Users API
The Users API provides programmatic access to Active Directory user accounts. It offers endpoints to update user attributes and retrieve user accounts using filters, sorting, and pagination, enabling administrators to automate and streamline user management. User records typically include identity details, contact information, and organizational attributes, and the API ensures they can be accessed or modified in a consistent and secure format.
Download Users API OpenAPI Document
End Points
List AD users
This endpoint retrieves AD user objects based on specified filters, sort order, and pagination. You can also limit the response to only the required fields. It is useful for generating user reports, integrating with other systems, or identifying users who meet specific conditions.
Scope : Modify users action, All user management actions
Delegated role : All Users Report
Query Parameters
from
integer
The starting index for pagination. Enables pagination through large result sets.
limit
integer
The maximum number of user records to return per request.
domains
string
(Required)
A comma-separated list of domains from which to fetch users.
Example: domain1.com,domain2.com
Example: domain1.com,domain2.com
fields
string
The attributes to be returned in the response.
filter
string
A SCIM filter query to refine which objects are returned. See Filter section for details.
Example: (FIRST_NAME eq John) and (LAST_NAME eq Doe)
Example: (FIRST_NAME eq John) and (LAST_NAME eq Doe)
sort
string
This field is used to sort results. The default sort order is ascending. To sort in descending order, prefix the field with a - (hyphen).
Example: FIRST_NAME,-LAST_NAME
Example: FIRST_NAME,-LAST_NAME
refresh
boolean
If set to true, triggers a sync before fetching results, ensuring that the data reflects the latest state of AD.
Headers
Accept
string
The response format that the client accepts.
X-Module
string
The module name to be recorded in the audit logs. If not provided, the default module is recorded as Rest API.
X-Date-Time-Format
string
The date-time format to be used for parsing date values returned in the response. If not provided, the default ISO format is used (yyyy-MM-dd'T'HH:mm:ss[.SSS][XXX]).
headers_data = Map();
headers_data.put("Accept", "application/json");
headers_data.put("X-Module", "External API");
headers_data.put("X-Date-Time-Format", "SOME_STRING_VALUE");
headers_data.put("Authorization", "REPLACE_KEY_VALUE");
response = invokeUrl
[
url: "http://admanagerplus:8080/api/v2/users?domains=domain1.com"
type: GET
headers: headers_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
Request request = new Request.Builder()
.url("http://admanagerplus:8080/api/v2/users?domains=domain1.com")
.get()
.addHeader("Accept", "application/json")
.addHeader("X-Module", "External API")
.addHeader("X-Date-Time-Format", "SOME_STRING_VALUE")
.addHeader("Authorization", "REPLACE_KEY_VALUE")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'GET',
headers: {
Accept: 'application/json',
'X-Module': 'External API',
'X-Date-Time-Format': 'SOME_STRING_VALUE',
Authorization: 'REPLACE_KEY_VALUE'
}
};
fetch('http://admanagerplus:8080/api/v2/users?domains=domain1.com', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("admanagerplus:8080")
headers = {
'Accept': "application/json",
'X-Module': "External API",
'X-Date-Time-Format': "SOME_STRING_VALUE",
'Authorization': "REPLACE_KEY_VALUE"
}
conn.request("GET", "/api/v2/users?domains=domain1.com", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "GET",
"hostname": "admanagerplus",
"port": "8080",
"path": "/api/v2/users?domains=domain1.com",
"headers": {
"Accept": "application/json",
"X-Module": "External API",
"X-Date-Time-Format": "SOME_STRING_VALUE",
"Authorization": "REPLACE_KEY_VALUE"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.end();
curl --request GET \
--url 'http://admanagerplus:8080/api/v2/users?domains=domain1.com' \
--header 'Accept: application/json' \
--header 'Authorization: REPLACE_KEY_VALUE' \
--header 'X-Date-Time-Format: SOME_STRING_VALUE' \
--header 'X-Module: External API'
Update AD Users
This endpoint updates one or more AD user objects with the specified payload. You can modify general information, organizational details, Microsoft 365 settings, and Exchange attributes. It is often used for updating records during role changes or applying account policies in bulk.
Scope : Modify user action, All user management actions
Delegated role : Modify Users Using Template, Bulk User Modification
Arguments
template
object
The template to be used for updating the user. If not specified, the default system template is applied.
template_name
string
The name of the template used to update the user.
template_id
integer
The ID of the template used to update the user.
data
object
Data to be updated for the user.
attributes
object
The attributes of the user to be updated. This can include Active Directory, Microsoft 365, and Exchange attributes.
givenName
string
The first name of the user..
initials
string
The middle name of the user.
sn
string
The last name of the user.
userPrincipalName
string
The logon name of the user.
sAMAccountName
string
The SAM account name of the user.
displayName
string
The display name of the user.
name
string
The full name of the user.
description
string
The description of the user.
physicalDeliveryOfficeName
string
The office location of the user.
telephoneNumber
string
The telephone number of the user.
mail
string
The email address of the user.
wWWHomePage
string
The home page URL of the user.
