Find User Account Mappings
Find user-to-account mappings in the identity store. The command uses the PV_USER_ACCOUNT_MAPPING public view to find data. Any filters passed should apply to this public view.
GET https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings
Request
Parameters
| findUserAccountMappings | |
| format | properties - (Default) Returns the response as key=value pairs. When multiple objects are returned, values are comma-delimited: key=value1,value2,value3.json - Returns the response as JSON.csv - Returns the response as comma-separated values.tsv - Returns the response as tab-separated values.xml - Returns the response as XML. |
| delimiter | The delimiter to use between values for csv and properties formats |
| returnColumns | The names of the columns to return. |
| returnMaxRows | The maximum number of objects to return |
| distinct | true, false Returns only distinct values, equivalent to the distinct keyword in SQL. |
| sortByColumns | The results will be sorted based on the columns listed using comma as the delimiter if multiple columns are specified. Refer to Columns table below. |
| sortDirection | Determines sorting order. asc for ascending, desc for descending. If not specified, the natural order returned by the database is used. |
| includeHeaderRow | true, false Include column headers when the return format is csv or tsv. (Default) true |
| ignoreCase | true, false Returns case-insensitive search results for specified filter parameters. (Default) false |
Filter Parameters
Any column listed in the Columns table can be passed as a filter parameter to narrow results. Filters are matched against the PV_USER_ACCOUNT_MAPPING public view.
Query logic
| Scenario | Behavior |
|---|---|
Two different parameters: state=Valid&adc_id=1 | AND. Returns valid mappings from collector 1. |
Same parameter repeated: adc_id=1&adc_id=4 | OR within that field. Returns mappings from collector 1 or 4. |
Mixed: state=Valid&adc_id=1&adc_id=4 | (state is Valid) AND (adc_id is 1 or 4) |
A single API call cannot return mappings where state=Valid OR adc_id=1. OR logic between different filter parameters is not supported.
Workaround: Make separate requests for each filter condition. Merge and deduplicate the results client-side.
Columns
| account_id | [Foreign Key referencing ACCOUNT.ID] Account linked to the user |
| user_id | [Foreign Key referencing USERS.ID] User the account is mapped to |
| adc_id | [Foreign Key referencing the Account Collector] Collector that owns this account |
| state | Current state of the mapping. Valid = active and confirmed mapping |
| comments | Comments about this mapping |
| creation_date | Date and time the mapping was created |
| created_by | [Foreign Key referencing USERS.ID] User ID of who created the mapping |
| deletion_date | Date and time the mapping was removed |
| deleted_by | [Foreign Key referencing USERS.ID] User ID of who removed the mapping |
| is_deleted_user | y, n Whether the mapped user has been deleted |
| add_state | Pending add workflow state. 0 = no pending add |
| remove_state | Pending remove workflow state. 0 = no pending remove |
| is_masked | N, Y Whether this mapping record is masked for privacy |
| masking_run_id | ID of the masking run that anonymized this record |
| last_reviewed_date | Date the mapping was last reviewed |
| property_a_map_1 | Custom property mapping field |
| cas3 … casN | Custom string-type attribute values. Reference names are configured per instance. |
Headers
Bearer token | |
| Accept | application/json |
| Content-Type | application/json |
Response
Parameters
The API returns the requested columns specified by returnColumns as output. If returnColumns is unspecified then all columns listed will be returned.
Examples
All columns
Omit returnColumns to return every field for each mapping.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=2" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "2"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "2"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "55",
"user_id": "31",
"adc_id": "4",
"comments": "",
"creation_date": "2024-03-19 21:20:36.0",
"created_by": "",
"deletion_date": "2026-06-05 08:36:37.0",
"deleted_by": "",
"state": "Valid",
"is_deleted_user": "n",
"add_state": "0",
"remove_state": "0",
"is_masked": "N",
"masking_run_id": "",
"property_a_map_1": "",
"last_reviewed_date": "",
"cas3": ""
},
{
"account_id": "75",
"user_id": "35",
"adc_id": "1",
"comments": "",
"creation_date": "2024-04-04 12:40:20.0",
"created_by": "",
"deletion_date": "",
"deleted_by": "",
"state": "Valid",
"is_deleted_user": "n",
"add_state": "0",
"remove_state": "0",
"is_masked": "N",
"masking_run_id": "",
"property_a_map_1": "",
"last_reviewed_date": "",
"cas3": ""
}
]
}
Specific columns
Use returnColumns to limit the response to the fields you need.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state,creation_date" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state,creation_date"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state,creation_date"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
- 412 Invalid column
{
"findUserAccountMappings": [
{
"account_id": "55",
"user_id": "31",
"adc_id": "4",
"state": "Valid",
"creation_date": "2024-03-19 21:20:36.0"
},
{
"account_id": "75",
"user_id": "35",
"adc_id": "1",
"state": "Valid",
"creation_date": "2024-04-04 12:40:20.0"
},
{
"account_id": "42564",
"user_id": "0",
"adc_id": "95",
"state": "Valid",
"creation_date": "2024-04-29 16:09:51.0"
}
]
}
<html>
<head><title>Error</title></head>
<body>The parameter returncolumns contains an invalid column - `invalid_col`.
