1
Admin Management
Find admin users
This call gets a list of all admin users in the system. You can use the call described in Assign admins to device space to assign one of the retrieved users as the admin of a device space. A similar call, described in Get admin user summary, gets a list of admin users, but returns more details about each admin, namely, the name, email, source (local or LDAP), and assigned roles.
Required Role
See Authentication for complete details on ensuring that the credentials you use for basic authentication belong to a user with the necessary role for this API call.
|
Required Role |
|
Category: Admin Management Role Description: Manage administrators and device spaces |
HTTP method
GET
Request URI
api/v2/admins/users
Request parameters
|
Parameter |
Description |
Sample Value |
|
query |
Parameter Type: Query Data Type: String Min: 1 character Max: 20 characters Search expression. May be the user name, the first name, or the last name. The call returns all admin users in the absence of this parameter. See Query Operators and Search Fields for complete details on the query operators and search fields you can use to construct the query parameter statement. |
bsmith |
|
limit |
Parameter Type: Query Data Type: Number Min: 0 Max: 200 Default: 200 Indicates the maximum number of entries to return. Must be at least 0 and no more than 200. |
|
|
offset |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000,000 Default: 0 Indicates the index of the first entry to return. |
|
|
sortField |
Parameter Type: Query Data Type: String Min: 1 character Max: 320 characters Name of the field to use for sorting. |
|
|
sortOrder |
Parameter Type: Query Data Type: String Default: ASC Indicates the order in which entries are returned. Values can be "ASC" or "DESC". |
ASC |
Response fields
|
Field |
Description |
|
results |
Container for the results set, which is an array of all admin users retrieved, including their user ID and name. |
|
totalCount |
The total number of entries that the query matched. |
|
resultCount |
The number of entries that are being returned. |
Sample request and response
Request
curl -X GET -H "Authorization: Basic bWlhZG1pbjpNaTRtYW4xMQ==" https://[mobileironcore]/api/v2/admins/users?adminDeviceSpaceId=1
Response
{
"results": [
{
"userId": "misystem",
"name": null
},
{
"userId": "miadmin",
"name": "miadmin"
}
],
"totalCount": 2,
"resultCount": 2
}
Find ldap entitites
This call finds LDAP entities, either Organizational Units (OUs), groups, or users, depending on which you specify with the type parameter.
Required Role
See Authentication for complete details on ensuring that the credentials you use for basic authentication belong to a user with the necessary role for this API call.
|
Required Role |
|
Category: Admin Management Role Description: Manage administrators and device spaces |
HTTP method
GET
Request URI
api/v2/admins/ldap_entities
Request parameters
|
Parameter |
Description |
Sample Value |
|
adminDeviceSpaceId |
Required Parameter Type: Query Data Type: Number Device space ID of the administrator. |
1 |
|
query |
Required Parameter Type: Query Data Type: String Min: 1 character Max: 20 characters Search expression. May be the user name, the first name, or the last name. The call returns all admin users in the absence of this parameter. See Query Operators and Search Fields for complete details on the query operators and search fields you can use to construct the query parameter statement. |
query=admin (This value instructs the call to search for ldap entities with the word “admin” in their name”) |
|
type |
Required Parameter Type: Query Data Type: String Default: ALL Type of LDAP entity to search. May be OU, GROUP, or USER |
type=user (This value instructs the call to search for LDAP users) |
|
limit |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000 Default: 10,000 Indicates the maximum number of entries to return. Must be at least 0 and no more than 10,000. |
|
|
offset |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000,000 Default: 0 Indicates the index of the first entry to return. |
|
Response fields
|
Field |
Description |
|
results |
Container for the results set, which is an array of all LDAP entities retrieved, including each entity’s ID, name, LDAP Distinguished Name (dn), and the type of LDAP entity. |
|
totalCount |
The total number of entries that the query matched. |
|
resultCount |
The number of entries that are being returned. |
Sample request and response
Request
curl -X GET -H "Authorization: Basic bWlhZG1pbjpNaTRtYW4xMQ==" https://[mobileironcore]/api/v2/admins/ldap_entities?type=user&query=admin&adminDeviceSpaceId=1
Response
{
"results": [
{
"id": null,
"name": "Administrator",
"dn": "cn=administrator,cn=users,dc=auto2,dc=mobileiron,dc=com",
"type": "USER"
}
],
"totalCount": 1,
"resultCount": 1
}
Get admin user summary
This call gets a detailed list of admin users that includes each admin’s name, email, source (local or LDAP), and assigned roles. A similar call described in Find admin users, gets a list of admin users, but only returns the user ID and name for each admin user. This call has a GDPR consideration. See GDPR Consideration.
