REST API Reference > Platform REST API version 3 resources > Users

Users

Use the users resource to request Informatica Intelligent Cloud Services user details, create users, update role and user group assignments, and delete users.

Note: This resource uses a dynamic rate limit. When the system experiences a large volume or size of requests, responses might be slow or fail with the error message, "too many requests."

Use the users resource along with the userGroups and roles resources to manage user privileges for Informatica Intelligent Cloud Services tasks and assets. Users and groups can perform tasks and access assets based on the roles that you assign to them.

For information about using the userGroups and roles REST API resources, see the following topics:

•Roles
•User groups

For general information about users, user groups, and roles, see the Administrator help.

Getting user details

Use the users resource to request Informatica Intelligent Cloud Services user details. You can request the details for all users in the organization or request the details for a particular user.

GET request

To get user details, use the following URI:

/public/core/v3/users

To get the details for a particular user, you can include the following query parameters in the URI:

Parameter	Type	Description
q	String	Query filter. You can filter using one of the following fields: - userId. Unique identifier for the user. - userName. Informatica Intelligent Cloud Services user name.
limit	Int	Maximum number of users to return. Maximum of 200. Default is 100.
skip	Int	Amount to offset the list of results. Default is 0.

For example, to get details for a particular user based on the user's ID, you might use the following request:

/public/core/v3/users?q=userId==5N9JGth6pRYfOGjGKv3Q2D &limit=1 &skip=0

GET response

If successful, returns the following information for each user:

Field	Type	Description
id	String	User ID.
orgId	String	ID of the organization the user belongs to.
createdBy	String	User who created the user account.
updatedBy	String	User who last updated the user account.
createTime	String	Date and time the user was created.
updateTime	String	Date and time the user was last updated.
userName	String	User name for the user account.
firstName	String	First name for the user account.
lastName	String	Last name for the user account.
description	String	User description.
title	String	Job title of the user.
phone	String	Phone number for the user.
email	String	Email address for the user.
state	String	State of the user account. Returns one of the following values: - Active. User account exists and user has activated the account. - Provisioned. User account exists but the user has not activated the account. - Disabled. User account is disabled because the user exceeded the maximum number of login attempts. Note: If the user's password is expired, the value is null.
timeZoneId	String	Time zone of the user. For more information, see Time zone codes.
maxLoginAttempts	Int	Number of times a user can attempt to log in before the account is locked.
authentication	String	Whether the user accesses Informatica Intelligent Cloud Services through single sign-in (SAML). Returns one of the following values: - 0. Native. - 1. SAML.
forcePasswordChange	Boolean	Whether the user must reset the password after the user logs in for the first time.
lastLoginTime	String	The date and time that the user last logged in.
lastLoginMode	String	Whether the user logged in through a REST API call or through the UI.
roles	Array	Roles assigned to the user account.
id	String	Included in the roles object. Role ID.
roleName	String	Included in the roles object. Role name.
description	String	Included in the roles object. Description of the role.
displayName	String	Included in the roles object. Role name that is displayed in the user interface.
displayDescription	String	Included in the roles object. Role description that is displayed in the user interface.
groups	Array	Group in which the user account is a member.
id	String	Included in the groups object. User group ID.
userGroupName	String	Included in the groups object. User group name.
description	String	Included in the groups object. Description of the user group.

GET response example

If successful, you might receive a response similar to the following example:

