User API Calls
This chapter describes the supported API calls for customer integration using the API. If the call does not appear in this document, then it is unsupported.
Create User without Password
This call creates a user without a password.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
api/v1/accounts
Request Parameters
|
Parameter |
Argument Type |
Description |
Sample Value |
|
sendInvite |
Path |
True if we want to send invite |
true |
|
emailAddress |
Request body |
Email address |
|
|
accountSource |
Request body |
Type of user. LOCAL |
LOCAL |
|
uid |
Request body |
Same as the email address |
Example Request
Example Request URL
https://cluster056.auto.acme.com/api/v1/accounts?sendInvite=true
Example Request Body
accounts[0][email protected]
accounts[0].accountSource=LOCAL
accounts[0][email protected]
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Errors returned by the call |
|
result– Results container for user information |
|
|
id |
Internal ID for the user |
|
createdAt |
When created. |
|
createdBy |
Who created it. |
|
modifiedAt |
When modified. |
|
modifiedBy |
Who modified it. |
|
displayName |
Display name of account. |
|
firstName |
First name for the account. |
|
lastName |
Last name for the account. |
|
ldapServerId |
LDAP server ID for the account. |
|
uid |
UID for the account. Same as the email address. |
|
emailAddress |
Email address for the account Same as UID. |
|
username |
User name for the account. |
|
accountSource |
Account source. Can be LOCAL, and perhaps LDAP later. |
|
inviteState |
Has the user responded to the invitation? |
|
inviteResendCount |
How many times has the invite been resent? |
|
inviteLastSentAt |
When was the invite last sent? |
|
locale |
The account’s locale. |
|
enabled |
Is the account enabled? |
|
locked |
Is the account locked? |
|
superUser |
Is this account a superuser? |
|
termsAccepted |
Did this account accept the terms? |
|
passwordExpiresAt |
When does the password expire? |
|
distinguishedName |
|
|
objectGuid |
|
|
trash |
Has this account been discarded? |
|
mutable |
Can be modified by default. |
|
loginFailureCount |
How many times has the user unsuccessfully tried to login? |
|
loginSuccessAt |
|
|
passwordHistory |
|
|
guid |
|
|
actionExceptionCodes |
|
Example Response
{
"errors": null,
"result": [
{
"id": 10023,
"createdAt": null,
"createdBy": 10001,
"modifiedAt": null,
"modifiedBy": 10001,
"displayName": null,
"firstName": null,
"lastName": null,
"ldapServerId": null,
"uid": "[email protected]",
"emailAddress": "[email protected]",
"username": null,
"accountSource": "LOCAL",
"inviteState": null,
"inviteResendCount": 0,
"inviteLastSentAt": null,
"locale": "en_US",
"enabled": false,
"locked": false,
"superUser": false,
"termsAccepted": false,
"passwordExpiresAt": null,
"distinguishedName": null,
"objectGuid": null,
"trash": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": null,
"passwordHistory": "{\"passwords\":[]}",
"guid": null,
"actionExceptionCodes": null
}
]
}
Create User with Password
This call creates a user with a password.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
api/v1/account
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|
sendInvite |
Path |
True if we want to send invite |
true |
|
accountSource: LOCAL
|
Request body |
Email address |
|
|
accountSource |
Request body |
Type of user. Can be LOCAL or LDAP |
LOCAL |
|
uid |
Request body |
Same as the email address |
|
|
emailAddress |
Request body |
email address of the user |
|
|
firstName |
Request body |
first name |
|
|
lastName |
Request body |
last name |
|
|
displayName |
Request body |
display name |
|
|
password |
Request body |
password for the user |
|
|
confirmPassword |
Request body |
confirm the password |
|
Example Request
Example Request URL
https://cluster056.auto.acme.com/api/v1/account?sendInvite=true
Example Request Body
accountSource=LOCAL
firstName=Cool
lastName=Tester
displayName=Cool+Tester
password=Testing!23
confirmPassword=Testing!23
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Errors returned by the call |
|
id |
Internal ID for the user |
|
createdAt |
When the account was created. |
|
createdBy |
Who created the account? |
|
modifiedAt |
When was the account modified? |
|
modifiedBy |
Who modified the account? |
|
displayName |
Display name for account. |
|
firstName |
First name of account. |
|
lastName |
Last name of account. |
|
ldapServerId |
LDAP server ID for the account. |
|
uid |
UID for the account. |
|
emailAddress |
Email address for the account. |
|
username |
Username for the account. |
|
accountSource |
Source for the account. Can be LOCAL. LDAP may be supported later. |
|
inviteState |
Has the use been invited? |
|
inviteResendCount |
How many times has the invitation been resent? |
|
inviteLastSentAt |
When was the invitation last sent? |
|
locale |
What is the account locale? |
|
enabled |
Is the account enabled? |
|
locked |
Is the account locked? |
|
superUser |
Is the user a supersuer? |
|
termsAccepted |
Has the user accepted the terms? |
|
passwordExpiresAt |
When does the password expire? |
|
distinguishedName |
|
|
objectGuid |
|
|
trash |
Has the account been discarded? |
|
mutable |
Can be modified by default. |
|
loginFailureCount |
|
|
loginSuccessAt |
|
|
passwordHistory |
|
|
guid |
|
|
actionExceptionCodes |
|
Example Response
{
"errors": null,
"result": {
"id": 10024,
"createdAt": null,
"createdBy": 10001,
"modifiedAt": null,
"modifiedBy": 10001,
"displayName": "TestFName TestLame",
"firstName": "TestFName",
"lastName": "TestLame",
"ldapServerId": null,
"uid": "[email protected]",
"emailAddress": "[email protected]",
"username": null,
"accountSource": "LOCAL",
"inviteState": null,
"inviteResendCount": 0,
"inviteLastSentAt": null,
"locale": "en_US",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"passwordExpiresAt": null,
"distinguishedName": null,
"objectGuid": null,
"trash": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": null,
"passwordHistory": "{\"passwords\":[]}",
"guid": null,
"actionExceptionCodes": null
}
}
Invite User
This call invites a user to register with MobileIron Cloud, optionally setting device ownership to EMPLOYEE, COMPANY, or UNKNOWN.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/invite/enduser
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
accountIds |
Request body |
The accounts you wish to invite. |
10552 |
|||||||||
|
deviceOwnershipType |
Request body |
Optional. Sets the device ownership. Valid values are:
|
EMPLOYEE |
Example Request
curl "https://<mobileiron_cloud>/api/v1/invite/enduser" -H "Accept: application/json, text/plain, */*" --data "accountIds=10552&deviceOwnershipType=EMPLOYEE" --compressed
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Errors returned by the call |
|
result |
The result set container |
Example Response
{
"errors": null,
"result": true
}
Get Enrollment URL
This call creates an enrollment URL that enrolls a user without the user having to enter a pin.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/tenant/enrollment/url
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
accountIds |
Request body |
The accounts for which you want to create the enrollment URL. |
10022 |
|
tokenLifetime |
Request body |
The token lifetime. |
604800000 |
Example Request
cURL 'https://na1.mobileiron.com/api/v1/tenant/enrollment/url' -d'{"accountIds": [ 10022 ], "tokenLifetime": 604800000}' -H 'Content-Type: application/json'
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Errors returned by the call |
|
result |
The result set container |
|
accountId |
The account Id and corresponding enrollment URL. |
Example Response
{
"errors": null,
"result": {
"10022": "https://na1.mobileiron.com/c/i/reg/enroll.mobileconfig?token=7F7F00009C44AFBE0001000600108EAB34439F38473CAC15E4A6A10B69D8BEAF04474710AE859B37454248922171D5A969B312C66E844678C80800E7DF7E3EAABF8E35E12322E4ABD6988314AD333C3740B7DD9550F98EA78704CD1AD7D82636162CE31E85B857DF5EBC2636F161EF7713663361AFC93A03009307E2B70C37D893E55E5E659D6F34FF36C3A747E47640811F00FCF9F1537D5B20AD2EC3264775B45780B942EC3F3D6C790D3F38514F6EB274B463D1557CD68273FD325FB6FE006777499F70858B427CBCB67943F1070B6EDBAC1115C1"
}
}
Get All Accounts
This call gets information about all accounts, including the id and emailAddress values that you need for the next call.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
rows |
Path |
How many rows to return in the query. Do not send a value larger than 500 with the rows parameter because the APIs do not permit a value of greater than 500. See Controlling Results. |
50 |
|
start |
Path |
Where in the results set to start displaying the rows. |
0 |
Example Request
curl 'https://[mobileiron_cloud]/api/v1/account?q=&rows=50&start=0&sortFields%5B0%5D.name=displayName&sortFields%5B0%5D.order=ASC&nav=true' \
-H 'Accept: application/json, text/plain, */*' \
