-
Notifications
You must be signed in to change notification settings - Fork 119
User Management
This service collection has code examples posted to the repository.
Operation ID | Description | ||||
---|---|---|---|---|---|
|
Get info about a role. | ||||
|
This operation lists both direct as well as flight control grants between a User and a Customer. | ||||
|
Get info about a role, supports Flight Control. | ||||
|
Apply actions to one or more users. | ||||
|
Grant or Revoke one or more role(s) to a user against a CID. | ||||
|
Assign one or more roles to a user. | ||||
|
Revoke one or more roles from a user | ||||
|
Show role IDs for all roles available in your customer account. For more information on each role, provide the role ID to GetRoles. | ||||
|
Show role IDs for all roles available in your customer account. Supports Flight Control. | ||||
|
List user IDs for all users in your customer account. | ||||
|
Show role IDs of roles assigned to a user. For more information on each role, provide the role ID to GetRoles. | ||||
|
Get info about a user. | ||||
|
Get info about users including their name, UID and CID by providing user UUIDs. | ||||
|
Create a new user. After creating a user, assign one or more roles with GrantUserRoleIds. | ||||
|
Create a new user. After creating a user, assign one or more roles with userRolesActionV1. Supports Flight Control. | ||||
|
Delete a user permanently. | ||||
|
Delete a user permanently. Supports Flight Control. | ||||
|
Modify an existing user's first or last name | ||||
|
Modify an existing user's first or last name. Supports Flight Control. | ||||
|
List the usernames (usually an email address) for all users in your customer account | ||||
|
List user IDs for all users in your customer account. For more information on each user, provide the user ID to RetrieveUser. | ||||
|
Get a user's ID by providing a username (usually an email address) |
WARNING
client_id
andclient_secret
are keyword arguments that contain your CrowdStrike API credentials. Please note that all examples below do not hard code these values. (These values are ingested as strings.)CrowdStrike does not recommend hard coding API credentials or customer identifiers within source code.
Get info about a role
get_roles
Method | Route |
---|---|
/user-roles/entities/user-roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
ids |
|
|
query | string or list of strings | ID of a role. Find a role ID from GetAvailableRoleIds or GetUserRoleIds. |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_roles(ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.GetRoles(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("GetRoles", ids=id_list)
print(response)
Get User Grant(s). This operation lists both direct as well as flight control grants between a User and a Customer.
get_user_grants
Method | Route |
---|---|
/user-management/combined/user-roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
cid |
|
|
query | string | Customer ID to get grants for. An empty CID value returns Role IDs for the user against the current CID in view. |
direct_only |
|
|
query | boolean | Specifies if to request direct only role grants or all role grants between user and CID (specified using cid keyword). |
filter |
|
|
query | string | The filter expression that should be used to limit the results. FQL syntax. Available values: role_id , role_name
|
limit |
|
|
query | integer | The maximum number of records to return. Default: 100 Maximum: 500 |
offset |
|
|
query | integer | The integer offset to start retrieving records from. Default: 0 |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
sort |
|
|
query | string | The property to sort by. FQL syntax. Available sort values: cid , role_name , type
|
user_uuid |
|
|
query | string | User UUID to retrieve available roles for. Must be provides as a keyword, argument or part of the parameters payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_user_grants(cid="string",
direct_only=boolean,
filter="string",
limit=integer,
offset=integer,
sort="string",
user_uuid="string"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.combinedUserRolesV1(cid="string",
direct_only=boolean,
filter="string",
limit=integer,
offset=integer,
sort="string",
user_uuid="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("combinedUserRolesV1",
cid="string",
direct_only=boolean,
filter="string",
limit=integer,
offset=integer,
sort="string",
user_uuid="string"
)
print(response)
Show role IDs for all roles available in your customer account. Supports Flight Control.
query_roles
Method | Route |
---|---|
/user-management/queries/roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
action |
|
|
query | string | Actionable purpose of the query. Default value: grant
|
cid |
|
|
query | string | Customer ID to get available role IDs for. An empty CID value returns Role IDs for the current CID in view. |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
user_uuid |
|
|
query | string | User UUID to retrieve available roles for. An empty user_uuid will return all role IDs available for the customer. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_roles(action="string",
cid="string",
user_uuid="string"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queriesRolesV1(action="string",
cid="string",
user_uuid="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queriesRolesV1",
action="string",
cid="string",
user_uuid="string"
)
print(response)
List user IDs for all users in your customer account.
