GET /api/tenants/{tenantId}/principals/{userId} searches the configured LDAP directory, Active Directory, or Native Active Directory for a user.

Input

Use the supported input parameters to control the command output.

Parameter

Description

URL

https://$vRA/identity/api/tenants/$tenantId/principals/$userId

$vRA

Specifies the appliance name and fully qualified domain name, or IP address of the vRealize Automation server.

$token

Specifies a valid HTTP bearer token with necessary credentials.

$tenantId

Specifies the ID of the tenant.

$userId

Specifies the ID of the user in the form name@domain.

Output

The command output contains property names and values based on the command input parameters.

Parameter

Description

Links

Specifies an array of link objects, each of which contains the following parts:

  • rel: Specifies the name of the link.

    • Self refers to the object that was returned or requested. This parameter does not appear when you query a single profile.

    • First, Previous, Next, and Last refer to corresponding pages of pageable lists.

    • Specifies the application or service that determines the other names.

  • href: Specifies the URL that produces the result.

@type

Specifies the user name.

firstName

Specifies the first name of the user.

lastName

Specifies the last name of the user.

description

Specifies the description of the user.

emailAddress

Specifies the email address of the user.

locked

Specifies the Boolean flag indicating if the user is locked out.

disabled

Specifies the Boolean flag indicating if the user is disabled.

principalId

Specifies the principal ID of the user in username@domain format.

tenantName

Specifies the name of tenant to which user belongs.

name

Specifies the first and last name concatenated.

curl Command to Search LDAP or Active Directory for a User

The following example command queries the configured LDAP directory for a specific user.

curl --insecure -H "Accept:text/xml" -H "Authorization: Bearer $token" https://$vRA/identity/api/tenants/$tenantId/principals/$userId

The following JSON output is returned based on the command input.

{
   "links" : [ ],
   "content" : [ 
      {
         "@type" : "User",
         "firstName" : "Tony",
         "lastName" : "Anteater",
         "emailAddress" : "tony@example.mycompany.com",
         "locked" : false,
         "disabled" : false,
         "principalId" : 
            {
               "domain" : "example.mycompany.com",
               "name" : "susan"
            },
         "tenantName" : "MYCOMPANY1",
         "name" : "Tony Anteater"
      } 
   ]
}