Example Response
{
"errors": null,
"result": {
"totalCount": 21,
"searchResults": [
{
"id": 6150167,
"createdAt": 1442949222375,
"displayName": "r m",
"firstName": "r",
"lastName": "m",
"uid": "[email protected]",
"emailAddress": "[email protected]",
"accountSource": "LOCAL",
"inviteState": "Expired",
"inviteResendCount": 0,
"accountType": "USER",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"accountSettings": "null",
"mutable": true,
"loginFailureCount": 0,
"passwordHistory": "{}",
"androidWorkUserStatus": "NONE",
"androidWorkRetryCount": 0,
"registrationPin": {
"createdAt": null,
"expiresAt": null,
"pin": null,
"used": false
},
"groups": [
"All Users"
],
"deviceCount": 0
},
…
],
"offset": 0,
"queryTime": 16,
"facetedResults": {
"ACCOUNTSOURCE": {
"LOCAL": 21
},
"TERMSACCEPTED": {
"false": 16,
"true": 5
},
"INVITESTATE": {
"Completed": 9,
"Expired": 5,
"None": 6,
"Pending": 1
},
"ANDROIDWORKSTATUS": {
"NONE": 21
},
"ACCOUNTGROUP": {
"ForDocs": 1,
"Group 8": 2,
"All Users": 21,
"North American Users": 1,
"European Users": 1,
"Appusers": 1
}
},
"totalUnfilteredResultCount": 0
}
}
Check Delete User Viability
This call informs you whether you can delete a specific user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account?checkDeleteViability=true&ids={id}
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
ids |
Query |
ID of the target account. You get it with the Get All Accounts call. |
47253017 |
Example Request
curl 'https://[mobileiron_cloud]/api/v1/account?checkDeleteViability=true&ids=47253017'
Example Response
{
"errors": null,
"result": {
"searchResults": [ ],
"totalCount": 0,
"offset": 0,
"limit": 0
}
}
Delete User
This call deletes a user. You should run the Check Delete User Viability firt to determine whther you can delete the target user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
DELETE
Request URI
/api/v1/account?id={id}
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
id |
Request body |
ID of the target account. You get it with the Get All Accounts call. |
47253017 |
Example Request
curl 'https://[mobileiron_cloud]/api/v1/account?id=47252222' -X DELETE
Example Response
{
"errors": null,
"result": 1
}
Update User Account
This call updates a user’s account information.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
PUT
Request URI
/api/v1/account
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
displayName |
Request body |
New value for the display name. Cleared if not present in the call. |
John Doe |
|
androidWorkDeviceAccountEnabled |
Request body |
New value to enable android work device. true or false. Cleared if not present in the call. |
false |
|
emailAddress |
Request body |
New value for email address. Cleared if not present in the call. |
|
|
firstName |
Request body |
New value for first name. Cleared if not present in the call. |
John |
|
lastName |
Request body |
New value for last name. Cleared if not present in the call. |
Doe |
|
enabled |
Request body |
New value to enable/disable the account. true or false. Cleared if not present in the call. |
true |
|
passwordNeverExpire |
Request body |
New value to indicate if password never expires for the account. true or false. Cleared if not present in the call. |
false |
|
gdprProfileId |
Request body |
New value for GDPR profile identifier. Cleared if not present in the call. |
259 |
|
managedAppleId |
Request body |
New value for managed Apple identifier. Cleared if not present in the call. |
|
|
edipi |
Request body |
New value for Electronic Data Interchange Personal Identifier. Cleared if not present in the call. |
1234567899 |
|
password |
Request body |
New value for password. |
Letme77in@ |
|
confirmPassword |
Request body |
New value for password. |
Letme77in@ |
|
id |
Request body |
ID of the target account. You get it with the Get All Accounts call. |
11193157 |
Example Request
curl --location --request PUT 'https://[mobileiron_cloud]/api/v1/account' \ --header 'Accept: application/json, text/plain, */*' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Basic xxxxxEBzYW5kYm94Lm1vYmlsZWlyb24uY29tOk1pNG1hbjEx' \ --data-urlencode 'firstName=John' \ --data-urlencode 'lastName=Doe' \ --data-urlencode '[email protected]' \ --data-urlencode '[email protected]' \ --data-urlencode 'displayName=John Doe' \ --data-urlencode 'id=11193157' \ --data-urlencode 'accountSource=LOCAL' \ --data-urlencode 'enabled=true' \ --data-urlencode '[email protected]' \ --data-urlencode 'mamWithOutMDM=' \ --data-urlencode 'password=Letme77in@' \ --data-urlencode 'confirmPassword=Letme77in@' \ --data-urlencode 'edipi=1234567895' \ --data-urlencode 'androidWorkDeviceAccountEnabled=false' \ --data-urlencode 'gdprProfileId=' \ --data-urlencode 'passwordNeverExpire=true'
Example Response
{
"errors": null,
"result": 1
}
Change Password
This call changes the password for the given account.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
PUT
Request URI
/api/v1/account
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|||
|---|---|---|---|---|---|---|
|
id |
Request body |
ID of the target account. You get it with the Get All Accounts call. |
12477207 |
|||
|
emailAddress |
Request body |
Email address associated with the target account. You get it with the Get All Accounts call. |
||||
|
password |
Request body |
|
Clever78password |
|||
|
confirmPassword |
Request body |
|
Clever78password |
|||
|
enabled |
Request body |
Can be:
|
true |
Example Request
curl --location --request PUT 'https://[mobileiron_cloud]/api/v1/account' \
--header 'Accept: application/json, text/plain, */*' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic xxxxxEBzYW5kYm94Lm1vYmlsZWlyb24uY29tOk1pNG1hbjEx' \
--data-urlencode '[email protected]' \
--data-urlencode 'id=12477207' \
--data-urlencode 'enabled=true' \
--data-urlencode 'password=Clever78password' \
--data-urlencode 'confirmPassword=Clever78password'
Example Response
{
"errors": null,
"result": 1
}
Import LDAP User
There are two calls you use to accomplish the user import:
| • | Import LDAP User: Sends a request to import a specific LDAP user. |
| • | Check LDAP Import Status: Checks the status of the import request. |
| • | A suggested choreography is that after having issued the Import LDAP User call, you wait fifteen seconds and then issue the Check LDAP Import Status call. You can then re-issue the Check LDAP Import Status call every fifteen seconds until ninety seconds have elapsed. |
This call sends a request to import an LDAP user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/ldap/import/user
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
||||||
|---|---|---|---|---|---|---|---|---|---|
|
uidOrEmail |
Path |
User ID of the LDAP user to import. |
testuser123623@ auto12.mobileiron.com |
||||||
|
ldapServerName |
Path |
Optional. Name of the LDAP server. If no ldapServerName is specified, then the tenant should have a single LDAP server added and it will be used for the user search & import. |
ldap-2k |
||||||
|
sendInvite |
Path |
Optional. Specifies whether to send the user an email invitation. Valid values:
|
true |
||||||
|
deviceOwnershipType |
Path |
Optional. Specifies whether to set device ownership. Valid values:
|
EMPLOYEE |
Example Request
$curl -X POST -u username:password -kv "https://[mobileiron_cloud]/api/v1/ldap/import/user? [email protected]&ldapServerName=ldap-2k&sendInvite=true"
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Errors returned by the call. |
|
result |
Returned request ID. You will use this value in the Check LDAP Import Status call. |
Example Response
{
"errors": null,
"result": 1
}
Check LDAP Import Status
This call checks whether the Import LDAP User call was successful.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/ldap/import/user/status
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
requestId |
Path |
The request Id returned by the Import LDAP User call. |
1 |
Example Request
$curl -X GET -u username:password -kv "https://mobileiron_cloud/api/v1/ldap/import/user/status?requestId=1"
Response Fields
|
Field |
Description |
|---|---|
|
requestId |
Errors returned by the call |
|
status |
The result set container |
|
errorCode |
The error code returned by the call. See the Example Responses below for the kinds of error codes the call may return. |
|
errorMessage |
The error message returned by the call. See the Example Responses below for the kinds of error messages the call may return. |
Example Responses
User import successfully completed
{
"requestId": 1,
"status": "COMPLETED",
"errorCode": "",
"errorMessage": ""
}
User import in-progress
{
"requestId": 1,
"status": "IN_PROGRESS",
"errorCode": "",
"errorMessage": ""
}
User import failed - User not found
{
"requestId": 1,
"status": "FAILED",
"errorCode": "LDAP_USER_IMPORT-106",
"errorMessage": "The LDAP user [email protected] not found to import."
