Get groups

This method returns a list of all existing user groups.

The user performing this task:

  • Must have Audit users permissions in the Safe.

  • Can see groups either only on the same level, or lower in the Vault hierarchy.

    This depends on the HideVaultUsersTree parameter defined in the dbparam.ini. If HideVaultUsersTree is set to No, all groups will be returned (not only those in the same level or lower in the Vault hierarchy). If this parameter is set to Yes, only auditors and managers will be allowed to get all groups.
 
  • Filtering for this task is supported only from Vault v10.5.

  • Retrieving more than 1,000 groups may cause a slowdown in response.

 

URL

 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

 

 

https://<IIS_Server_Ip>/PasswordVault/api/UserGroups

 

Parameter

filter

Type

String (boolean expression)

Description

Filter according to REST standard.

Valid values

Supported filters include:
groupType eq <Directory|Vault>

Default value

None (all groups will be returned.)

Parameter

search

Type

String

Description

Search according to REST standard. Search will match when ALL search terms appear in the group name.

Default value

None (all groups will be returned.)

Example

In a search for domain groups that contain 'Fin' and 'Audit':

Before URL encoding:

 
/PasswordVault/api/UserGroups?filter=groupType eq Directory&search=Fin Audit

After URL encoding:

 
/PasswordVault/api/UserGroups?filter=groupType%20eq%20Directory&search=Fin%20Audit

Resource information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session, encoded in BASE 64.

Valid values

A session token that was returned from the “Logon” method.

Body parameters

None

Result

A list with all groups will be returned. The following should be returned per group:

 

Parameter

id

Type

Number

Description

The unique ID of the group.

Parameter

groupType

Type

Enum

Description

Whether this is a Vault group or directory group.

Valid values

Vault, Directory

Parameter

groupName

Type

String

Description

The name of a group in the Vault.

Parameter

description

Type

String

Description

The description of the group.

Parameter

location

Type

String

Description

The location of the group in the Vault’s hierarchy.

Parameter

directory

Type

String

Description

Displays the name of the LDAP external directory to which the external group belongs. This is relevant only for Directory group type.

Parameter

dn

Type

String

Description

Displays the full LDAP DN of the user in the external directory to which the external user belongs. This is relevant only for Directory group type.

Return codes

For a complete list of return codes, see Return Codes.