Add Safe member

This method adds an existing user or group as a Safe member.

The user who runs this web service must have Manage Safe Members permissions in the Vault.

URL

https://<IIS_Server_Ip>/PasswordVault/API/Safes/{safeUrlId}/Members/

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

Resource information

HTTP method	Content type
POST	application/json

Header parameter

Parameter	Description
Authorization	The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None

URL parameter

Parameter	Description
safeUrlId	The unique ID of the Safe. Type: string Mandatory: yes Default value: none

Parameter

Description

safeUrlId

The unique ID of the Safe.

Type: string

Mandatory: yes

Default value: none

Body parameters

{
"memberName":"JohnDoe",
"searchIn": "Vault",
"membershipExpirationDate":1667472534,
"permissions":
{
"useAccounts":false,
"retrieveAccounts": false,
"listAccounts": false,
"addAccounts": false,
"updateAccountContent": false,
"updateAccountProperties": false,
"initiateCPMAccountManagementOperations": false,
"specifyNextAccountContent": false,
"renameAccounts": false,
"deleteAccounts": false,
"unlockAccounts": false,
"manageSafe": false,
"manageSafeMembers": false,
"backupSafe": false,
"viewAuditLog": false,
"viewSafeMembers": false,
"accessWithoutConfirmation": false,
"createFolders": false,
"deleteFolders": false,
"moveAccountsAndFolders": false,
"requestsAuthorizationLevel1": false,
"requestsAuthorizationLevel2": false
},

"MemberType": "Group"
}

Parameter	Description
memberName	The Vault user name, Domain user name or group name of the Safe member. The following characters cannot be used in the Safe member name: \ / : * < > “ \| ? % & + Type: string Mandatory: yes Default value: none
searchIn	The Vault or the domain where the user or group was found. Type: string Mandatory: no Default value: Vault
membershipExpirationDate	The member's expiration date for this Safe. For members that do not have an expiration date, this value will be null. Type: DateTime Mandatory: no Default value: null
permissions	The permissions that the user or group has on this Safe. See Permissions. Type: key-value list
isReadOnly	Whether or not the current user can update the permissions of the member. Type: Boolean
memberType	The member type. Values: User, Group Mandatory: no

Permissions

Parameter	Description
useAccounts	Use accounts but cannot view passwords. Type: boolean Mandatory: no Default value: false Valid values: true/false
retrieveAccounts	Retrieve and view accounts in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
listAccounts	View accounts list. Type: boolean Mandatory: no Default value: false Valid values: true/false
addAccounts	Add accounts in the Safe. Users who have this permission automatically have UpdateAccountProperties permissions. Type: boolean Mandatory: no Default value: false Valid values: true/false
updateAccountContent	Update existing account content. Type: boolean Mandatory: no Default value: false Valid values: true/false
updateAccountProperties	Update existing account properties. Type: boolean Mandatory: no Default value: false Valid values: true/false
initiateCPMAccountManagementOperations	Initiate password management operations through CPM such as changing, verifying, and reconciling passwords. When this parameter is set to False, the SpecifyNextAccountContent parameter is also automatically set to False. Type: boolean Mandatory: no Default value: false Valid values: true/false
specifyNextAccountContent	Specify the password that is used when the CPM changes the password value. This parameter can only be specified when the InitiateCPMAccountManagementOperations parameter is set to True. When InitiateCPMAccountManagementOperations is set to False this parameter is automatically set to False. Type: boolean Mandatory: no Default value: false Valid values: true/false
renameAccounts	Rename existing accounts in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
deleteAccounts	Delete existing passwords in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
unlockAccounts	Unlock accounts that are locked by other users. Type: boolean Mandatory: no Default value: false Valid values: true/false
manageSafe	Perform administrative tasks in the Safe, including: Update Safe properties Recover the Safe Delete the Safe Type: boolean Mandatory: no Default value: false Valid values: true/false
manageSafeMembers	Add and remove Safe members, and update their authorizations in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
backupSafe	Create a backup of a Safe and its contents, and store it in another location. Type: boolean Mandatory: no Default value: false Valid values: true/false
viewAuditLog	View account and user activity in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
viewSafeMembers	View permissions of Safe members. Type: boolean Mandatory: no Default value: false Valid values: true/false
requestsAuthorizationLevel1	Request Authorization Level 1. Type: boolean Mandatory: no Default value: false Valid values: true/false
requestsAuthorizationLevel2	Request Authorization Level 2. Type: boolean Mandatory: no Default value: false Valid values: true/false
accessWithoutConfirmation	Access the Safe without confirmation from authorized users. This overrides the Safe properties that specify that Safe members require confirmation to access the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
createFolders	Create folders in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
deleteFolders	Create folders in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false
moveAccountsAndFolders	Move accounts and folders in the Safe to different folders and subfolders. Type: boolean Mandatory: no Default value: false Valid values: true/false

Result

{
"safeUrlId": "PasswordManager",
"safeName": "PasswordManager",
"safeNumber": 12,
"memberId": 678,
"memberName": "Amit",
"memberType": "User",
"membershipExpirationDate": 130656,
"isExpiredMembershipEnable": true,
"isPredefinedUser": false,
"permissions": {
"useAccounts": false,
"retrieveAccounts": false,
"listAccounts": false,
"addAccounts": false,
"updateAccountContent": false,
"updateAccountProperties": false,
"initiateCPMAccountManagementOperations": false,
"specifyNextAccountContent": false,
"renameAccounts": false,
"deleteAccounts": false,
"unlockAccounts": false,
"manageSafe": false,
"manageSafeMembers": false,
"backupSafe": false,
"viewAuditLog": false,
"viewSafeMembers": false,
"accessWithoutConfirmation": false,
"createFolders": false,
"deleteFolders": false,
"moveAccountsAndFolders": false,
"requestsAuthorizationLevel1": false,
"requestsAuthorizationLevel2": false
}
}

Parameter	Description
safeUrlId	The unique ID of the Safe used when calling Safe APIs. Type: string
safeName	The unique name of the Safe. Type: string
safeNumber	The unique numerical ID of the Safe. Type: integer
memberId	The Vault user ID, Domain user ID, or Group ID of the Safe member. Type: integer
memberName	The Vault user name, Domain user name or group name of the Safe member. Type: string
memberType	The member type. Type: string Valid values: User, Group
membershipExpirationDate	The member's expiration date for this Safe. For members that do not have an expiration date, this value will be null. Type: DateTime
isExpiredMembershipEnable	Whether or not the membership for the Safe is expired. For expired members, the value is True. Type: boolean
isPredefinedUser	Whether the member is a predefined Vault user or group. Type: boolean
permissions	The permissions that the user or group has on this Safe. See Permissions. Type: key-value list

Return codes

For a complete list of return codes, see Return Codes.