Find Directories
Find directories in the identity store. The command uses the PV_DIRECTORY public view to find data. Any filters passed should apply to this public view.
GET https://instance.securid.com/aveksa/command.submit?cmd=findDirectories
Request
Parameters
| findDirectories | |
| format | properties - (Default) Returns the response as key=value pairs. When multiple objects are returned, values are comma-delimited: key=value1,value2,value3.json - Returns the response as JSON.csv - Returns the response as comma-separated values.tsv - Returns the response as tab-separated values.xml - Returns the response as XML. |
| delimiter | The delimiter to use between values for csv and properties formats |
| returnColumns | The names of the columns to return. |
| returnMaxRows | The maximum number of objects to return |
| distinct | true, false Returns only distinct values, equivalent to the distinct keyword in SQL. |
| sortByColumns | The results will be sorted based on the columns listed using comma as the delimiter if multiple columns are specified. Refer to Columns table below. |
| sortDirection | Determines sorting order. asc for ascending, desc for descending. If not specified, the natural order returned by the database is used. |
| includeHeaderRow | true, false Include column headers when the return format is csv or tsv. (Default) true |
| ignoreCase | true, false Returns case-insensitive search results for specified filter parameters. (Default) false |
Filter Parameters
Any column listed in the Columns table can be passed as a filter parameter to narrow results. Filters are matched against the PV_DIRECTORY public view.
Query logic
| Scenario | Behavior |
|---|---|
Two different parameters: category=REST&name=HR | AND. Returns directories with category REST that are also named HR. |
Same parameter repeated: name=HR&name=Workday | OR within that field. Returns directories named HR or Workday. |
Mixed: category=REST&name=HR&name=Workday | (category is REST) AND (name is HR or Workday) |
A single API call cannot return directories where category=REST OR name=HR. OR logic between different filter parameters is not supported.
Workaround: Make separate requests for each filter condition. Merge and deduplicate the results client-side.
Columns
| id | [Primary Key] Unique directory identifier |
| name | Display name of the directory |
| alt_name | Alternate name for the directory |
| description | Full description of the directory |
| short_desc | Short description for this directory |
| long_desc | Long description for this directory |
| category | Connector type used for this directory. Common values: REST, LDAP, CSV, JDBC |
| sensitivity | Sensitivity classification of the directory |
| ownership | Ownership classification of the directory |
| locality | Geographical or organizational locality of the directory |
| business_criticality | Business criticality level assigned to this directory |
| business_unit_id | [Foreign Key referencing BUSINESS_UNIT.ID] Business unit the directory belongs to |
| business_owner | [Foreign Key referencing USERS.ID] User ID of the business owner |
| business_owner_name | Display name of the business owner |
| backup_business_owner | [Foreign Key referencing USERS.ID] User ID of the backup business owner |
| technical_owner | [Foreign Key referencing USERS.ID] User ID of the technical owner |
| technical_owner_name | Display name of the technical owner |
| backup_technical_owner | [Foreign Key referencing USERS.ID] User ID of the backup technical owner |
| exception_manager | [Foreign Key referencing USERS.ID] User ID of the exception manager |
| exception_manager_name | Display name of the exception manager |
| url_ref | URL reference or help link for this directory |
| user_count | Number of users loaded from this directory |
| account_count | Number of accounts loaded from this directory |
| orphaned_account_count | Number of orphaned accounts in this directory |
| entitlement_count | Number of entitlements loaded from this directory |
| is_active | Whether the directory is currently active |
| editable | TRUE, FALSE Whether the directory configuration can be edited in the UI |
| contains_privileged_access | 0, 1 Whether this directory contains privileged access entitlements |
| privileged_flag | 0, 1 Whether the directory is flagged as privileged |
| exclude_from_normal_add_access | N, Y Whether this directory is excluded from normal add-access workflows |
| allow_create_entitlement | N, Y Whether entitlements can be created manually in this directory |
| allow_manual_activity | N, Y Whether manual fulfillment activities are allowed for this directory |
| allow_disabled_accounts | true, false Whether disabled accounts are permitted in this directory |
| allow_locked_accounts | true, false Whether locked accounts are permitted in this directory |
| ents_require_account | TRUE, FALSE Whether entitlements in this directory require an account |
| directory_for_accounts | The directory used to provision accounts when entitlements are granted |
| attr_sync_enabled | true, false Whether attribute synchronization is enabled for this directory |
| rules_account_template_id | Account template used for rules-based provisioning |
| roles_account_template_id | Account template used for role-based provisioning |
| created_by | [Foreign Key referencing USERS.ID] User ID of who created the directory record |
| creation_date | Date and time the directory record was created |
| decommissioning_date | Date and time the directory was or is scheduled to be decommissioned |
| cau1 … cauN | Custom user-type attribute values. Reference names are configured per instance. |
| cad1 … cadN | Custom date-type attribute values. Reference names are configured per instance. |
| cas1 … casN | Custom string-type attribute values. Reference names are configured per instance. |
Headers
Bearer token | |
| Accept | application/json |
| Content-Type | application/json |
Response
Parameters
The API returns the requested columns specified by returnColumns as output. If returnColumns is unspecified then all columns listed will be returned.
