Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
Post /GetAllSearchAdvanced
Send a POST request to the GetAllSearchAdvanced()
method on the GroupView
object to return information about one or more groups. The information included in the response depends on the range of group properties and parameter values included in the request.
A valid OAuth 2.0 Bearer token is required.
URL
Code Block |
---|
POST https://<FQDN_Of_Your_EmpowerID_Web_Server>/api/webui/v1/GroupView/GetAllSearchAdvanced |
Header Key/Value Pairs
Key | Value |
---|---|
Authorization | Bearer <access_token> |
X-EmpowerID-API-Key | The API key from the registered OAuth application |
Content-Type | application/json |
Request Body
The body of the request must include all parameters required by the method and the IncludedProperties
object with at least one group property.
Included Properties
Use IncludedProperties
to return one or more group properties.
Body Parameters
The GetAllSearchAdvanced()
method includes a number of parameters that must be included in the body or the request. Use parameters to filter the number of accounts groups returned by the endpoint.
Expand | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
columnsToSearch
The columnsToSearch
body parameter is used to return accounts meeting one or more conditions. Each condition specifies a property with a specific value to search. For example, to return a list of accounts with belonging to the “DevDomain1” domain that are currently locked out, the value for columnsToSearch
would be set to that shown below.
"%[[][[]%<Conditions><Condition PropertyName=\"NetBiosName\" SearchValue=\"Docs-tracking\" Operator=\"EqualTo\" QuerySuffix=\" AND \" StartGroupString=\"\" EndGroupString=\"\" Index=\"0\" SearchType=\"String\"/><Condition PropertyName=\"LockedOut\" SearchValue=\"true\" Operator=\"EqualTo\" QuerySuffix=\"\" StartGroupString=\"\" EndGroupString=\"\" Index=\"1\" SearchType=\"Boolean\"/></Conditions>"
Remarks
In the above example, columnsToSearch
contains two search conditions. The API returns accounts matching both conditions. Each condition includes the PropertyName
to search, the SearchValue
to search for, an Equality Operator
, a QuerySuffix
and a SearchType
for the relevant data type.
Search Examples
The below examples demonstrate how to use IncludedProperties
, parameters, and conditions in columnsToSearch
to query the API for a list of groups matching the search conditions. Attributes returned for each record are set by the properties specified in IncludedProperties
.
1️⃣ Set the ReferencePersonID
parameter to the GUID of an EmpowerID Person and the IsHighSecurityGroup
parameter to 1
to return a list of high security groups where the reference person has a linked user account.
Code Block | ||
---|---|---|
| ||
{ "IncludedProperties": [ "LogonName", "NetBiosName", "FriendlyName", "AllowJoinRequests", "IsHighSecurityGroup", "RiskFactorTotal", "DistinguishedName", "ResourceID", "GroupID", "ResourceGUID", "ValidUntil", ], "Parameters": { "AccountStoreID": null, "SecurityBoundaryID": null, "SecurityBoundaryTypeID": null, "GroupTypeID": null, "GroupUsageTypeID": null, "ResourceTypeID": null, "IsEmpty": null, "IsMailEnabled": null, "IsHighSecurityGroup": 1, "HideInEmpowerID": null, "OrgZoneID": null, "AccountStoreUsageTypeID": null, "ITEnvironmentTypeID": null, "EligibilityAssigneeID": null, "EligibilityTypeID": null, "RbacAssignedToAssigneeID": null, "TCode": null, "IsAssignable": null, "ReferencePersonID": "4e98a3bd-ac98-401a-ac73-042332d73bd9", "OwnerPersonGUID": null, "AzGlobalFunctions": null, "ProtectedApplicationResourceID": null, "AccountMemberID": null, "IsAccountIDMember": null, "textToSearch": null, "columnsToSearch": "%[[][[]%<Conditions/>", "pageLength": 10, "resourceTags": null, "start": 0, "totalCount": null } } |
2️⃣ Set the AccountStoreID
parameter to the ID of an account store to return groups belonging to that account store.
