Skip to main content

User Attribute Change

Update attribute values for one or more users, outside of the normal collection cycle.

POST https://instance.securid.com/aveksa/command.submit?cmd=userAttributeChange

note

Updated values are overwritten on the next collection. Use this command to push attribute updates that cannot wait for the next scheduled collection.

Request

Parameters

userAttributeChange
formatxml - (Default) Returns the response as XML.

json - Returns the response as JSON.
tokenDeprecated. Use the Authorization request header instead.

Headers

Bearer token
application/xml

Body

The request body is an XML document with a <userchanges> root element containing one or more <userchange> elements.

<userchanges>
<userchange>
<id>userId</id>
<attribute>
<name>attributeName</name>
<value>attributeValue</value>
</attribute>
<attribute>
<name>anotherAttribute</name>
<value>anotherValue</value>
</attribute>
</userchange>
<userchange>
<id>anotherUserId</id>
<attribute>
<name>attributeName</name>
<value>attributeValue</value>
</attribute>
</userchange>
</userchanges>

Body Elements

userchangesRoot element. Contains one or more userchange elements.
userchangeDescribes the attribute updates for one user. Contains one id element and one or more attribute elements.
idThe user identifier. Matches the value of the UNIQUE_ID column by default. The configured id-attribute for the web service determines which column is used. This is typically the user's login ID.
attributeDescribes a single attribute update. Must contain a name element and a value element.
nameThe attribute identifier. Must be either the database column ID of the attribute, or the external name mapped to that column in aveksa-plug-ins.xml. Valid attribute names are environment-specific and depend on the RSA Governance & Lifecycle configuration on your server.
valueThe new value to set for the attribute.
Attribute names are environment-specific

The <name> element must match either the internal database column ID or an external name defined in the aveksa-plug-ins.xml configuration file on your RSA Governance & Lifecycle server. Contact your system administrator for the list of valid attribute names.

Response

Returns HTTP 200 with an empty body on success. No output properties are returned.

Examples

Request

curl -K -X POST \
"https://instance.securid.com/aveksa/command.submit?cmd=userAttributeChange" \
-H "Authorization: Bearer <token>" \
-H "Content-Type: application/xml" \
-d '<userchanges>
<userchange>
<id>jsmith</id>
<attribute>
<name>department</name>
<value>Engineering</value>
</attribute>
<attribute>
<name>title</name>
<value>Senior Engineer</value>
</attribute>
</userchange>
</userchanges>'

Multiple users in one request

<userchanges>
<userchange>
<id>jsmith</id>
<attribute>
<name>department</name>
<value>Engineering</value>
</attribute>
</userchange>
<userchange>
<id>jdoe</id>
<attribute>
<name>department</name>
<value>Finance</value>
</attribute>
</userchange>
</userchanges>

Response

Returns HTTP 200 with an empty body. Attribute names are environment-specific and must match the server configuration.

(empty body)