admin_and_role_management#
The following methods allow for interaction with the ZIA Admin and Role Management API endpoints.
Methods are accessible via zia.admin_and_role_management
- class AdminAndRoleManagementAPI#
- add_user(name, login_name, email, password, **kwargs)#
Adds a new admin user to ZIA.
- Parameters:
- Keyword Arguments:
admin_scope (str) – The scope of the admin’s permissions, accepted values are:
organization,department,location,location_groupcomments (str) – Additional information about the admin user.
disabled (bool) – Set to
Trueif you want the account disabled upon creation.is_password_login_allowed (bool) – Set to
Trueto allow password login.is_security_report_comm_enabled (bool) – Set to
Trueto allow ZIA Security Update emails to be sent to the admin user.is_service_update_comm_enabled (bool) – Set to
Trueto allow ZIA Service Update emails to be sent to the admin user.is_product_update_comm_enabled (bool) – Set to
Trueto allow ZIA Product Update emails to be sent to the admin user.is_password_expired (bool) – Set to
Trueto expire the admin user’s password upon creation.is_exec_mobile_app_enabled (bool) – Set to
Trueto enable to executive insights mobile application for the admin user.role_id (str) – The unique id for the admin role being assigned to the admin user.
scope_ids (list) – A list of entity ids for the admin user’s scope. e.g. if the admin user has admin_scope set to
departmentthen you will need to provide a list of department ids. NOTE: This param doesn’t need to be provided if the admin user’s scope is set toorganization.
- Returns:
The newly created admin user resource record.
- Return type:
Box
Examples
- Add an admin user with the minimum required params:
>>> admin_user = zia.admin_and_role_management.add_user( ... name="Jim Bob", ... login_name="jim@example.com", ... password="hunter2", ... email="jim@example.com")
- Add an admin user with a department admin scope:
>>> admin_user = zia.admin_and_role_management.add_user( ... name="Jane Bob", ... login_name="jane@example.com", ... password="hunter3", ... email="jane@example.com, ... admin_scope="department", ... scope_ids = ['376542', '245688'])
- Add an auditor user:
>>> auditor_user = zia.admin_and_role_management.add_user( ... name="Head Bob", ... login_name="head@example.com", ... password="hunter4", ... email="head@example.com, ... is_auditor=True)
- delete_user(user_id)#
Deletes the specified admin user by id.
- Parameters:
user_id (str) – The unique id of the admin user.
- Returns:
The response code for the request.
- Return type:
Examples
>>> zia.admin_role_management.delete_admin_user('99272455')
- get_user(user_id)#
Returns information on the specified admin user id.
- Parameters:
user_id (str) – The unique id of the admin user.
- Returns:
The admin user resource record.
- Return type:
Box
Examples
>>> print(zia.admin_and_role_management.get_user('987321202'))
- list_roles(**kwargs)#
Return a list of the configured admin roles in ZIA.
- Parameters:
**kwargs – Optional keyword args.
- Keyword Arguments:
- Returns:
A list of admin role resource records.
- Return type:
BoxList
Examples
Get a list of all configured admin roles: >>> roles = zia.admin_and_management_roles.list_roles()
- list_users(**kwargs)#
Returns a list of admin users.
- Keyword Arguments:
**include_auditor_users (bool, optional) – Include or exclude auditor user information in the list.
**include_admin_users (bool, optional) – Include or exclude admin user information in the list. (default: True)
**search (str, optional) – The search string used to partially match against an admin/auditor user’s Login ID or Name.
**page (int, optional) – Specifies the page offset.
**page_size (int, optional) – Specifies the page size. The default size is 100, but the maximum size is 1000.
- Returns:
The admin_users resource record.
- Return type:
BoxList
Examples
>>> users = zia.admin_and_role_management.list_users(search='login_name')
- update_user(user_id, **kwargs)#
Update an admin user.
- Parameters:
user_id (str) – The unique id of the admin user to be updated.
**kwargs – Optional keyword args.
- Keyword Arguments:
admin_scope (str) – The scope of the admin’s permissions, accepted values are:
organization,department,location,location_groupcomments (str) – Additional information about the admin user.
disabled (bool) – Set to
Trueif you want the account disabled upon creation.email (str) – The email address for the admin user.
is_password_login_allowed (bool) – Set to
Trueto allow password login.is_security_report_comm_enabled (bool) – Set to
Trueto allow ZIA Security Update emails to be sent to the admin user.is_service_update_comm_enabled (bool) – Set to
Trueto allow ZIA Service Update emails to be sent to the admin user.is_product_update_comm_enabled (bool) – Set to
Trueto allow ZIA Product Update emails to be sent to the admin user.is_password_expired (bool) – Set to
Trueto expire the admin user’s password upon creation.is_exec_mobile_app_enabled (bool) – Set to
Trueto enable to executive insights mobile application for the admin user.name (str) – The user’s full name.
password (str) – The password for the admin user.
role_id (str) – The unique id for the admin role being assigned to the admin user.
scope_ids (list) – A list of entity ids for the admin user’s scope. e.g. if the admin user has
admin_scopeset todepartmentthen you will need to provide a list of department ids. NOTE: This param doesn’t need to be provided if the admin user’s scope is set to organization.
- Returns:
The updated admin user resource record.
- Return type:
Examples
- Update the email address for an admin user:
>>> user = zia.admin_and_role_management.update_user('99695301', ... email='jimbob@example.com')
- Update the admin scope for an admin user to department:
>>> user = zia.admin_and_role_management.update_user('99695301', ... admin_scope='department', ... scope_ids=['3846532', '3846541'])