Code Block |
---|
"Parameters": { "AccountStoreID": 2096, "SecurityBoundaryID": null, "SecurityBoundaryTypeID": null, "GroupTypeID": null, "GroupUsageTypeID": null, "ResourceTypeID": null, "IsEmpty": null, "IsMailEnabled": null, "IsHighSecurityGroup": null, "HideInEmpowerID": null, "OrgZoneID": null, "AccountStoreUsageTypeID": null, "ITEnvironmentTypeID": null, "EligibilityAssigneeID": null, "EligibilityTypeID": null, "RbacAssignedToAssigneeID": null, "TCode": null, "IsAssignable": null, "ReferencePersonID": null, "OwnerPersonGUID": null, "AzGlobalFunctions": null, "ProtectedApplicationResourceID": null, "AccountMemberID": null, "IsAccountIDMember": null, "textToSearch": "AdvancedSearch", "columnsToSearch": "%[[][[]%<Conditions />", "pageLength": 25, "resourceTags": null, "start": 0, "totalCount": null } } |
3️⃣ Use columnsToSearch
to return mail-enabled groups. Note the PropertyName
for the search condition is set to IsMailEnabled
, SearchValue
is set to True
, the Operator
is set to EqualTo
and the SearchType
is Boolean
.
Code Block |
---|
{ "IncludedProperties": [ "LogonName", "NetBiosName", "FriendlyName", "AccountOrganizationStatusFriendlyName", "AccountUsageTypeFriendlyName", "ResourceID", "AccountID", "Name", "Description", "CreatedDate", "ExpiresOn", "AccountStoreFriendlyName", ], "Parameters": { "AccountStoreID": null, "SecurityBoundaryID": null, "SecurityBoundaryTypeID": null, "AccountTypeID": null, "ShowSystemAccountsOnly": null, "ShowSystemBuiltInAccountsOnly": null, "AccountUsageTypeID": null, "IsOrphan": null, "Disabled": null, "LockedOut": null, "NeverLoggedInOnly": null, "HideInEmpowerID": null, "OrgZoneID": null, "PersonID": null, "ManagerPersonID": null, "MemberOfGroupID": null, "textToSearch":"AdvancedSearch", "pageLength": 50, "resourceTags": null, "start": 0, "totalCount": null, "columnsToSearch": "%[[][[]%<Conditions><Condition PropertyName="IsMailEnabled" SearchValue="true" Operator="EqualTo" QuerySuffix="" StartGroupString="" EndGroupString="" Index="0" SearchType="Boolean"/></Conditions>" } } |
4️⃣ Set the AccountMemberID
parameter to the GUID of a specific user account and the IsAccountIDMember
parameter to true to return groups where that account is a member.
Code Block |
---|
{ "IncludedProperties": [ "LogonName", "NetBiosName", "FriendlyName", "AccountOrganizationStatusFriendlyName", "AccountUsageTypeFriendlyName", "ResourceID", "AccountID", "Name", "Description", "CreatedDate", "ExpiresOn", "AccountStoreFriendlyName", ], "Parameters": { "AccountStoreID": null, "SecurityBoundaryID": null, "SecurityBoundaryTypeID": null, "GroupTypeID": null, "GroupUsageTypeID": null, "ResourceTypeID": null, "IsEmpty": null, "IsMailEnabled": null, "IsHighSecurityGroup": null, "HideInEmpowerID": null, "OrgZoneID": null, "AccountStoreUsageTypeID": null, "ITEnvironmentTypeID": null, "EligibilityAssigneeID": null, "EligibilityTypeID": null, "RbacAssignedToAssigneeID": null, "TCode": null, "IsAssignable": null, "ReferencePersonID": null, "OwnerPersonGUID": null, "AzGlobalFunctions": null, "ProtectedApplicationResourceID": null, "AccountMemberID": "0EC3DE4D-DDD7-4B2E-A104-52C1ECE422F8", "IsAccountIDMember": true, "textToSearch": "AdvancedSearch", "columnsToSearch": "%[[][[]%<Conditions />", "pageLength": 25, "resourceTags": null, "start": 0, "totalCount": null } } |
SearchTerms
Each identity object in the EmpowerID Identity Warehouse has a SearchTerms
property with a specific set of search values that can used to return all objects matching those values. For groups, SearchTerms
encompass the Name
, FriendlyName
, Email
, EmpowerIDName
, EmpowerIDFriendlyName
, LogonName
, NetBiosName
, FQN
, DistinguishedName
, and Description
properties. When used, the API returns all groups where the specified search value finds a match in any of those properties. For example, if the search value is set to “Doc”, the API would return all the following groups