query_users
Method | Route |
---|---|
/user-management/queries/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
filter |
|
|
query | string | The filter expression that should be used to limit the results. FQL syntax. Available values: assigned_cids , cid , first_name , last_name , name , uid . |
limit |
|
|
query | integer | The maximum number of records to return. Default: 0 Maximum: 500 |
offset |
|
|
query | integer | The integer offset to start retrieving records from. Default: 0 |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
sort |
|
|
query | string | The property to sort by. FQL syntax. Available sort values: `first_name |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.query_users(filter="string",
limit=integer,
offset=integer,
sort="string",
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.queryUserV1(filter="string",
limit=integer,
offset=integer,
sort="string",
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("queryUserV1",
filter="string",
limit=integer,
offset=integer,
sort="string",
)
print(response)
Get information about a role, supports Flight Control.
get_roles_mssp
Method | Route |
---|---|
/user-management/entities/roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
cid |
|
|
query | string | Customer ID to get available roles for. Providing no value for cid returns results for the current CID in view. |
ids |
|
|
query | string or list of strings | List of role IDs to retrieve. Comma-delimited strings accepted. Must be provided as a keyword, argument or part of the parameters payload. Find a role ID from GetAvailableRoleIds or GetUserRoleIds. |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. Not required if using other keywords. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.get_user_grants(cid="string", ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.combinedUserRolesV1(cid="string", ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("combinedUserRolesV1", cid="string", ids=id_list)
print(response)
Apply actions to one or more users.
user_action
Method | Route |
---|---|
/user-management/entities/user-actions/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
action_name |
|
|
body (action parameter) | string | Action to perform. Allowed values: reset_2fa , reset_password . Must be provided as a keyword or as part of the body payload. |
action_value |
|
|
body (action parameter) | string | Value to provide for action. |
body |
|
|
body | dictionary | Full body payload in JSON format, not required when using other keywords. |
ids |
|
|
body | string or list of strings | User IDs to apply actions to. Supports comma-delimited strings. Must be provided as a keyword or as part of the body payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.user_action(action_name="string",
action_value="string",
ids=id_list
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.userActionV1(action_name="string",
action_value="string",
ids=id_list
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = ['ID1', 'ID2', 'ID3']
BODY = {
"action": {
"action_name": "string",
"action_value": "string"
},
"ids": id_list
}
response = falcon.command("userActionV1", body=BODY)
print(response)
Grant or Revoke one or more role(s) to a user against a CID.
user_roles_action
Method | Route |
---|---|
/user-management/entities/user-role-actions/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
action |
|
|
body (action parameter) | string | Action to perform. Allowed values: grant , revoke . Must be provided as a keyword or as part of the body payload. |
body |
|
|
body | dictionary | Full body payload in JSON format, not required when using other keywords. |
cid |
|
|
body | string | Customer ID of the tenant to take action within. Must be provided as a keyword or as part of the body payload. |
role_ids |
|
|
body | string or list of strings | Role IDs you want to adjust within the user id. Must be provided as a keyword or as part of the body payload. |
uuid |
|
|
body | string | User ID to grant roles access to. Must be provided as a keyword or as part of the body payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.user_roles_action(action="string",
cid="string",
role_ids=id_list
uuid="string"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.userRolesActionV1(action="string",
cid="string",
role_ids=id_list
uuid="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = ['ID1', 'ID2', 'ID3']
BODY = {
"action": "string",
"cid": "string",
"role_ids": id_list,
"uuid": "string"
}
response = falcon.command("userRolesActionV1", body=BODY)
print(response)
Assign one or more roles to a user
grant_user_role_ids
Method | Route |
---|---|
/user-roles/entities/user-roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
body | string | Role ID(s) of the role you want to assign. |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
role_ids |
|
|
body | string or list of strings | Role ID(s) of the role you want to assign. Can also use the keyword roleIds . |
user_uuid |
|
|
query | string | ID of a user. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.grant_user_role_ids(user_uuid="string", role_ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.GrantUserRoleIds(user_uuid="string", role_ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"roleIds": [
"string"
]
}
response = falcon.command("GrantUserRoleIds", user_uuid="string", body=BODY)
print(response)
Revoke one or more roles from a user
revoke_user_role_ids
Method | Route |
---|---|
/user-roles/entities/user-roles/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
ids |
|
|
query | string or list of strings | One or more role IDs to revoke. Find a role's ID using GetAvailableRoleIds. |
user_uuid |
|
|
query | string | ID of a user. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.revoke_user_role_ids(user_uuid="string", ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.RevokeUserRoleIds(user_uuid="string", ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("RevokeUserRoleIds", user_uuid="string", ids=id_list)
print(response)
Show role IDs for all roles available in your customer account. For more information on each role, provide the role ID to GetRoles.
get_available_role_ids
Method | Route |
---|---|
/user-roles/queries/user-role-ids-by-cid/v1 |
- Consumes: application/json
- Produces: application/json
No keywords or arguments accepted.
