Get User Details REST Service

Use the Get User Details REST Service to retrieve details of a user such as the assigned roles and groups.

Operation: GET
URL: https://host:port/GKLM/rest/v1/ckms/usermanagement/users/{userName}

By default, IBM® Guardium® Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request Parameters
Parameter	Description
host	Specify the IP address or hostname of the IBM Guardium Key Lifecycle Manager server.
port	Specify the port number on which the IBM Guardium Key Lifecycle Manager server listens for requests.

Request Headers
Header name	Value
Content-Type	`application/json`
Accept	`application/json`
Authorization	`SKLMAuth userAuthId=<authIdValue>`
Accept-Language	Any valid locale that is supported by IBM Guardium Key Lifecycle Manager. For example, `en` or `de`.

Path parameter
JSON object with the following specification.
JSON property name	Description
userName	Specify the user name for which you want to retrieve the details.

Response

Response Headers
Header name	Value and description
Status Code	200 OK The request was successful. The response body contains the requested representation. 400® Bad Request The authentication information was not provided in the correct format. 401 Unauthorized The authentication credentials were missing or incorrect. 404 Not Found Error The processing of the request fails. 500 Internal Server Error The processing of the request fails because of an unexpected condition on the server.
Content-Type	`application/json`
Content-Language	Locale for the response message.

Success Response Body
JSON object with the following specification.
JSON property name	Description
code	Returns `0` when the request is successful. Otherwise, returns `1`.
name	Returns the name of the user.
description	Returns the description of the user.
isDefault	Indicates whether the user and its associations are provided by default during product installation (return value = `true`) or added later by a user (return value = `false`). You cannot modify or delete a default user.
roles	Returns details of the user roles that are assigned to the user.
groups	Returns details of the user groups to which the user belongs.

Error Response Body
JSON object with the following specification.
JSON property name	Description
code	Returns the application error code.
message	Returns a message that describes the error.

Example

Get details of a user

GET 
https://host:port/GKLM/rest/v1/ckms/usermanagement/users/sklmuser

Success response

{
  "displayName": "sklmuser",
  "groups": [
    {
      "description": "Installation assigns the klmSecurityOfficer role to this group.",
      "isDefault": true,
      "name": "klmSecurityOfficerGroup",
      "roles": [
        "suppressmonitor"
      ]
    }
  ],
  "isDefault": false,
  "name": "sklmuser",
  "roles": [
    {
      "description": "Manage clients and their cryptographic objects by using the IBM Guardium Key Lifecycle Manager REST APIs.",
      "groupName": "",
      "isDefault": false,
      "name": "klmClientUser",
      "roleAssignment": "user"
    },
    {
      "description": "Has Super user access rights and can perform all administrative operations.",
      "groupName": "",
      "isDefault": false,
      "name": "klmSecurityOfficer",
      "roleAssignment": "user"
    }
  ]
}

Error response

{
  "code": "CTGKM6002E",
  "message": "CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."
}