Skip to main content
A newer release of this product is available.

Retrieve user accounts in the cluster

Contributors

GET /security/accounts

Introduced In: 9.6

Retrieves a list of user accounts in the cluster.

  • security login show

Parameters

Name Type In Required Description

password_hash_algorithm

string

query

False

Filter by password_hash_algorithm

  • Introduced in: 9.11

role.name

string

query

False

Filter by role.name

  • Introduced in: 9.7

locked

boolean

query

False

Filter by locked

  • Introduced in: 9.7

name

string

query

False

Filter by name

  • Introduced in: 9.7

  • maxLength: 64

  • minLength: 3

owner.uuid

string

query

False

Filter by owner.uuid

  • Introduced in: 9.7

owner.name

string

query

False

Filter by owner.name

  • Introduced in: 9.7

comment

string

query

False

Filter by comment

  • Introduced in: 9.7

applications.application

string

query

False

Filter by applications.application

  • Introduced in: 9.7

applications.authentication_methods

string

query

False

Filter by applications.authentication_methods

  • Introduced in: 9.7

applications.second_authentication_method

string

query

False

Filter by applications.second_authentication_method

  • Introduced in: 9.7

ldap_fastbind

boolean

query

False

Filter by ldap_fastbind

  • Introduced in: 9.11

scope

string

query

False

Filter by scope

  • Introduced in: 9.7

fields

array[string]

query

False

Specify the fields to return.

max_records

integer

query

False

Limit the number of records returned.

return_records

boolean

query

False

The default is true for GET calls. When set to false, only the number of records is returned.

  • Default value: 1

return_timeout

integer

query

False

The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.

  • Default value: 1

  • Max value: 120

  • Min value: 0

order_by

array[string]

query

False

Order results by specified fields and optional [asc

Response

Status: 200, Ok
Name Type Description

_links

_links

num_records

integer

Number of records

records

array[account]

Example response
{
  "_links": {
    "next": {
      "href": "/api/resourcelink"
    },
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "num_records": 1,
  "records": [
    {
      "_links": {
        "self": {
          "href": "/api/resourcelink"
        }
      },
      "applications": [
        {
          "application": "string",
          "authentication_methods": [
            "string"
          ],
          "second_authentication_method": "string"
        }
      ],
      "comment": "string",
      "name": "joe.smith",
      "owner": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "svm1",
        "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
      },
      "password": "string",
      "password_hash_algorithm": "sha512",
      "role": {
        "_links": {
          "self": {
            "href": "/api/resourcelink"
          }
        },
        "name": "admin"
      },
      "scope": "string"
    }
  ]
}

Error

Status: Default, Error
Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

next

href

self

href

Name Type Description

self

href

account_application

Name Type Description

application

string

Applications

authentication_methods

array[string]

second_authentication_method

string

An optional additional authentication method for multifactor authentication (MFA). This is only supported with SSH as the application. Time-based One-Time Passwords (TOTPs) are only supported with the authentication method password or public key. It is ignored for all other applications.

owner

Owner name and UUID that uniquely identifies the user account.

Name Type Description

_links

_links

name

string

The name of the SVM.

uuid

string

The unique identifier of the SVM.

role

Name Type Description

_links

_links

name

string

Role name

account

Name Type Description

_links

_links

applications

array[account_application]

comment

string

Optional comment for the user account.

ldap_fastbind

boolean

Optional property that specifies the mode of authentication is LDAP Fastbind.

locked

boolean

Locked status of the account.

name

string

User or group account name

owner

owner

Owner name and UUID that uniquely identifies the user account.

password

string

Password for the account. The password can contain a mix of lower and upper case alphabetic characters, digits, and special characters.

password_hash_algorithm

string

Optional property that specifies the password hash algorithm used to generate a hash of the user's password for password matching.

role

role

scope

string

Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.