Examples
All columns
Omit returnColumns to return every field for each directory.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=2" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "2"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "2"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "489",
"name": "Microsoft Entra ID",
"created_by": "0",
"creation_date": "2025-08-07 14:47:32.0",
"description": "Microsoft Entra ID (Azure AD) is Microsoft's cloud-based identity and access management service.",
"sensitivity": "",
"ownership": "",
"locality": "",
"business_owner": "0",
"technical_owner": "0",
"exception_manager": "0",
"business_unit_id": "",
"alt_name": "Microsoft Entra ID",
"short_desc": "",
"long_desc": "",
"url_ref": "",
"user_count": "0",
"account_count": "81347",
"orphaned_account_count": "81347",
"entitlement_count": "4633",
"category": "REST",
"exclude_from_normal_add_access": "N",
"allow_create_entitlement": "N",
"allow_manual_activity": "N",
"ents_require_account": "TRUE",
"directory_for_accounts": "",
"rules_account_template_id": "",
"attr_sync_enabled": "false",
"allow_disabled_accounts": "true",
"allow_locked_accounts": "false",
"roles_account_template_id": "",
"business_owner_name": "AveksaAdmin,",
"technical_owner_name": "AveksaAdmin,",
"exception_manager_name": "AveksaAdmin,",
"editable": "TRUE",
"backup_business_owner": "",
"backup_technical_owner": "",
"contains_privileged_access": "0",
"decommissioning_date": "",
"is_active": "",
"business_criticality": "None",
"cau1": "",
"cau2": "",
"privileged_flag": "0",
"cad1": "",
"cas1": ""
},
{
"id": "509",
"name": "Active Directory - db.pvt",
"created_by": "0",
"creation_date": "2025-05-01 19:33:52.0",
"description": "Active Directory domain for Dave and Buster's",
"sensitivity": "",
"ownership": "",
"locality": "",
"business_owner": "0",
"technical_owner": "0",
"exception_manager": "0",
"business_unit_id": "",
"alt_name": "Active Directory - db.pvt",
"short_desc": "",
"long_desc": "",
"url_ref": "",
"user_count": "",
"account_count": "",
"orphaned_account_count": "",
"entitlement_count": "",
"category": "",
"exclude_from_normal_add_access": "N",
"allow_create_entitlement": "N",
"allow_manual_activity": "N",
"ents_require_account": "TRUE",
"directory_for_accounts": "",
"rules_account_template_id": "",
"attr_sync_enabled": "false",
"allow_disabled_accounts": "true",
"allow_locked_accounts": "true",
"roles_account_template_id": "",
"business_owner_name": "AveksaAdmin,",
"technical_owner_name": "AveksaAdmin,",
"exception_manager_name": "AveksaAdmin,",
"editable": "TRUE",
"backup_business_owner": "",
"backup_technical_owner": "",
"contains_privileged_access": "0",
"decommissioning_date": "",
"is_active": "",
"business_criticality": "None",
"cau1": "",
"cau2": "",
"privileged_flag": "0",
"cad1": "",
"cas1": ""
}
]
}
Specific columns
Use returnColumns to limit the response to the fields you need. The example returns five columns covering common directory reporting needs.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=3&returnColumns=id,name,description,category,account_count" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "id,name,description,category,account_count"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "3",
returnColumns: "id,name,description,category,account_count"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
- 412 Invalid column
{
"findDirectories": [
{
"id": "489",
"name": "Microsoft Entra ID",
"description": "Microsoft Entra ID (Azure AD) is Microsoft's cloud-based identity and access management service.",
"category": "REST",
"account_count": "81347"
},
{
"id": "509",
"name": "Active Directory - db.pvt",
"description": "Active Directory domain for Dave and Buster's",
"category": "",
"account_count": ""
},
{
"id": "29",
"name": "HR",
"description": "HR Directory",
"category": "",
"account_count": ""
}
]
}
<html>
<head><title>Error</title></head>
<body>The parameter returncolumns contains an invalid column - `invalid_col`.
