CISO Assistant API — Authentication & Users (0.7.0)

Download OpenAPI specification:

CISO Assistant - API Documentation for automating all your GRC needs

accounts

accounts_saml_download_cert_retrieve

Authorizations:

knoxApiToken

path Parameters

organization_slug

required

string^[^/]+$

Responses

accounts_saml_generate_keys_create

Endpoint to generate a key pair (private key + self-signed X.509 certificate). Accessible only to admins (to be adapted as needed).

Authorizations:

knoxApiToken

path Parameters

organization_slug

required

string^[^/]+$

Responses

actors

actors_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
search	string A search term.

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"str": "string",
"type": "string",
"specific": "string"
}
]
}

actors_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this actor.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"str": "string",
"type": "string",
"specific": "string"
}

actors_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this actor.

Responses

actors_object_retrieve

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this actor.

Responses

iam

iam_auth_tokens_retrieve

Get all personal access tokens for the user.

Authorizations:

knoxApiToken

Responses

iam_auth_tokens_create

Authorizations:

knoxApiToken

Responses

iam_auth_tokens_destroy

Authorizations:

knoxApiToken

path Parameters

id

required

string

Responses

iam_change_password_create

An endpoint for changing password.

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

old_password required	string <= 128 characters
new_password required	string <= 128 characters
confirm_new_password required	string <= 128 characters

Responses

Request samples

Payload

Content type

application/json

{"old_password": "string",
"new_password": "string",
"confirm_new_password": "string"
}

Response samples

200

Content type

application/json

{ }

iam_current_user_retrieve

Authorizations:

knoxApiToken

Responses

iam_login_create

Authorizations:

knoxApiTokenNone

Request Body schema:
application/json
required

username required	string
password required	string

Responses

Request samples

Payload

Content type

application/json

{"username": "string",
"password": "string"
}

Response samples

200

Content type

application/json

{ }

iam_logout_create

Authorizations:

knoxApiToken

Responses

iam_logoutall_create

Log the user out of all sessions I.E. deletes all auth tokens for the user

Authorizations:

knoxApiToken

Responses

iam_password_reset_create

Authorizations:

knoxApiTokenNone

Responses

iam_password_reset_confirm_create

API Endpoint for reset password confirm

Authorizations:

knoxApiTokenNone

Responses

iam_revoke_sessions_create

An endpoint for revoking all other user sessions (except the current one).

Authorizations:

knoxApiToken

Responses

iam_session_token_create

API Endpoint for getting the session token from an access token This is needed for allauth's authentication flows.

Authorizations:

knoxApiToken

Responses

iam_set_password_create

An endpoint for setting a password as an administrator.

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

user required	string <uuid>
new_password required	string <= 128 characters
confirm_new_password required	string <= 128 characters

Responses

Request samples

Payload

Content type

application/json

{"user": "76f62a58-5404-486d-9afc-07bded328704",
"new_password": "string",
"confirm_new_password": "string"
}

Response samples

200

Content type

application/json

{"user": "76f62a58-5404-486d-9afc-07bded328704"
}

role-assignments

role_assignments_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

folder	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
search	string A search term.

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
]
}

role_assignments_create

API endpoint that allows role assignments to be viewed or edited.

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
is_recursive	boolean (Sub folders are visible)
builtin	boolean
folder	string <uuid>
user	string or null <uuid>
user_group	string or null <uuid>
role required	string <uuid>
perimeter_folders required	Array of strings <uuid> (Domain) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

role_assignments_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

role_assignments_update

API endpoint that allows role assignments to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Request Body schema:
application/json
required

is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
is_recursive	boolean (Sub folders are visible)
builtin	boolean
folder	string <uuid>
user	string or null <uuid>
user_group	string or null <uuid>
role required	string <uuid>
perimeter_folders required	Array of strings <uuid> (Domain) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

role_assignments_partial_update

API endpoint that allows role assignments to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Request Body schema:
application/json

is_published	boolean (Published)
name	string <= 200 characters
description	string or null
is_recursive	boolean (Sub folders are visible)
builtin	boolean
folder	string <uuid>
user	string or null <uuid>
user_group	string or null <uuid>
role	string <uuid>
perimeter_folders	Array of strings <uuid> (Domain) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"is_recursive": true,
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"user": "76f62a58-5404-486d-9afc-07bded328704",
"user_group": "8436a4eb-9287-495b-bd8a-2ef6763dcf44",
"role": "543e2fa5-dae3-497f-aa96-e06da8fcb379",
"perimeter_folders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

role_assignments_destroy

API endpoint that allows role assignments to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Responses

role_assignments_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Responses

role_assignments_object_retrieve

API endpoint that allows role assignments to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this role assignment.