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_available_role_ids()
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetAvailableRoleIds()
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetAvailableRoleIds")
print(response)
Show role IDs of roles assigned to a user. For more information on each role, provide the role ID to GetRoles.
get_user_role_ids
Method | Route |
---|---|
/user-roles/queries/user-role-ids-by-user-uuid/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
user_uuid |
|
|
query | string | ID of a user. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.get_user_role_ids(user_uuid="string")
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.GetUserRoleIds(user_uuid="string")
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("GetUserRoleIds", user_uuid="string")
print(response)
Get info about a user
retrieve_user
Method | Route |
---|---|
/users/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
ids |
|
|
query | string or list of strings | ID of a user. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.retrieve_user(ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.RetrieveUser(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("RetrieveUser", ids=id_list)
print(response)
Get info about users including their name, UID and CID by providing user UUIDs.
retrieve_users
Method | Route |
---|---|
/user-management/entities/users/GET/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
query | dictionary | Full body payload in JSON format. |
ids |
|
|
query | string or list of strings | List of user IDs to retrieve. Find a user's ID using RetrieveUserUUID. Must be provided as an argument, keyword, or part of the body payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.retrieve_users(ids=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.retrieveUsersGETV1(ids=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = ['ID1', 'ID2', 'ID3']
BODY = {
"ids": id_list
}
response = falcon.command("retrieveUsersGETV1", ids=id_list)
print(response)
Create a new user. After creating a user, assign one or more roles with GrantUserRoleIds.
create_user
Method | Route |
---|---|
/users/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
body | string | Attributes for this user. uid (required) is the user's email address, which is their username in Falcon. Optional attributes:
password . If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password . The user should use the activation email to set their own password. |
first_name |
|
|
body | string | First name of the user. (Can also use the keyword firstName.) |
last_name |
|
|
body | string | Last name of the user. (Can also use the keyword lastName.) |
password |
|
|
body | string | Assigned password. String. As a best practice, we recommend ommitting password. If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password. The user should use the activation email to set their own password. |
uid |
|
|
body | string | The user's email address, which will be the assigned username. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.create_user(first_name="string",
last_name="string",
uid="[email protected]"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.CreateUser(first_name="string",
last_name="string",
uid="[email protected]"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"firstName": "string",
"lastName": "string",
"password": "string",
"uid": "[email protected]"
}
response = falcon.command("CreateUser", body=BODY)
print(response)
Create a new user. Supports Flight Control. After creating a user, assign one or more roles with userRolesActionV1.
create_user_mssp
Method | Route |
---|---|
/user-management/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
body | string | Attributes for this user. uid (required) is the user's email address, which is their username in Falcon. Optional attributes:
password . If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password . The user should use the activation email to set their own password. |
first_name |
|
|
body | string | First name of the user. (Can also use the keyword firstName.) |
last_name |
|
|
body | string | Last name of the user. (Can also use the keyword lastName.) |
password |
|
|
body | string | Assigned password. String. As a best practice, we recommend ommitting password. If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password. The user should use the activation email to set their own password. |
uid |
|
|
body | string | The user's email address, which will be the assigned username. Must be provided as a keyword or as part of the body payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.create_user_mssp(first_name="string",
last_name="string",
uid="[email protected]"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.createUserV1(first_name="string",
last_name="string",
uid="[email protected]"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"firstName": "string",
"lastName": "string",
"uid": "[email protected]"
}
response = falcon.command("createUserV1", body=BODY)
print(response)
Delete a user permanently
delete_user
Method | Route |
---|---|
/users/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
user_uuid |
|
|
query | string | ID of a user. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_user(user_uuid="string")
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.DeleteUser(user_uuid="string")
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("DeleteUser", user_uuid="string")
print(response)
Delete a user permanently. Supports Flight Control.
delete_user_mssp
Method | Route |
---|---|
/user-management/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format, not required if user_uuid keyword is provided. |
user_uuid |
|
|
query | string | User ID of a user to delete. Find a user's ID using RetrieveUserUUID. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.delete_user_mssp(user_uuid="string")
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.deleteUserV1(user_uuid="string")
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("deleteUserV1", user_uuid="string")
print(response)
Modify an existing user's first or last name
update_user
Method | Route |
---|---|
/users/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
body | dictionary | Full body payload in JSON format. |
first_name |
|
|
body | string | First name of the user. (Can also use the keyword firstName.) |
last_name |
|
|
body | string | Last name of the user. (Can also use the keyword lastName.) |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
user_uuid |
|
|
query | string | The user ID to modify. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.update_user(user_uuid="string",
first_name="string",
last_name="string"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.UpdateUser(user_uuid="string",
first_name="string",
last_name="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"firstName": "string",
"lastName": "string"
}
response = falcon.command("UpdateUser", user_uuid="string", body=BODY)
print(response)
Modify an existing user's first or last name. Supports Flight Control.
