Retrieve user accounts in the cluster
- PDF of this doc site
Collection of separate PDF docs
Creating your file...
GET /security/accounts
Introduced In: 9.6
Retrieves a list of user accounts in the cluster.
Related ONTAP commands
-
security login show
Learn more
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
role.name |
string |
query |
False |
Filter by role.name
|
locked |
boolean |
query |
False |
Filter by locked
|
comment |
string |
query |
False |
Filter by comment
|
owner.uuid |
string |
query |
False |
Filter by owner.uuid
|
owner.name |
string |
query |
False |
Filter by owner.name
|
name |
string |
query |
False |
Filter by name
|
password_hash_algorithm |
string |
query |
False |
Filter by password_hash_algorithm
|
scope |
string |
query |
False |
Filter by scope
|
applications.authentication_methods |
string |
query |
False |
Filter by applications.authentication_methods
|
applications.is_ns_switch_group |
boolean |
query |
False |
Filter by applications.is_ns_switch_group
|
applications.application |
string |
query |
False |
Filter by applications.application
|
applications.second_authentication_method |
string |
query |
False |
Filter by applications.second_authentication_method
|
applications.is_ldap_fastbind |
boolean |
query |
False |
Filter by applications.is_ldap_fastbind
|
fields |
array[string] |
query |
False |
Specify the fields to return. |
max_records |
integer |
query |
False |
Limit the number of records returned. |
return_records |
boolean |
query |
False |
The default is true for GET calls. When set to false, only the number of records is returned.
|
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When iterating over a collection, the default is 15 seconds. ONTAP returns earlier if either max records or the end of the collection is reached.
|
order_by |
array[string] |
query |
False |
Order results by specified fields and optional [asc |
Response
Status: 200, Ok
Name | Type | Description |
---|---|---|
_links |
||
num_records |
integer |
Number of records |
records |
array[account] |
Example response
{
"_links": {
"next": {
"href": "/api/resourcelink"
},
"self": {
"href": "/api/resourcelink"
}
},
"num_records": 1,
"records": [
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"applications": [
{
"application": "string",
"authentication_methods": [
"string"
],
"second_authentication_method": "string"
}
],
"authentication_methods": [
"string"
],
"comment": "string",
"name": "joe.smith",
"owner": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"password": "string",
"password_hash_algorithm": "sha512",
"public_key": "string",
"role": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "admin"
},
"scope": "string",
"ssl_ca_certificate": "string"
}
]
}
Error
Status: Default, Error
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
next |
||
self |
_links
Name | Type | Description |
---|---|---|
self |
account_application
Name | Type | Description |
---|---|---|
application |
string |
Applications |
authentication_methods |
array[string] |
|
is_ldap_fastbind |
boolean |
Optional property that specifies the mode of authentication as LDAP Fastbind. |
is_ns_switch_group |
boolean |
Optional property that specifies whether the user is an LDAP or NIS group. |
second_authentication_method |
string |
An optional additional authentication method for multifactor authentication (MFA). This property is only supported for SSH (ssh) and Service Processor (service_processor) applications. It is ignored for all other applications. Time-based One-Time Passwords (TOTPs) are only supported with the authentication method password or public key. For the Service Processor (service_processor) application, none and publickey are the only supported enum values. |
owner
Owner name and UUID that uniquely identifies the user account.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
role
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
Role name |
account
Name | Type | Description |
---|---|---|
_links |
||
applications |
array[account_application] |
|
authentication_methods |
array[string] |
|
comment |
string |
Optional comment for the user account. |
locked |
boolean |
Locked status of the account. |
name |
string |
User or group account name |
owner |
Owner name and UUID that uniquely identifies the user account. |
|
password |
string |
Password for the account. The password can contain a mix of lower and upper case alphabetic characters, digits, and special characters. |
password_hash_algorithm |
string |
Password hash algorithm used to generate a hash of the user's password for password matching.To modify "password_hash_algorithm", use REST API "/api/security/authentication/password". |
public_key |
string |
Public key for SSH. |
role |
||
scope |
string |
Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects. |
ssl_ca_certificate |
string |
SSL certificate for the chain of certificate authorities (CA) that have signed this user's client certificate. |
error_arguments
Name | Type | Description |
---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
returned_error
Name | Type | Description |
---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |