Users¶
Users can perform a variety of actions in ThreatConnect depending on their user account type and their System and Organization role. In addition, users can be assigned to Workflow Cases, Workflow Tasks, and Task Groups.
Endpoint: /api/v3/security/users
Available Fields¶
A list of fields for the v3/security/users
endpoint, which is a read-only endpoint, can be retrieved using the following query:
OPTIONS /v3/security/users?show=readonly
Retrieve Users¶
Retrieve All Users¶
To retrieve all users in the Organization in which your API user account resides, use the following query:
GET /v3/security/users
JSON Response:
{
"data": [
{
"id": 1,
"userName": "[email protected]",
"firstName": "John",
"lastName": "Smith",
"pseudonym": "JMS",
"role": "Administrator"
},
{
"id": 2,
"userName": "[email protected]",
"firstName": "Pat",
"lastName": "Jones",
"pseudonym": "patjones",
"role": "User"
},
{
"id": 3,
"userName": "11112222333344445555",
"firstName": "John",
"lastName": "Smith",
"pseudonym": "jsmithAPI",
"role": "Api User"
},
{...}
],
"status": "Success"
}
Retrieve a Single User¶
To retrieve a specific user in the Organization in which your API user account resides, use a query in the following format:
GET /v3/security/users/{userId}
For example, the following query will return information about the user with ID 3:
GET /v3/security/users/3
JSON Response:
{
"data": {
"id": 3,
"userName": "11112222333344445555",
"firstName": "John",
"lastName": "Smith",
"pseudonym": "jsmithAPI",
"role": "Api User"
},
"status": "Success"
}
Filter Results¶
To filter returned objects using ThreatConnect Query Language (TQL), refer to Filter Results with TQL.