}
User import failed - Invalid Entry
{
"requestId": 1,
"status": "FAILED",
"errorCode": "KC-103",
"errorMessage": "The LDAP entry has invalid attribute to be imported."
}
Invalid LDAP server name
{
"errors": {
"globalErrors": [
{
"code": "LDAP_USER_IMPORT-103",
"message": "No LDAP server with name invalid-ldap found."
}
],
"fieldErrors": null
},
"result": null
}
Request not found
{
"errors": {
"globalErrors": [
{
"code": "LDAP_USER_IMPORT-100",
"message": "The LDAP user import request id 1 not found."
}
],
"fieldErrors": null
},
"result": null
}
Get Account Metadata
This gets account metadata for the current user. This is a useful call for finding the default content and space IDs for a user.
Authentication
This call requires Tenant Admin credentials
HTTP Method
GET
Request URI
api/v1/account/metadata
Request Parameter
|
Parameter |
Description |
Example Value |
|
metadata |
Instructs the API to get account metadata for the current user. |
metadata |
Example Request
https://[mobileiron cloud]/api/v1/account?metadata
Response Fields
|
Field |
Description |
|---|---|
|
errors |
|
|
result |
|
|
accountId |
|
|
displayName |
|
|
lastName |
|
|
firstName |
|
|
emailAddress |
|
|
defaultCmPartitionId |
|
|
defaultDmPartitionId |
|
|
globalAuthorities |
|
|
accountRole.to.group.update |
|
|
kocab.update |
|
|
contentstore.preview |
|
|
ldap.authenticate.user |
|
|
app.store.settings.update |
|
|
configurator.authtoken.read |
|
|
account.invite.admin |
|
|
accountGroup.delete |
|
|
ldap.server.sync |
|
|
sfdc.oauth.profile.update |
|
|
account.permission.tenant.read |
|
|
accountRole.delete |
|
|
accountGroup.create |
|
|
mizar.delete |
|
|
account.read |
|
|
account.password.reset |
|
|
partition.device.delete |
|
|
app.category.delete |
|
|
account.delete |
|
|
partition.device.update |
|
|
message.delete |
|
|
whitelabel.resource.tenant.read |
|
|
account.invite.enduser |
|
|
kocab.delete |
|
|
message.read |
|
|
partition.device.create |
|
|
sfdc.oauth.profile.read |
|
|
mizar.read |
|
|
accountRole.read |
|
|
alcor.update |
|
|
configurator.authtoken.create |
|
|
mizar.create |
|
|
partition.content.update |
|
|
alcor.delete |
|
|
app.search.googleplay |
|
|
accountRole.to.permission.update |
|
|
partition.content.read |
|
|
account.update |
|
|
account.send.message |
|
|
accountGroup.update |
|
|
message.create |
|
|
policy.certificate.store.read.all |
|
|
account.to.group.update |
|
|
partition.content.create |
|
|
alcor.create |
|
|
account.preferences.change |
|
|
ldap.search.group |
|
|
policy.template.tenant.read |
|
|
report.snapshot.read |
|
|
configurator.authtoken.delete |
|
|
accountRole.update |
|
|
account.password.change |
|
|
kocab.create |
|
|
appstore.preview |
|
|
ldap.server.persist.generic |
|
|
device.register |
|
|
eula.tenant.read |
|
|
accountRole.to.account.update |
|
|
kocab.read |
|
|
app.category.create |
|
|
app.category.update |
|
|
open.sfdc.support.case |
|
|
tenant.settings.update |
|
|
mizar.update |
|
|
report.metadata.read |
|
|
ldap.server.default.read |
|
|
ldap.persist.organizationalUnit |
|
|
ldap.search.generic |
|
|
accountGroup.to.role.update |
|
|
alcor.read |
|
|
audit.account.read |
|
|
account.generate.pin |
|
|
ldap.server.test.connection |
|
|
accountRole.create |
|
|
ldap.server.read |
|
|
report.trending.read |
|
|
ldap.server.update |
|
|
content.category.update |
|
|
accountGroup.to.account.update |
|
|
content.category.delete |
|
|
account.create |
|
|
app.category.read |
|
|
ldap.search.organizationalUnit |
|
|
configurator.plist.read |
|
|
ldap.server.delete |
|
|
tenant.settings.read |
|
|
ldap.persist.group |
|
|
ldap.server.decouple.generic |
|
|
partition.device.read |
|
|
ldap.persist.user |
|
|
app.store.settings.read |
|
|
message.update |
|
|
content.category.create |
|
|
accountGroup.read |
|
|
content.category.read |
|
|
audit.accountGroup.read |
|
|
eula.tenant.accept |
|
|
utils.x509.fingerprint.read |
|
|
ldap.search.user |
|
|
app.search.itunes |
|
|
ldap.server.create |
|
|
account.to.role.update |
|
|
accountGroup.to.group.update |
|
|
dmPartitions |
|
|
23000 |
|
|
name |
|
|
authorities |
|
|
policy.subscribedCalendar.create |
|
|
policy.passcode.delete |
|
|
policy.sso.account.update |
|
|
policy.scep.to.ruleGroup.update |
|
|
policy.identity.certificate.dg.to.ruleGroup.update |
|
|
policy.subscribedCalendar.update |
|
|
policy.opaque.ios.create |
|
|
policy.cellular.create |
|
|
policy.aim.audit.read |
|
|
policy.jabber.delete |
|
|
policy.appconnect.zone.config.update |
|
|
policy.certificate.create |
|
|
mdm.queue.delete |
|
|
policy.device.registration.audit.read |
|
|
policy.user.interface.settings.delete |
|
|
policy.apn.to.ruleGroup.update |
|
|
policy.identity.certificate.dg.update |
|
|
policy.app.lock.delete |
|
|
policy.air.play.read |
|
|
policy.android.lockdown.create |
|
|
policy.webclip.read |
|
|
policy.email.read |
|
|
policy.identityCertificate.to.ruleGroup.update |
|
|
policy.mdm.audit.read |
|
|
policy.android.kiosk.create |
|
|
policy.opaque.ios.delete |
|
|
device.stop.mirroring |
|
|
device.delete |
|
|
policy.device.registration.read |
|
|
policy.org.info.setting.update |
|
|
policy.appconnect.zone.config.delete |
|
|
policy.android.kiosk.to.ruleGroup.update |
|
|
policy.email.delete |
|
|
policy.apn.read |
|
|
policy.exchange.update |
|
|
policy.vpn.read |
|
|
policy.air.print.to.ruleGroup.update |
|
|
policy.font.delete |
|
|
policy.web.content.filter.to.ruleGroup.update |
|
|
policy.subscribedCalendar.read |
|
|
policy.telecom.settings.delete |
|
|
policy.apn.update |
|
|
policy.android.encryption.create |
|
|
policy.certificate.audit.read |
|
|
policy.web.content.filter.audit.read |
|
|
policy.provisioningProfile.create |
|
|
policy.jabber.audit.read |
|
|
policy.font.read |
|
|
policy.localCa.audit.read |
|
|
ca.create |
|
|
policy.exchange.delete |
|
|
policy.vpn.ondemand.update |
|
|
policy.application.access.audit.read |
|
|
policy.android.kiosk.delete |
|
|
policy.cellular.delete |
|
|
policy.localCa.to.ruleGroup.update |
|
|
policy.restrictions.read |
|
|
policy.cellular.update |
|
|
policy.jabber.update |
|
|
policy.email.to.ruleGroup.update |
|
|
policy.vpn.ondemand.read |
|
|
policy.org.info.setting.to.rule.group.update |
|
|
policy.device.registration.create |
|
|
policy.telecom.settings.update |
|
|
policy.appconnect.app.config.audit.read |
|
|
policy.vpn.per.app.read |
|
|
policy.vpn.per.app.update |
|
|
policy.scep.create |
|
|
policy.osx.restrictions.audit.read |
|
|
policy.caldav.create |
|
|
policy.app.lock.create |
|
|
policy.osx.restrictions.to.ruleGroup.update |
|
|
policy.sso.account.to.ruleGroup.update |
|
|
policy.app.lock.read |
|
|
policy.caldav.to.ruleGroup.update |
|
|
policy.certificate.store.create |
|
|
policy.appconnect.app.policy.delete |
|
|
policy.webclip.to.ruleGroup.update |
|
|
policy.email.update |
|
|
policy.apn.create |
|
|
device.retire |
|
|
policy.osx.restrictions.update |
|
|
policy.application.access.update |
|
|
policy.appconnect.app.policy.audit.read |
|
|
policy.webclip.create |
|
|
policy.ldap.audit.read |
|
|
policy.app.lock.update |
|
|
policy.sync.delete |
|
|
policy.identityCertificate.audit.read |
|
|
policy.vpn.per.app.delete |
