Logo

    Home

    Documentation

    Use Cases

    Training

    Applications

    Release Notes

    SecHub: User API

    SecHub: User API

    • Description
    • How to use it
    • SDK
    • API
    • Use Cases
    • Best Practices
    • Troubleshooting for: Opening a B1-screen from non-B1-application via UI Connector

    Description

    In this chapter the SecHub User API is described

    ⚠️
    This functionality requires Security-Hub version at least 1.0.7, see for installation advice

    How to use it

    There are two ways to manage user in Security-Hub from outside: Using the SDK or work directly with the API

    SDK

    To sync users from legacy app to Security-Hub, the ABL SDK can be used, by calling the B1SecUsersService.createUser() method, passing in appropriate data in the B1SecUserPayload class

    https://bitbucket.org/build-one/buildone-samples/src/main/security-hub/buildone/security/sdk/

    ⚠️
    To get the SDK, please contact Build.One

    API

    The api /v1/users is used to manage the users stored in SecurityHub

    image

    To create a user, POST a payload with the schema defined below

    image
    • userGroups are a list of user groups to be assigned to the user. If you do not specify any group then the user will have a limited set of capabilities
    • metadata is a json object that is for storing custom data against a user
    • oidcUsername is used for PASOE instances. This is the username that will be supplied in the Client-Principal object, along with the domain of the service provider used to login.
    • The response payload of the call to this api will contain an id property. This value is the unique identifier of the newly created user

    Assign user to an identity provider using the API

    Once a user has been created, an identity provider needs to be assigned to the user. This then defines which identity providers a user can login to securityHub

    image

    To assign a user to an identity provider , such as a “userpass” (user name / password) provider, a POST to /v1/connectors/userpass is required. The payload for this is as follows

    image

    providerId is the id of the provider

    userId is the id of the user

    password is the initial password to assign to the user

    name is the name of the user

    Use Cases

    ✍️  If there are Use Cases that can be linked to this concept, you can use the next Notion Database view to display them

    Best Practices

    Troubleshooting for: Opening a B1-screen from non-B1-application via UI Connector

    ‣
    Problem:
    ‣
    Solution:

    Back to DocumentationDocumentation

    Back to Home Page

    Logo