4.6.9. System Users¶

API for working with system users.

class axonius_api_client.api.system.system_users.SystemUsers(auth, **kwargs)[source]¶

Bases: ModelMixins

API for working with system users.

Parameters: auth (axonius_api_client.auth.models.Model) –

get(generator=False)[source]¶

Get Axonius system users.

Examples

Create a client using axonius_api_client.connect.Connect

>>> users = client.system_users.get()
>>> [x['user_name'] for x in users]
['admin']

Parameters: generator (bool) – return an iterator for objects that will yield rows as they are fetched
Return type: typing.Union[typing.Generator[dict, None, None], typing.List[dict]]

get_generator()[source]¶

Get Axonius system users using a generator.

Return type: typing.Generator[dict, None, None]

get_cached_single(value)[source]¶

Pass.

Parameters: value (typing.Union[str, dict, axonius_api_client.api.json_api.system_users.SystemUser]) –
Return type: axonius_api_client.api.json_api.system_users.SystemUser

get_cached()[source]¶

Get Axonius system users using a cache mechanism.

Return type: typing.List[axonius_api_client.api.json_api.system_users.SystemUser]

get_by_name(name)[source]¶

Get a user by name.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.get_by_name(name="admin")
>>> user["uuid"]
'5f76721bebd8d8b5459b56c8'

Parameters: name (str) – user name
Raises: NotFoundError – if user not found
Return type: dict

get_by_uuid(uuid)[source]¶

Get a user by uuid.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.get_by_uuid(uuid="5f76721bebd8d8b5459b56cc")
>>> user["name"]
'administrator'

Parameters: uuid (str) – uuid
Raises: NotFoundError – if user not found
Return type: dict

add(name, password, role_name, first_name='', last_name='', email='', generate_password_link=False, email_password_link=False)[source]¶

Create a user.

Examples

Create a client using axonius_api_client.connect.Connect

Create a user with the Admin role

>>> user = client.system_users.add(
...     name="test1",
...     password="test1",
...     role_name="Admin",
...     first="bad",
...     last="wolf",
...     email="badwolf@badwolf.com",
... )
>>> user['uuid']
'5f7ca7f1e4557d5cba415f12'

Parameters

name (str) – user name
password (str) – password
role_name (str) – role name
first_name (str) – first name
last_name (str) – last name
email (str) – email address
generate_password_link (bool) – create a password reset link
email_password_link (bool) – email the password reset link to a users configured email address

Raises

ApiError – if user already exists matching name

Return type

dict

set_role(name, role_name)[source]¶

Change the role of a user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.set_role(name='test1', role_name='Viewer')
>>> user['role_name']
'Viewer'

Parameters

name (str) – user name
role_name (str) – name of role

Return type

dict

set_first_last(name, first, last)[source]¶

Change the first and last name of a user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.set_first_last(name='test1', first='Bad', last='Wolf')
>>> user['first_name']
'Bad'
>>> user['last_name']
'Wolf'
>>> user['full_name']
'Bad Wolf'

Parameters

name (str) – user name
first (str) – first name
last (str) – last name

Return type

dict

set_password(name, password)[source]¶

Change the password for a user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.set_password(name='test1', password='super_secure')

Parameters

name (str) – user name
password (str) – password

Return type

dict

set_email(name, email)[source]¶

Change the email address for a user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.set_email(name='test1', email='bad@wolf.com')
>>> user['email']
'bad@wolf.com'

Parameters

name (str) – user name
email (str) – email

Return type

dict

set_ignore_role_assignment_rules(name, enabled)[source]¶

Set the ignore role assignment rules flag of an external user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> user = client.system_users.set_ignore_role_assignment_rules(
...     name='test1', enabled=True
... )

Parameters

name (str) – user name
enabled (bool) – enable/disable the flag

Return type

dict

delete_by_name(name)[source]¶

Delete a user by name.

Examples

Create a client using axonius_api_client.connect.Connect

>>> client.system_users.delete_by_name(name='test1')

Parameters: name (str) – user name
Raises: ApiError – if name is “admin”
Return type: str

get_password_reset_link(name)[source]¶

Generate a password reset link for a user.

Examples

Create a client using axonius_api_client.connect.Connect

>>> link = client.system_users.get_password_reset_link(name='test1')
>>> link
'https://10.20.0.61/login?token=LUayznSkfLUjm3A2fIs_zAF-4CzcxRZc7DHOfhOkMRI'

Notes

This link can be provided to the user and they can browse to it, or they can use axonshell tools axonshell tools use-password-reset-token or use axonius_api_client.api.system.signup.Signup.use_password_reset_token()

Parameters: name (str) – user name
Return type: str

email_password_reset_link(name, email=None, for_new_user=False, link='')[source]¶

Email a password reset link for a user.