OUName
string
The OU where the user resides.
password
string
The password of the user.
streetAddress
string
The street address of the user.
postOfficeBox
string
The post office box of the user.
l
string
The city of the user.
st
string
The state or province of the user.
postalCode
string
The postal code of the user.
co
string
The country of the user.
c
string
The two-letter country code of the user.
countryCode
string
The country code of the user.
memberOf
string
The groups to which the user should be added.
removememberOf
string
The groups from which the user should be removed.
accountExpires
string
The account expiration date of the user.
userAccountControl
string
The user account control flags of the user.
thumbnailPhoto / exchangePhoto (Supports high resolution photo) / jpegPhoto / photo / thumbnailLogo
binary
The photo of the user.
profilePath
string
The profile path of the user.
scriptPath
string
The script path of the user.
homeDirectory
string
The home directory of the user.
homeDrive
string
The home drive of the user.
userWorkstations
string
The workstations from which the user can log on.
homePhone
string
The home phone number of the user.
pager
string
The pager number of the user.
mobile
string
The mobile number of the user.
facsimileTelephoneNumber
string
The facsimile telephone number of the user.
ipPhone
string
The IP phone number of the user.
info
string
The notes attribute of the user.
title
string
The job title of the user.
department
string
The department of the user.
company
string
The company of the user.
manager
string
The manager of the user.
tsAllowLogon
boolean
Allow the user to log on to Terminal Services.
tsProfilePath
string
The profile path for the user on Terminal Services.
tsHomeDir
string
The home directory for the user on Terminal Services.
tsHomeDirDrive
string
The home drive for the user on Terminal Services.
tsInheritInitialProgram
boolean
Start the following program at logon for the user on Terminal Services.
tsIntialProgram
string
The initial program to be started at logon for the user on Terminal Services.
tsWorkingDir
string
The start in attribute of the user on Terminal Services.
tsDeviceClientDrives
boolean
Connect client drives to Terminal Services.
tsDeviceClientPrinters
boolean
Connect client printer at logon
tsDeviceClientDefaultPrinter
boolean
Default to main client printer
tsTimeOutSettingsDisConnections
string
End disconnected session
tsTimeOutSettingsConnections
string
Active Session limit
tsTimeOutSettingsIdle
string
Idle session limit
tsBrokenTimeOutSettings
string
Behavior when the session limit is reached or connection is broken.
tsReConnectSettings
boolean
Allow reconnection
tsShadowSettings
boolean
Remote Control
preventDeletion
boolean
Protect the user object from accidental deletion.
managerCanUpdateMembership
boolean
Allow the manager to update the membership of the user.
primaryGroupID
string
The primary group ID of the user.
exchange
object
The Exchange attribute of the user.
msExchAdminGroups
string
The Exchange administrative groups to which the user belongs.
msExchHomeServerName
string
The Exchange home server name for the user.
targetAddress
string
The target address for the user.
proxyAddresses
string
The proxy addresses for the user.
removeproxyAddresses
string
The proxy addresses to be removed for the user.
msExchPoliciesExcluded
string
The Exchange policies to be excluded for the user.
mailNickname
string
The email-alias of the user.
displayNamePrintable
string
The simple display name of the user.
msExchHideFromAddressLists
boolean
Specifies whether the user mailbox is hidden from Exchange address lists.
submissionContLength
integer
The maximum size of an email the user mailbox can send.
delivContLength
integer
The maximum size of an email the user mailbox can receive.
msExchRequireAuthToSendTo
boolean
Require authentication to send emails to this user.
unauthOrig
boolean
Allow unauthenticated users to send emails to this user.
authOrig
boolean
Allow authenticated users to send emails to this user.
publicDelegates
string
The send on behalf for the user.
altRecipient
string
The forward-to attribute of the user.
deliverAndRedirect
boolean
Deliver and redirect emails for the user.
msExchRecipLimit
integer
The maximum number of recipients allowed in a user’s email.
mDBuseDefaults
boolean
Use default mailbox settings for the user.
mDBStorageQuota
integer
The mailbox size (in MB/GB) at which a warning is issued to the user.
mDBOverQuotaLimit
integer
The mailbox size at which the user is prohibited from sending emails.
mDBOverHardQuotaLimit
integer
The mailbox size at which the user is prohibited from both sending and receiving emails.
deletedItemFlags
string
The deleted item retention settings for the user’s mailbox.
garbageCollPeriod
string
The deleted item retention period for the user’s mailbox.
msExchOmaAdminWirelessEnabled
boolean
Enable Outlook mobile access (OMA) for the user.
protocolSettings
string
The Outlook Web Access settings for the user.
microsoft_365
object
The Microsoft 365 attributes of the user.
