.audit.read",
"policy.app.lock.update",
"policy.sync.delete",
"policy.identityCertificate.audit.read",
"policy.vpn.per.app.delete",
"policy.appconnect.zone.config.read",
"policy.android.lockdown.audit.read",
"policy.aim.to.ruleGroup.update",
"policy.exchange.read",
"ruleGroup.update",
"policy.vpn.ondemand.audit.read",
"policy.carddav.create",
"policy.restrictions.delete",
"policy.vpn.to.ruleGroup.update",
"policy.vpn.create",
"policy.user.interface.settings.update",
"policy.web.content.filter.create",
"policy.appconnect.app.config.read",
"app.inventory.read",
"device.push.profile",
"policy.jabber.to.ruleGroup.update",
"policy.aim.update",
"policy.sync.audit.read",
"policy.device.registration.to.ruleGroup.update",
"policy.scep.read",
"policy.osx.restrictions.read",
"policy.certificate.store.read",
"policy.org.info.setting.read",
"policy.appconnect.app.policy.to.ruleGroup.update",
"device.send.message",
"policy.android.lockdown.read",
"policy.vpn.per.app.audit.read",
"policy.android.encryption.to.ruleGroup.update",
"policy.jabber.read",
"policy.identityCertificate.read",
"policy.sync.update",
"policy.vpn.audit.read",
"policy.policy.delete",
"policy.sharepoint.create",
"policy.user.interface.settings.read",
"policy.general.ios.read",
"policy.sharepoint.delete",
"policy.vpn.delete",
"ca.delete",
"policy.ldap.update",
"policy.sharepoint.update",
"policy.sync.to.ruleGroup.update",
"policy.osx.restrictions.create",
"policy.scep.update",
"policy.web.content.filter.delete",
"policy.android.lockdown.to.ruleGroup.update",
"policy.policy.create",
"policy.scep.delete",
"policy.font.create",
"policy.cellular.audit.read",
"policy.certificate.store.delete",
"policy.app.lock.audit.read",
"policy.general.ios.audit.read",
"ruleGroup.read",
"policy.font.to.ruleGroup.update",
"policy.appconnect.zone.config.to.ruleGroup.update",
"policy.general.ios.update",
"policy.passcode.to.ruleGroup.update",
"policy.org.info.setting.audit.read",
"policy.sync.create",
"policy.email.create",
"policy.android.encryption.read",
"policy.carddav.read",
"policy.provisioningProfile.delete",
"ca.read",
"policy.wifi.to.ruleGroup.update",
"policy.appconnect.app.config.create",
"policy.identity.certificate.dg.read",
"device.read",
"policy.android.encryption.audit.read",
"policy.certificate.store.update",
"policy.android.encryption.update",
"policy.restrictions.audit.read",
"policy.identity.certificate.dg.delete",
"policy.webclip.update",
"device.force.checkin",
"policy.restrictions.update",
"policy.identityCertificate.delete",
"policy.carddav.audit.read",
"policy.application.access.create",
"policy.sso.account.read",
"policy.opaque.ios.to.ruleGroup.update",
"policy.restrictions.to.ruleGroup.update",
"policy.air.print.create",
"ruleGroup.create",
"policy.web.content.filter.read",
"policy.appconnect.app.config.to.ruleGroup.update",
"policy.passcode.create",
"policy.webclip.delete",
"policy.apn.delete",
"policy.provisioningProfile.update",
"policy.air.print.update",
"policy.appconnect.app.policy.read",
"device.wipe",
"policy.vpn.ondemand.to.ruleGroup.update",
"policy.ldap.delete",
"policy.passcode.update",
"policy.localCa.create",
"policy.exchange.to.ruleGroup.update",
"policy.exchange.create",
"policy.global.proxy.delete",
"policy.air.play.to.ruleGroup.update",
"policy.org.info.setting.delete",
"policy.android.kiosk.audit.read",
"policy.cellular.to.ruleGroup.update",
"policy.sharepoint.read",
"policy.user.interface.settings.audit.read",
"policy.wifi.update",
"policy.telecom.settings.read",
"policy.apn.audit.read",
"policy.scep.audit.read",
"policy.global.proxy.audit.read",
"ca.update",
"policy.policy.to.ruleGroup.update",
"policy.carddav.to.ruleGroup.update",
"policy.mdm.read",
"policy.certificate.delete",
"policy.font.audit.read",
"policy.device.registration.update",
"policy.telecom.settings.to.ruleGroup.update",
"policy.web.content.filter.update",
"policy.jabber.create",
"policy.provisioningProfile.to.ruleGroup.update",
