POST User Authority

The Add User Authority API is used to add a user to the Connect:Direct server and set access rights for the user.

Method URI

POST

/cdwebconsole/svc/userauthorities

The following example shows the Command:
curl -X 'POST' \
  'https://172.20.186.254:9443/cdwebconsole/svc/userauthorities' \
  -H 'Authorization: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbmlzdHJhdG9yOjE3Mi4yMC4xODYuMjU0OjIzNjM6MDJlOTc5ZmQtNWY3Mi00M2JiLWIwNjktMmM2ODhhMWFmODMyIiwiZXhwIjoxNzE1MjM4NDI1fQ.W74NDiAXxXLqJcaEWvs9ZH8hPTWCNOjfPjdPk9SQO6aeD2gRs7LHrCbwwkpdJesL0jnzK_0f06D5k9nh503lkw' \
  -H 'Content-Type: application/json' \
  -H 'X-XSRF-TOKEN: 56d33740-229a-47d0-b823-319bbf9a02d8' \
  -d '{"userId":"abc1","authorizedToTrace":"","authorizedToStop":"","authorizedToSelectStatistics":"","downloadDirectory":"C:\\Users\\Administrator\\Desktop","processDirectory":"C:\\Users\\Administrator\\Desktop","programDirectory":"C:\\Users\\Administrator\\Desktop","uploadDirectory":"C:\\Users\\Administrator\\Desktop","allowedToSpecifyCRC":"","authorizedToSubmitProcess":"","authorizedToRunJob":"","authorizedToRunTask":"","authorizedToSubmitInProcess":"","authorizedToChangeProcess":"","authorizedToSelectProcess":"","authorizedToReceiveFiles":"","authorizedToSendFiles":"","specifyRemoteNodeUser":"","authorizedToDeleteProcess":"","authorizedToPerformUpdateProxies":"","authorizedToPerformUpdateUserRecords":"","aclUpdate":"","domain":"","group":"","authorizedToSelectNetMap":"","authorizedToPerformTranslationTableCommands":"","authorizedToRefreshInitparams":"","authorizedToSelectMessage":"","authorizedToChangeExecutionPriority":"","authorizedToChangeFileAttributes":"","authorizedToUpdateNetmap":"","order":"","authorizedToUpdateSecurePlusConfiguration":"","clientSourceIp":"1.1.1.1","certificateAuthenticationClientAccess":"","authorizedToNoPswdLocalConnections":"","authorizedToRunProcessUsingServiceAccount":"","authorizedToPswdExit":"","authorizedToProcessLibrary":"","authorizedToUpdateFileAgentConfiguration":"","authorizedToExternalStatsLog":"","applicationId":"","policyId":"","authorizedToWebServices":""}' 
Table 1. Input Parameters
Parameter Name Required/Optional Description Valid values

userId 

Required

Identifies the user of the User Authority record.

Test1

authorizedToTrace  Optional

User is authorized to perform trace commands

Valid values : yes, no

Default value Windows: yes, Unix: no, zOS: no

authorizedToStop Optional

User is authorized to perform stop commands

Valid values : yes, no

Default value Windows: yes, Unix: no, zOS: no

authorizedToSelectStatistics Optional

User is authorized to perform select statistics commands

Valid values : yes, no, all

Default value Windows: all, Unix: yes, zOS: no

downloadDirectory Optional

Specify directory for downloads.

Note: To reset the value, use None in update(put) request.
C:\Users\Administrator\Desktop
processDirectory Optional

Specify directory for Processes.

Note: To reset the value, use None in update(put) request.
C:\Users\Administrator\Desktop
programDirectory Optional

Specify directory for loading programs.

Note: To reset the value, use None in update(put) request.
C:\Users\Administrator\Desktop
uploadDirectory Optional

Specify directory for upload.