MAPIEnabled
boolean
Enable MAPI for the user’s mailbox.
PopEnabled
boolean
Enable POP for the user’s mailbox.
EwsEnabled
boolean
Enable EWS for the user’s mailbox.
OWAEnabled
boolean
Enable access to a mailbox using Exchange Web Services.
OWAforDevicesEnabled
boolean
Enable OWA for mobile devices.
SmtpClientAuthenticationDisabled
boolean
Disable SMTP client authentication for the user’s mailbox.
ActiveSyncEnabled
boolean
Enable ActiveSync for the user’s mailbox.
O365Roles
string
The Microsoft 365 roles assigned to the user.
MFAEnabled
boolean
Enable multi-factor authentication (MFA) for the user.
IssueWarningQuota
integer
The storage quota at which the user is warned.
ProhibitSendQuota
integer
The mailbox size limit after which the user cannot send messages.
ProhibitSendReceiveQuota
integer
The mailbox size limit after which the user cannot send or receive messages.
O365ProxyAddresses
string
The proxy addresses for the user in Microsoft 365.
RemotePowerShellEnabled
boolean
Enable Remote PowerShell for the user.
ImapEnabled
boolean
Enable IMAP for the user’s mailbox.
SharingPolicy
string
The sharing policy for the user’s mailbox.
RoleAssignmentPolicy
string
The role assignment policy for the user’s mailbox.
RetentionPolicy
string
The retention policy for the user’s mailbox.
AddressBookPolicy
string
The address book policy for the user’s mailbox.
GroupMemberObjectId
string
The Microsoft 365 group memberships of the user.
LitigationHoldEnabled
boolean
Enable litigation hold for the user’s mailbox.
LitigationHoldDuration
string
The duration of litigation hold for the user’s mailbox.
InPlaceArchiveEnabled
boolean
Enable in-place archive for the user’s mailbox.
ArchiveName
string
The name of the user’s mailbox archive
O365userPrincipalName
string
The user principal name in Microsoft 365.
O365Manager
string
The manager of the user in Microsoft 365.
SimpleDisplayName
string
The simple display name of the user in Microsoft 365.
O365HiddenFromAddress
boolean
Specifies whether the Microsoft 365 account is hidden from Exchange address lists.
waadLicenseInfo
string
The Microsoft 365 license information for the user.
Query Parameters
from
integer
The starting index for pagination. Enables pagination through large result sets.
limit
integer
The maximum number of user records to return per request.
domain
string
(Required)
The AD domain where the requested operation is performed.
Example: domain1.com
Example: domain1.com
filter
string
A SCIM filter query to refine which objects are returned. See Filter section for details.
Example: (FIRST_NAME eq John) and (LAST_NAME eq Doe)
Example: (FIRST_NAME eq John) and (LAST_NAME eq Doe)
sort
string
This field is used to sort results. The default sort order is ascending. To sort in descending order, prefix the field with a - (hyphen).
Example: FIRST_NAME,-LAST_NAME
Example: FIRST_NAME,-LAST_NAME
refresh
boolean
If set to true, triggers a sync before fetching results, ensuring that the data reflects the latest state of AD.
Headers
Accept
string
The response format that the client accepts.
X-Module
string
The module name to be recorded in the audit logs. If not provided, the default module is recorded as Rest API.
