admin_and_role_management#

The following methods allow for interaction with the ZIA Admin and Role Management API endpoints.

Methods are accessible via zia.admin_and_role_management

class AdminAndRoleManagementAPI#

Bases: object

add_user(name, login_name, email, password, **kwargs)#

Adds a new admin user to ZIA.

Parameters:

  • name (str) – The user’s full name.

  • login_name (str) – The name that the admin user will use to login to ZIA in email format, i.e. user@domain.tld.

  • email (str) – The email address for the admin user.

  • password (str) – The password for the admin user.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • admin_scope (str) – The scope of the admin’s permissions, accepted values are: organization, department, location, location_group

  • comments (str) – Additional information about the admin user.

  • disabled (bool) – Set to True if you want the account disabled upon creation.

  • is_password_login_allowed (bool) – Set to True to allow password login.

  • is_security_report_comm_enabled (bool) – Set to True to allow ZIA Security Update emails to be sent to the admin user.

  • is_service_update_comm_enabled (bool) – Set to True to allow ZIA Service Update emails to be sent to the admin user.

  • is_product_update_comm_enabled (bool) – Set to True to allow ZIA Product Update emails to be sent to the admin user.

  • is_password_expired (bool) – Set to True to expire the admin user’s password upon creation.

  • is_exec_mobile_app_enabled (bool) – Set to True to enable to executive insights mobile application for the admin user.

  • role_id (str) – The unique id for the admin role being assigned to the admin user.

  • scope_ids (list) – A list of entity ids for the admin user’s scope. e.g. if the admin user has admin_scope set to department then you will need to provide a list of department ids. NOTE: This param doesn’t need to be provided if the admin user’s scope is set to organization.

Returns:

The newly created admin user resource record.

Return type:

Box

Examples

Add an admin user with the minimum required params:
>>> admin_user = zia.admin_and_role_management.add_user(
...    name="Jim Bob",
...    login_name="jim@example.com",
...    password="*********",
...    email="jim@example.com")
Add an admin user with a department admin scope:
>>> admin_user = zia.admin_and_role_management.add_user(
...    name="Jane Bob",
...    login_name="jane@example.com",
...    password="*********",
...    email="jane@example.com,
...    admin_scope="department",
...    scope_ids = ['376542', '245688'])
Add an auditor user:
>>> auditor_user = zia.admin_and_role_management.add_user(
...    name="Head Bob",
...    login_name="head@example.com",
...    password="*********",
...    email="head@example.com,
...    is_auditor=True)
delete_user(user_id)#

Deletes the specified admin user by id.

Parameters:

user_id (str) – The unique id of the admin user.

Returns:

The response code for the request.

Return type:

int

Examples

>>> zia.admin_role_management.delete_admin_user('99272455')
get_role(role_id)#

Returns information on the specified admin user id.

Parameters:

user_id (str) – The unique id of the admin user.

Returns:

The admin user resource record.

Return type:

Box

Examples

>>> print(zia.admin_and_role_management.get_user('987321202'))
get_roles_by_id(role_id)#
get_roles_by_name(name)#
get_user(user_id)#

Returns information on the specified admin user id.

Parameters:

user_id (str) – The unique id of the admin user.

Returns:

The admin user resource record.

Return type:

Box

Examples

>>> print(zia.admin_and_role_management.get_user('987321202'))
list_roles(**kwargs)#

Return a list of the configured admin roles in ZIA.

Parameters:

**kwargs – Optional keyword args.

Keyword Arguments:

  • include_auditor_role (bool) – Set to True to include auditor role information in the response.

  • include_partner_role (bool) – Set to True to include partner admin role information in the response.

Returns:

A list of admin role resource records.

Return type:

BoxList

Examples

Get a list of all configured admin roles: >>> roles = zia.admin_and_management_roles.list_roles()

list_users(**kwargs)#

Returns a list of admin users.

Keyword Arguments:

  • include_auditor_users (bool, optional) – Include or exclude auditor user information in the list.

  • include_admin_users (bool, optional) – Include or exclude admin user information in the list. (default: True)

  • search (str, optional) – The search string used to partially match against an admin/auditor user’s Login ID or Name.

  • page (int, optional) – Specifies the page offset.

  • page_size (int, optional) – Specifies the page size. The default size is 100, but the maximum size is 1000.

Returns:

The admin_users resource records.

Return type:

list

Examples

>>> users = zia.admin_and_role_management.list_users('admin@example.com')
update_user(user_id, **kwargs)#

Update an admin user.

Parameters:

  • user_id (str) – The unique id of the admin user to be updated.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • admin_scope (str) – The scope of the admin’s permissions, accepted values are: organization, department, location, location_group

  • comments (str) – Additional information about the admin user.

  • disabled (bool) – Set to True if you want the account disabled upon creation.

  • email (str) – The email address for the admin user.

  • is_password_login_allowed (bool) – Set to True to allow password login.

  • is_security_report_comm_enabled (bool) – Set to True to allow ZIA Security Update emails to be sent to the admin user.

  • is_service_update_comm_enabled (bool) – Set to True to allow ZIA Service Update emails to be sent to the admin user.

  • is_product_update_comm_enabled (bool) – Set to True to allow ZIA Product Update emails to be sent to the admin user.

  • is_password_expired (bool) – Set to True to expire the admin user’s password upon creation.

  • is_exec_mobile_app_enabled (bool) – Set to True to enable to executive insights mobile application for the admin user.

  • name (str) – The user’s full name.

  • password (str) – The password for the admin user.

  • role_id (str) – The unique id for the admin role being assigned to the admin user.

  • scope_ids (list) – A list of entity ids for the admin user’s scope. e.g. if the admin user has admin_scope set to department then you will need to provide a list of department ids. NOTE: This param doesn’t need to be provided if the admin user’s scope is set to organization.

Returns:

The updated admin user resource record.

Return type:

dict

Examples

Update the email address for an admin user:
>>> user = zia.admin_and_role_management.update_user('99695301',
...    email='jimbob@example.com')
Update the admin scope for an admin user to department:
>>> user = zia.admin_and_role_management.update_user('99695301',
...    admin_scope='department',
...    scope_ids=['3846532', '3846541'])