Tenant-level user account resources

Tenant-level user account resources let you create, retrieve information about, modify, and delete tenant-level user accounts. The table below provides information about these resources.

User account resources are not available for the default tenant.

.../tenants/tenant-name/userAccounts

Data typeMethodUseAccessNotes
userAccountPUTCreate a user account for a tenantTenant-level user account with the security role
ListGETRetrieve a list of the user accounts defined for a tenantTenant-level user account with the monitor, administrator, or security role

The listed user accounts are identified by the account username.

In XML, the element that identifies each user account is username. The root element for the list of user accounts is userAccounts.

In JSON, the name in the name/value pair that lists the user accounts is username.

.../tenants/tenant-name/userAccounts/username

Data typeMethodUseAccessNotes
userAccountGETRetrieve information about a user accountTenant-level user account with the monitor, administrator, or security roleThe information returned depends on the roles associated with the user making the request.
N/AHEADCheck for the existence of a user accountTenant-level user account with the monitor, administrator, or security role
userAccountPOSTModify a user accountTenant-level user account with the administrator or security role

A user with only the administrator role can modify only the allow-NamespaceManagement property. A user with only the security role cannot modify that property.

N/ADELETEDelete a user accountTenant-level user account with the security role

.../tenants/tenant-name/userAccounts/username/changePassword

Data typeMethodUseAccessNotes
updatePassword RequestPOSTChange the password for a locally authenticated tenant-level user accountSystem-level user account with the security role or tenant-level user account with the security role

.../tenants/tenant-name/userAccounts/username/dataAccessPermissions

Data typeMethodUseAccessNotes
dataAccess PermissionsGETRetrieve information about the data access permissions associated with a user accountTenant-level user account with the administrator or security role
POSTModify the data access permissions associated with a user accountTenant-level user account with the administrator role

The request body must contain all permissions granted for each included namespace. If a namespace is not included, its permissions are not changed by the POST request.

By default, when you create a user account, it does not include any data access permissions.