"policy.device.registration.delete",
"policy.localCa.read",
"device.create",
"policy.caldav.read",
"policy.application.access.to.ruleGroup.update",
"policy.air.print.read",
"policy.email.audit.read",
"policy.wifi.delete",
"policy.identityCertificate.update",
"policy.global.proxy.to.ruleGroup.update",
"policy.android.lockdown.delete",
"policy.identityCertificate.create",
"policy.appconnect.app.config.delete",
"policy.localCa.update",
"policy.identity.certificate.dg.create",
"policy.wifi.audit.read",
"policy.sync.read",
"policy.certificate.read",
"policy.air.play.create",
"policy.carddav.update",
"policy.opaque.ios.read",
"policy.air.print.delete",
"policy.caldav.audit.read",
"policy.app.lock.to.ruleGroup.update",
"policy.passcode.audit.read",
"device.start.mirroring",
"policy.caldav.delete",
"policy.sso.account.delete",
"device.unlock",
"policy.caldav.update",
"policy.global.proxy.update",
"device.wipe.cancel",
"policy.subscribedCalendar.to.ruleGroup.update",
"policy.general.ios.to.ruleGroup.update",
"policy.cellular.read",
"policy.appconnect.zone.config.audit.read",
"policy.read",
"policy.vpn.per.app.to.ruleGroup.update",
"policy.sharepoint.to.ruleGroup.update",
"policy.ldap.to.ruleGroup.update",
"policy.policy.read",
"policy.carddav.delete",
"policy.webclip.audit.read",
"policy.sso.account.audit.read",
"policy.mdm.delete",
"policy.opaque.ios.update",
"policy.localCa.delete",
"policy.general.ios.delete",
"policy.restrictions.create",
"policy.global.proxy.read",
"policy.user.interface.settings.create",
"policy.identity.certificate.dg.audit.read",
"policy.subscribedCalendar.audit.read",
"policy.air.play.delete",
"policy.application.access.read",
"policy.air.play.update",
"policy.appconnect.zone.config.create",
"policy.exchange.audit.read",
"policy.user.interface.settings.to.ruleGroup.update",
"policy.mdm.update",
"device.lock",
"policy.policy.update",
"device.update",
"policy.aim.create",
"policy.policy.audit.read",
"policy.sso.account.create",
"ruleGroup.delete",
"policy.telecom.settings.create",
"policy.vpn.update",
"policy.ldap.create",
"policy.android.lockdown.update",
"policy.certificate.update",
"device.locate",
"policy.mdm.to.ruleGroup.update",
"policy.global.proxy.create",
"policy.sharepoint.audit.read",
"policy.org.info.setting.create",
"policy.ldap.read",
"policy.osx.restrictions.delete",
"policy.subscribedCalendar.delete",
"policy.passcode.read",
"policy.provisioningProfile.audit.read",
"policy.provisioningProfile.read",
"policy.vpn.ondemand.create",
"policy.certificate.to.ruleGroup.update",
"policy.android.kiosk.read",
"policy.vpn.ondemand.delete",
"policy.aim.delete",
"policy.android.kiosk.update",
"policy.vpn.per.app.create",
"policy.appconnect.app.config.update",
"mdm.queue.read",
"device.retire.cancel",
"policy.air.print.audit.read",
"policy.application.access.delete",
"policy.appconnect.app.policy.create",
"policy.android.encryption.delete",
"policy.wifi.create",
"policy.appconnect.app.policy.update",
"policy.mdm.create",
"policy.air.play.audit.read",
"policy.opaque.ios.audit.read",
"policy.wifi.read",
"policy.font.update",
"policy.telecom.settings.audit.read",
"policy.aim.read",
"policy.general.ios.create"
]
}
},
"cmPartitions": {
"20000": {
"name": "Root Partition",
"authorities": [
"vpp.order.delete",
"vpp.code.read",
"content.update",
"content.delete",
"app.distribution.read",
"app.distribution.update",
"vpp.license.delete",
"vpp.license.sync",
"vpp.license.update",
"app.read",
"vpp.profile.read",
"vpp.profile.create",
"audit.app.read",
"app.review.update",
"app.review.delete",
"app.update",
"vpp.license.read",
"app.review.read",
"audit.content.read",
"content.read",
"vpp.code.update",
"app.delete",
"vpp.order.read",
"content.distribution.update",
"vpp.order.update",
"content.create",
"vpp.order.create",
"content.distribution.read",
"app.rating.update",
"app.rating.read",
"app.create"
]
}
},
"groupIdAllUsers": 11000,
"allDevicesRuleGroupId": 38000,
"preferences": {
