API Reference


The API Reference provides a complete reference to the REST API functions. This section is organized alphabetically by function category, and alphabetically within each category. Click a link in the left navigation frame to open a category, and click a function name to see the reference information for that function. For example, click /CDirectoryService > /ChangeUser to see details about the /CDirectoryService/ChangeUser function.

CDirectoryService

The /CDirectory service functions enable you to manage users in the Centrify Cloud Directory only. For functions that you can apply to any type of user, including Cloud Directory users, see /UserMgmt functions.

Creating and managing Cloud Directory users shows how to use the /CDirectoryService functions to create and update a Cloud Directory user. See Using generic user functions to see how to use the /UserMgmt functions to manage all types of users.

Functions
FunctionDescription
/CDirectoryService/ChangeUserChanges cloud user properties. 
/CDirectoryService/CreateUserCreates a new user in the Cloud Directory Service.

/CDirectoryService/CreateUserQuickCreates a new user in the Cloud Directory Service.
/CDirectoryService/DeleteUserDeletes a cloud user.
/CDirectoryService/ExemptUserFromMFAExempts user from MFA requirements for a specified period of time.
/CDirectoryService/GetTechSupportUserFetches information for a tech support user.
/CDirectoryService/GetUserGets details for a specified cloud user.The specified user must have user-management permission.
/CDirectoryService/GetUserAttributesGets detailed information for the current user.
/CDirectoryService/GetUsersGets information for all cloud users.
/CDirectoryService/GrantAccessGrants portal access to a support user.
/CDirectoryService/RefreshTokenRefreshes cache for a cloud user.
/CDirectoryService/SetUserPictureSets a cloud user's picture file.
/CDirectoryService/SetUserStateSets user state (locked, disabled, expired) for a specified cloud user.

Core

The /Core functions enable you to manage files and directories.

Functions
/Core/DirectoryExistsChecks whether a directory exists.
/Core/FileExistsChecks whether a file exists.
/Core/GetAssignedAdministrativeRightsGets the administrative rights associated with a role.
/Core/GetDirectoriesGets list of directories.
/Core/GetFileInfoGets metadata, information, and contents for a file.
/Core/ListDirectoryLists the file contents of a directory.
/Core/ReadFileReads the contents of a file.
/Core/WriteFileWrites string content to a file.

JobFlow

The /JobFlow functions enable you to manage workflow jobs.

Functions
FunctionDescription
/JobFlow/DeleteJobDeletes a workflow job.
/JobFlow/EventSends a workflow event to a workflow.
/JobFlow/GetJobGets a workflow job.
/JobFlow/GetJobsGets list of workflow jobs.
/JobFlow/GetMyJobsGets list of workflow jobs associated with the current user.
/JobFlow/StartJobStarts a workflow job.

Mobile

The /Mobile functions allow you to manage devices; for example, to get information for the devices that belong to the current user, you can call /Mobile/GetMyDevices. To get information about all devices you can query the Device table, or the InstalledApp table (which lists the applications that are installed on all devices).

Functions
FunctionDescription
/Mobile/DeleteDeviceDeletes a device (Mobile + OSX).
/Mobile/DisableSSODisables SSO on a device (Mobile + OSX).
/Mobile/EnableSSOEnables SSO on a device (Mobile + OSX).
/Mobile/KnoxResetContainerPasswordResets Samsung KNOX container password (Samsung Mobile).
/Mobile/LockClientAppLocks a client app (Mobile).
/Mobile/LockDeviceLocks device screen (Mobile + OSX).
/Mobile/PingDevicePings a device (Mobile + OSX).
/Mobile/PowerOffPowers off a device (Mobile + OSX).
/Mobile/ReapplyDevicePolicyReapplies device policies (Mobile + OSX).
/Mobile/RebootReboots a device (Mobile + OSX).
/Mobile/RemoveDeviceProfileUnenrolls a device (Mobile + OSX).
/Mobile/ResetClientAppLockPinResets client app lock pin (Mobile).
/Mobile/SetPrimaryDeviceSets a device as primary (Mobile).
/Mobile/UnlockDeviceUnlocks a device (Mobile + OSX).
/Mobile/UpdateDevicePolicyUpdates device policies (Mobile + OSX).
/Mobile/WipeDeviceWipes a device (Mobile + OSX).

Radius

The /Radius functions enable you to manage radius-server cloud connectors.

Functions
FunctionDescription
/Radius/GetClientGets a list of all radius clients.
/Radius/GetConfigRetrieves the radius configuration for a specified connector.
/Radius/RemoveClientRemoves one or more radius clients.
/Radius/SetClientAdds or updates a radius client.
/Radius/SetConfigChanges the radius configuration for a specified connector.

SaasManage

The /SaasManage functions allow you to create and manage applications and application templates, as well as create and manage roles.

Functions
FunctionDescription
/SaasManage/AddUsersAndGroupsToRoleAdds users and groups to a role.
/SaasManage/DeleteApplicationDeletes one or more applications from Identity Platform.
/SaasManage/DeleteRoleDeletes a role.
/SaasManage/DeleteRolesDeletes one or more roles.
/SaasManage/GetApplicationGets information for an application.
/SaasManage/GetRoleRetrieves information for a role.
/SaasManage/GetRoleMembersRetrieves the members for a role.
/SaasManage/GetTemplatesAndCategoriesGets information for application templates.
/SaasManage/ImportAppFromTemplateCreates an application.
/SaasManage/RemoveUsersAndGroupsFromRoleRemoves users and groups from a role.
/SaasManage/StoreRoleCreates a role.
/SaasManage/UpdateApplicationDEUpdates an application.
/SaasManage/UpdateRoleUpdates a role.