Required Role
See Authentication for complete details on ensuring that the credentials you use for basic authentication belong to a user with the necessary role for this API call.
|
Required Role |
|
Category: Admin Management Role Description: Manage administrators and device spaces |
HTTP method
GET
Request URI
api/v2/admins/user_summary
Request parameters
|
Parameter |
Description |
Sample Value |
|
adminDeviceSpaceId |
Required Parameter Type: Query Data Type: Number Device space ID of the administrator. |
1 |
|
limit |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000 Default: 10,000 Indicates the maximum number of entries to return. Must be at least 0 and no more than 10,000. |
|
|
offset |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000,000 Default: 0 Indicates the index of the first entry to return. |
|
|
sortField |
Parameter Type: Query Data Type: String Min: 1 character Max: 320 characters Name of the field to use for sorting. |
|
|
sortOrder |
Parameter Type: Query Data Type: String Default: ASC Indicates the order in which entries are returned. Values can be "ASC" or "DESC". |
ASC |
|
query |
Parameter Type: Query Data Type: String Min: 1 character Max: 20 characters Search expression. May be the user name, the first name, or the last name. The call returns all admin users in the absence of this parameter. See Query Operators and Search Fields for complete details on the query operators and search fields you can use to construct the query parameter statement. |
query=admin (This value instructs the call to search for admin entities with the word “admin” in their name”) |
|
page |
Parameter Type: Query Data Type: integer Instructs the API on which page of results to start returning results. |
1 |
|
start |
Parameter Type: Query Data Type: integer Instructs the API at which record on the specified page of results to start returning results. |
0 |
Response fields
|
Field |
Description |
|
results |
An array of entry objects: name, userId, email, source (LDAP or Local), roles (id, description), adminSpaces (id, name) |
|
totalCount |
The total number of entries that the query matched. |
|
resultCount |
The number of entries that are being returned. |
Sample request and response
Request
curl "https://mobileironcore]/api/v2/admins/user_summary?limit=50&offset=0&sortField=name&sortOrder=ASC&query=&page=1&start=0"
Response
{
"results": [
{
"name": "miadmin",
"principal": "miadmin",
"email": "[email protected]",
"source": "Local",
"spaceRoles": [
{
"spaceId": 1,
"spaceName": "Global",
"vspRoles": [
{
"id": 1,
"name": "ROLE_ADMIN_MGMT",
"description": "Manage administrators and device spaces",
"defaultSpaceOnly": true
},
{
"id": 3,
"name": "ROLE_DEVICE_VIEW_APP",
"description": "View apps in device details",
"defaultSpaceOnly": false
},
{
"id": 4,
"name": "ROLE_DEVICE",
"description": "Manage devices",
"defaultSpaceOnly": false
},
{
"id": 6,
"name": "ROLE_DEVICE_LOCATE",
"description": "Locate device",
"defaultSpaceOnly": false
},
{
"id": 7,
"name": "ROLE_DEVICE_WIPE",
"description": "Wipe device",
"defaultSpaceOnly": false
},
{
"id": 8,
"name": "ROLE_DEVICE_ADD",
"description": "Add device",
"defaultSpaceOnly": false
},
{
"id": 9,
"name": "ROLE_DEVICE_ACTIVESYNC",
"description": "Manage ActiveSync device",
"defaultSpaceOnly": true
},
{
"id": 10,
"name": "ROLE_APP_TUNNEL",
"description": "Manage AppTunnel",
"defaultSpaceOnly": true
},
{
"id": 11,
"name": "ROLE_DEVICE_ENROLLMENT",
"description": "Manage device enrollment (iOS only)",
"defaultSpaceOnly": true
},
{
"id": 14,
"name": "ROLE_LABEL",
"description": "Manage label",
"defaultSpaceOnly": false
},
{
"id": 16,
"name": "ROLE_USER_MANAGEMENT",
"description": "Manage user",
"defaultSpaceOnly": false
},
{
"id": 17,