Responses

role_assignments_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

teams

teams_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
search	string A search term.

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"description": "string",
"folder": "string",
"team_email": "user@example.com",
"leader": "string",
"deputies": ["string"
],
"members": ["string"
]
}
]
}

teams_create

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

name required	string <= 200 characters
description	string or null
folder	string <uuid>
team_email	string or null <email> <= 254 characters
leader	string or null <uuid> (Team Leader) The leader of the team
deputies	Array of strings <uuid> (Team Deputies) [ items <uuid > ] The deputies of the team
members	Array of strings <uuid> (Team Members) [ items <uuid > ] The members of the team

Responses

Request samples

Payload

Content type

application/json

{"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

teams_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"description": "string",
"folder": "string",
"team_email": "user@example.com",
"leader": "string",
"deputies": ["string"
],
"members": ["string"
]
}

teams_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Request Body schema:
application/json
required

name required	string <= 200 characters
description	string or null
folder	string <uuid>
team_email	string or null <email> <= 254 characters
leader	string or null <uuid> (Team Leader) The leader of the team
deputies	Array of strings <uuid> (Team Deputies) [ items <uuid > ] The deputies of the team
members	Array of strings <uuid> (Team Members) [ items <uuid > ] The members of the team

Responses

Request samples

Payload

Content type

application/json

{"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

teams_partial_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Request Body schema:
application/json

name	string <= 200 characters
description	string or null
folder	string <uuid>
team_email	string or null <email> <= 254 characters
leader	string or null <uuid> (Team Leader) The leader of the team
deputies	Array of strings <uuid> (Team Deputies) [ items <uuid > ] The deputies of the team
members	Array of strings <uuid> (Team Members) [ items <uuid > ] The members of the team

Responses

Request samples

Payload

Content type

application/json

{"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"name": "string",
"description": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"team_email": "user@example.com",
"leader": "a909f781-6923-49f6-831e-6a44fdb3863d",
"deputies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"members": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

teams_destroy

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Responses

teams_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Responses

teams_object_retrieve

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this team.

Responses

teams_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

user-groups

user_groups_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

folder	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
search	string A search term.

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"path": "string",
"name": "string",
"localization_dict": null,
"folder": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"description": "string",
"builtin": true
}
]
}

user_groups_create

API endpoint that allows user groups to be viewed or edited

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
builtin	boolean
folder	string <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

user_groups_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"path": "string",
"name": "string",
"localization_dict": null,
"folder": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"description": "string",
"builtin": true
}

user_groups_update

API endpoint that allows user groups to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Request Body schema:
application/json
required

is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
builtin	boolean
folder	string <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

user_groups_partial_update

API endpoint that allows user groups to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Request Body schema:
application/json

is_published	boolean (Published)
name	string <= 200 characters
description	string or null
builtin	boolean
folder	string <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"builtin": true,
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5"
}

user_groups_destroy

API endpoint that allows user groups to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Responses

user_groups_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Responses

user_groups_object_retrieve

API endpoint that allows user groups to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user group.

Responses

user_groups_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

user-preferences

user_preferences_retrieve

Authorizations:

knoxApiToken

Responses

user_preferences_partial_update

Authorizations:

knoxApiToken

Responses

users

users_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

email	string
exclude_current	boolean Exclude current user
expiry_date	string <date>
first_name	string
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
is_active	boolean
is_applied_control_owner	boolean Applied control owner
is_approver	boolean Approver
is_third_party	boolean
keep_local_login	boolean
last_name	string
limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
representative__entity	string <uuid>
search	string A search term.
user_groups	Array of strings <uuid> [ items <uuid > ]

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["string"
],
"keep_local_login": true,
"is_third_party": true,
"observation": "string",
"has_mfa_enabled": true,
"expiry_date": "2019-08-24",
"is_superuser": true
}
]
}

users_create

API endpoint that allows users to be viewed or edited

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

email required	string <= 100 characters
first_name	string <= 150 characters
last_name	string <= 150 characters
is_active	boolean (Active) Designates whether this user should be treated as active. Unselect this instead of deleting accounts.
date_joined	string <date-time>
user_groups	Array of strings <uuid> [ items <uuid > ] The user groups this user belongs to. A user will get all permissions granted to each of their user groups.
keep_local_login	boolean If True allow the user to log in using the normal login form even with SSO forced.
is_third_party	boolean
is_local	boolean
observation	string or null (Notes about a user)
expiry_date	string or null <date>
is_superuser	boolean (Superuser status) Designates that this user has all permissions without explicitly assigning them.