|
|
policy.appconnect.zone.config.read |
|
|
policy.android.lockdown.audit.read |
|
|
policy.aim.to.ruleGroup.update |
|
|
policy.exchange.read |
|
|
ruleGroup.update |
|
|
policy.vpn.ondemand.audit.read |
|
|
policy.carddav.create |
|
|
policy.restrictions.delete |
|
|
policy.vpn.to.ruleGroup.update |
|
|
policy.vpn.create |
|
|
policy.user.interface.settings.update |
|
|
policy.web.content.filter.create |
|
|
policy.appconnect.app.config.read |
|
|
app.inventory.read |
|
|
device.push.profile |
|
|
policy.jabber.to.ruleGroup.update |
|
|
policy.aim.update |
|
|
policy.sync.audit.read |
|
|
policy.device.registration.to.ruleGroup.update |
|
|
policy.scep.read |
|
|
policy.osx.restrictions.read |
|
|
policy.certificate.store.read |
|
|
policy.org.info.setting.read |
|
|
&# 160; policy.appconnect.app.policy.to.ruleGroup.update |
|
|
device.send.message |
|
|
policy.android.lockdown.read |
|
|
policy.vpn.per.app.audit.read |
|
|
policy.android.encryption.to.ruleGroup.update |
|
|
policy.jabber.read |
|
|
policy.identityCertificate.read |
|
|
policy.sync.update |
|
|
policy.vpn.audit.read |
|
|
policy.policy.delete |
|
|
policy.sharepoint.create |
|
|
policy.user.interface.settings.read |
|
|
policy.general.ios.read |
|
|
policy.sharepoint.delete |
|
|
policy.vpn.delete |
|
|
ca.delete |
|
|
policy.ldap.update |
|
|
policy.sharepoint.update |
|
|
policy.sync.to.ruleGroup.update |
|
|
policy.osx.restrictions.create |
|
|
policy.scep.update |
|
|
policy.web.content.filter.delete |
|
|
policy.android.lockdown.to.ruleGroup.update |
|
|
policy.policy.create |
|
|
policy.scep.delete |
|
|
policy.font.create |
|
|
policy.cellular.audit.read |
|
|
policy.certificate.store.delete |
|
|
policy.app.lock.audit.read |
|
|
policy.general.ios.audit.read |
|
|
ruleGroup.read |
|
|
policy.font.to.ruleGroup.update |
|
|
policy.appconnect.zone.config.to.ruleGroup.update |
|
|
policy.general.ios.update |
|
|
policy.passcode.to.ruleGroup.update |
|
|
policy.org.info.setting.audit.read |
|
|
policy.sync.create |
|
|
policy.email.create |
|
|
policy.android.encryption.read |
|
|
policy.carddav.read |
|
|
policy.provisioningProfile.delete |
|
|
ca.read |
|
|
policy.wifi.to.ruleGroup.update |
|
|
policy.appconnect.app.config.create |
|
|
policy.identity.certificate.dg.read |
|
|
device.read |
|
|
policy.android.encryption.audit.read |
|
|
policy.certificate.store.update |
|
|
policy.android.encryption.update |
|
|
policy.restrictions.audit.read |
|
|
policy.identity.certificate.dg.delete |
|
|
policy.webclip.update |
|
|
device.force.checkin |
|
|
policy.restrictions.update |
|
|
policy.identityCertificate.delete |
|
|
policy.carddav.audit.read |
|
|
policy.application.access.create |
|
|
policy.sso.account.read |
|
|
policy.opaque.ios.to.ruleGroup.update |
|
|
policy.restrictions.to.ruleGroup.update |
|
|
policy.air.print.create |
|
|
ruleGroup.create |
|
|
policy.web.content.filter.read |
|
|
policy.appconnect.app.config.to.ruleGroup.update |
|
|
policy.passcode.create |
|
|
policy.webclip.delete |
|
|
policy.apn.delete |
|
|
policy.provisioningProfile.update |
|
|
policy.air.print.update |
|
|
policy.appconnect.app.policy.read |
|
|
device.wipe |
|
|
policy.vpn.ondemand.to.ruleGroup.update |
|
|
policy.ldap.delete |
|
|
policy.passcode.update |
|
|
policy.localCa.create |
|
|
policy.exchange.to.ruleGroup.update |
|
|
policy.exchange.create |
|
|
policy.global.proxy.delete |
|
|
policy.air.play.to.ruleGroup.update |
|
|
policy.org.info.setting.delete |
|
|
policy.android.kiosk.audit.read |
|
|
policy.cellular.to.ruleGroup.update |
|
|
policy.sharepoint.read |
|
|
policy.user.interface.settings.audit.read |
|
|
policy.wifi.update |
|
|
policy.telecom.settings.read |
|
|
policy.apn.audit.read |
|
|
policy.scep.audit.read |
|
|
policy.global.proxy.audit.read |
|
|
ca.update |
|
|
policy.policy.to.ruleGroup.update |
|
|
policy.carddav.to.ruleGroup.update |
|
|
policy.mdm.read |
|
|
policy.certificate.delete |
|
|
policy.font.audit.read |
|
|
policy.device.registration.update |
|
|
policy.telecom.settings.to.ruleGroup.update |
|
|
policy.web.content.filter.update |
|
|
policy.jabber.create |
|
|
policy.provisioningProfile.to.ruleGroup.update |
|
|
policy.device.registration.delete |
|
|
policy.localCa.read |
|
|
device.create |
|
|
policy.caldav.read |
|
|
policy.application.access.to.ruleGroup.update |
|
|
policy.air.print.read |
|
|
policy.email.audit.read |
|
|
policy.wifi.delete |
|
|
policy.identityCertificate.update |
|
|
policy.global.proxy.to.ruleGroup.update |
|
|
policy.android.lockdown.delete |
|
|
policy.identityCertificate.create |
|
|
policy.appconnect.app.config.delete |
|
|
policy.localCa.update |
|
|
policy.identity.certificate.dg.create |
|
|
policy.wifi.audit.read |
|
|
policy.sync.read |
|
|
policy.certificate.read |
|
|
policy.air.play.create |
|
|
policy.carddav.update |
|
|
policy.opaque.ios.read |
|
|
policy.air.print.delete |
|
|
policy.caldav.audit.read |
|
|
policy.app.lock.to.ruleGroup.update |
|
|
policy.passcode.audit.read |
|
|
device.start.mirroring |
|
|
policy.caldav.delete |
|
|
policy.sso.account.delete |
|
|
device.unlock |
|
|
policy.caldav.update |
|
|
policy.global.proxy.update |
|
|
device.wipe.cancel |
|
|
policy.subscribedCalendar.to.ruleGroup.update |
|
|
policy.general.ios.to.ruleGroup.update |
|
|
policy.cellular.read |
|
|
policy.appconnect.zone.config.audit.read |
|
|
policy.read |
|
|
policy.vpn.per.app.to.ruleGroup.update |
|
|
policy.sharepoint.to.ruleGroup.update |
|
|
policy.ldap.to.ruleGroup.update |
|
|
policy.policy.read |
|
|
policy.carddav.delete |
|
|
policy.webclip.audit.read |
|
|
policy.sso.account.audit.read |
|
|
policy.mdm.delete |
|
|
policy.opaque.ios.update |
|
|
policy.localCa.delete |
|
|
policy.general.ios.delete |
|
|
policy.restrictions.create |
|
|
policy.global.proxy.read |
|
|
policy.user.interface.settings.create |
|
|
policy.identity.certificate.dg.audit.read |
|
|
policy.subscribedCalendar.audit.read |
|
|
policy.air.play.delete |
|
|
policy.application.access.read |
|
|
policy.air.play.update |
|
|
policy.appconnect.zone.config.create |
|
|
policy.exchange.audit.read |
|
|
policy.user.interface.settings.to.ruleGroup.update |
|
|
policy.mdm.update |
|
|
device.lock |
|
|
policy.policy.update |
|
|
device.update |
|
|
policy.aim.create |
|
|
policy.policy.audit.read |
|
|
policy.sso.account.create |
|
|
ruleGroup.delete |
|
|
policy.telecom.settings.create |
|
|
policy.vpn.update |
|
|
policy.ldap.create |
|
|
policy.android.lockdown.update |
|
|
policy.certificate.update |
|
|
device.locate |
|
|
policy.mdm.to.ruleGroup.update |
|
|
policy.global.proxy.create |
|
|
policy.sharepoint.audit.read |
|
|
policy.org.info.setting.create |
|
|
policy.ldap.read |
|
|
policy.osx.restrictions.delete |
|
|
policy.subscribedCalendar.delete |
|
|
policy.passcode.read |
|
|
policy.provisioningProfile.audit.read |
|
|
policy.provisioningProfile.read |
|
|
policy.vpn.ondemand.create |
|
|
policy.certificate.to.ruleGroup.update |
|
|
policy.android.kiosk.read |
|
|
policy.vpn.ondemand.delete |
|
|
policy.aim.delete |
|
|
policy.android.kiosk.update |
|
|
policy.vpn.per.app.create |
|
|
policy.appconnect.app.config.update |
|
|
mdm.queue.read |
