Get all Safe members

This method returns a list of the members of a Safe.

The user who runs this web service must have View Safe Members permissions in the Safe.

Select the method that you want to use:

2nd gen API (recommended)

URL

http://<IIS_Server_Ip>/PasswordVault/api/Safes/{SafeUrlId}/Members/

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

Resource information

HTTP method	Content type
GET	application/json

Header parameter

Parameter	Description
Authorization	The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None

URL parameters

https://localhost/passwordvault/api/safes/BZ_I_87/members?limit=4&offset=3/

Parameter	Description
safeUrlId	The unique ID of the Safe used when calling Safe APIs. Type: String Mandatory: Yes Default value: None
filter	Filters are according to the REST standard. Search for Safe members using the following filters. Multiple filters can be applied using the AND operator. memberType - returns all members according to the type (user or group) Default: both Example: filter= memberType eq user membershipExpired - returns either expired members or members that are not expired. Default: both Example: filter=membershipExpired eq true includePredefinedUsers - includes predefined users in the returned list. Default: False, non-predefined users only Example: filter=includePredefinedUsers eq true Type: String Mandatory: No Default value: None
search	Searches according to the Safe name. Search is performed according to the REST standard (search="search word"). Type: String Mandatory: No Default value: None
offset	Offset of the first member that is returned in the collection of results. Type: Number Mandatory: No :Default value 0
limit	The maximum number of members that are returned. When used together with the offset parameter, this value determines the number of Safes to return, starting from the first Safe that is returned. Type: Number Mandatory: No Default value: 25
sort	Sorts according to the memberName property in ascending order (default) or descending order to control the sort direction. asc: ascending desc: descending Type: String Mandatory: No Default value: None

Body parameters

None.

Result

{
"value": [
{
"safeUrlId": "BZ_I_87",
"safeName": "BZ_I_87",
"safeNumber": 37,
"memberId": 0,
"memberName": "Master",
"memberType": "User",
"membershipExpirationDate": null,
"isExpiredMembershipEnable": false,
"isPredefinedUser": true,
"permissions": {
"useAccounts": true,
"retrieveAccounts": true,
"listAccounts": true,
"addAccounts": true,
"updateAccountContent": true,
"updateAccountProperties": true,
"initiateCPMAccountManagementOperations": true,
"specifyNextAccountContent": true,
"renameAccounts": true,
"deleteAccounts": true,
"unlockAccounts": true,
"manageSafe": true,
"manageSafeMembers": true,
"backupSafe": true,
"viewAuditLog": true,
"viewSafeMembers": true,
"accessWithoutConfirmation": true,
"createFolders": true,
"deleteFolders": true,
"moveAccountsAndFolders": true,
"requestsAuthorizationLevel1": false,
"requestsAuthorizationLevel2": false
}
},
{
...
},

],
"count": 8

Parameter	Description
Members	A list of all members of the Safe. See Safe member parameters (user or group).
Count	The number of members returned. Type: Integer

Parameter

Description

Members

A list of all members of the Safe. See Safe member parameters (user or group).

Count

The number of members returned.

Type: Integer

Safe member parameters (user or group)

Parameter	Description
safeUrlId	The unique ID of the Safe used when calling Safe APIs. Type: String
safeName	The unique name of the Safe. Type: String
safeNumber	The unique numerical ID of the Safe. Type: Integer
memberId	The Vault user ID, Domain user ID, or Group ID of the Safe member. Type: Integer
memberName	The Vault user name, Domain user name or group name of the Safe member. Type: String
memberType	The member type. Type: String Valid values: user\group
membershipExpirationDate	The member's expiration date for this Safe. For members that do not have an expiration date, this value will be null. Type: Boolean
isExpiredMembershipEnable	Whether or not the membership for the Safe is expired. For expired members, the value will be True. Type: Boolean
isPredefinedUser	Whether the member is a predefined user or group of the Vault. Type: Boolean
permissions	The permissions that the user or group has for this Safe. See Permissions parameters.
isReadOnly	Whether or not the current user can update the permissions of the member. Type: Boolean

Permissions parameters

Parameter	Description
useAccounts	Use accounts but cannot view passwords. Type: Boolean
retrieveAccounts	Retrieve and view accounts in the Safe. Type: Boolean
listAccounts	View the Accounts list. Type: Boolean
addAccounts	Add accounts in the Safe. Users who have this permission automatically have UpdateAccountProperties permissions as well. Type: Boolean
updateAccountContent	Update existing account content. Type: Boolean
updateAccountProperties	Update existing account properties. Type: Boolean
initiateCPMAccountManagementOperations	Initiate password management operations through CPM, such as changing, verifying, and reconciling passwords. When this parameter is set to False, the SpecifyNextAccountContent parameter is also automatically set to False. Type: Boolean
specifyNextAccountContent	Specify the password that is used when the CPM changes the password value. This parameter can only be specified when the InitiateCPMAccountManagementOperations parameter is set to True. When InitiateCPMAccountManagementOperations is set to False, this parameter is automatically set to False. Type: Boolean
renameAccounts	Rename existing accounts in the Safe. Type: Boolean
deleteAccounts	Delete existing passwords in the Safe. Type: Boolean
unlockAccounts	Unlock accounts that are locked by other users. Type: Boolean
manageSafe	Perform administrative tasks in the Safe, including: Update Safe properties Recover the Safe Delete the Safe Type: Boolean
manageSafeMembers	Add and remove Safe members, and update their authorizations in the Safe. Type: Boolean
backupSafe	Create a backup of a Safe and its contents, and store in another location. Type: Boolean
viewAuditLog	View account and user activity in the Safe. Type: Boolean
viewSafeMembers	View Safe members` permissions. Type: Boolean
requestsAuthorizationLevel1	Request Authorization Level 1. Type: Boolean
requestsAuthorizationLevel2	Request Authorization Level 2. Type: Boolean
accessWithoutConfirmation	Access the Safe without confirmation from authorized users. This overrides the Safe properties that specify that Safe members require confirmation to access the Safe. Type: Boolean
createFolders	Create folders in the Safe. Type: Boolean
deleteFolders	Delete folders from the Safe. Type: Boolean
moveAccountsAndFolders	Move accounts and folders in the Safe to different folders and subfolders. Type: Boolean

1st gen API

URL

https://<IIS_Server_Ip>/PasswordVault/WebServices/PIMServices.svc/Safes/{SafeName}/Members

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

Resource information

HTTP method	Content type
GET	application/json

Header parameter

Parameter	Description
Authorization	The token that identifies the session, encoded in BASE 64. See Authentication. Type: String Mandatory: Yes Default value: None

URL parameter

Parameter	Description
safeName	The name of the Safe whose Safe members will be listed. Type: String

Parameter

Description

safeName

The name of the Safe whose Safe members will be listed.

Type: String

Body parameters

None.

Result

{
"UserName":"<String>",
"Permissions":
{
…
}
"UserName":"<String>",
"Permissions":
{
…
}
}

Return codes

For a complete list of return codes, see Return Codes.