Note: To reset the value, use None in update(put) request.
C:\Users\Administrator\Desktop
allowedToSpecifyCRC Optional

User is allowed to specify CRC in process statement

Valid values : yes, no

Default value Windows: yes, Unix: no

authorizedToSubmitProcess Optional

User is authorized to submit process

Valid values : yes, no

Default value Windows: yes, Unix: yes, zOS: no

authorizedToRunJob Optional

User is authorized to perform runjob functions within Processes

Valid values : yes, no

Default value Windows: yes, Unix: yes, zOS: no

authorizedToRunTask Optional

User is authorized to perform runtask functions within Processes

Valid values : yes, no

Default value Windows: yes, Unix: yes, zOS: no

authorizedToSubmitInProcess Optional

User is authorized to perform submits within a Process

Valid values : yes, no

Default value Windows: yes, Unix: yes, zOS: no

authorizedToChangeProcess Optional

User is authorized to change process

Valid values : yes, no, all

Default value Windows: all, Unix: yes, zOS: no

authorizedToSelectProcess Optional

User is authorized to select process

Valid values : yes, no, all

Default value Windows: all, Unix: yes, zOS: no

authorizedToReceiveFiles Optional

User is authorized to perform copy functions to receive files

Valid values : yes, no

Default value : yes

authorizedToSendFiles Optional

User is authorized to perform copy functions to send files

Valid values : yes, no

Default value : yes

specifyRemoteNodeUser Optional

Specify the remote node of user

Valid values : yes, no

Default value : yes

authorizedToDeleteProcess Optional

User is authorized to delete process

Valid values : yes, no, all

Default value Windows: all, Unix: yes, zOS: no

authorizedToPerformUpdateProxies Optional

User is authorized to update Proxies

Valid values : yes, no

Default value : yes

authorizedToPerformUpdateUserRecords Optional

User is authorized to update User Records

Valid values : yes, no

Default value : yes

aclUpdate Optional

User is authorized to update ACL

Valid values : yes, no

Default value : yes

Domain Optional Specifies Windows domain name. Do not use with USERID. Specify with Group & Order  
Group Optional Specifies Windows group name. Do not use with USERID. Specify with Domain & Order  
authorizedToSelectNetMap Optional

User is authorized to select Netmap

Valid values : yes, no

Note: Valid values for Windows : yes, no, view

Default value Windows: yes, zOS: no

authorizedToPerformTranslationTableCommands Optional

User is authorized to perform Translations

Valid values : yes, no

Default value : yes

authorizedToRefreshInitparams Optional

User is authorized to refresh Initparam

Valid values : yes, no

Default Value Windows: yes, zOS: no

authorizedToSelectMessage Optional

User is authorized to select Message

Valid values : yes, no

Default value : yes

authorizedToChangeExecutionPriority Optional

User is authorized to change Execution priority of processes

Valid values : yes, no, all

Default value : all

authorizedToChangeFileAttributes Optional

User is authorized to change File Attributes

Valid values : yes, no

Default value : yes

authorizedToUpdateNetmap Optional

User is authorized to update Netmap

Valid values : yes, no

Default value Windows: yes, zOS: no.

Order Optional Specifies order for the Windows Domain Group. Do not use with USERID. Specify with Domain & Group. Valid value is a numeric value greater than 0
authorizedToUpdateSecurePlusConfiguration Optional

Specifies user is a Secure Plus admin

Valid values : yes, no

Default value Windows: yes, Unix: no, zOS: no

clientSourceIp Optional

Specify ip address or dns name or comma separated list (in double quotes) of ip addresses or dns names. If specified, the client request must come from one of the addresses specified.

Note: To reset the value, use None in update(put) request
2.2.2.2
certificateAuthenticationClientAccess Optional

User is authorized for certificate authentication

Valid values : yes, no

Default value : no

authorizedToNoPswdLocalConnections Optional

Specifies to allow local connections with no password

Valid values : yes, no

Default value : no

authorizedToRunProcessUsingServiceAccount Optional

Specifies to run process using service account

Valid values : yes, no

Default value : no

authorizedToPswdExit Optional

Specifies to allow own plugin to manage password

Valid values : yes, no

Default value : no

authorizedToProcessLibrary Optional

Specify the permissions for process library

Valid values : yes, no, view

Default value Windows: yes, Unix: no

authorizedToUpdateFileAgentConfiguration Optional

Specify the permissions for file agent

Windows/zOS: Valid values : yes, no, view

Unix: Valid values : yes, no

Default value Windows: yes, Unix: no, zOS: no

authorizedToExternalStatsLog Optional

Specify the permissions for external stat logging.

Valid values : yes, no

Default: yes for admin, no for others.

applicationId Optional

Specify application Id.

Note: To reset the value, use None in update(put) request.
 
policyId Optional

Specify policy Id.