Security

The /Security functions enable you to start, continue, and end an authentication session.

Functions
FunctionDescription
/Security/AdvanceAuthenticationAttempts to advance the state of an authentication session.
/Security/CleanupAuthenticationTerminates an incomplete session started with /Security/StartAuthentication or /Security/StartChallenge.
/Security/FinishImpersonateCompletes an authentication challenge begun for another user.
/Security/RefreshTokenRefreshes the current user's cached identity.
/Security/StartAuthenticationStarts a user authentication session.
/Security/StartChallengeStarts an authentication challenge session.
/Security/StartImpersonateStarts an authentication challenge for another user.

ServerManage

The /ServerManage functions enable you to manage resources and resource accounts.

Functions
/ServerManage/AddAccountAdds an account for a resource.
/ServerManage/AddDatabaseAdds a database.
/ServerManage/AddDomainAdds a domain.
/ServerManage/AddResourceAdds a resource, such as a server or network device.
/ServerManage/CheckinPasswordChecks in an account password
/ServerManage/CheckoutPasswordChecks out an account password
/ServerManage/DeleteAccountDeletes an account.
/ServerManage/DeleteDomainDeletes a domain.
/ServerManage/DeleteDatabaseDeletes a database.
/ServerManage/DeleteResourceDeletes a resource.
/ServerManage/ExtendCheckoutExtends checkout time for a password.

 

/ServerManage/GetAccountPermissionsGets list of permissions associated with an account.
/ServerManage/GetAccountsForResourceGets all visible accounts for a resource.
/ServerManage/GetDatabasePermissionsGets list of permissions associated with a database.
/ServerManage/GetDomainPermissionsGets list of permissions associated with a domain.
/ServerManage/GetResourcePermissionsGets list of grants associated with a resource.
/ServerManage/GetRetiredPasswordGets a retired password of an account.
/ServerManage/GetSessionsGets a list of sessions.
/ServerManage/PreCheckDomainPerforms a pre check on a domain.
/ServerManage/RotatePasswordRotates the password of the specified account.
/ServerManage/SetAccountPermissionsGrants permissions on accounts
/ServerManage/SetDatabasePermissionsSets permissions for a database.
/ServerManage/SetDomainPermissionsSets permissions for a domain.
/ServerManage/SetResourcePermissionsGrants permissions on resources.
/ServerManage/TerminateSessionTerminates an active session.
/ServerManage/UpdateAccountUpdates an account.
/ServerManage/UpdateDatabaseUpdates a database.
/ServerManage/UpdateDomainUpdates a domain.
/ServerManage/UpdatePasswordUpdates password of an unmanaged account.
/ServerManage/UpdateResourceUpdates a resource.

TenantCnames

The /TenantCNames functions enable you to get and set information for tenant URLs.

Functions
FunctionDescription
/TenantCnames/GetGets a tenant URL.
/TenantCnames/GetDomainInfoGets domain information.
/TenantCnames/RegisterRegisters a tenant URL.

UPRest

The /UPRest functions enable you to manage applications for users.

Functions
/UPRest/GetAppByKeyGets an application's data.
/UPRest/GetResultantAppsForUserReturns a user's portal applications and how the user has access to each one.
/UPRest/GetTagsForAppGets the list of application tags for the current user.
/UPRest/GetUPDataReturns information for all applications that are deployed for a specific user.
/UPRest/SetUserCredsForAppSets user credentials for an application.
/UPRest/UpsertTagsForAppAdds and updates application tags for the current user.

UserMgmt

You can use the functions in this category to manage any type of user. For functions that you can apply specifically to Cloud Directory users, see /CDirectoryService functions.

Using generic user functions shows how to use the /UserMgmt functions to invite users to the portal, get information for users, and configure authentication settings. See Creating and managing Cloud Directory users to see how to use the /CDirectoryService functions to create and update Cloud Directory users.

Functions
/UserMgmt/CanEditUserAttributes
Checks whether user can edit user attributes. 
/UserMgmt/ChangeUserPassword
Changes the user's password.

/UserMgmt/GetUserAttributes
Gets user's attributes.
/UserMgmt/GetUserHierarchy
Retrieves reporting hierarchy for the specified user.
/UserMgmt/GetUserInfo
Retrieves detailed information for a user.
/UserMgmt/GetUserPicture
Retrieves the picture for a user.
/UserMgmt/GetUserRolesAndAdministrativeRights
Gets a list of a user's roles and the administrative rights associated with the roles..
/UserMgmt/InviteUsers
Invites one or more users to the portal.
/UserMgmt/RemoveUser
Removes a user from the cloud service.
/UserMgmt/RemoveUsers
Removes one or more users from the cloud service.
/UserMgmt/ResetUserPassword
Resets a user's password.
/UserMgmt/SendLoginEmail
Sends an email invitation to a user.
/UserMgmt/SendLoginEmails
Sends an email invitation to multiple users.
/UserMgmt/SendSMSInvite
Sends an SMS invitation to a user.
/UserMgmt/SetSecurityQuestion
Sets the security question for a user.