update_user_mssp
Method | Route |
---|---|
/user-management/entities/users/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
body |
|
|
body | dictionary | Full body payload in JSON format. |
first_name |
|
|
body | string | First name of the user. (Can also use the keyword firstName.) |
last_name |
|
|
body | string | Last name of the user. (Can also use the keyword lastName.) |
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
user_uuid |
|
|
query | string | The user ID to modify. Must be provided as a keyword or as part of the parameters payload. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.update_user_mssp(user_uuid="string",
first_name="string",
last_name="string"
)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.updateUserV1(user_uuid="string",
first_name="string",
last_name="string"
)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
BODY = {
"firstName": "string",
"lastName": "string"
}
response = falcon.command("updateUserV1", user_uuid="string", body=BODY)
print(response)
List the usernames (usually an email address) for all users in your customer account
retrieve_emails_by_cid
Method | Route |
---|---|
/users/queries/emails-by-cid/v1 |
- Consumes: application/json
- Produces: application/json
No keywords or arguments accepted.
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.retrieve_emails_by_cid()
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.RetrieveEmailsByCID()
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("RetrieveEmailsByCID")
print(response)
List user IDs for all users in your customer account. For more information on each user, provide the user ID to RetrieveUser.
retrieve_user_uuids_by_cid
Method | Route |
---|---|
/users/queries/user-uuids-by-cid/v1 |
- Consumes: application/json
- Produces: application/json
No keywords or arguments accepted.
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.retrieve_user_uuids_by_cid()
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.RetrieveUserUUIDsByCID()
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
response = falcon.command("RetrieveUserUUIDsByCID")
print(response)
Get a user's ID by providing a username (usually an email address)
retrieve_user_uuid
Method | Route |
---|---|
/users/queries/user-uuids-by-email/v1 |
- Consumes: application/json
- Produces: application/json
Name | Service | Uber | Type | Data type | Description |
---|---|---|---|---|---|
parameters |
|
|
query | dictionary | Full query string parameters payload in JSON format. |
uid |
|
|
query | string or list of strings | List of User names to retrieve. |
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.retrieve_user_uuid(uid=id_list)
print(response)
from falconpy import UserManagement
# Do not hardcode API credentials!
falcon = UserManagement(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.RetrieveUserUUID(uid=id_list)
print(response)
from falconpy import APIHarnessV2
# Do not hardcode API credentials!
falcon = APIHarnessV2(client_id=CLIENT_ID,
client_secret=CLIENT_SECRET
)
id_list = 'ID1,ID2,ID3' # Can also pass a list here: ['ID1', 'ID2', 'ID3']
response = falcon.command("RetrieveUserUUID", uid=id_list)
print(response)
- Home
- Discussions Board
- Glossary of Terms
- Installation, Upgrades and Removal
- Samples Collection
- Using FalconPy
- API Operations
-
Service Collections
- Alerts
- API Integrations
- Certificate Based Exclusions
- Cloud Connect AWS (deprecated)
- Cloud Snapshots
- Compliance Assessments
- Configuration Assessment
- Configuration Assessment Evaluation Logic
- Container Alerts
- Container Detections
- Container Images
- Container Packages
- Container Vulnerabilities
- CSPM Registration
- Custom IOAs
- Custom Storage
- D4C Registration (deprecated)
- Detects
- Device Control Policies
- Discover
- Drift Indicators
- Event Streams
- Exposure Management
- Falcon Complete Dashboard
- Falcon Container
- Falcon Intelligence Sandbox
- FDR
- FileVantage
- Firewall Management
- Firewall Policies
- Foundry LogScale
- Host Group
- Host Migration
- Hosts
- Identity Protection
- Image Assessment Policies
- Incidents
- Installation Tokens
- Intel
- IOA Exclusions
- IOC
- IOCs (deprecated)
- Kubernetes Protection
- MalQuery
- Message Center
- ML Exclusions
- Mobile Enrollment
- MSSP (Flight Control)
- OAuth2
- ODS (On Demand Scan)
- Overwatch Dashboard
- Prevention Policy
- Quarantine
- Quick Scan
- Quick Scan Pro
- Real Time Response
- Real Time Response Admin
- Real Time Response Audit
- Recon
- Report Executions
- Response Policies
- Sample Uploads
- Scheduled Reports
- Sensor Download
- Sensor Update Policy
- Sensor Visibility Exclusions
- Spotlight Evaluation Logic
- Spotlight Vulnerabilities
- Tailored Intelligence
- ThreatGraph
- Unidentified Containers
- User Management
- Workflows
- Zero Trust Assessment
- Documentation Support
-
CrowdStrike SDKs
- Crimson Falcon - Ruby
- FalconPy - Python 3
- FalconJS - Javascript
- goFalcon - Go
- PSFalcon - Powershell
- Rusty Falcon - Rust