Query String=cmd=findUserAccountMappings&format=json&returnMaxRows=2&returnColumns=account_id,invalid_col</body>
</html>
Filter by a single value
Pass any column name as a query parameter to filter results. The example returns mappings where state is Valid.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&state=Valid" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"state": "Valid"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
state: "Valid"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "55",
"user_id": "31",
"adc_id": "4",
"state": "Valid"
},
{
"account_id": "75",
"user_id": "35",
"adc_id": "1",
"state": "Valid"
},
{
"account_id": "42564",
"user_id": "0",
"adc_id": "95",
"state": "Valid"
}
]
}
Filter with OR logic
Repeat the same parameter with different values to match any of them. The example returns mappings where adc_id is 1 or 4.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&adc_id=1&adc_id=4" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = [
("cmd", "findUserAccountMappings"),
("format", "json"),
("returnMaxRows", "3"),
("returnColumns", "account_id,user_id,adc_id,state"),
("adc_id", "1"),
("adc_id", "4")
]
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
const params = new URLSearchParams();
params.append('cmd', 'findUserAccountMappings');
params.append('format', 'json');
params.append('returnMaxRows', '3');
params.append('returnColumns', 'account_id,user_id,adc_id,state');
params.append('adc_id', '1');
params.append('adc_id', '4');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params,
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "75",
"user_id": "35",
"adc_id": "1",
"state": "Valid"
},
{
"account_id": "1693289",
"user_id": "48",
"adc_id": "1",
"state": "Valid"
},
{
"account_id": "1694515",
"user_id": "3",
"adc_id": "1",
"state": "Valid"
}
]
}
Case-insensitive filter
Filters are case-sensitive by default. Set ignoreCase=true to match regardless of case. The example passes state=valid in lowercase and still returns mappings with the stored value Valid.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&state=valid&ignoreCase=true" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"state": "valid",
"ignoreCase": "true"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
state: "valid",
ignoreCase: "true"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "55",
"user_id": "31",
"adc_id": "4",
"state": "Valid"
},
{
"account_id": "75",
"user_id": "35",
"adc_id": "1",
"state": "Valid"
},
{
"account_id": "42564",
"user_id": "0",
"adc_id": "95",
"state": "Valid"
}
]
}
Sort ascending
Use sortByColumns with a column name and sortDirection=asc to sort results from lowest to highest. The example sorts by account_id.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&sortByColumns=account_id&sortDirection=asc" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"sortByColumns": "account_id",
"sortDirection": "asc"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
sortByColumns: "account_id",
sortDirection: "asc"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "1",
"user_id": "12",
"adc_id": "4",
"state": "Valid"
},
{
"account_id": "2",
"user_id": "9",
"adc_id": "4",
"state": "Valid"
},
{
"account_id": "3",
"user_id": "40",
"adc_id": "4",
"state": "Valid"
}
]
}
Sort descending
Set sortDirection=desc to reverse the order.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=json&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&sortByColumns=account_id&sortDirection=desc" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "json",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"sortByColumns": "account_id",
"sortDirection": "desc"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.json())
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "json",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
sortByColumns: "account_id",
sortDirection: "desc"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
{
"findUserAccountMappings": [
{
"account_id": "2894792",
"user_id": "36291",
"adc_id": "815",
"state": "Valid"
},
{
"account_id": "2892434",
"user_id": "48667",
"adc_id": "876",
"state": "Valid"
},
{
"account_id": "2891734",
"user_id": "46579",
"adc_id": "876",
"state": "Valid"
}
]
}
CSV with custom delimiter
Set format=csv for a comma-separated response. Use delimiter to change the separator character.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=csv&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&delimiter=~" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "csv",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"delimiter": "~"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.text)
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "csv",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
delimiter: "~"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
account_id~user_id~adc_id~state
55~31~4~Valid
75~35~1~Valid
42564~0~95~Valid
CSV without header row
Set includeHeaderRow=false when your downstream system expects raw data rows without a header.
Request
- Curl
- Python
- Node.js
curl -K -X GET \
"https://instance.securid.com/aveksa/command.submit?cmd=findUserAccountMappings&format=csv&returnMaxRows=3&returnColumns=account_id,user_id,adc_id,state&includeHeaderRow=false" \
-H "Authorization: Bearer <token>"
import requests
url = "https://instance.securid.com/aveksa/command.submit"
params = {
"cmd": "findUserAccountMappings",
"format": "csv",
"returnMaxRows": "3",
"returnColumns": "account_id,user_id,adc_id,state",
"includeHeaderRow": "false"
}
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, params=params, headers=headers)
print(response.text)
const axios = require('axios');
axios.get("https://instance.securid.com/aveksa/command.submit", {
params: {
cmd: "findUserAccountMappings",
format: "csv",
returnMaxRows: "3",
returnColumns: "account_id,user_id,adc_id,state",
includeHeaderRow: "false"
},
headers: { Authorization: "Bearer <token>" }
}).then(r => console.log(r.data));
Response
- 200
55,31,4,Valid
75,35,1,Valid
42564,0,95,Valid
Error responses
A 401 is returned when the token is missing, invalid, or expired. A 412 is returned when returnColumns includes a column name that does not exist in the PV_USER_ACCOUNT_MAP public view.
- 401 Invalid token
- 412 Invalid column
<html>
<head><title>Error</title></head>
<body>The token is not valid for the command 'findUserAccountMappings'. Token is invalid or expired</body>
</html>
<html>
<head><title>Error</title></head>
<body>The parameter returncolumns contains an invalid column - `invalid_col`.
Query String=cmd=findUserAccountMappings&format=json&returnMaxRows=2&returnColumns=account_id,invalid_col</body>
</html>
Verified with RSA Governance & Lifecycle version 8.0.0.188886 P10_HF01.