Skip to content

User Management

jshcodes edited this page Oct 13, 2021 · 35 revisions

CrowdStrike Falcon Twitter URL

Using the User Management service collection

Uber class support Service class support Documentation Version

Table of Contents

Operation ID Description
GetRoles
PEP 8 get_roles
Get info about a role
GrantUserRoleIds
PEP 8 grant_user_role_ids
Assign one or more roles to a user
RevokeUserRoleIds
PEP 8 revoke_user_role_ids
Revoke one or more roles from a user
GetAvailableRoleIds
PEP 8 get_available_role_ids
Show role IDs for all roles available in your customer account. For more information on each role, provide the role ID to /customer/entities/roles/v1.
GetUserRoleIds
PEP 8 get_user_role_ids
Show role IDs of roles assigned to a user. For more information on each role, provide the role ID to /customer/entities/roles/v1.
RetrieveUser
PEP 8 retrieve_user
Get info about a user
CreateUser
PEP 8 create_user
Create a new user. After creating a user, assign one or more roles with POST /user-roles/entities/user-roles/v1
DeleteUser
PEP 8 delete_user
Delete a user permanently
UpdateUser
PEP 8 update_user
Modify an existing user's first or last name
RetrieveEmailsByCID
PEP 8 retrieve_emails_by_cid
List the usernames (usually an email address) for all users in your customer account
RetrieveUserUUIDsByCID
PEP 8 retrieve_user_uuids_by_cid
List user IDs for all users in your customer account. For more information on each user, provide the user ID to /users/entities/user/v1.
RetrieveUserUUID
PEP 8 retrieve_user_uuid
Get a user's ID by providing a username (usually an email address)

GetRoles

Get info about a role

PEP8 method name

get_roles

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
ids
Service Class Support

Uber Class Support
query string or list of strings ID of a role. Find a role ID from /customer/queries/roles/v1 or /users/queries/roles/v1.
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.get_roles(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.GetRoles(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("GetRoles", ids=id_list)
print(response)

GrantUserRoleIds

Assign one or more roles to a user

PEP8 method name

grant_user_role_ids

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
body
Service Class Support

Uber Class Support
body string Role ID(s) of the role you want to assign.
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
role_ids
Service Class Support

Uber Class Support
query string or list of strings Role ID(s) of the role you want to assign.
user_uuid
Service Class Support

Uber Class Support
query string ID of a user. Find a user's ID using RetrieveUserUUID.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.grant_user_role_ids(user_uuid="string", role_ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.GrantUserRoleIds(user_uuid="string", role_ids=id_list)
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

PARAMS = {
    "user_uuid": "string"
}

BODY = {
    "roleIds": [
        "string"
    ]
}

response = falcon.command("GrantUserRoleIds", parameters=PARAMS, body=BODY)
print(response)

RevokeUserRoleIds

Revoke one or more roles from a user

PEP8 method name

revoke_user_role_ids

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
ids
Service Class Support

Uber Class Support
query string or list of strings One or more role IDs to revoke. Find a role's ID using GetAvailableRoleIds.
user_uuid
Service Class Support

Uber Class Support
query string ID of a user. Find a user's ID using RetrieveUserUUID.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.revoke_user_role_ids(user_uuid="string", ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.RevokeUserRoleIds(user_uuid="string", ids=id_list)
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

PARAMS = {
    "user_uuid": "string"
}

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("RevokeUserRoleIds", parameters=PARAMS, ids=id_list)
print(response)

GetAvailableRoleIds

Show role IDs for all roles available in your customer account. For more information on each role, provide the role ID to GetRoles.

PEP8 method name

get_available_role_ids

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.get_available_role_ids()
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.GetAvailableRoleIds()
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

response = falcon.command("GetAvailableRoleIds")
print(response)

GetUserRoleIds

Show role IDs of roles assigned to a user. For more information on each role, provide the role ID to GetRoles.

PEP8 method name

get_user_role_ids

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
user_uuid
Service Class Support

Uber Class Support
query string ID of a user. Find a user's ID using RetrieveUserUUID.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.get_user_role_ids(user_uuid="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.GetUserRoleIds(user_uuid="string")
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

PARAMS = {
    "user_uuid": "string"
}

response = falcon.command("GetUserRoleIds", parameters=PARAMS)
print(response)

RetrieveUser

Get info about a user

PEP8 method name

retrieve_user

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
ids
Service Class Support

Uber Class Support
query string or list of strings ID of a user. Find a user's ID using RetrieveUserUUID.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.retrieve_user(ids=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.RetrieveUser(ids=id_list)
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.command("RetrieveUser", ids=id_list)
print(response)

CreateUser

Create a new user. After creating a user, assign one or more roles with GrantUserRoleIds.