"reportDefinitions": [
{
"reportName": "Devices",
"dimName": "platform",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-2",
"chartName": "Devices By OS Type",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
},
{
"reportName": "Accounts",
"dimName": "invitestate",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-3",
"chartName": "Users by Invitation State",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
},
{
"reportName": "Devices",
"dimName": "model",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-4",
"chartName": "Devices By Model",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
}
],
"userTableColumnDefinition": [
{
"name": "userTable_checkbox",
"show": true
},
{
"name": "userTable_displayName",
"show": true
},
{
"name": "userTable_uid",
"show": true
},
{
"name": "userTable_emailAddress",
"show": true
},
{
"name": "userTable_inviteState",
"show": true
}
],
"deviceTableColumnDefinition": [
{
"name": "deviceList_checkbox",
"show": true
},
{
"name": "deviceList_displayName",
"show": true
},
{
"name": "deviceList_emailAddress",
"show": true
},
{
"name": "deviceList_phoneNumber",
"show": true
},
{
"name": "deviceList_platformType",
"show": true
},
{
"name": "deviceList_prettyModel",
"show": true
},
{
"name": "deviceList_registrationState",
"show": true
},
{
"name": "deviceList_lastCheckin",
"show": true
},
{
"name": "deviceList_violationCount",
"show": true
}
],
"appTableColumnDefinition": [
{
"name": "appTable_name",
"show": true
},
{
"name": "appTable_platformType",
"show": true
},
{
"name": "appTable_avgRating",
"show": true
},
{
"name": "appTable_distribution",
"show": true
},
{
"name": "appTable_installed",
"show": true
},
{
"name": "appTable_appType",
"show": true
},
{
"name": "appTable_cost",
"show": true
},
{
"name": "appTable_size",
"show": true
},
{
"name": "appTable_license",
"show": true
}
],
"configTableColumnDefinition": [
{
"name": "configTable_status",
"show": true
},
{
"name": "configTable_name",
"show": true
},
{
"name": "configTable_updated",
"show": true
},
{
"name": "configTable_policyType",
"show": true
},
{
"name": "configTable_devicesCount",
"show": true
}
],
"appInventoryTableColumnDefinition": [
{
"name": "appInventoryTable_name",
"show": true
},
{
"name": "appInventoryTable_installCount",
"show": true
},
{
"name": "appInventoryTable_platformType",
"show": true
},
{
"name": "appInventoryTable_appType",
"show": true
},
{
"name": "appInventoryTable_version",
"show": true
},
{
"name": "appInventoryTable_size",
"show": true
}
],
"userGroupTableColumnDefinition": [
{
"name": "userGroupTable_checkbox",
"show": true
},
{
"name": "userGroupTable_name",
"show": true
},
{
"name": "userGroupTable_modifiedAt",
"show": true
},
{
"name": "userGroupTable_userCount",
"show": true
},
{
"name": "userGroupTable_deviceCount",
"show": true
},
{
"name": "userGroupTable_applicationCount",
"show": true
}
],
"deviceGroupTableColumnDefinition": [
{
"name": "deviceGroupsTable_checkbox",
"show": true
},
{
"name": "deviceGroupsTable_name",
"show": true
},
{
"name": "deviceGroupsTable_memberCount",
"show": true
},
{
"name": "deviceGroupsTable_assignedConfigs",
"show": true
},
{
"name": "deviceGroupsTable_assignedPolicies",
"show": true
}
],
"contentTableColumnDefinition": [
{
"name": "contentTable_images",
"show": true
},
{
"name": "contentTable_name",
"show": true
},
{
"name": "contentTable_author",
"show": true
},
{
"name": "contentTable_prettyContentType",
"show": true
},
{
"name": "contentTable_modifiedAt",
"show": true
}
],
"policyTableColumnDefinition": [
{
"name": "policyTable_name",
"show": true
},
{
"name": "policyTable_type",
"show": true
},
{
"name": "policyTable_distributionCount",
"show": true
},
{
"name": "policyTable_activeViolationsCount",
"show": true
},
{
"name": "policyTable_complianceAction",
"show": true
}
],
"appReviewTableColumnDefinition": [
{
"name": "appReviewTable_checkbox",
"show": true
},
{
"name": "appReviewTable_name",
"show": true