|
|
device.retire.cancel |
|
|
policy.air.print.audit.read |
|
|
policy.application.access.delete |
|
|
policy.appconnect.app.policy.create |
|
|
policy.android.encryption.delete |
|
|
policy.wifi.create |
|
|
policy.appconnect.app.policy.update |
|
|
policy.mdm.create |
|
|
policy.air.play.audit.read |
|
|
policy.opaque.ios.audit.read |
|
|
policy.wifi.read |
|
|
policy.font.update |
|
|
policy.telecom.settings.audit.read |
|
|
policy.aim.read |
|
|
policy.general.ios.create |
|
|
cmPartitions |
|
|
20000 |
|
|
name |
|
|
authorities |
|
|
vpp.order.delete |
|
|
vpp.code.read |
|
|
content.update |
|
|
content.delete |
|
|
app.distribution.read |
|
|
app.distribution.update |
|
|
vpp.license.delete |
|
|
vpp.license.sync |
|
|
vpp.license.update |
|
|
app.read |
|
|
vpp.profile.read |
|
|
vpp.profile.create |
|
|
audit.app.read |
|
|
app.review.update |
|
|
app.review.delete |
|
|
app.update |
|
|
vpp.license.read |
|
|
app.review.read |
|
|
audit.content.read |
|
|
content.read |
|
|
vpp.code.update |
|
|
app.delete |
|
|
vpp.order.read |
|
|
content.distribution.update |
|
|
vpp.order.update |
|
|
content.create |
|
|
vpp.order.create |
|
|
content.distribution.read |
|
|
app.rating.update |
|
|
app.rating.read |
|
|
app.create" |
|
|
groupIdAllUsers |
|
|
allDevicesRuleGroupId |
|
|
preferences |
|
|
reportDefinitions |
|
|
reportName |
|
|
dimName |
|
|
dimKeys |
|
|
dim2Name |
|
|
dim2Keys |
|
|
rangeStart |
|
|
rangeEnd |
|
|
chartUuid |
|
|
chartName |
|
|
chartType |
|
|
chartSubType |
|
|
chartTimeRangeMillis |
|
|
reportName |
|
|
dimName |
|
|
dimKeys |
|
|
dim2Name |
|
|
dim2Keys |
|
|
rangeStart |
|
|
rangeEnd |
|
|
chartUuid |
|
|
chartName |
|
|
chartType |
|
|
chartSubType |
|
|
chartTimeRangeMillis |
|
|
reportName |
|
|
dimName |
|
|
dimKeys |
|
|
dim2Name |
|
|
dim2Keys |
|
|
rangeStart |
|
|
rangeEnd |
|
|
chartUuid |
|
|
chartName |
|
|
chartType |
|
|
chartSubType |
|
|
chartTimeRangeMillis |
|
|
userTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
deviceTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
appTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
configTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
appInventoryTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
userGroupTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
deviceGroupTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
contentTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
policyTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
appReviewTableColumnDefinition |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
name |
|
|
show |
|
|
uiDefaultDmPartitionId |
|
|
uiDefaultCmPartitionId |
|
Example Response
{
"errors": null,
"result": {
"accountId": 10001,
"displayName": null,
"lastName": "LastName0001",
"firstName": "FirstName0001",
"emailAddress": "[email protected]",
"defaultCmPartitionId": 20000,
"defaultDmPartitionId": 23000,
"globalAuthorities": [
"accountRole.to.group.update",
"kocab.update",
"contentstore.preview",
"ldap.authenticate.user",
"app.store.settings.update",
"configurator.authtoken.read",
"account.invite.admin",
"accountGroup.delete",
"ldap.server.sync",
"sfdc.oauth.profile.update",
"account.permission.tenant.read",
"accountRole.delete",
"accountGroup.create",
"mizar.delete",
"account.read",
"account.password.reset",
"partition.device.delete",
"app.category.delete",
"account.delete",
"partition.device.update",
"message.delete",
"whitelabel.resource.tenant.read",
"account.invite.enduser",
"kocab.delete",
"message.read",
"partition.device.create",
"sfdc.oauth.profile.read",
"mizar.read",
"accountRole.read",
"alcor.update",
"configurator.authtoken.create",
"mizar.create",
"partition.content.update",
"alcor.delete",
"app.search.googleplay",
"accountRole.to.permission.update",
"partition.content.read",
"account.update",
"account.send.message",
"accountGroup.update",
"message.create",
"policy.certificate.store.read.all",
"account.to.group.update",
"partition.content.create",
"alcor.create",
"account.preferences.change",
"ldap.search.group",
"policy.template.tenant.read",
"report.snapshot.read",
"configurator.authtoken.delete",
"accountRole.update",
"account.password.change",
"kocab.create",
"appstore.preview",
"ldap.server.persist.generic",
"device.register",
"eula.tenant.read",
"accountRole.to.account.update",
"kocab.read",
"app.category.create",
"app.category.update",
"open.sfdc.support.case",
"tenant.settings.update",
"mizar.update",
"report.metadata.read",
"ldap.server.default.read",
"ldap.persist.organizationalUnit",
"ldap.search.generic",
"accountGroup.to.role.update",
"alcor.read",
"audit.account.read",
"account.generate.pin",
"ldap.server.test.connection",
"accountRole.create",
"ldap.server.read",
"report.trending.read",
"ldap.server.update",
"content.category.update",
"accountGroup.to.account.update",
"content.category.delete",
"account.create",
"app.category.read",
"ldap.search.organizationalUnit",
"configurator.plist.read",
"ldap.server.delete",
"tenant.settings.read",
"ldap.persist.group",
"ldap.server.decouple.generic",
"partition.device.read",
"ldap.persist.user",
"app.store.settings.read",
"message.update",
"content.category.create",
"accountGroup.read",
"content.category.read",
"audit.accountGroup.read",
"eula.tenant.accept",
"utils.x509.fingerprint.read",
"ldap.search.user",
"app.search.itunes",
"ldap.server.create",
"account.to.role.update",
"accountGroup.to.group.update"
],
"dmPartitions": {
"23000": {
"name": "Default Partition",
"authorities": [
"policy.subscribedCalendar.create",
"policy.passcode.delete",
"policy.sso.account.update",
"policy.scep.to.ruleGroup.update",
"policy.identity.certificate.dg.to.ruleGroup.update",
"policy.subscribedCalendar.update",
"policy.opaque.ios.create",
"policy.cellular.create",
"policy.aim.audit.read",
"policy.jabber.delete",
"policy.appconnect.zone.config.update",
"policy.certificate.create",
"mdm.queue.delete",
"policy.device.registration.audit.read",
"policy.user.interface.settings.delete",
"policy.apn.to.ruleGroup.update",
"policy.identity.certificate.dg.update",
"policy.app.lock.delete",
"policy.air.play.read",
"policy.android.lockdown.create",
"policy.webclip.read",
"policy.email.read",
"policy.identityCertificate.to.ruleGroup.update",
"policy.mdm.audit.read",
"policy.android.kiosk.create",
"policy.opaque.ios.delete",
"device.stop.mirroring",
"device.delete",
"policy.device.registration.read",
"policy.org.info.setting.update",
"policy.appconnect.zone.config.delete",
"policy.android.kiosk.to.ruleGroup.update",
"policy.email.delete",
"policy.apn.read",
"policy.exchange.update",
"policy.vpn.read",
"policy.air.print.to.ruleGroup.update",
"policy.font.delete",
"policy.web.content.filter.to.ruleGroup.update",
"policy.subscribedCalendar.read",
"policy.telecom.settings.delete",
"policy.apn.update",
"policy.android.encryption.create",
"policy.certificate.audit.read",
"policy.web.content.filter.audit.read",
"policy.provisioningProfile.create",
"policy.jabber.audit.read",
"policy.font.read",
"policy.localCa.audit.read",
"ca.create",
"policy.exchange.delete",
"policy.vpn.ondemand.update",
"policy.application.access.audit.read",
"policy.android.kiosk.delete",