Examples

Create a client using axonius_api_client.connect.Connect

Use the email address defined in the users account

>>> link, email_used = client.system_users.email_password_reset_link(name='test1')
>>> link
'https://10.20.0.61/login?token=V-YW8DnCverKTgvsToMAJwGPqXtQQeeNuBFkN4dE4ew'
>>> email_used
'jim@badwolf.com'

Use a custom email address

>>> link, email_used = client.system_users.email_password_reset_link(
...     name='test1', email='james@badwolf.com'
... )
>>> link
'https://10.20.0.61/login?token=V-YW8DnCverKTgvsToMAJwGPqXtQQeeNuBFkN4dE4ew'
>>> email_used
'james@badwolf.com'

Use the template for a new user instead of password reset

>>> link, email_used = client.system_users.email_password_reset_link(
...     name='test1', email='james@badwolf.com', for_new_user=True
... )

Notes

This returns the password reset link like get_password_reset_link() and the email address that was used to send the email.

Parameters

name (str) – user name
email (typing.Optional[str]) – use a custom email address to send the email instead of the users defined email address. required if the user has no defined email address.
for_new_user (bool) – use the new user email template instead of the password reset email template
link (str) – use the specified password reset link vs a newly generated one

Return type

typing.Tuple[str, str]

_get(limit=2000, offset=0, **kwargs)[source]¶

Direct API method to get all users.

Parameters

limit (int) – limit to N rows per page
offset (int) – start at row N

Return type

typing.List[axonius_api_client.api.json_api.system_users.SystemUser]

_add(user_name, role_id, password=None, auto_generated_password=False, first_name='', last_name='', email='')[source]¶

Direct API method to add a user.

Parameters

user_name (str) – user name
password (typing.Optional[str]) – password
role_id (str) – role UUID
first – first name
last – last name
email (str) – email address
auto_generated_password (bool) – generate a password
first_name (str) –
last_name (str) –

Return type

axonius_api_client.api.json_api.system_users.SystemUser

_delete(uuid)[source]¶

Direct API method to delete a user.

Parameters: uuid (str) – user UUID
Return type: axonius_api_client.api.json_api.system_users.SystemUser

_update(uuid, user_name, role_id, password, first_name=None, last_name=None, email=None, last_updated=None, source=None, pic_name=None, ignore_role_assignment_rules=None, **kwargs)[source]¶

Direct API method to update a user.

Parameters

uuid (str) – user UUID
user – user metadata
user_name (str) –
role_id (str) –
password (str) –
first_name (typing.Optional[str]) –
last_name (typing.Optional[str]) –
email (typing.Optional[str]) –
last_updated (typing.Optional[str]) –
source (typing.Optional[str]) –
pic_name (typing.Optional[str]) –
ignore_role_assignment_rules (typing.Optional[bool]) –

Return type

axonius_api_client.api.json_api.system_users.SystemUser

_tokens_generate(uuid, user_name)[source]¶

Direct API method to generate a password reset link for a user.

Parameters

uuid (str) – user UUID
user_name (str) –

Return type

str

_tokens_notify(uuid, email, invite=False)[source]¶

Direct API method to send a password reset link to a user.

Parameters

uuid (str) – user UUID
email (str) – email address to send link to
invite (bool) – use welcome template instead of reset password template in email body

Return type

str

_init(**kwargs)[source]¶: Post init method for subclasses to use for extra setup.

_update_user_attr(name, must_be_internal, attr, value)[source]¶

Set an attribute on a user.

Parameters

name (str) – user name
must_be_internal (bool) – user must be internal or external for this attr to be set
attr (str) – attribute of user object to set
value (typing.Union[str, bool, dict]) – value to set on attribute

Raises

ApiError –

if user is external but must be internal for the attribute to be set * if user is internal but must be external for the attribute to be set

Return type

dict

__init__(auth, **kwargs)¶

Mixins for API Models.

Parameters

auth (axonius_api_client.auth.models.Model) – object to use for auth and sending API requests
**kwargs – passed to _init()

__repr__()¶

Show info for this model object.

Return type: str

__str__()¶

Show info for this model object.

Return type: str

LOG: logging.Logger¶: Logger for this object.

auth¶: axonius_api_client.auth.models.Mixins authentication object.

http¶: axonius_api_client.http.Http client to use to send requests,