},
{
"name": "appReviewTable_platformType",
"show": true
},
{
"name": "appReviewTable_modifiedBy",
"show": true
},
{
"name": "appReviewTable_reviewer",
"show": true
},
{
"name": "appReviewTable_rating",
"show": true
},
{
"name": "appReviewTable_title",
"show": true
}
],
"uiDefaultDmPartitionId": 23000,
"uiDefaultCmPartitionId": 20000
}
}
}
Apply a Custom Attribute to a User
This applies a custom attribute to a single user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
PATCH
Request URI
/api/v1/account/id/customattributes
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
id |
Path |
ID of the user to which you would like to assign a custom attribute. |
739375 |
attrs |
Request Body |
Container for the custom attributes to apply |
{"attrs":{"testUserAttribute":["forDocs"]}} |
Example Request
cURL
curl --location --request PATCH 'https://Ivanti Neurons for MDM host/api/v1/account/739375/customattributes' \ --header 'Accept: application/json, text/plain, */*' \ --header 'Accept-Language: en,en-US;q=0.9,pt-BR;q=0.8,pt;q=0.7,fr;q=0.6' \ --header 'Content-Type: application/json;charset=UTF-8' \ --header 'Authorization: Basic <token>' \ --data-raw '{"attrs":{"testUserAttribute":["forDocs"]}}'
HTTP
PATCH /api/v1/account/739375/customattributes HTTP/1.1 Host: your Ivanti Neurons for MDM host in the form of, for example, sandbox.ivanti.com Accept: application/json, text/plain, */* Accept-Language: en,en-US;q=0.9,pt-BR;q=0.8,pt;q=0.7,fr;q=0.6 Content-Type: application/json;charset=UTF-8 Authorization: Basic <token> Content-Length: 43 {"attrs":{"testUserAttribute":["forDocs"]}}
Example Response
{ "errors": null, "result": 1 }
Overwrite Custom Attributes for User
This call overwrites custom attributes for a user.
Authentication
Device Management
HTTP Method
PATCH
Request URI
/api/v1/account/customattributes
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
account |
Request body |
The account for which the custom attributes must be overwritten. |
19850 |
Example Request
curl --location --request PATCH 'https://<hostname>/api/v1/account/19850/customattributes' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Accept-Language: en,en-US;q=0.9,pt-BR;q=0.8,pt;q=0.7,fr;q=0.6' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic <token>' \
--header 'Cookie: MISESSIONID=YzRiYTNlODEtMjBlYy00NThmLWI0ODMtZTZhZjYyYWZlMmU1' \
--data '{"attrs":{"testUserAttribute":["forCheck"]}, "forceOverwrite":true}'
Example Response
{
"errors": null,
"result": 1
}
Search for a User by User ID (UID)
This call searches for a user by the user’s user ID (UID).
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account?fq=UID%3DUID
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
fq=UID%3DUID |
Query Path |
The query searching for thje user by the user ID. %3D is = url encoded. UID is the user ID to search for. |
fq=UID%[email protected] |
Example Request
https://[Ivanti Neurons for MDM]/api/v1/account?fq=UID%[email protected]
Response Fields
Field |
Description |
---|---|
errors |
|
result |
|
totalCount |
|
queryTime |
|
searchResults |
|
id |
|
createdAt |
|
displayName |
|
firstName |
|
lastName |
|
uid |
|
emailAddress |
|
accountSource |
|
inviteState |
|
inviteResendCount |
|
accountType |
|
enabled |
|
locked |
|
superUser |
|
termsAccepted |
|
mutable |
Can be modified by default. |
loginFailureCount |
|
loginSuccessAt |
|
passwordHistory |
|
registrationPin |
|
createdAt |
|
expiresAt |
|
used |
|
groups |
|
All Users" |
|
Engineering" |
|
deviceCount |
|
offset |
|
facetedResults |
|
ACCOUNTSOURCE |
|
ACCOUNTGROUP |
|
INVITESTATE |
|
Expired |
|
Completed |
|
None |
|
Pending |
|
totalUnfilteredResultCount |
|
Example Response
{
"errors": null,
"result": {
"totalCount": 1,
"queryTime": 3,
"searchResults": [
{
"id": 10022,
"createdAt": 1372188681178,
"displayName": "John Doe",
"firstName": "John",
"lastName": "Doe",
"uid": "[email protected]",
"emailAddress": "[email protected]",
"accountSource": "LOCAL",