"policy.cellular.delete",
"policy.localCa.to.ruleGroup.update",
"policy.restrictions.read",
"policy.cellular.update",
"policy.jabber.update",
"policy.email.to.ruleGroup.update",
"policy.vpn.ondemand.read",
"policy.org.info.setting.to.rule.group.update",
"policy.device.registration.create",
"policy.telecom.settings.update",
"policy.appconnect.app.config.audit.read",
"policy.vpn.per.app.read",
"policy.vpn.per.app.update",
"policy.scep.create",
"policy.osx.restrictions.audit.read",
"policy.caldav.create",
"policy.app.lock.create",
"policy.osx.restrictions.to.ruleGroup.update",
"policy.sso.account.to.ruleGroup.update",
"policy.app.lock.read",
"policy.caldav.to.ruleGroup.update",
"policy.certificate.store.create",
"policy.appconnect.app.policy.delete",
"policy.webclip.to.ruleGroup.update",
"policy.email.update",
"policy.apn.create",
"device.retire",
"policy.osx.restrictions.update",
"policy.application.access.update",
"policy.appconnect.app.policy.audit.read",
"policy.webclip.create",
"policy.ldap.audit.read",
"policy.app.lock.update",
"policy.sync.delete",
"policy.identityCertificate.audit.read",
"policy.vpn.per.app.delete",
"policy.appconnect.zone.config.read",
"policy.android.lockdown.audit.read",
"policy.aim.to.ruleGroup.update",
"policy.exchange.read",
"ruleGroup.update",
"policy.vpn.ondemand.audit.read",
"policy.carddav.create",
"policy.restrictions.delete",
"policy.vpn.to.ruleGroup.update",
"policy.vpn.create",
"policy.user.interface.settings.update",
"policy.web.content.filter.create",
"policy.appconnect.app.config.read",
"app.inventory.read",
"device.push.profile",
"policy.jabber.to.ruleGroup.update",
"policy.aim.update",
"policy.sync.audit.read",
"policy.device.registration.to.ruleGroup.update",
"policy.scep.read",
"policy.osx.restrictions.read",
"policy.certificate.store.read",
"policy.org.info.setting.read",
"policy.appconnect.app.policy.to.ruleGroup.update",
"device.send.message",
"policy.android.lockdown.read",
"policy.vpn.per.app.audit.read",
"policy.android.encryption.to.ruleGroup.update",
"policy.jabber.read",
"policy.identityCertificate.read",
"policy.sync.update",
"policy.vpn.audit.read",
"policy.policy.delete",
"policy.sharepoint.create",
"policy.user.interface.settings.read",
"policy.general.ios.read",
"policy.sharepoint.delete",
"policy.vpn.delete",
"ca.delete",
"policy.ldap.update",
"policy.sharepoint.update",
"policy.sync.to.ruleGroup.update",
"policy.osx.restrictions.create",
"policy.scep.update",
"policy.web.content.filter.delete",
"policy.android.lockdown.to.ruleGroup.update",
"policy.policy.create",
"policy.scep.delete",
"policy.font.create",
"policy.cellular.audit.read",
"policy.certificate.store.delete",
"policy.app.lock.audit.read",
"policy.general.ios.audit.read",
"ruleGroup.read",
"policy.font.to.ruleGroup.update",
"policy.appconnect.zone.config.to.ruleGroup.update",
"policy.general.ios.update",
"policy.passcode.to.ruleGroup.update",
"policy.org.info.setting.audit.read",
"policy.sync.create",
"policy.email.create",
"policy.android.encryption.read",
"policy.carddav.read",
"policy.provisioningProfile.delete",
"ca.read",
"policy.wifi.to.ruleGroup.update",
"policy.appconnect.app.config.create",
"policy.identity.certificate.dg.read",
"device.read",
"policy.android.encryption.audit.read",
"policy.certificate.store.update",
"policy.android.encryption.update",
"policy.restrictions.audit.read",
"policy.identity.certificate.dg.delete",
"policy.webclip.update",
"device.force.checkin",
"policy.restrictions.update",
"policy.identityCertificate.delete",
"policy.carddav.audit.read",
"policy.application.access.create",
"policy.sso.account.read",
"policy.opaque.ios.to.ruleGroup.update",
"policy.restrictions.to.ruleGroup.update",
"policy.air.print.create",
"ruleGroup.create",
"policy.web.content.filter.read",
"policy.appconnect.app.config.to.ruleGroup.update",
"policy.passcode.create",
"policy.webclip.delete",
"policy.apn.delete",
"policy.provisioningProfile.update",
"policy.air.print.update",
"policy.appconnect.app.policy.read",
"device.wipe",
"policy.vpn.ondemand.to.ruleGroup.update",
"policy.ldap.delete",
"policy.passcode.update",
"policy.localCa.create",
"policy.exchange.to.ruleGroup.update",
"policy.exchange.create",
"policy.global.proxy.delete",
"policy.air.play.to.ruleGroup.update",
"policy.org.info.setting.delete",
"policy.android.kiosk.audit.read",
"policy.cellular.to.ruleGroup.update",
"policy.sharepoint.read",
"policy.user.interface.settings.audit.read",
"policy.wifi.update",
"policy.telecom.settings.read",
"policy.apn.audit.read",
"policy.scep.audit.read",
"policy.global.proxy.audit.read",
"ca.update",
"policy.policy.to.ruleGroup.update",
"policy.carddav.to.ruleGroup.update",
"policy.mdm.read",
"policy.certificate.delete",
"policy.font.audit.read",
"policy.device.registration.update",
"policy.telecom.settings.to.ruleGroup.update",
"policy.web.content.filter.update",
"policy.jabber.create",
"policy.provisioningProfile.to.ruleGroup.update",
"policy.device.registration.delete",
"policy.localCa.read",
"device.create",
"policy.caldav.read",
"policy.application.access.to.ruleGroup.update",
"policy.air.print.read",
"policy.email.audit.read",
"policy.wifi.delete",
"policy.identityCertificate.update",
"policy.global.proxy.to.ruleGroup.update",
"policy.android.lockdown.delete",
"policy.identityCertificate.create",
"policy.appconnect.app.config.delete",
"policy.localCa.update",
"policy.identity.certificate.dg.create",
"policy.wifi.audit.read",
"policy.sync.read",
"policy.certificate.read",
"policy.air.play.create",
"policy.carddav.update",
"policy.opaque.ios.read",
"policy.air.print.delete",
"policy.caldav.audit.read",
"policy.app.lock.to.ruleGroup.update",
"policy.passcode.audit.read",
"device.start.mirroring",
"policy.caldav.delete",
"policy.sso.account.delete",
"device.unlock",
"policy.caldav.update",
"policy.global.proxy.update",
"device.wipe.cancel",
"policy.subscribedCalendar.to.ruleGroup.update",
"policy.general.ios.to.ruleGroup.update",
"policy.cellular.read",
"policy.appconnect.zone.config.audit.read",
"policy.read",
"policy.vpn.per.app.to.ruleGroup.update",
"policy.sharepoint.to.ruleGroup.update",
"policy.ldap.to.ruleGroup.update",
"policy.policy.read",
"policy.carddav.delete",
"policy.webclip.audit.read",
"policy.sso.account.audit.read",
"policy.mdm.delete",
"policy.opaque.ios.update",
"policy.localCa.delete",
"policy.general.ios.delete",
"policy.restrictions.create",
"policy.global.proxy.read",
"policy.user.interface.settings.create",
"policy.identity.certificate.dg.audit.read",
"policy.subscribedCalendar.audit.read",
"policy.air.play.delete",
"policy.application.access.read",
"policy.air.play.update",
"policy.appconnect.zone.config.create",
"policy.exchange.audit.read",
"policy.user.interface.settings.to.ruleGroup.update",
"policy.mdm.update",
"device.lock",
"policy.policy.update",
"device.update",
"policy.aim.create",
"policy.policy.audit.read",
"policy.sso.account.create",
"ruleGroup.delete",
"policy.telecom.settings.create",
"policy.vpn.update",
"policy.ldap.create",
"policy.android.lockdown.update",
"policy.certificate.update",
"device.locate",
"policy.mdm.to.ruleGroup.update",
"policy.global.proxy.create",
"policy.sharepoint.audit.read",
"policy.org.info.setting.create",
