User Management APIs
MVISION Cloud Security Administrators manage users with APIs. The User Management APIs give you the ability to perform a wide range of actions to manage users.
Access Token
The first step in the process is to get an access token that can be used to perform the API actions.
If you log into MVISION Cloud using https://auth.ui.mcafee.com/, use the following API to get the token.
POST /shnapi/rest/external/api/v1/token?grant_type=password&token_type=iam
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD)
Headers:
Key: BPS-TENANT-ID, Value: <Enter tenant ID e.g. 0BC492ED-2E06-43D3-A664-3F06798E6BBB>
Authorization: <User name> / <Password> (MVISION Cloud login credentials)
If you log into MVISION Cloud using https://www.myshn.xxx, use the following API to get the token.
POST /shnapi/rest/external/api/v1/token?grant_type=password&token_type=iam
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers: Not Applicable
Authorization: <User name> / <Password> (MVISION Cloud login credentials)
Once you have acquired the access token, copy the access token from the response and proceed to perform the user management actions.
Create New User
Use the following API to create new users.
POST /shnapi/rest/v1/user
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers:
Key: Authorization, Value: Bearer < provide the access-token here>
Option 1: If you only want to provide Role information and not granular resource (RBAC) information:
Content-Type: application/json
{"firstName":"hello","lastName":"world","email":"helloworld@123.com","active":true,"admin":true,"id":-1,"roles":[105,104],"shadowJurisdictionId":-1,"sanctionedJurisdictionId":-1,"webJurisdictionId":-1,"readOnly":false,"lastLoginDate":null,"correlationId":null,"samlExcludedUser":false,"resendActivationLink":false,"selfActivationDate":null,"tenantId":79744,"primaryUser":false}
Option 2: To provide both Role and granular resource (RBAC) information:
{"firstName":"hello","lastName":"world","email":"helloworld@123.com","active":true,"admin":true,"id":-1,"roles":[105,104],"shadowJurisdictionId":-1,"sanctionedJurisdictionId":-1,"webJurisdictionId":-1,"readOnly":false,"lastLoginDate":null,"correlationId":null,"samlExcludedUser":false,"resendActivationLink":false,"selfActivationDate":null,"tenantId":79744,"primaryUser":false,"rolesInfo":[{"id":105,"name":"ADMINISTRATOR","desc":"Administrator","resources":[{"id":144,"name":"ACTIVITY_SETTINGS","desc":"Activity Settings","privilegeId":1},{"id":140,"name":"ANOMALY_SETTINGS","desc":"Anomaly Settings","privilegeId":1},{"id":152,"name":"SETUP_N_CONFIG","desc":"Setup & Configuration","privilegeId":1},{"id":110,"name":"USER_MANAGER","desc":"User Manager","privilegeId":1}],"granularAccess":true},{"id":104,"name":"POLICY_MANAGEMENT","desc":"Policy Management","resources":[{"id":126,"name":"POLICY_ACCESS_CONTROL","desc":"Access Policies","privilegeId":1},{"id":157,"name":"SHADOW_ACCESS_POLICY","desc":"Cloud Application Control","privilegeId":1},{"id":145,"name":"CONFIGURATION_AUDIT","desc":"Configuration Audit","privilegeId":1},{"id":158,"name":"CONNECTED_APPS_POLICIES","desc":"Connected Apps Policies","privilegeId":1},{"id":172,"name":"VULNERABILITY_POLICY","desc":"Container Vulnerability Policy","privilegeId":1},{"id":120,"name":"DLP_POLICY","desc":"DLP Policies","privilegeId":1},{"id":125,"name":"DEVICE_MANAGEMENT","desc":"Device Management","privilegeId":1},{"id":123,"name":"POLICY_DICTIONARY","desc":"Dictionaries","privilegeId":1},{"id":149,"name":"EMAIL_TEMPLATE","desc":"Email Templates","privilegeId":1},{"id":154,"name":"ENCRYPTION_POLICY","desc":"Encryption Policy","privilegeId":1},{"id":146,"name":"FINGERPRINTS","desc":"Fingerprints","privilegeId":1},{"id":122,"name":"IP_WHITELIST","desc":"IP Allow List","privilegeId":1},{"id":159,"name":"MALWARE_POLICIES","desc":"Malware Policies","privilegeId":1},{"id":121,"name":"ON_DEMAND_SCAN","desc":"On-Demand Scan","privilegeId":1},{"id":124,"name":"POLICY_SETTINGS","desc":"Policy Settings","privilegeId":1},{"id":151,"name":"POLICY_TEMPLATES","desc":"Policy Templates","privilegeId":1},{"id":147,"name":"USER_GROUPS","desc":"User Groups","privilegeId":1},{"id":148,"name":"WATCHLISTS","desc":"Watchlists","privilegeId":1}],"granularAccess":true}]}
List Users
Use this API to get a list of users in MVISION Cloud. This API also provides the USER ID, which is required for Delete, Edit, and Get User APIs.