"inviteState": "Completed",
"inviteResendCount": 0,
"accountType": "USER",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": 1416614208360,
"passwordHistory": "{}",
"registrationPin": {
"createdAt": null,
"expiresAt": null,
"used": false
},
"groups": [
"All Users",
"Engineering"
],
"deviceCount": 0
}
],
"offset": 0,
"facetedResults": {
"ACCOUNTSOURCE": {
"LDAP": 0,
"LOCAL": 1,
"SALESFORCE": 0
},
"TERMSACCEPTED": {
"false": 0,
"true": 1
},
"ACCOUNTGROUP": {
"Professional Services": 0,
"Sales": 0,
"xteam": 0,
"EMEA-ISR": 0,
"UG2": 0,
"Anyware-Validate": 0,
"Demo Group": 0,
"Russ": 0,
"sbhasin": 0,
"UX Team": 0,
"Newell North America": 0,
"洋一テストユーザーグループ": 0,
"Customer Success": 0,
"IT Test Group": 0,
"Engineering": 1,
"Business Development": 0,
"Newell Georgia": 0,
"Marketing": 0,
"EMEA-Partner-Helpdesk": 0,
"all-productmanagers": 0,
"UX": 0,
"Newell": 0,
"RichardLi": 0,
"SE": 0,
"QA": 0,
"SAFE - Native Samsung Users": 0,
"Roupen Group": 0,
"IT": 0,
"Anyware-Validate2": 0,
"System Administrators": 0,
"Supervised Devices": 0,
"Vinay Parihar": 0,
"Tyson Wheeler - Android": 0,
"UG1": 0,
"RamseyNJesse": 0,
"Default Group": 0,
"All Users": 1,
"Sales Ops": 0,
"CN": 0,
"Japan": 0,
"Mirko": 0
},
"INVITESTATE": {
"Expired": 0,
"Completed": 1,
"None": 0,
"Pending": 0
}
},
"totalUnfilteredResultCount": 261
}
}
Configuring User Device Registration Settings
This call controls if the user should be prompted for a password, password and PIN, or PIN only when registering a device. You need to set this to PIN to enable the following call, Generate User Registration PIN, to be successful.
Authentication
This call requires tenant admin credentials.
HTTP Method
PUT
Request URI
/api/v1/userpolicy
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
---|---|---|---|
policyType |
Query string |
|
REGISTRATION_AUTH |
deletable |
Request body |
|
false |
description |
Request body |
|
Pin Only |
distributionMutable |
Request body |
|
false |
enabled |
Request body |
|
true |
name |
Request body |
|
Device Registration Authentication Type |
pinLength |
Request body |
|
4 |
pinLifetimeMillis |
Request body |
|
604800000 |
pinResetByUser |
Request body |
|
true |
pinType |
Request body |
|
NUMERIC |
policyDataMutable |
Request body |
|
true |
priority |
Request body |
|
2147483647 |
priorityMutable |
Request body |
|
false |
registrationAuthMode |
Request body |
|
PIN |
systemName |
Request body |
|
registrationAuthUserPolicy |
uuid |
Request body |
Read-only |
e2f22cfe-2757-4256-b46e-a3011cdf6080 |
Example Request
Example Request URL
https://[Ivanti Neurons for MDM]/api/v1/userpolicy?policyType=REGISTRATION_AUTH
Example Request Body - Parsed
deletable: false
description: "PIN Only Setting"
distributionMutable: false
enabled: true
id: 50582
name: "Device Registration Authentication Type"
pinLength: 4
pinLifetimeMillis: 604800000
pinResetByUser: true
pinType: "NUMERIC"
policyDataMutable: true
policyType: "REGISTRATION_AUTH"
priority: 2147483647
priorityMutable: false
registrationAuthMode: "PIN"
systemName: "registrationAuthUserPolicy"
uuid: "65ca6590-b1a7-46d5-afcc-469c0f71526b"
{"systemName":"registrationAuthUserPolicy","name":"Device Registration Authentication Type","description":"PIN Only Setting","policyType":"REGISTRATION_AUTH","priority":2147483647,"enabled":true,"policyDataMutable":true,
"distributionMutable":false,"priorityMutable":false,"deletable":false,"registrationAuthMode":"PIN",
"pinType":"NUMERIC","pinLength":4,"pinLifetimeMillis":604800000,"pinResetByUser":true}
Example CURL
curl "https://[Ivanti Neurons for MDM]/api/v1/userpolicy?policyType=REGISTRATION_AUTH" -X PUT --data-binary "{""id"":50582,""createdAt"":1395521907150,""createdBy"":1,""modifiedAt"":1395521907150,""modifiedBy"":null,""uuid"":""65ca6590-b1a7-46d5-afcc-469c0f71526b"",""systemName"":""registrationAuthUserPolicy"",""name"":""Device Registration Authentication Type"",""description"":""PIN Only Setting"",""policyType"":""REGISTRATION_AUTH"",""priority"":2147483647,""enabled"":true,""policyDataMutable"":true,""distributionMutable"":false,"