parameters_data='{"template":{"template_name":"User Modification Template"},"data":{"attributes":{"employeeID":"12345","extensionAttribute1":"Custom Attribute","co":"India","manager":"Manager 1","microsoft_365":{"waadLicenseInfo":"sku_id1;sku_id2"},"exchange":{"msExchHomeServerName":"/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1","homeMDB":"CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com","mailNickname":"tester","proxyAddresses":"SMTP:tester@domain.com"}}}}';
headers_data = Map();
headers_data.put("Accept", "application/json");
headers_data.put("X-Module", "External API");
headers_data.put("Authorization", "REPLACE_KEY_VALUE");
response = invokeUrl
[
url: "http://admanagerplus:8080/api/v2/users?domain=domain1.com"
type: PATCH
headers: headers_data
content-type: application/json
parameters: parameters_data
connection: <connection_name>
];
info response;
OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{\"template\":{\"template_name\":\"User Modification Template\"},\"data\":{\"attributes\":{\"employeeID\":\"12345\",\"extensionAttribute1\":\"Custom Attribute\",\"co\":\"India\",\"manager\":\"Manager 1\",\"microsoft_365\":{\"waadLicenseInfo\":\"sku_id1;sku_id2\"},\"exchange\":{\"msExchHomeServerName\":\"/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1\",\"homeMDB\":\"CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com\",\"mailNickname\":\"tester\",\"proxyAddresses\":\"SMTP:tester@domain.com\"}}}}");
Request request = new Request.Builder()
.url("http://admanagerplus:8080/api/v2/users?domain=domain1.com")
.patch(body)
.addHeader("Accept", "application/json")
.addHeader("X-Module", "External API")
.addHeader("Authorization", "REPLACE_KEY_VALUE")
.addHeader("content-type", "application/json")
.build();
Response response = client.newCall(request).execute();
const options = {
method: 'PATCH',
headers: {
Accept: 'application/json',
'X-Module': 'External API',
Authorization: 'REPLACE_KEY_VALUE',
'content-type': 'application/json'
},
body: '{"template":{"template_name":"User Modification Template"},"data":{"attributes":{"employeeID":"12345","extensionAttribute1":"Custom Attribute","co":"India","manager":"Manager 1","microsoft_365":{"waadLicenseInfo":"sku_id1;sku_id2"},"exchange":{"msExchHomeServerName":"/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1","homeMDB":"CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com","mailNickname":"tester","proxyAddresses":"SMTP:tester@domain.com"}}}}'
};
fetch('http://admanagerplus:8080/api/v2/users?domain=domain1.com', options)
.then(response => response.json())
.then(response => console.log(response))
.catch(err => console.error(err));
import http.client
conn = http.client.HTTPConnection("admanagerplus:8080")
payload = "{\"template\":{\"template_name\":\"User Modification Template\"},\"data\":{\"attributes\":{\"employeeID\":\"12345\",\"extensionAttribute1\":\"Custom Attribute\",\"co\":\"India\",\"manager\":\"Manager 1\",\"microsoft_365\":{\"waadLicenseInfo\":\"sku_id1;sku_id2\"},\"exchange\":{\"msExchHomeServerName\":\"/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1\",\"homeMDB\":\"CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com\",\"mailNickname\":\"tester\",\"proxyAddresses\":\"SMTP:tester@domain.com\"}}}}"
headers = {
'Accept': "application/json",
'X-Module': "External API",
'Authorization': "REPLACE_KEY_VALUE",
'content-type': "application/json"
}
conn.request("PATCH", "/api/v2/users?domain=domain1.com", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
const http = require("http");
const options = {
"method": "PATCH",
"hostname": "admanagerplus",
"port": "8080",
"path": "/api/v2/users?domain=domain1.com",
"headers": {
"Accept": "application/json",
"X-Module": "External API",
"Authorization": "REPLACE_KEY_VALUE",
"content-type": "application/json"
}
};
const req = http.request(options, function (res) {
const chunks = [];
res.on("data", function (chunk) {
chunks.push(chunk);
});
res.on("end", function () {
const body = Buffer.concat(chunks);
console.log(body.toString());
});
});
req.write(JSON.stringify({
template: {template_name: 'User Modification Template'},
data: {
attributes: {
employeeID: '12345',
extensionAttribute1: 'Custom Attribute',
co: 'India',
manager: 'Manager 1',
microsoft_365: {waadLicenseInfo: 'sku_id1;sku_id2'},
exchange: {
msExchHomeServerName: '/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1',
homeMDB: 'CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com',
mailNickname: 'tester',
proxyAddresses: 'SMTP:tester@domain.com'
}
}
}
}));
req.end();
curl --request PATCH \
--url 'http://admanagerplus:8080/api/v2/users?domain=domain1.com' \
--header 'Accept: application/json' \
--header 'Authorization: REPLACE_KEY_VALUE' \
--header 'X-Module: External API' \
--header 'content-type: application/json' \
--data '{"template":{"template_name":"User Modification Template"},"data":{"attributes":{"employeeID":"12345","extensionAttribute1":"Custom Attribute","co":"India","manager":"Manager 1","microsoft_365":{"waadLicenseInfo":"sku_id1;sku_id2"},"exchange":{"msExchHomeServerName":"/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1","homeMDB":"CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com","mailNickname":"tester","proxyAddresses":"SMTP:tester@domain.com"}}}}'
{
"template": {
"template_name": "User Modification Template"
},
"data": {
"attributes": {
"employeeID": "12345",
"extensionAttribute1": "Custom Attribute",
"co": "India",
"manager": "Manager 1",
"microsoft_365": {
"waadLicenseInfo": "sku_id1;sku_id2"
},
"exchange": {
"msExchHomeServerName": "/o=Test/ou=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Configuration/cn=Servers/cn=TEST-MEM1",
"homeMDB": "CN=Mailbox Database 03456078997,CN=Databases,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=Test,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=test,DC=com",
"mailNickname": "tester",
"proxyAddresses": "SMTP:tester@domain.com"
}
}
}
}