Add Safe member
This method adds an existing user or group as a Safe member.
The user who runs this web service must have Manage Safe Members permissions in the Vault.
URL
|
Make sure there are no spaces in the URL. The following characters are not supported in URL values: + & % |
Resource information
HTTP method |
Content type |
---|---|
POST |
application/json |
Header parameter
Parameter |
Description |
---|---|
Authorization |
The token that identifies the session, encoded in BASE 64. Type: string Mandatory: yes Default value: none |
URL parameter
Parameter |
Description |
---|---|
safeUrlId |
The unique ID of the Safe. Type: string Mandatory: yes Default value: none |
Body parameters
{ "memberName":"JonDoe", "searchIn": "Vault", "membershipExpirationDate":123456, "permissions": { "useAccounts":false, "retrieveAccounts": false, "listAccounts": false, "addAccounts": false, "updateAccountContent": false, "updateAccountProperties": false, "initiateCPMAccountManagementOperations": false, "specifyNextAccountContent": false, "renameAccounts": false, "deleteAccounts": false, "unlockAccounts": false, "manageSafe": false, "manageSafeMembers": false, "backupSafe": false, "viewAuditLog": false, "viewSafeMembers": false, "accessWithoutConfirmation": false, "createFolders": false, "deleteFolders": false, "moveAccountsAndFolders": false, "requestsAuthorizationLevel1": false, "requestsAuthorizationLevel2": false } } |
Parameter |
Description |
---|---|
memberName |
The Vault user name, Domain user name or group name of the Safe member. Type: string Mandatory: yes Default value: none |
searchIn |
The Vault or Domain where the user or group was found. Type: string Mandatory: no Default value: Vault |
membershipExpirationDate |
The member's expiration date for this Safe. For members that do not have an expiration date, this value will be null. Type: DateTime Mandatory: no Default value: null |
permissions |
The permissions that the user or group has on this Safe. See Permissions. Type: key-value list |
isReadOnly |
Whether or not the current user can update the permissions of the member. Type: Boolean |
Permissions
Parameter |
Description |
---|---|
useAccounts |
Use accounts but cannot view passwords. Type: boolean Mandatory: no Default value: false Valid values: true/false |
retrieveAccounts |
Retrieve and view accounts in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
listAccounts |
View accounts list. Type: boolean Mandatory: no Default value: false Valid values: true/false |
addAccounts |
Add accounts in the Safe. Users who have this permission automatically have UpdateAccountProperties permissions. Type: boolean Mandatory: no Default value: false Valid values: true/false |
updateAccountContent |
Update existing account content. Type: boolean Mandatory: no Default value: false Valid values: true/false |
updateAccountProperties |
Update existing account properties. Type: boolean Mandatory: no Default value: false Valid values: true/false |
initiateCPMAccountManagementOperations |
Initiate password management operations through CPM such as changing, verifying, and reconciling passwords. When this parameter is set to False, the SpecifyNextAccountContent parameter is also automatically set to False. Type: boolean Mandatory: no Default value: false Valid values: true/false |
specifyNextAccountContent |
Specify the password that is used when the CPM changes the password value. This parameter can only be specified when the InitiateCPMAccountManagementOperations parameter is set to True. When InitiateCPMAccountManagementOperations is set to False this parameter is automatically set to False. Type: boolean Mandatory: no Default value: false Valid values: true/false |
renameAccounts |
Rename existing accounts in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
deleteAccounts |
Delete existing passwords in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
unlockAccounts |
Unlock accounts that are locked by other users. Type: boolean Mandatory: no Default value: false Valid values: true/false |
manageSafe |
Perform administrative tasks in the Safe, including:
Type: boolean Mandatory: no Default value: false Valid values: true/false |
manageSafeMembers |
Add and remove Safe members, and update their authorizations in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
backupSafe |
Create a backup of a Safe and its contents, and store it in another location. Type: boolean Mandatory: no Default value: false Valid values: true/false |
viewAuditLog |
View account and user activity in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
viewSafeMembers |
View permissions of Safe members. Type: boolean Mandatory: no Default value: false Valid values: true/false |
requestsAuthorizationLevel1 |
Request Authorization Level 1. Type: boolean Mandatory: no Default value: false Valid values: true/false |
requestsAuthorizationLevel2 |
Request Authorization Level 2. Type: boolean Mandatory: no Default value: false Valid values: true/false |
accessWithoutConfirmation |
Access the Safe without confirmation from authorized users. This overrides the Safe properties that specify that Safe members require confirmation to access the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
createFolders |
Create folders in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
deleteFolders |
Create folders in the Safe. Type: boolean Mandatory: no Default value: false Valid values: true/false |
moveAccountsAndFolders |
Move accounts and folders in the Safe to different folders and subfolders. Type: boolean Mandatory: no Default value: false Valid values: true/false |
Result
|
Parameter |
Description |
---|---|
safeUrlId |
The unique ID of the Safe used when calling Safe APIs. Type: string |
safeName |
The unique name of the Safe. Type: string |
safeNumber |
The unique numerical ID of the Safe. Type: integer |
memberId |
The Vault user ID, Domain user ID, or group ID of the Safe member. Type: integer |
memberName |
The Vault user name, Domain user name or group name of the Safe member. Type: string |
memberType |
The member type. Type: string Valid values: user/group |
membershipExpirationDate |
The member's expiration date for this Safe. For members that do not have an expiration date, this value will be null. Type: DateTime |
isExpiredMembershipEnable |
Whether or not the membership for the Safe is expired. For expired members, the value is True. Type: boolean |
isPredefinedUser |
Whether the member is a predefined Vault user or group. Type: boolean |
permissions |
The permissions that the user or group has on this Safe. See Permissions. Type: key-value list |
Return codes
For a complete list of return codes, see Return Codes.