"priorityMutable"":false,""deletable"":false,""registrationAuthMode"":""PIN"",""pinType"":""NUMERIC"",""pinLength"":4,""pinLifetimeMillis"":604800000,"
"pinResetByUser"":true}"
Response Fields
Field |
Description |
---|---|
errors |
Describes whether there was an error |
result |
Describes the result |
importSuccessGroups |
|
importSuccessOus |
|
inviteSuccessUsers |
|
importFailUsers |
|
importFailGroups |
|
importFailOus |
|
Example Response
{
"errors": null,
"result": 1
}
Generate User Registration PIN
This call generates a registration PIN for one or more accounts. You must use the Configuring User Device Registration Settings call to set the device registration type to PIN before using this call, or else the call will be unsuccessful. See Understanding Device Registration Authentication Type for more information.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/account/regpin
Request Parameters
Parameter |
Argument Type |
Description |
Example Value |
accountIds |
Request body |
Accounts for which to generate registration PINs |
10004 |
Example Request
curl --location 'https://[Ivanti Neurons for MDM]/api/v1/account/regpin' \ --header 'Accept: application/json, text/plain, */*' \ --header 'Content-Type: application/json' \ --header 'Authorization: Basic <token>' \ --form 'accountIds="38942135, 38942136"'
Response Fields
Field |
Description |
---|---|
errors |
|
result |
|
id |
ID of the account for which the call created the registration pin. |
createdAt |
When the PIN was created. |
createdBy |
Who created the PIN. |
accountId |
Account for which the PIN was created |
pin |
The PIN itself. |
expiredAt |
When did the PIN expire? |
used |
Was the PIN used? |
ppkgPinStatus |
|
Example Response
{ "errors": null, "result": [ { "id": 796902, "createdAt": 1681160105155, "createdBy": 38942135, "accountId": 38942135, "pin": "8731", "expiresAt": 1681764905157, "used": false, "ppkgPinStatus": "NOT_GENERATED" }, { "id": 796903, "createdAt": 1681160105181, "createdBy": 38942136, "accountId": 38942136, "pin": "4825", "expiresAt": 1681764905183, "used": false, "ppkgPinStatus": "NOT_GENERATED" } ] }
Get Reports List
This API lists the summary of available reports.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/report/flex/job/summary
Request Parameters
Parameter |
Argument Type |
Description |
Sample Value |
start |
Query |
Start value. Default value is 0. |
|
rows |
Query |
Number of rows. Default value is 50. |
|
Example Request
Example Request URL
https://<host>/api/v1/report/flex/job/summary?rows=50&start=0'
Response Fields
Field |
Description |
---|---|
name |
Name of the report |
description |
Description of the report |
manualRunInProgress |
Indicates the manual execution of the unscheduled report |
status |
Status of the report – Enabled / Disabled |
startDate |
Start date of the report |
nextRunDate |
Next execution date of the scheduled report |
reportJobRunStatus |
Different statuses of the job execution report:
|
outputFormats |
PDF or CSV format |
Example Response
{
"errors": null,
"result": {
"searchResults": [
{
"name": "users",
"description": "",
"manualRunInProgress": false,
"status": "ENABLED",
"startDate": 1691756796125,
"nextRunDate": 1691843196125,
"outputFormats": [
"CSV"
],
"reportJobRunStatus": "SCHEDULED"
}
],
"totalCount": 1,
"offset": 0,
"limit": 50
}
}
Download Latest Report
This API downloads the latest report.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/report/flex/job/output/latest/download
Example Request
Example Request URL
https://<host>/api/v1/report/flex/job/output/latest/download?reportName=Users-1&fileType=CSV
Request Parameters
Parameter |
Argument Type |
Description |
Sample Value |
reportName |
Query |
Name of the report |
|
fileType |
Query |
Download format – PDF or CSV |
|
Example Request
File downloaded.