PEP8 method name

create_user

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
body
Service Class Support

Uber Class Support
body string Attributes for this user. uid (required) is the user's email address, which is their username in Falcon. Optional attributes:
  • firstName
  • lastName
  • password
As a best practice, we recommend omitting password. If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password. The user should use the activation email to set their own password.
first_name
Service Class Support

Uber Class Support
body string First name of the user. (Can also use the keyword firstName.)
last_name
Service Class Support

Uber Class Support
body string Last name of the user. (Can also use the keyword lastName.)
password
Service Class Support

Uber Class Support
body string Assigned password. String.

As a best practice, we recommend ommitting password. If single sign-on is enabled for your customer account, the password attribute is ignored. If single sign-on is not enabled, we send a user activation request to their email address when you create the user with no password. The user should use the activation email to set their own password.
uid
Service Class Support

Uber Class Support
body string The user's email address, which will be the assigned username.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.create_user(first_name="string",
                             last_name="string",
                             uid="[email protected]"
                             )
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.CreateUser(first_name="string",
                             last_name="string",
                             uid="[email protected]"
                             )
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

BODY = {
    "firstName": "string",
    "lastName": "string",
    "password": "string",
    "uid": "[email protected]"
}

response = falcon.command("CreateUser", body=BODY)
print(response)

DeleteUser

Delete a user permanently

PEP8 method name

delete_user

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
user_uuid
Service Class Support

Uber Class Support
query string ID of a user. Find a user's ID using RetrieveUserUUID.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.delete_user(user_uuid="string")
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.DeleteUser(user_uuid="string")
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

PARAMS = {
    "user_uuid": "string"
}

response = falcon.command("DeleteUser", parameters=PARAMS)
print(response)

UpdateUser

Modify an existing user's first or last name

PEP8 method name

update_user

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
body
Service Class Support

Uber Class Support
body string Full body payload in JSON format.
first_name
Service Class Support

Uber Class Support
body string First name of the user. (Can also use the keyword firstName.)
last_name
Service Class Support

Uber Class Support
body string Last name of the user. (Can also use the keyword lastName.)
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
user_uuid
Service Class Support

Uber Class Support
query string The user ID to modify.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.update_user(user_uuid="string",
                             first_name="string",
                             last_name="string"
                             )
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.UpdateUser(user_uuid="string",
                             first_name="string",
                             last_name="string"
                             )
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

PARAMS = {
    "user_uuid": "string"
}

BODY = {
    "firstName": "string",
    "lastName": "string"
}

response = falcon.command("UpdateUser", parameters=PARAMS, body=BODY)
print(response)

RetrieveEmailsByCID

List the usernames (usually an email address) for all users in your customer account

PEP8 method name

retrieve_emails_by_cid

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.retrieve_emails_by_cid()
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.RetrieveEmailsByCID()
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

response = falcon.command("RetrieveEmailsByCID")
print(response)

RetrieveUserUUIDsByCID

List user IDs for all users in your customer account. For more information on each user, provide the user ID to RetrieveUser.

PEP8 method name

retrieve_user_uuids_by_cid

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

No keywords or arguments accepted.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.retrieve_user_uuids_by_cid()
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

response = falcon.RetrieveUserUUIDsByCID()
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

response = falcon.command("RetrieveUserUUIDsByCID")
print(response)

RetrieveUserUUID

Get a user's ID by providing a username (usually an email address)

PEP8 method name

retrieve_user_uuid

Content-Type

  • Consumes: application/json
  • Produces: application/json

Keyword Arguments

Name Service Uber Type Datatype Description
parameters
Service Class Support

Uber Class Support
query string Full parameters payload in JSON format.
uid
Service Class Support

Uber Class Support
query string or list of strings List of User names to retrieve.

Usage

Service class example (PEP8 syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )
id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.retrieve_user_uuid(uid=id_list)
print(response)
Service class example (Operation ID syntax)
from falconpy import UserManagement

falcon = UserManagement(client_id="API_CLIENT_ID_HERE",
                        client_secret="API_CLIENT_SECRET_HERE"
                        )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

response = falcon.RetrieveUserUUID(uid=id_list)
print(response)
Uber class example
from falconpy import APIHarness

falcon = APIHarness(client_id="API_CLIENT_ID_HERE",
                    client_secret="API_CLIENT_SECRET_HERE"
                    )

id_list = 'ID1,ID2,ID3'  # Can also pass a list here: ['ID1', 'ID2', 'ID3']

PARAMS = {
    "uid": id_list
}

response = falcon.command("RetrieveUserUUID", parameters=PARAMS)
print(response)

CrowdStrike Falcon

Clone this wiki locally