Edit account

Modifies an existing local account or registered external account.

Request

Security

Table 1. Roles capable of executing the Edit Account API method
Any Super User System Admin Security Admin Operator
  superUser   securityAdmin  

HTTP method

POST /manager/api/{apiResponseType}/1.0/editAccount.adm HTTP/1.1 Host:{manager.dsnet} id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}

Curl method

curl -u {admin}:{password} -k “https://{manager.dsnet}/manager/api/{apiResponseType}/1.0/editAccount.adm” -d “id={accountId}&admin&name={accountName}&roles={role}&email={email}&useCustomTimezone={true|false}&timezoneId={tzId}”

Parameters

All of the parameters from createAccount are supported except for password. If unspecified, the values remain the same. To change only the account password, the editAccountPassword method can be used.

Table 2. Request Parameters for Edit Account (editAccount) API method
Parameter Type Usage Default Description
id Long Required  

ID of the account that is being modified, the same ID returned after account creation.

name String Optional  

Human-readable name for the new account

email String Optional  

Email address for the new account.

useCustomTimezone Boolean Optional  

Specifies whether the account has a different time zone from the manager default time zone, or not.

timezoneID Integer Optional  

Timezone ID if the account is using a custom time zone.

accountType String Optional local
  • local - local account that is created on Manager.
  • ldap/oidc - external account exists on LDAP server/OIDC provider.
  • keystone - external account exists on Keystone server.
usingPassword Boolean accountType=local true

Sets if user authentication to username / password.

username String usingPassword=true  

Account username.

usingPki Boolean accountType=local false

Sets if user authentication to PKI.

pkiRealm String usingPki=true  

PKI Realm for this account.

pkiSubjectDN String usingPki=true  

PKI Subject DN for this account.

ldapUsername   accountType=ldap true

Principal username to tie this account with LDAP server.

keystoneUsername String accountType=keystone  

An updated username of the Keystone account.

keystoneDomain String    

An updated domain name of the Keystone account.

rolesMap Set[{role}] Optional  

Key is the name of role string that includes the following.

  • admin
  • systemAdmin
  • securityAdmin
  • operator
  • vaultProvisioner
  • serviceAccount
  • readOnlySystemAdmin
  • readOnlySecurityAdmin

An account cannot be assigned with readOnlysystemAdmin/SystemAdmin or readOnlySecurityOfficer/securityOfficer together at the same time.

vaultUserPermissions Map[{vaultId}] Optional disabled

With specific vault ID, set vault access permissions to 1 of three options.

  • disabled
  • owner
  • readOnly
  • readWrite

Multiple vaultUserPermission[{vaultId}] parameters can be passed as part of the editGroup call.

vaultUserPermission[1]=disabled
&vaultUserPermission[2]=owner
defaultDevicePermission String Optional noAccess Default access permission that can be set on all devices except manager that will enable user to perform actions using nut interface.

Can be 1 of 4 options

  • noAccess
  • readOnlyAccess
  • readWriteAccess
  • rootAccess
managerDevicePermission String Optional noAccess Manager access permission that is specific to manager devices to enable user to perform actions using nut interface. Can be 1 of 4 options as listed above
siteDevicePermissions Map[{siteId}] Optional noAccess For specific site ID, device access permission can be set to 1 of 4 options, as listed above
regionDevicePermissions Map{regionId} Optional noAccess For specific region ID, device access permission can be set to 1 of 4 options, as listed above
organizationId Long Optional   The ID of the organization for the account.
oidcUsername String Optional   The username of the external account existing on the OIDC provider.