As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Current »

/rest/{version}/users/{userId}/update

Descriptor

Value

HTTP Method

POST

Description

Updates user information.

To obtain the userId value in the endpoint, run the Get Users - API call first. The user's id value in the response is the userId value that you use in this endpoint.

Required Permission

Manage Users

Version Introduced

2.6

Changes in 2.6.2

Removed requirement that 'confirmPassword' parameter be included when changing password.


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter

Value

Required

Description

name

String

No

Updates the name of the user. Maximum 40 characters.

displayName

String

No

Updates the displayName of the user.

type

String

No

Updates a LOCAL user to LDAP/SAML, an LDAP user to LOCAL/SAML, or a SAML user to LOCAL/LDAP. Possible values are LOCAL, LDAP, and SAML.

activeDirectoryId

String

Possibly

Updates a non-LDAP user to LDAP user with 'type' and 'activeDirectoryId' parameters. Required when 'type' is in the request body and its value is 'LDAP'.

password

String

Possibly

Updates password of an existing local user. Also, adds password to a non-LOCAL user update to LOCAL user. Minimum 12 characters. Required when 'confirmPassword' is in the request body.

confirmPassword

String

Possibly

Must match password if supplied. Required when 'password' is in the request body in versions prior to 2.6.2

globalRoleId

String

No

Updates user's global role. Possible values are 0 for Read Access, -1 for No Global Access, Role ids.

Sample Call:

curl -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'name=user123&displayName=user123' https://localhost:8443/threadfix/rest/latest/users/{userId}/update

Sample Output:

{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Successfully updated the user."
}

  • No labels