Endpoint
/api/v2/tenants/{tenantId}/userGroups/{userGroupId}

Deletes a user group for a tenant.

Path Parameters
tenantId
string

Describes the clientId or mspId of the tenant

userGroupId
string

Unique Identifier (UUID) the user group

Responses

OK

Endpoint
/api/v2/tenants/{tenantId}/userGroups/{userGroupId}

Gets the details of a user group.

Path Parameters
tenantId
string

Describes the clientId or mspId of the tenant

userGroupId
string

Unique Identifier (UUID) the user group

Responses

OK

createdTime
string

description
string

(Optional) Short summary describing the user group.

email
string

(Optional) User group email address.

name
string

User group name.

roles
array

(Optional) Assign roles to user group. Users part of a group automatically inherit the permissions associated with that group. To get roles within a tenant, use Search Roles API.

roles.allCredentials
(Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.
roles.allDevices
(Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.clients
(Optional) Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.
roles.credentialSets
(Optional) Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.
roles.defaultRole
roles.description
(Optional) Short summary describing a role.
roles.deviceGroups
(Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.devices
(Optional) Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.
roles.id
roles.name
Role name.
roles.permissions
(Optional) Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.
roles.scope
(Optional) Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.
roles.userGroups
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
roles.users
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
uniqueId
string

updatedTime
string

{
  "createdTime": "2017-10-16T08:17:17+0000",
  "description": "IT Administration Managers in SJ Site",
  "email": "levelA.admins@myorganization.com",
  "name": "Level A Administrators",
  "roles": [
    {
      "defaultRole": false,
      "description": "All Permissions of an IT Admin Manager",
      "name": "IT Admin Permissions",
      "uniqueId": "ROLE-76a8247c-39f4-8921-f5a4-babad80aa8fc"
    },
    {
      "defaultRole": false,
      "description": "AWS Cloud Instances Permissions",
      "name": "Minimal Cloud Instance Permissions",
      "uniqueId": "ROLE-836704cd-9faf-355e-6995-f124e1c5de48"
    }
  ],
  "uniqueId": "USRGRP-9a68ce5d-c5cd-40a2-9fa6-e496dfe6e01b",
  "updatedTime": "2017-10-16T08:29:32+0000"
}
Endpoint
/api/v2/tenants/{tenantId}/userGroups/{userGroupId}

Updates user group properties.

Path Parameters
tenantId
string

Describes the clientId or mspId of the tenant

userGroupId
string

Unique Identifier (UUID) the user group

createdTime
string

description
string

(Optional) Short summary describing the user group.

email
string

(Optional) User group email address.

name
string

User group name.

roles
array

(Optional) Assign roles to user group. Users part of a group automatically inherit the permissions associated with that group. To get roles within a tenant, use Search Roles API.

roles.allCredentials
(Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.
roles.allDevices
(Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.clients
(Optional) Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.
roles.credentialSets
(Optional) Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.
roles.defaultRole
roles.description
(Optional) Short summary describing a role.
roles.deviceGroups
(Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.devices
(Optional) Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.
roles.id
roles.name
Role name.
roles.permissions
(Optional) Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.
roles.scope
(Optional) Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.
roles.userGroups
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
roles.users
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
uniqueId
string

updatedTime
string

{
  "description": "Windows Administrators in North-West location",
  "email": "windows.admins@myorganization.com",
  "name": "Windows Admins",
  "roles": [
    {
      "uniqueId": "ROLE-76a8247c-39f4-8921-f5a4-babad80aa8fc"
    },
    {
      "uniqueId": "ROLE-836704cd-9faf-355e-6995-f124e1c5de48"
    }
  ]
}

Responses

OK

createdTime
string

description
string

(Optional) Short summary describing the user group.

email
string

(Optional) User group email address.

name
string

User group name.

roles
array

(Optional) Assign roles to user group. Users part of a group automatically inherit the permissions associated with that group. To get roles within a tenant, use Search Roles API.

roles.allCredentials
(Optional) - For partner specific role: To allow users in a role to view all credentials sets of all clients for a partner, provide allCredentials: true. - For client specific role: To allow users in a role to view all credential sets of all clients, provide allCredentials: true. Credential sets are client-specific. To allow users in a role to view only specific credential sets, provide only the credential set IDs of the client provided in clients.
roles.allDevices
(Optional) - For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. - For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.clients
(Optional) Configure the visibility of clients for users in a role: - For partner-level users: To allow users of a role to view specific clients, provide the respective client IDs. Note: You can also create a role without visibility of any clients. - For client-level users: To assign a role to specific clients, provide the respective client IDs.
roles.credentialSets
(Optional) Configure visibility of credentials sets for users in a role: A partner or client specific role can be created to allow users in a role to view all credentials, specific credentials, or no credentials.
roles.defaultRole
roles.description
(Optional) Short summary describing a role.
roles.deviceGroups
(Optional) For partner specific role: To allow all users to view all client devices for a partner, provide allDevices: true. For client specific role: To allow users to view all client devices, provide allDevices: true.
roles.devices
(Optional) Configure the visibility of devices for users in a role: A partner and client specific roles can be created with visibility to all devices, specific devices and without any devices.
roles.id
roles.name
Role name.
roles.permissions
(Optional) Assign permission sets to a role. All users in a role would be assigned these permissions. Search Permissions Sets API is used to get the list of permissions for a partner or client.
roles.scope
(Optional) Define the applicability of a role. - Provide scope: MSP to create a partner-level role. Note: MSP indicates a Partner. - Provide scope: CLIENT to create a client-level role.
roles.userGroups
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
roles.users
(Optional) Assign users to a role. Note: - Only partner users can be assigned to a partner specific role. - Only client users can be assigned a client specific role.
uniqueId
string

updatedTime
string

{
  "createdTime": "2017-10-16T08:17:17+0000",
  "description": "Windows Admins in North-West location",
  "email": "windows.admins@myorganization.com",
  "name": "Windows Admin Group",
  "roles": [
    {
      "defaultRole": false,
      "description": "Permissions for Windows team",
      "name": "Admin Permissions",
      "uniqueId": "ROLE-76a8247c-39f4-8921-f5a4-babad80aa8fc"
    },
    {
      "defaultRole": false,
      "description": "Permissions on minimal Windows devices",
      "name": "Minimal Dev Permissions",
      "uniqueId": "ROLE-836704cd-9faf-355e-6995-f124e1c5de48"
    }
  ],
  "uniqueId": "USRGRP-9a68ce5d-c5cd-40a2-9fa6-e496dfe6e01b",
  "updatedTime": "2017-10-16T08:29:32+0000"
}