Query String=cmd=findDirectories&format=json&returnMaxRows=2&returnColumns=id,invalid_col</body>
</html>
Filter by a single value
Pass any column name as a query parameter to filter results. Only directories that match the value are returned. The example returns directories where category is REST.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=5&returnColumns=id,name,category,account_count&category=REST" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "5",
"returnColumns": "id,name,category,account_count",
"category": "REST"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "5",
returnColumns: "id,name,category,account_count",
category: "REST"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "489",
"name": "Microsoft Entra ID",
"category": "REST",
"account_count": "81347"
},
{
"id": "34",
"name": "SecZetta",
"category": "REST",
"account_count": ""
},
{
"id": "35",
"name": "ServiceNow (Scripted REST)",
"category": "REST",
"account_count": ""
}
]
}
Filter with OR logic
Repeat the same parameter with different values to match any of them. The example returns directories where name is HR or Workday.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=5&returnColumns=id,name,category&name=HR&name=Workday" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = [
("cmd", "findDirectories"),
("format", "json"),
("returnMaxRows", "5"),
("returnColumns", "id,name,category"),
("name", "HR"),
("name", "Workday")
]
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
const params = new URLSearchParams();
params.append('cmd', 'findDirectories');
params.append('format', 'json');
params.append('returnMaxRows', '5');
params.append('returnColumns', 'id,name,category');
params.append('name', 'HR');
params.append('name', 'Workday');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params,
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "29",
"name": "HR",
"category": ""
},
{
"id": "37",
"name": "Workday",
"category": "REST"
}
]
}
Case-insensitive filter
Filters are case-sensitive by default. Set ignoreCase=true to match regardless of case. The example passes category=rest in lowercase and still returns directories with category=REST.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=3&returnColumns=id,name,category&category=rest&ignoreCase=true" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "id,name,category",
"category": "rest",
"ignoreCase": "true"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "3",
returnColumns: "id,name,category",
category: "rest",
ignoreCase: "true"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "489",
"name": "Microsoft Entra ID",
"category": "REST"
},
{
"id": "34",
"name": "SecZetta",
"category": "REST"
},
{
"id": "35",
"name": "ServiceNow (Scripted REST)",
"category": "REST"
}
]
}
Sort ascending
Use sortByColumns with a column name and sortDirection=asc to sort results from A to Z. The example sorts by name.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=3&returnColumns=id,name,category&sortByColumns=name&sortDirection=asc" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "id,name,category",
"sortByColumns": "name",
"sortDirection": "asc"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "3",
returnColumns: "id,name,category",
sortByColumns: "name",
sortDirection: "asc"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "26",
"name": "Active Directory",
"category": ""
},
{
"id": "509",
"name": "Active Directory - db.pvt",
"category": ""
},
{
"id": "709",
"name": "BUK HR",
"category": ""
}
]
}
Sort descending
Set sortDirection=desc to reverse the order.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=json&returnMaxRows=3&returnColumns=id,name,category&sortByColumns=name&sortDirection=desc" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "id,name,category",
"sortByColumns": "name",
"sortDirection": "desc"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "json",
returnMaxRows: "3",
returnColumns: "id,name,category",
sortByColumns: "name",
sortDirection: "desc"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findDirectories": [
{
"id": "596",
"name": "ZingHR",
"category": ""
},
{
"id": "37",
"name": "Workday",
"category": "REST"
},
{
"id": "36",
"name": "UltiPro",
"category": ""
}
]
}
CSV with custom delimiter
Set format=csv for a comma-separated response. Use delimiter to change the separator character.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=csv&returnMaxRows=3&returnColumns=id,name,category&delimiter=~" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "csv",
"returnMaxRows": "3",
"returnColumns": "id,name,category",
"delimiter": "~"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.text)
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "csv",
returnMaxRows: "3",
returnColumns: "id,name,category",
delimiter: "~"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
id~name~category
489~Microsoft Entra ID~REST
509~Active Directory - db.pvt~
29~HR~
CSV without header row
Set includeHeaderRow=false when your downstream system expects raw data rows without a header.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findDirectories&format=csv&returnMaxRows=3&returnColumns=id,name,category&includeHeaderRow=false" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findDirectories",
"format": "csv",
"returnMaxRows": "3",
"returnColumns": "id,name,category",
"includeHeaderRow": "false"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.text)
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findDirectories",
format: "csv",
returnMaxRows: "3",
returnColumns: "id,name,category",
includeHeaderRow: "false"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
489,Microsoft Entra ID,REST
509,Active Directory - db.pvt,
29,HR,
Error responses
A 401 is returned when the token is missing, invalid, or expired. A 412 is returned when returnColumns includes a column name that does not exist in the PV_DIRECTORY public view.
- 401 Invalid token
- 412 Invalid column
<html>
<head><title>Error</title></head>
<body>The token is not valid for the command 'findDirectories'. Token is invalid or expired</body>
</html>
<html>
<head><title>Error</title></head>
<body>The parameter returncolumns contains an invalid column - `invalid_col`.
Query String=cmd=findDirectories&format=json&returnMaxRows=2&returnColumns=id,invalid_col</body>
</html>
Verified with RSA Governance & Lifecycle version 8.0.0.188886 P10_HF01.