POST /shnapi/rest/v1/user/search
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers:
Key: Authorization, Value: Bearer < provide the access-token here>
Content-Type: application/json
{"pageCriteria":{"startIndex":0,"numRecords":2500},"sortCriteria":{"sortColumn":"lastLoginDate","sortAscending":false},"searchString":"text","tenantId":<id>,"userRole":null}
Delete User
Use this API to delete users. This API requires the userID parameter, which you can get using the List Users API.
DELETE /shnapi/rest/v1/user?userId=<id>
Host:https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers:
Key: Authorization, Value: Bearer < provide the access-token here>
Get User Information
Use this API is to pull user details, roles, and jurisdiction information. This API requires the userID parameter, which you can get using the List Users API.
GET /shnapi/rest/v1/user?userId=<id>
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers:
Key: Authorization, Value: Bearer < provide the access-token here>
Update User Details
Use this API is to update user details, roles, and jurisdictions. This API requires the userID parameter, which you can get using the List Users API.
PUT /shnapi/rest/v1/user
Host: https://www.myshn.net (US-PROD) / https://www.myshn.eu (EU-PROD) / https://www.myshn.ca (CA-PROD) / https://www.govshn.net (Fed / Gov)
Headers:
Key: Authorization, Value: Bearer < provide the access-token here>
Content-Type: application/json
{"firstName":"hello","lastName":"world","email":"helloworld@123.com","active":true,"admin":true,"id":<userid>,"roles":[105,104],"shadowJurisdictionId":-1,"sanctionedJurisdictionId":-1,"webJurisdictionId":-1,"readOnly":false,"lastLoginDate":null,"correlationId":null,"samlExcludedUser":false,"resendActivationLink":false,"selfActivationDate":null,"tenantId":79744,"primaryUser":false,"rolesInfo":[{"id":105,"name":"ADMINISTRATOR","desc":"Administrator","resources":[{"id":144,"name":"ACTIVITY_SETTINGS","desc":"Activity Settings","privilegeId":1},{"id":140,"name":"ANOMALY_SETTINGS","desc":"Anomaly Settings","privilegeId":1},{"id":152,"name":"SETUP_N_CONFIG","desc":"Setup & Configuration","privilegeId":1},{"id":110,"name":"USER_MANAGER","desc":"User Manager","privilegeId":1}],"granularAccess":true},{"id":104,"name":"POLICY_MANAGEMENT","desc":"Policy Management","resources":[{"id":126,"name":"POLICY_ACCESS_CONTROL","desc":"Access Policies","privilegeId":1},{"id":157,"name":"SHADOW_ACCESS_POLICY","desc":"Cloud Application Control","privilegeId":1},{"id":145,"name":"CONFIGURATION_AUDIT","desc":"Configuration Audit","privilegeId":1},{"id":158,"name":"CONNECTED_APPS_POLICIES","desc":"Connected Apps Policies","privilegeId":1},{"id":172,"name":"VULNERABILITY_POLICY","desc":"Container Vulnerability Policy","privilegeId":1},{"id":120,"name":"DLP_POLICY","desc":"DLP Policies","privilegeId":1},{"id":125,"name":"DEVICE_MANAGEMENT","desc":"Device Management","privilegeId":1},{"id":123,"name":"POLICY_DICTIONARY","desc":"Dictionaries","privilegeId":1},{"id":149,"name":"EMAIL_TEMPLATE","desc":"Email Templates","privilegeId":1},{"id":154,"name":"ENCRYPTION_POLICY","desc":"Encryption Policy","privilegeId":1},{"id":146,"name":"FINGERPRINTS","desc":"Fingerprints","privilegeId":1},{"id":122,"name":"IP_WHITELIST","desc":"IP Allow List","privilegeId":1},{"id":159,"name":"MALWARE_POLICIES","desc":"Malware Policies","privilegeId":1},{"id":121,"name":"ON_DEMAND_SCAN","desc":"On-Demand Scan","privilegeId":1},{"id":124,"name":"POLICY_SETTINGS","desc":"Policy Settings","privilegeId":1},{"id":151,"name":"POLICY_TEMPLATES","desc":"Policy Templates","privilegeId":1},{"id":147,"name":"USER_GROUPS","desc":"User Groups","privilegeId":1},{"id":148,"name":"WATCHLISTS","desc":"Watchlists","privilegeId":1}],"granularAccess":true}]}