As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.
Create User 3.X - API
- Daniel Colon
/rest/{version}/users/new
As of ThreadFix 3.8, when CoalFire Identity is enabled, user management must be performed from Coalfire Identity’s management dashboard
ThreadFix SaaS Customers please note when SSO is enabled, in order to restrict access to user modification, API commands are disabled at the SSO layer
Descriptor | Value |
|---|---|
HTTP Method | POST |
Description | Adds user to system. |
Required Permission | Manage Users |
Version Introduced | 2.6.2 |
Request Header Parameters
Parameter | Value | Required | Description |
|---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Parameter | Value | Required | Description |
|---|---|---|---|
name | String | Yes | Adds name of the user. Maximum 40 characters. |
displayName | String | No | Adds the displayName of the user. |
type | String | Yes | "Local" if adding a local user; "LDAP" if adding an LDAP user. |
activeDirectoryId | String | Possibly | Required when 'type' value is "LDAP". |
password | String | Possibly | Required when 'type' value is 'local'. |
confirmPassword | String | No | Must match password if supplied. |
globalRoleId | String | No | Updates user's global role. Possible values are 0 for Read Access, -1 for No Global Access, Role ids. |
Sample Call:
curl -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'name=testUser3&type=ldap&globalRoleId=2&a
ctiveDirectoryId=2' http://localhost:8080/threadfix/rest/latest/users/newSample Output:
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 109,
"name": "testuser",
"displayName": "Test User",
"isLdapUser": true,
"hasGlobalGroupAccess": true,
"globalRole": {
"id": 2,
"displayName": "User"
},
"type": "LDAP",
"activeDirectory": {
"id": 2,
"name": "Spencer Davis Group"
}
}
}
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.