As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

/rest/{version}/users/{userId}/update


Descriptor

Value

HTTP Method

POST

Description

Updates user information.

Required Permission

Manage Users

Version Introduced2.6
Changes in 2.6.2Removed requirement that 'confirmPassword' parameter be included when changing password.


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter

Value

Required

Description

name

String

No

Updates the name of the user. Maximum 40 characters.

displayName

String

No

Updates the displayName of the user.

typeStringNoUpdates a LOCAL user to LDAP/SAML, an LDAP user to LOCAL/SAML, or a SAML user to LOCAL/LDAP. Possible values are LOCAL, LDAP, and SAML.
activeDirectoryIdStringPossiblyUpdates a non-LDAP user to LDAP user with 'type' and 'activeDirectoryId' parameters. Required when 'type' is in the request body and its value is 'LDAP'.
passwordStringPossiblyUpdates password of an existing local user. Also, adds password to a non-LOCAL user update to LOCAL user. Minimum 12 characters. Required when 'confirmPassword' is in the request body.
confirmPasswordStringPossiblyMust match password if supplied. Required when 'password' is in the request body in versions prior to 2.6.2
globalRoleIdStringNoUpdates user's global role. Possible values are 0 for Read Access, -1 for No Global Access, Role ids.

Sample Call:

curl -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'name=user123&displayName=user123' https://localhost:8443/threadfix/rest/latest/users/{userId}/update

Sample Output:

{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Successfully updated the user."
}
  • No labels