[
{
"id": "5N9JGth6pRYfOGjGKv3Q2D",
"orgId": "cPYWk02I4aBeuLEvYRtaMS",
"createdBy": "ma",
"updatedBy": "a@abc.com",
"createTime": "2019-03-06T22:04:00.000Z",
"updateTime": "2019-03-18T22:34:53.000Z",
"userName": "a@abc.com",
"firstName": "a",
"lastName": "jones",
"description": "",
"title": "dev",
"phone": "1112221111",
"email": "a@abc.com",
"state": "Enabled",
"timeZoneId": "America/Los_Angeles",
"maxLoginAttempts": "10",
"authentication": "Native",
"forcePasswordChange": false,
"lastLoginTime": "2020-07-31T21:50:10Z",
"lastLoginMode": "API",
"roles": [
{
"id": "9c2XrdpAz80hg29yXDBPEN",
"roleName": "Data Preview",
"description": "Role to preview data"
"displayName": "Data Preview",
"displayDescription": "Role to preview data"
},
{
"id": "1VfnsgZiCT1fi25VAupQg1",
"roleName": "Designer",
"description": "Role for creating assets, ... and runtime environments. Has access to the Application Integration Console."
"displayName": "Designer",
"displayDescription": "Role for creating assets, ... and runtime environments. Has access to the Application Integration Console."
}
],
"groups": [
{
"id": "a6x85hoMvH2kWUIlcIRBEh",
"userGroupName": "group_a",
"description": ""
}
]
},
{
"id": "aNJWtppg613c1YbXvRRHcV",
"orgId": "cPYWk02I4aBeuLEvYRtaMS",
"createdBy": "a@abc.com",
"updatedBy": "a@abc.com",
"createTime": "2019-03-13T20:15:58.000Z",
"updateTime": "2019-03-13T20:15:58.000Z",
"userName": "b@abc.com",
"firstName": "b",
"lastName": "smith",
"description": "",
"title": "cs",
"phone": "1112223333",
"email": "b@abc.com",
"state": "Provisioned",
"timeZoneId": "America/Los_Angeles",
"maxLoginAttempts": "10",
"authentication": "Native",
"forcePasswordChange": false,
"lastLoginTime": "2020-07-31T21:50:10Z",
"lastLoginMode": "API",
"roles": [
{
"id": "9c2XrdpAz80hg29yXDBPEN",
"roleName": "Data Preview",
"description": "Role to preview data"
"displayName": "Data Preview",
"displayDescription": "Role to preview data"
}
],
"groups": [
{
"id": "a6x85hoMvH2kWUIlcIRBEh",
"userGroupName": "group_a",
"description": ""
}
]
}
]

Creating a user

If you have administrator privileges, you can use the users resource to create a user.

POST request

To create a user, send a POST request using the following URI:

/public/core/v3/users

Note: The number of users, user groups, and roles combined cannot exceed 1000 for an organization.

Include the following information:

Field	Type	Required	Description
name	String	Yes	Informatica Intelligent Cloud Services user name. Maximum length is 255 characters.
firstName	String	Yes	First name for the user account.
lastName	String	Yes	Last name for the user account.
password	String	-	Informatica Intelligent Cloud Services password. If password is empty, the user receives an activation email. Maximum length is 255 characters.
description	String	-	Description of the user.
email	String	Yes	Email address for the user.
title	String	-	Job title of the user.
phone	String	-	Phone number for the user.
forcePasswordChange	Boolean	-	Determines whether the user must reset the password after the user logs in for the first time.
maxLoginAttempts	Int	-	Number of times a user can attempt to log in before the account is locked.
authentication	Int	-	Determines whether the user accesses Informatica Intelligent Cloud Services through single sign-in (SAML). Use one of the following values: - 0. Native. - 1. SAML.
aliasName	String	Required when authentication is not 0.	The user identifier or user name in the 3rd party system.
roles	Array	Required when no group IDs are included.	IDs of the roles to assign to the user.
groups	Array	Required when no role IDs are included.	IDs of the user groups to assign to the user.

POST response

If successful, returns the users object with the details you included in the POST request.

POST example

To create a user, you might send a request similar to the following example:

POST <baseApiUrl>/public/core/v3/users
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
"name" : "c@abc.com",
"firstName" : "c",
"lastName" : "smith",
"email" : "c@abc.com",
"authentication" : 0,
"roles" : ["5IPgtye09EbiWqz5XXuzwC", "9gedBDoYQoQibNMohf5KCh"],
"groups" : ["a6x85hoMvH2kWUIlcIRBEh"]
}

You might receive a response similar to the following example:

