Add member

This method adds an existing user as a Safe member.

The user who runs this web service requires Manage Safe Members permissions in the Vault.

URL

 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

 

  
https://<IIS_Server_Ip>/PasswordVault/WebServices/PIMServices.svc/Safes/{SafeName}/Members

The following mandatory value is required in the URL:

Parameter

SafeName

Type

String

Description

The name of the Safe to add a member to.

Valid values

Safe name

Resource information

HTTP method

POST

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session.

Valid values

A session token that was returned from the “Logon” method.

Body parameters

  
{
  "member":{
    "MemberName":"<The name of the user to add as a Safe member>",
    "SearchIn":"<Search for the member in the Vault or Domain>",
    "MembershipExpirationDate":"<MM\DD\YY or empty if there is no expiration date>",
    "Permissions":<User’s permissions in the Safe>
     [
       {"Key":"UseAccounts", "Value":<true/false>},
       {"Key":"RetrieveAccounts", "Value":<true/false>},
       {"Key":"ListAccounts", "Value":<true/false>},
       {"Key":"AddAccounts", "Value":<true/false>},
       {"Key":"UpdateAccountContent", "Value":<true/false>},
       {"Key":"UpdateAccountProperties", "Value":<true/false>},
       {"Key":"InitiateCPMAccountManagementOperations", "Value":<true/false>},
       {"Key":"SpecifyNextAccountContent", "Value":<true/false>},
       {"Key":"RenameAccounts", "Value":<true/false>},
       {"Key":"DeleteAccounts", "Value":<true/false>},
       {"Key":"UnlockAccounts", "Value":<true/false>},
       {"Key":"ManageSafe", "Value":<true/false>},
       {"Key":"ManageSafeMembers", "Value":<true/false>},
       {"Key":"BackupSafe", "Value":<true/false>},
       {"Key":"ViewAuditLog", "Value":<true/false>},
       {"Key":"ViewSafeMembers", "Value":<true/false>},
       {"Key":"RequestsAuthorizationLevel", "Value":<0/1/2>},
       {"Key":"AccessWithoutConfirmation", "Value":<true/false>},
       {"Key":"CreateFolders", "Value":<true/false>},
       {"Key":"DeleteFolders", "Value":<true/false>},
       {"Key":"MoveAccountsAndFolders", "Value":<true/false>}
     ]
  }

 

Parameter

MemberName (mandatory)

Type

String

Description

Vault or Domain user or group to add as a Safe member.

Note: The MemberName must not contain '&' (ampersand).

Valid values

Vault or domain user

Parameter

SearchIn

Type

String

Description

The Vault or Domain to search for the user or group to add as a Safe member.

Valid values

Vault or the domains that are defined in the Vault

Default

Vault

Parameter

MembershipExpirationDate

Type

String

Description

Defines when the member’s Safe membership expires.

Specify "" for no expiration date.

Valid values

Date format MM/DD/YY

Default

no expiration

Parameter

Permissions

Type

Key/Value list

Description

Safe member’s permissions in the Safe.

Valid values

Permissions specified in the following table

Permissions

Parameter

UseAccounts

Type

Boolean

Description

Use accounts but not view passwords.

Valid values

true/false

Parameter

RetrieveAccounts

Type

Boolean

Description

Retrieve and view accounts in the Safe.

Valid values

true/false

Parameter

ListAccounts

Type

Boolean

Description

View accounts list.

Valid values

true/false

Parameter

AddAccounts

Type

Boolean

Description

Add accounts in the Safe. Users who are given AddAccounts authorization receive UpdateAccountProperties

as well. Users who have this permission automatically

have UpdateAccountProperties as well.

Valid values

true/false

Parameter

UpdateAccountContent

Type

Boolean

Description

Update existing account content.

Valid values

true/false

Parameter

UpdateAccountProperties

Type

Boolean

Description

Update existing account properties.

Valid values

true/false

Parameter

InitiateCPMAccountManagementOperations

Type

Boolean

Description

Initiate password management operations through CPM, such as changing passwords, verifying and reconciling passwords. When this parameter is set to false, the SpecifyNextAccountContent is automatically set to false.

Valid values

true/false

Parameter

SpecifyNextAccountContent

Type

Boolean

Description

Specify the password that will be used when the CPM changes the password value. This parameter can only be specified when InitiateCPMAccountManagementOperations is set to true.

When InitiateCPMAccountManagementOperations

is set to false this parameter is automatically set to false.

Valid values

true/false

Parameter

RenameAccounts

Type

Boolean

Description

Rename existing accounts in the Safe.

Valid values

true/false

Parameter

DeleteAccounts

Type

Boolean

Description

Delete existing passwords in the Safe.

Valid values

true/false

Parameter

UnlockAccounts

Type

Boolean

Description

Unlock accounts that are locked by other users.

Valid values

true/false

Parameter

ManageSafe

Type

Boolean

Description

Perform administrative tasks

in the Safe, including:

Update Safe properties
Recover the Safe
Delete the Safe

Valid values

true/false

Parameter

ManageSafe Members

Type

Boolean

Description

Add and remove Safe members, and update their authorizations in the Safe.

Valid values

true/false

Parameter

BackupSafe

Type

Boolean

Description

Create a backup of a Safe and its contents, and store in another location.

Valid values

true/false

Parameter

ViewAuditLog

Type

Boolean

Description

View account and user activity in the Safe.

Valid values

true/false

Parameter

ViewSafeMembers

Type

Boolean

Description

View Safe members` permissions.

Valid values

true/false

Parameter

RequestsAuthorizationLevel

Type

Numeric

Description

Requests Authorization Level.

0 – cannot authorize
1 – authorization level 1
2 – authorization level 2

Valid values

0/1/2

Parameter

AccessWithoutConfirmation

Type

Boolean

Description

Access the Safe without confirmation from authorized users. This overrides the Safe properties that specify that Safe members require confirmation to access the Safe.

Valid values

true/false

Parameter

CreateFolders

Type

Boolean

Description

Create folders in the Safe.

Valid values

true/false

Parameter

DeleteFolders

Type

Boolean

Description

Delete folders from the Safe.

Valid values

true/false

Parameter

MoveAccountsAndFolders

Type

Boolean

Description

Move accounts and folders in the Safe to different folders and subfolders.

Valid values

true/false

Result

  
{
  "member":{
    "MemberName":"<The name of the Safe member who has just been added>",
    "SearchIn":"<The Vault or Domain where the user or group was found>",
    "MembershipExpirationDate":"<MM\DD\YY> or empty if there is no expiration date"
    "Permissions":
     {
       "UseAccounts":<true/false>
       "RetrieveAccounts":<true/false>
       "ListAccounts":<true/false>
       "AddAccounts":<true/false>
       "UpdateAccountContent":<true/false>
       "UpdateAccountProperties":<true/false>
       "InitiateCPMAccountManagementOperations":<true/false>
       "SpecifyNextAccountContent":<true/false>
       "RenameAccounts":<true/false>
       "DeleteAccounts":<true/false>
       "UnlockAccounts":<true/false>
       "ManageSafe":<true/false>
       "ManageSafeMembers":<true/false>
       "BackupSafe":<true/false>
       "ViewAuditLog":<true/false>
       "ViewSafeMembers":<true/false>
       "RequestsAuthorizationLevel":<0/1/2>
       "AccessWithoutConfirmation":<true/false>
       "CreateFolders":<true/false>
       "DeleteFolders":<true/false>
       "MoveAccountsAndFolders":<true/false>
     }
  }
}

Return codes

For a complete list of return codes, see Return Codes.