Responses

Request samples

Payload

Content type

application/json

{"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

users_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["string"
],
"keep_local_login": true,
"is_third_party": true,
"observation": "string",
"has_mfa_enabled": true,
"expiry_date": "2019-08-24",
"is_superuser": true
}

users_update

API endpoint that allows users to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Request Body schema:
application/json
required

email required	string <= 100 characters
first_name	string <= 150 characters
last_name	string <= 150 characters
is_active	boolean (Active) Designates whether this user should be treated as active. Unselect this instead of deleting accounts.
date_joined	string <date-time>
user_groups	Array of strings <uuid> [ items <uuid > ] The user groups this user belongs to. A user will get all permissions granted to each of their user groups.
keep_local_login	boolean If True allow the user to log in using the normal login form even with SSO forced.
is_third_party	boolean
is_local	boolean
observation	string or null (Notes about a user)
expiry_date	string or null <date>
is_superuser	boolean (Superuser status) Designates that this user has all permissions without explicitly assigning them.

Responses

Request samples

Payload

Content type

application/json

{"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

users_partial_update

API endpoint that allows users to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Request Body schema:
application/json

email	string <= 100 characters
first_name	string <= 150 characters
last_name	string <= 150 characters
is_active	boolean (Active) Designates whether this user should be treated as active. Unselect this instead of deleting accounts.
date_joined	string <date-time>
user_groups	Array of strings <uuid> [ items <uuid > ] The user groups this user belongs to. A user will get all permissions granted to each of their user groups.
keep_local_login	boolean If True allow the user to log in using the normal login form even with SSO forced.
is_third_party	boolean
is_local	boolean
observation	string or null (Notes about a user)
expiry_date	string or null <date>
is_superuser	boolean (Superuser status) Designates that this user has all permissions without explicitly assigning them.

Responses

Request samples

Payload

Content type

application/json

{"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"email": "string",
"first_name": "string",
"last_name": "string",
"is_active": true,
"date_joined": "2019-08-24T14:15:22Z",
"user_groups": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"keep_local_login": true,
"is_third_party": true,
"is_local": true,
"observation": "string",
"expiry_date": "2019-08-24",
"is_superuser": true
}

users_destroy

API endpoint that allows users to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Responses

users_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Responses

users_object_retrieve

API endpoint that allows users to be viewed or edited

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this user.

Responses

users_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

CISO Assistant API — Authentication & Users (0.7.0)

accounts

accounts_saml_download_cert_retrieve

Authorizations:

path Parameters

Responses

accounts_saml_generate_keys_create

Authorizations:

path Parameters

Responses

actors

actors_list

Authorizations:

query Parameters

Responses

Response samples

actors_retrieve

Authorizations:

path Parameters

Responses

Response samples

actors_cascade_info_retrieve

Authorizations:

path Parameters

Responses

actors_object_retrieve

Authorizations:

path Parameters

Responses

iam

iam_auth_tokens_retrieve

Authorizations:

Responses

iam_auth_tokens_create

Authorizations:

Responses

iam_auth_tokens_destroy

Authorizations:

path Parameters

Responses

iam_change_password_create

Authorizations:

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/jsonrequired

Responses

Request samples

Response samples

iam_current_user_retrieve

Authorizations:

Responses

iam_login_create

Authorizations:

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/jsonrequired

Responses

Request samples

Response samples

iam_logout_create

Authorizations:

Responses

iam_logoutall_create

Authorizations:

Responses

iam_password_reset_create

Authorizations:

Responses

iam_password_reset_confirm_create

Authorizations:

Responses

iam_revoke_sessions_create

Authorizations:

Responses

iam_session_token_create

Authorizations:

Responses

iam_set_password_create

Authorizations:

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/jsonrequired

Responses

Request samples

Response samples

role-assignments

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json

Request Body schema:
application/json
required

Request Body schema:
application/json
required