"name": "ROLE_APP",
"description": "Manage app",
"defaultSpaceOnly": true
},
{
"id": 19,
"name": "ROLE_CONFIG",
"description": "Manage configuration",
"defaultSpaceOnly": true
},
{
"id": 22,
"name": "ROLE_POLICY",
"description": "Manage policy",
"defaultSpaceOnly": true
},
{
"id": 25,
"name": "ROLE_SETTINGS",
"description": "Manage settings",
"defaultSpaceOnly": true
},
{
"id": 27,
"name": "ROLE_LOGS_EVENTS",
"description": "Manage logs and events",
"defaultSpaceOnly": true
},
{
"id": 28,
"name": "ROLE_VSP_CONNECTOR",
"description": "Connector",
"defaultSpaceOnly": true
},
{
"id": 29,
"name": "ROLE_VSP_API",
"description": "API",
"defaultSpaceOnly": true
},
{
"id": 34,
"name": "ROLE_CONTENT",
"description": "Manage Content",
"defaultSpaceOnly": true
}
]
}
]
}
],
"totalCount": 1,
"resultCount": 1
}
Get ldap entity summary
This call gets detailed information on all admin LDAP admin entities. Returns the id, name, dn, type, member count (germane for OUs and GROUPS), first name, last name, email, and roles for each found admin LADAP entity.
Required Role
See Authentication for complete details on ensuring that the credentials you use for basic authentication belong to a user with the necessary role for this API call.
|
Required Role |
|
Category: Admin Management Role Description: Manage administrators and device spaces |
HTTP method
GET
Request URI
api/v2/admins/ldap_entity_summary
Request parameters
|
Parameter |
Description |
Sample Value |
|
adminDeviceSpaceId |
Required Parameter Type: Query Data Type: Number Device space ID of the administrator. |
1 |
|
query |
Parameter Type: Query Data Type: String Min: 1 character Max: 20 characters Search expression. May be the user name, the first name, or the last name. The call returns all admin users in the absence of this parameter. See Query Operators and Search Fields for complete details on the query operators and search fields you can use to construct the query parameter statement. |
query=admin (This value instructs the call to search for ldap entities with the word “admin” in their name”) |
|
type |
Required Parameter Type: Query Data Type: Number Default: ALL Type of LDAP entity to search. May be OU, GROUP, USER, or ALL. |
type=user (This value instructs the call to search for LDAP users) |
|
limit |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000 Default: 10,000 Indicates the maximum number of entries to return. Must be at least 0 and no more than 10,000. |
|
|
offset |
Parameter Type: Query Data Type: Number Min: 0 Max: 10,000,000 Default: 0 Indicates the index of the first entry to return. |
|
|
sortField |
Parameter Type: Query Data Type: String Min: 1 character Max: 320 characters Name of the field to use for sorting. |
|
|
sortOrder |
Parameter Type: Query Data Type: String Default: ASC Indicates the order in which entries are returned. Values can be "ASC" or "DESC". |
ASC |
Response fields
|
results |
Container for the results set, which is an array of all LDAP entities retrieved, including each entity’s id, name, dn, type, member count (germane for OUs and GROUPS), first name, last name, email, and roles. |
|
totalCount |
The total number of entries that the query matched. |
|
resultCount |
The number of entries that are being returned. |
Sample request and response
Request
curl -X GET -H "Authorization: Basic bWlhZG1pbjpNaTRtYW4xMQ==" https://[mobileironcore]/api/v2/admins/ldap_entity_summary?type=USER&query=testuser00023&adminDeviceSpaceId=1
Response
{{
"results": [
{
"id": null,
"name": "testuser000230",
"dn": "cn=testuser000230,ou=contacts,dc=auto2,dc=mobileiron,dc=com",
"type": "USER",
"memberCount": 0,
"firstName": "Test",
"lastName": "User000230",
"email": "[email protected]",
"spaceRoles": [ ]
},
...