"policy.ldap.read",
"policy.osx.restrictions.delete",
"policy.subscribedCalendar.delete",
"policy.passcode.read",
"policy.provisioningProfile.audit.read",
"policy.provisioningProfile.read",
"policy.vpn.ondemand.create",
"policy.certificate.to.ruleGroup.update",
"policy.android.kiosk.read",
"policy.vpn.ondemand.delete",
"policy.aim.delete",
"policy.android.kiosk.update",
"policy.vpn.per.app.create",
"policy.appconnect.app.config.update",
"mdm.queue.read",
"device.retire.cancel",
"policy.air.print.audit.read",
"policy.application.access.delete",
"policy.appconnect.app.policy.create",
"policy.android.encryption.delete",
"policy.wifi.create",
"policy.appconnect.app.policy.update",
"policy.mdm.create",
"policy.air.play.audit.read",
"policy.opaque.ios.audit.read",
"policy.wifi.read",
"policy.font.update",
"policy.telecom.settings.audit.read",
"policy.aim.read",
"policy.general.ios.create"
]
}
},
"cmPartitions": {
"20000": {
"name": "Root Partition",
"authorities": [
"vpp.order.delete",
"vpp.code.read",
"content.update",
"content.delete",
"app.distribution.read",
"app.distribution.update",
"vpp.license.delete",
"vpp.license.sync",
"vpp.license.update",
"app.read",
"vpp.profile.read",
"vpp.profile.create",
"audit.app.read",
"app.review.update",
"app.review.delete",
"app.update",
"vpp.license.read",
"app.review.read",
"audit.content.read",
"content.read",
"vpp.code.update",
"app.delete",
"vpp.order.read",
"content.distribution.update",
"vpp.order.update",
"content.create",
"vpp.order.create",
"content.distribution.read",
"app.rating.update",
"app.rating.read",
"app.create"
]
}
},
"groupIdAllUsers": 11000,
"allDevicesRuleGroupId": 38000,
"preferences": {
"reportDefinitions": [
{
"reportName": "Devices",
"dimName": "platform",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-2",
"chartName": "Devices By OS Type",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
},
{
"reportName": "Accounts",
"dimName": "invitestate",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-3",
"chartName": "Users by Invitation State",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
},
{
"reportName": "Devices",
"dimName": "model",
"dimKeys": null,
"dim2Name": "all",
"dim2Keys": null,
"rangeStart": null,
"rangeEnd": null,
"chartUuid": "chartId-4",
"chartName": "Devices By Model",
"chartType": "pie",
"chartSubType": "pie",
"chartTimeRangeMillis": 604800000
}
],
"userTableColumnDefinition": [
{
"name": "userTable_checkbox",
"show": true
},
{
"name": "userTable_displayName",
"show": true
},
{
"name": "userTable_uid",
"show": true
},
{
"name": "userTable_emailAddress",
"show": true
},
{
"name": "userTable_inviteState",
"show": true
}
],
"deviceTableColumnDefinition": [
{
"name": "deviceList_checkbox",
"show": true
},
{
"name": "deviceList_displayName",
"show": true
},
{
"name": "deviceList_emailAddress",
"show": true
},
{
"name": "deviceList_phoneNumber",
"show": true
},
{
"name": "deviceList_platformType",
"show": true
},
{
"name": "deviceList_prettyModel",
"show": true
},
{
"name": "deviceList_registrationState",
"show": true
},
{
"name": "deviceList_lastCheckin",
"show": true
},
{
"name": "deviceList_violationCount",
"show": true
}
],
"appTableColumnDefinition": [
{
"name": "appTable_name",
"show": true
},
{
"name": "appTable_platformType",
"show": true
},
{
"name": "appTable_avgRating",
"show": true
},
{
"name": "appTable_distribution",
"show": true
},
{
"name": "appTable_installed",
"show": true
},
{
"name": "appTable_appType",
"show": true
},
{
"name": "appTable_cost",
"show": true
},
{
"name": "appTable_size",
"show": true
},
{
"name": "appTable_license",
"show": true
}
],
"configTableColumnDefinition": [
{
"name": "configTable_status",
"show": true
},
{
"name": "configTable_name",
"show": true
},
{
"name": "configTable_updated",
"show": true
},
{
"name": "configTable_policyType",
"show": true
},
{
"name": "configTable_devicesCount",
"show": true
}
],
"appInventoryTableColumnDefinition": [
{
"name": "appInventoryTable_name",
"show": true
},
{
"name": "appInventoryTable_installCount",
"show": true
},
{
"name": "appInventoryTable_platformType",
"show": true
},
{
"name": "appInventoryTable_appType",
"show": true
},
{
"name": "appInventoryTable_version",
"show": true
},
{
"name": "appInventoryTable_size",
"show": true
}
],
"userGroupTableColumnDefinition": [
{
"name": "userGroupTable_checkbox",
"show": true
},
{
"name": "userGroupTable_name",
"show": true
},
{
"name": "userGroupTable_modifiedAt",
"show": true
},
{
"name": "userGroupTable_userCount",
"show": true
},
{
"name": "userGroupTable_deviceCount",
"show": true
},
{
"name": "userGroupTable_applicationCount",
"show": true
}
],
"deviceGroupTableColumnDefinition": [
{
"name": "deviceGroupsTable_checkbox",
"show": true
},
{
"name": "deviceGroupsTable_name",
"show": true
},
{
"name": "deviceGroupsTable_memberCount",
"show": true
},
{
"name": "deviceGroupsTable_assignedConfigs",
"show": true
},
{
"name": "deviceGroupsTable_assignedPolicies",
"show": true
}
],
"contentTableColumnDefinition": [
{
"name": "contentTable_images",
"show": true
},
{
"name": "contentTable_name",
"show": true
},
{
"name": "contentTable_author",
"show": true
},
{
"name": "contentTable_prettyContentType",
"show": true
},
{
"name": "contentTable_modifiedAt",
"show": true
}
],
"policyTableColumnDefinition": [
{
"name": "policyTable_name",
"show": true
},
{
"name": "policyTable_type",
"show": true
},
{
"name": "policyTable_distributionCount",
"show": true
},
{
"name": "policyTable_activeViolationsCount",
"show": true
},
{
"name": "policyTable_complianceAction",
"show": true
}
],
"appReviewTableColumnDefinition": [
{
"name": "appReviewTable_checkbox",
"show": true
},
{
"name": "appReviewTable_name",
"show": true
},
{
"name": "appReviewTable_platformType",
"show": true
},
{
"name": "appReviewTable_modifiedBy",
"show": true
},
{
"name": "appReviewTable_reviewer",
"show": true
},
{
"name": "appReviewTable_rating",
"show": true
},
{
"name": "appReviewTable_title",
"show": true
}
],
"uiDefaultDmPartitionId": 23000,
"uiDefaultCmPartitionId": 20000
}
}
}
Apply a Custom Attribute to a User
This applies a custom attribute to a single user.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
PATCH
Request URI
/api/v1/account/customattributes
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
||||||
|---|---|---|---|---|---|---|---|---|---|
|
ids |
Request Body |
ID of the user to which you would like to assign a custom attribute. |
9931017 |
||||||
|
attrs |
Request Body |
Sub-container for the custom attribute statement |
"attrs":{"attrs":{"ios":["10"]}} |
||||||
|
attrs |
Request Body |
|
{"attrs":{"ios":["10"]}} |
||||||
|
forceOverwrite |
Request Body |
|
true |
Example Request
curl 'https://na1.anyware.com/api/v1/account/customattributes' -X PATCH -H 'Content-Type: application/json;charset=UTF-8' -H 'Accept: application/json, text/plain, */*' --data-binary '{
"ids": [
"9931017"
],
"attrs": {
"attrs": {
"ios": [
"10"
]
}
},
"forceOverwrite": true
}
' --compressed
Example Response
{
"errors": null,
"result": 1
}
Search for a User by User ID (UID)
This call searches for a user by the user’s user ID (UID).
Authentication
This call requires Tenant Admin credentials.