Note: To reset the value, use None in update(put) request.
 
authorizedToWebServices Optional

Specify the permission for integrated web services configuration.

Valid values : yes, no, view

Default value : yes

Note: This parameter is only applicable for integrated web services.
adminAuthority Optional

Provides admin authority to user

Valid values : yes, no

Default value : no

copyUlimit Optional

Specifies that the user is limited to the init parms ulimit, or sets the ulimit for this user

Valid values are : yes, no, nnnnnK, nnnnnM or nnnnnG where n should be integer

Default value : no

contactPhone Optional

Specifies phone number of the IBM Sterling Connect:Direct administrator or operator.

Note: To reset the value, use None in update(put) request. (Only for Unix)
 
descriptionOfTheUserEntry Optional

A description of this user entry.The value should be coded in double quotes.

Note: To reset the value, use None in update(put) request.
 
authorizedToViewProcess Optional

User is authorized to use the view process command

Valid values : yes, no, all

Default value : no

authorizedToFlushProcess Optional

User is authorized to flush Processes

Valid values : yes, no, all

Default value : no

authorizedToCopy Optional

User is authorized to perform copy functions

Valid values : yes, no

Default Value Windows: yes, Unix: yes, zOS: no

contactName Required

Specifies the contact name information.

Note: To reset the value, use None in update(put) request. (Only for Unix)
 
userNode Required Identifies the user node of the User Authority record.  
authorizedToRemoveType Optional

User is authorized to remove TYPE

Valid values : yes, no

Default value : no

authorizedToReadUser Optional

User is authorized to read USER records

Valid values : yes, no

Default value : no

authorizedToReadType Optional

User is authorized to read TYPE records

Valid values : yes, no

Default value : no

passTicketData Optional Specify passticket data as APPL profile name, secure signokey  
specifyUserPassword Optional Specify user password  
maximumSignOnAttempts Optional

Specify maximum signon attempts

Default Value: 60

authorizedToIssueEventServicesSupport Optional

User is authorized to issue Event Services Support commands

Valid values : yes, no

Default value : no

authorizedToAddType Optional

User is authorized to add TYPE records

Valid values : yes, no

Default value : no

authorizedToAlterType Optional

User is authorized to alter TYPE records

Valid values : yes, no

Default value : no

submitAPKey Optional

User is authorized to issue apkey commands

Valid values : yes, no

Default Value zOS:no

authorizedIssueCase Optional

ApKey Command Case Sensitive

Valid values : yes, no

Default value : yes

displayConfirmDelete Optional

Delete Confirmation is requested

Valid values : yes, no

Default Value: Yes, zOS:no

displayConfirmDeleteOff Optional

Delete Confirmation can be turned off

Valid values : yes, no

Default Value: zOS:no

authorizedToUpdateInItParam Optional

User is authorized to update Initparams

Valid values : yes, no

Default Value: zOS:no

authorizedtoAddNetmap Optional

User is authorized to add Netmap

Valid values: yes, no

Default Value: zOS:no

authorizedToDeleteNetmap Optional

User is authorized to delete Netmap

Valid values : yes, no

Default Value: zOS:no

authorizedToRemoveUser Optional

User is authorized to remove user

Valid values : yes, no

Default Value: zOS:no

authorizedToAddUser Optional

User is authorized to Add User

Valid values : yes, no

Default Value zOS:no

authorizedToAlterUser Optional

User is authorized to Alter User

Valid values : yes, no

Default value zOS: no

authorizedToPerformStatisticCommand Optional

User is authorized to perform statistics commands

Valid values : yes, no

Default value : no

Modals Optional

User is authorized to use IF and ELSE in Processes

Valid values : yes, no

Default value : no

allowedToSpecifyCRCOverride Optional

Specifies whether the user is allowed to use the CRC statement to override the initial CRC settings.

Valid values : yes, no

Default Value Windows: Yes, zOS:no

securityId Optional Specifies the 1-64 character security system ID for the user  
securityIdPassword Optional Specifies the 1-64 character security system password for the user  
authorizedToProcessLibraryOperations Optional

Specify the permissions for process library

Valid values : yes, no, view

Default value : no

The following example shows the Sample Response:
[  {
    "messageCode": 201,
    "message": "The User Authority has been successfully added"
  }
]