{
"id": null,
"name": "testuser000239",
"dn": "cn=testuser000239,ou=contacts,dc=auto2,dc=mobileiron,dc=com",
"type": "USER",
"memberCount": 0,
"firstName": "Test",
"lastName": "User000239",
"email": "[email protected]",
"spaceRoles": [ ]
}
],
"totalCount": 10,
"resultCount": 10
}
Get a list of admin roles
This call returns all admin roles and associated permissions. You can use this call before issuing the call described in Assign admins to device space, so you know which string values to use for the roles you assign to admins you assign to device spaces.
Required Role
See Authentication for complete details on ensuring that the credentials you use for basic authentication belong to a user with the necessary role for this API call.
|
Required Role |
|
Category: Admin Management Role Description: Manage administrators and device spaces |
HTTP method
GET
Request URI
api/v2/admins/roles
Request parameters
|
Parameter |
Description |
Sample Value |
|
adminDeviceSpaceId |
Required Parameter Type: Query Data Type: Number Device space ID of the administrator. |
1 |
Response fields
|
results |
Container for the results set, which is an array of all roles, including the following fields for each role: category, roleAndPermissions, roleId, roleDescription, defaultSpaceOnly, and permissions. The values for roleId are the ones you use for the roles parameter when making the call described in Assign admins to device space. |
|
totalCount |
The total number of entries that the query matched. |
|
resultCount |
The number of entries that are being returned. |
|
results |
Container for the results set, which is an array of all LDAP entities retrieved, including each entity’s id, name, dn, type, member count (germane for OUs and GROUPS), first name, last name, email, and roles. |
|
totalCount |
The total number of entries that the query matched. |
Sample request and response
Request
curl -X GET -H "Authorization: Basic bWlhZG1pbjpNaTRtYW4xMQ==" https://[mobileironcore]/api/v2/admins/roles?adminDeviceSpaceId=1
Response
{
"results": [
{
"category": "Device Management",
"roleAndPermissions": [
{
"roleId": 2,
"roleDescription": "View dashboard, device page, device details",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"View device details"
]
},
{
"roleId": 4,
"roleDescription": "Manage devices",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"Retire device",
"Other device actions",
"View device details",
"Push profiles in device details",
"Edit comments in device details"
]
},
{
"roleId": 5,
"roleDescription": "Manage devices, restricted",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"Other device actions",
"View device details",
"Edit comments in device details"
]
},
{
"roleId": 7,
"roleDescription": "Wipe device",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"Wipe device",
"View device details"
]
},
{
"roleId": 8,
"roleDescription": "Add device",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"Add device",
"View device details"
]
},
{
"roleId": 9,
"roleDescription": "Manage ActiveSync device",
"defaultSpaceOnly": true,
"permissions": [
"View dashboard",
"View device",
"View device details",
"View ActiveSync device",
"Edit ActiveSync device"
]
},
{
"roleId": 10,
"roleDescription": "Manage AppTunnel",
"defaultSpaceOnly": true,
"permissions": [
"AppTunnel"
]
},
{
"roleId": 11,
"roleDescription": "Manage device enrollment (iOS only)",
"defaultSpaceOnly": true,
"permissions": [
"View dashboard",
"View device",
"View device details",
"Device enrollment (iOS only)"
]
},
{
"roleId": 12,
"roleDescription": "Delete retired device (API only)",
"defaultSpaceOnly": true,
"permissions": [
"View dashboard",
"View device",
"Delete retired device",
"View device details"
]
}
]
},
{
"category": "Privacy Control",
"roleAndPermissions": [
{
"roleId": 3,
"roleDescription": "View apps in device details",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"View device details",
"View apps in device details"
]
},
{
"roleId": 6,
"roleDescription": "Locate device",
"defaultSpaceOnly": false,
"permissions": [
"View dashboard",
"View device",
"Locate device",
"View device details"
]
}
]
},
{
"category": "Label Management",