{
"id": "9EcgvBYZ9GGflOYr98GzOH",
"orgId": "cPYWk02I4aBeuLEvYRtaMS",
"createdBy": "a@abc.com",
"updatedBy": "a@abc.com",
"createTime": "2020-08-20T18:29:19.987Z",
"updateTime": "2020-08-20T18:29:20.653Z",
"userName": "c@abc.com",
"firstName": "c",
"lastName": "smith",
"description": null,
"title": "dev",
"phone": null,
"email": "c@abc.com",
"state": "Provisioned",
"timeZoneId": "America/Los_Angeles",
"maxLoginAttempts": "10",
"authentication": "Native",
"forcePasswordChange": false,
"lastLoginTime": null,
"lastLoginMode": "None",
"roles": [
{
"id": "5IPgtye09EbiWqz5XXuzwC",
"roleName": "test",
"description": ""
},
{
"id": "9gedBDoYQoQibNMohf5KCh",
"roleName": "Admin",
"description": "Role for performing administrative tasks for an organization. Has full access to all licensed services."
}
],
"groups": [
{
"id": "a6x85hoMvH2kWUIlcIRBEh",
"userGroupName": "group_a",
"description": ""
}
]
}

Updating role assignments

You can add or remove role assignments for a user.

You cannot update a user's role assigments if your organization enabled the Map SAML Groups and Roles option for SAML single sign-on. For more information, see User Administration in the Administrator help.

Assign roles

To assign a role to a user, send a PUT request using one of the following URIs:

/public/core/v3/users/<user ID>/addRoles

/public/core/v3/users/name/<user name>/addRoles

Include an array of the roles that you want to assign to the user.

For example, to assign the Admin and Business Manager roles to a user, you might use the following request:

PUT <baseApiUrl>/public/core/v3/users/cPYWk02I4aBeuLEvYRtaMS/addRoles
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
"roles" : ["Admin", "Business Manager"]
}

You can use the roles resource to get a list of roles that you can assign. For more information, see Roles.

The response includes a success code if successful or an error object if errors occur.

Remove roles

To remove a role assignment from a user, send a PUT request using one of the following URIs:

/public/core/v3/users/<user ID>/removeRoles

/public/core/v3/users/name/<user name>/removeRoles

Include an array of roles to unassign.

For example, to remove the Designer role assignment from a user, you might use the following request:

PUT <baseApiUrl>/public/core/v3/users/cPYWk02I4aBeuLEvYRtaMS/removeRoles
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
"roles" : "Designer"
}

Updating user group assignments

You can add or remove user group assignments for a user.

You cannot update a user's user group assignments if your organization enabled the Map SAML Groups and Roles option for SAML single sign-on. For more information, see User Administration in the Administrator help.

Assign user groups

To assign a user group to a user, send a PUT request using one of the following URIs:

/public/core/v3/users/<user ID>/addGroups

/public/core/v3/users/name/<user name>/addGroups

Include an array of the user groups that you want to assign to the user.

For example, to assign the Workflow Manager and MDM Admin user groups to a user, you might use the following request:

PUT <baseApiUrl>/public/core/v3/users/cPYWk02I4aBeuLEvYRtaMS/addGroups
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
"groups" : ["Workflow Manager", "MDM Admin"]
}

You can use the userGroups resource to get a list of user groups that you can assign. For more information, see User groups.

The response includes a success code if successful or an error object if errors occur.

Remove user group assignments

To remove a user group assignment, send a PUT request using one of the following URIs:

/public/core/v3/users/<user ID>/removeGroups

/public/core/v3/users/name/<user name>/removeGroups

Include an array of user group assignments to remove from the user.

For example, to remove the MDM Admin user group assignment, you might use the following request:

PUT <baseApiUrl>/public/core/v3/users/name/LarryR/removeGroups
Content-Type: application/json
Accept: application/json
INFA-SESSION-ID: <sessionId>
{
"groups" : "MDM Admin"
}

Deleting a user

If you have administrator privileges, you can use the users resource to delete a user.

DELETE request

To delete a user account, use the following URI:

/public/core/v3/users/<userId>

For example, you might send a request similar to the following example:

DELETE <baseApiUrl>/public/core/v3/users/5N9JGth6pRYfOGdGKv3Q2D