HTTP Method
GET
Request URI
/api/v1/account?fq=UID%3DUID
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
fq=UID%3DUID |
Query Path |
The query searching for thje user by the user ID. %3D is = url encoded. UID is the user ID to search for. |
fq=UID%[email protected] |
Example Request
https://[mobileiron cloud]/api/v1/account?fq=UID%[email protected]
Response Fields
|
Field |
Description |
|---|---|
|
errors |
|
|
result |
|
|
totalCount |
|
|
queryTime |
|
|
searchResults |
|
|
id |
|
|
createdAt |
|
|
displayName |
|
|
firstName |
|
|
lastName |
|
|
uid |
|
|
emailAddress |
|
|
accountSource |
|
|
inviteState |
|
|
inviteResendCount |
|
|
accountType |
|
|
enabled |
|
|
locked |
|
|
superUser |
|
|
termsAccepted |
|
|
mutable |
Can be modified by default. |
|
loginFailureCount |
|
|
loginSuccessAt |
|
|
passwordHistory |
|
|
registrationPin |
|
|
createdAt |
|
|
expiresAt |
|
|
used |
|
|
groups |
|
|
All Users" |
|
|
Engineering" |
|
|
deviceCount |
|
|
offset |
|
|
facetedResults |
|
|
ACCOUNTSOURCE |
|
|
LDAP |
|
|
LOCAL |
|
|
SALESFORCE |
|
|
false |
|
|
true |
|
|
ACCOUNTGROUP |
|
|
Professional Services |
|
|
Sales |
|
|
xteam |
|
|
EMEA-ISR |
|
|
UG2 |
|
|
Anyware-Validate |
|
|
Demo Group |
|
|
Russ |
|
|
sbhasin |
|
|
UX Team |
|
|
Newell North America |
|
|
洋一テストユーザーグループ |
|
|
Customer Success |
|
|
IT Test Group |
|
|
Engineering |
|
|
Business Development |
|
|
Newell Georgia |
|
|
Marketing |
|
|
EMEA-Partner-Helpdesk |
|
|
all-productmanagers |
|
|
UX |
|
|
Newell |
|
|
RichardLi |
|
|
SE |
|
|
QA |
|
|
SAFE - Native Samsung Users |
|
|
Roupen Group |
|
|
IT |
|
|
Anyware-Validate2 |
|
|
System Administrators |
|
|
Supervised Devices |
|
|
Vinay Parihar |
|
|
Tyson Wheeler - Android |
|
|
UG1 |
|
|
RamseyNJesse |
|
|
Default Group |
|
|
All Users |
|
|
Sales Ops |
|
|
CN |
|
|
Japan |
|
|
Mirko |
|
|
INVITESTATE |
|
|
Expired |
|
|
Completed |
|
|
None |
|
|
Pending |
|
|
totalUnfilteredResultCount |
|
Example Response
{
"errors": null,
"result": {
"totalCount": 1,
"queryTime": 3,
"searchResults": [
{
"id": 10022,
"createdAt": 1372188681178,
"displayName": "John Doe",
"firstName": "John",
"lastName": "Doe",
"uid": "[email protected]",
"emailAddress": "[email protected]",
"accountSource": "LOCAL",
"inviteState": "Completed",
"inviteResendCount": 0,
"accountType": "USER",
"enabled": true,
"locked": false,
"superUser": false,
"termsAccepted": false,
"mutable": true,
"loginFailureCount": 0,
"loginSuccessAt": 1416614208360,
"passwordHistory": "{}",
"registrationPin": {
"createdAt": null,
"expiresAt": null,
"used": false
},
"groups": [
"All Users",
"Engineering"
],
"deviceCount": 0
}
],
"offset": 0,
"facetedResults": {
"ACCOUNTSOURCE": {
"LDAP": 0,
"LOCAL": 1,
"SALESFORCE": 0
},
"TERMSACCEPTED": {
"false": 0,
"true": 1
},
"ACCOUNTGROUP": {
"Professional Services": 0,
"Sales": 0,
"xteam": 0,
"EMEA-ISR": 0,
"UG2": 0,
"Anyware-Validate": 0,
"Demo Group": 0,
"Russ": 0,
"sbhasin": 0,
"UX Team": 0,
"Newell North America": 0,
"洋一テストユーザーグループ": 0,
"Customer Success": 0,
"IT Test Group": 0,
"Engineering": 1,
"Business Development": 0,
"Newell Georgia": 0,
"Marketing": 0,
"EMEA-Partner-Helpdesk": 0,
"all-productmanagers": 0,
"UX": 0,
"Newell": 0,
"RichardLi": 0,
"SE": 0,
"QA": 0,
"SAFE - Native Samsung Users": 0,
"Roupen Group": 0,
"IT": 0,
"Anyware-Validate2": 0,
"System Administrators": 0,
"Supervised Devices": 0,
"Vinay Parihar": 0,
"Tyson Wheeler - Android": 0,
"UG1": 0,
"RamseyNJesse": 0,
"Default Group": 0,
"All Users": 1,
"Sales Ops": 0,
"CN": 0,
"Japan": 0,
"Mirko": 0
},
"INVITESTATE": {
"Expired": 0,
"Completed": 1,
"None": 0,
"Pending": 0
}
},
"totalUnfilteredResultCount": 261
}
}
Configuring User Device Registration Settings
This call controls if the user should be prompted for a password, password and PIN, or PIN only when registering a device. You need to set this to PIN to enable the following call, Generate User Registration PIN, to be successful.
Authentication
This call requires tenant admin credentials.
HTTP Method
PUT
Request URI
/api/v1/userpolicy
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|---|---|---|---|
|
policyType |
Query string |
|
REGISTRATION_AUTH |
|
deletable |
Request body |
|
false |
|
description |
Request body |
|
Pin Only |
|
distributionMutable |
Request body |
|
false |
|
enabled |
Request body |
|
true |
|
name |
Request body |
|
Device Registration Authentication Type |
|
pinLength |
Request body |
|
4 |
|
pinLifetimeMillis |
Request body |
|
604800000 |
|
pinResetByUser |
Request body |
|
true |
|
pinType |
Request body |
|
NUMERIC |
|
policyDataMutable |
Request body |
|
true |
|
priority |
Request body |
|
2147483647 |
|
priorityMutable |
Request body |
|
false |
|
registrationAuthMode |
Request body |
|
PIN |
|
systemName |
Request body |
|
registrationAuthUserPolicy |
|
uuid |
Request body |
Read-only |
e2f22cfe-2757-4256-b46e-a3011cdf6080 |
Example Request
Example Request URL
https://[mobileiron cloud]/api/v1/userpolicy?policyType=REGISTRATION_AUTH
Example Request Body - Parsed
deletable: false
description: "PIN Only Setting"
distributionMutable: false
enabled: true
id: 50582
name: "Device Registration Authentication Type"
pinLength: 4
pinLifetimeMillis: 604800000
pinResetByUser: true
pinType: "NUMERIC"
policyDataMutable: true
policyType: "REGISTRATION_AUTH"
priority: 2147483647
priorityMutable: false
registrationAuthMode: "PIN"
systemName: "registrationAuthUserPolicy"
uuid: "65ca6590-b1a7-46d5-afcc-469c0f71526b"
{"systemName":"registrationAuthUserPolicy","name":"Device Registration Authentication Type","description":"PIN Only Setting","policyType":"REGISTRATION_AUTH","priority":2147483647,"enabled":true,"policyDataMutable":true,
"distributionMutable":false,"priorityMutable":false,"deletable":false,"registrationAuthMode":"PIN",
"pinType":"NUMERIC","pinLength":4,"pinLifetimeMillis":604800000,"pinResetByUser":true}
Example CURL
curl "https://[mobileiron cloud]/api/v1/userpolicy?policyType=REGISTRATION_AUTH" -X PUT --data-binary "{""id"":50582,""createdAt"":1395521907150,""createdBy"":1,""modifiedAt"":1395521907150,""modifiedBy"":null,""uuid"":""65ca6590-b1a7-46d5-afcc-469c0f71526b"",""systemName"":""registrationAuthUserPolicy"",""name"":""Device Registration Authentication Type"",""description"":""PIN Only Setting"",""policyType"":""REGISTRATION_AUTH"",""priority"":2147483647,""enabled"":true,""policyDataMutable"":true,""distributionMutable"":false,"
"priorityMutable"":false,""deletable"":false,""registrationAuthMode"":""PIN"",""pinType"":""NUMERIC"",""pinLength"":4,""pinLifetimeMillis"":604800000,"
"pinResetByUser"":true}"
Response Fields
|
Field |
Description |
|---|---|
|
errors |
Describes whether there was an error |
|
result |
Describes the result |
|
importSuccessGroups |
|
|
importSuccessOus |
|
|
inviteSuccessUsers |
|
|
importFailUsers |
|
|
importFailGroups |
|
|
importFailOus |
|
Example Response
{
"errors": null,
"result": 1
}
Generate User Registration PIN
This call generates a registration PIN for one or more accounts. You must use the Configuring User Device Registration Settings call to set the device registration type to PIN before using this call, or else the call will be unsuccessful. See Understanding Device Registration Authentication Type for more information.
Authentication
This call requires Tenant Admin credentials.
HTTP Method
POST
Request URI
/api/v1/account/regpin
Request Parameters
|
Parameter |
Argument Type |
Description |
Example Value |
|
accountIds |
Request body |
Accounts for which to generate registration PINs |
10004 |
Response Fields
|
Field |
Description |
|---|---|
|
errors |
|
|
id |
|
|
result |
|
|
createdAt |
When the PIN was created. |
|
createdBy |
Who created the PIN. |
|
accountId |
Account for which the PIN was created |
|
pin |
The PIN itself. |
|
expiredAt |
When did the PIN expire? |
|
used |
Was the PIN used? |
Example Response
"errors": null,
"result": [
{
"id": 37000,
"createdAt": 1413954409916,
"createdBy": 10051,
"accountId": 10051,
"pin": "6426",
"expiresAt": 1414559209914,
"used": false
}
]
}