"roleAndPermissions": [
{
"roleId": 13,
"roleDescription": "View label",
"defaultSpaceOnly": false,
"permissions": [
"View label"
]
},
{
"roleId": 14,
"roleDescription": "Manage label",
"defaultSpaceOnly": false,
"permissions": [
"View device",
"View device details",
"View label",
"Edit label"
]
}
]
},
{
"category": "User Management",
"roleAndPermissions": [
{
"roleId": 15,
"roleDescription": "View user",
"defaultSpaceOnly": false,
"permissions": [
"View user"
]
},
{
"roleId": 16,
"roleDescription": "Manage user",
"defaultSpaceOnly": false,
"permissions": [
"View user",
"Edit user"
]
}
]
},
{
"category": "App Management",
"roleAndPermissions": [
{
"roleId": 17,
"roleDescription": "Manage app",
"defaultSpaceOnly": true,
"permissions": [
"Manage app",
"View app, apply and remove application label"
]
},
{
"roleId": 33,
"roleDescription": "Apply and remove application label",
"defaultSpaceOnly": false,
"permissions": [
"View app, apply and remove application label"
]
}
]
},
{
"category": "Configuration Management",
"roleAndPermissions": [
{
"roleId": 18,
"roleDescription": "View configuration",
"defaultSpaceOnly": false,
"permissions": [
"View configuration"
]
},
{
"roleId": 19,
"roleDescription": "Manage configuration",
"defaultSpaceOnly": true,
"permissions": [
"View configuration",
"Edit configuration",
"Apply and remove configuration label"
]
},
{
"roleId": 20,
"roleDescription": "Apply and remove configuration label",
"defaultSpaceOnly": false,
"permissions": [
"View configuration",
"Apply and remove configuration label"
]
}
]
},
{
"category": "Policy Management",
"roleAndPermissions": [
{
"roleId": 21,
"roleDescription": "View policy",
"defaultSpaceOnly": false,
"permissions": [
"View policy"
]
},
{
"roleId": 22,
"roleDescription": "Manage policy",
"defaultSpaceOnly": true,
"permissions": [
"View policy",
"Edit policy",
"Apply and remove policy label",
"View and edit ActiveSync policy",
"View and edit compliance action"
]
},
{
"roleId": 23,
"roleDescription": "Apply and remove policy label",
"defaultSpaceOnly": false,
"permissions": [
"View policy",
"Apply and remove policy label"
]
}
]
},
{
"category": "Settings Management",
"roleAndPermissions": [
{
"roleId": 24,
"roleDescription": "View settings",
"defaultSpaceOnly": true,
"permissions": [
"View settings"
]
},
{
"roleId": 25,
"roleDescription": "Manage settings",
"defaultSpaceOnly": true,
"permissions": [
"View settings",
"Edit settings"
]
}
]
},
{
"category": "Logs and Events Management",
"roleAndPermissions": [
{
"roleId": 26,
"roleDescription": "View logs and events",
"defaultSpaceOnly": true,
"permissions": [
"View logs and events"
]
},
{
"roleId": 27,
"roleDescription": "Manage logs and events",
"defaultSpaceOnly": true,
"permissions": [
"View logs and events",
"Edit logs and events"
]
}
]
},
{
"category": "Admin Management",
"roleAndPermissions": [
{
"roleId": 1,
"roleDescription": "Manage administrators and device spaces",
"defaultSpaceOnly": true,
"permissions": [
"Manage administrators and device spaces"
]
}
]
},
{
"category": "Content Management",
"roleAndPermissions": [
{
"roleId": 34,
"roleDescription": "Manage Content",
"defaultSpaceOnly": true,
"permissions": [
"Manage Content",
"View content; apply and remove content labels"
]
},
{
"roleId": 35,
"roleDescription": "View content; apply and remove content labels",
"defaultSpaceOnly": false,
"permissions": [
"View content; apply and remove content labels"
]
}
]
},
{
"category": "Others",
"roleAndPermissions": [
{
"roleId": 28,
"roleDescription": "Connector",
"defaultSpaceOnly": true,
"permissions": [
"Connector"
]
},
{
"roleId": 29,
"roleDescription": "API",
"defaultSpaceOnly": true,
"permissions": [
"Access V1 API"
]
},
{
"roleId": 30,
"roleDescription": "Mobile App",
"defaultSpaceOnly": true,
"permissions": [
"Mobile App Access"
]
},
{
"roleId": 31,
"roleDescription": "Enforce single session (all spaces)",
"defaultSpaceOnly": false,
"permissions": [
"Enforce single session"
]
},
{
"roleId": 32,
"roleDescription": "Perform system operations functions",
"defaultSpaceOnly": true,
"permissions": [
"View search index settings and state",
"Rebuild search index"
]
}
]
}
],
"totalCount": 12,
"resultCount": 12
}