Any group with a match in the name
Any group with a match in the friendly name
Any group with a match in the email address
Any group with a match in the EmpowerID name
Any group with a match in the EmpowerID friendly name
Any group with a match in the logon name
Any group with a match in the Net BIOS name
Any group with a match in the FQN
Any group with a match in the Distinguished Name
Any group with a match in the description
The following examples illustrate how to use SearchTerms
to return a subset of groups:
1️⃣ Use SearchTerms
to return the logon name, Net BIOS name, friendly name, description, group type name, distinguished name, and group ID for groups where the search value is set to "SAP"
Code Block |
---|
{ "IncludedProperties": [ "LogonName", "NetBiosName", "FriendlyName", "Description", "GroupTypeName", "DistinguishedName", "GroupID" ], "Parameters": { "AccountStoreID": null, "SecurityBoundaryID": null, "SecurityBoundaryTypeID": null, "GroupTypeID": null, "GroupUsageTypeID": null, "ResourceTypeID": null, "IsEmpty": null, "IsMailEnabled": null, "IsHighSecurityGroup": null, "HideInEmpowerID": null, "OrgZoneID": null, "AccountStoreUsageTypeID": null, "ITEnvironmentTypeID": null, "EligibilityAssigneeID": null, "EligibilityTypeID": null, "RbacAssignedToAssigneeID": null, "TCode": null, "IsAssignable": null, "ReferencePersonID": null, "OwnerPersonGUID": null, "AzGlobalFunctions": null, "ProtectedApplicationResourceID": null, "AccountMemberID": null, "IsAccountIDMember": null, "textToSearch": "AdvancedSearch", "columnsToSearch":"%[[][[]%<Conditions><Condition PropertyName=\"SearchTerms\" SearchValue=\"SAP\" Operator=\"EqualTo\" QuerySuffix=\"\" StartGroupString=\"\" EndGroupString=\"\" Index=\"0\" SearchType=\"String\"/></Conditions>" } } |
Sample Responses
Tabs macro | ||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||
[{"label":"200","id":"1","content":{"version":1,"type":"doc","content":[{"type":"codeBlock","attrs":{"language":"json"},"content":[{"type":"text","text":" {\r\n \"Tags\": [],\r\n \"Data\": [\r\n {\r\n \"LogonName\": \"Contractors-D\",\r\n \"NetBiosName\": \"Docs-Tracking-Only\",\r\n \"FriendlyName\": \"Contractors-D\",\r\n \"Description\": \"Contractors-D\",\r\n \"GroupTypeName\": \"Generic Group\",\r\n \"AllowJoinRequests\": false,\r\n \"IsHighSecurityGroup\": false,\r\n \"RiskFactorTotal\": 0,\r\n \"PreventExternalMembershipChanges\": false,\r\n \"Email\": null,\r\n \"DistinguishedName\": \"CN=e4983fd8-4253-45ca-984f-5ce8ac165141,DC=Docs-Tracking-Only\",\r\n \"ResourceID\": 1474023,\r\n \"GroupID\": 750079,\r\n \"ResourceGUID\": null,\r\n \"ValidUntil\": null,\r\n \"IsMailEnabled\": false,\r\n \"Notes\": null,\r\n \"RiskFactorLastCalculated\": \"2022-04-11T20:35:18.5\",\r\n \"ResourceTypeID\": 6,\r\n \"AuxAssigned\": null,\r\n \"AuxInherited\": null\r\n },\r\n {\r\n \"LogonName\": \"D-Consultant-BOS\",\r\n \"NetBiosName\": \"Docs Tracking\",\r\n \"FriendlyName\": \"D-Consultant-BOS\",\r\n \"Description\": \"D-Consultant-BOS\",\r\n \"GroupTypeName\": \"Generic Group\",\r\n \"AllowJoinRequests\": true,\r\n \"IsHighSecurityGroup\": false,\r\n \"RiskFactorTotal\": 0,\r\n \"PreventExternalMembershipChanges\": false,\r\n \"Email\": null,\r\n \"DistinguishedName\": \"CN=cb6cc333-f817-4cd8-b7a6-5ebd602bd711,DC=Docs Tracking\",\r\n \"ResourceID\": 1397018,\r\n \"GroupID\": 746794,\r\n \"ResourceGUID\": null,\r\n \"ValidUntil\": null,\r\n \"IsMailEnabled\": false,\r\n \"Notes\": null,\r\n \"RiskFactorLastCalculated\": \"2022-04-11T20:35:18.5\",\r\n \"ResourceTypeID\": 6,\r\n \"AuxAssigned\": null,\r\n \"AuxInherited\": null\r\n },\r\n {\r\n \"LogonName\": \"Doc Test\",\r\n \"NetBiosName\": \"Docs Tracking\",\r\n \"FriendlyName\": \"Doc Test\",\r\n \"Description\": \"Doc Test for Group Classification..\",\r\n \"GroupTypeName\": \"Generic Group\",\r\n \"AllowJoinRequests\": true,\r\n \"IsHighSecurityGroup\": false,\r\n \"RiskFactorTotal\": 0,\r\n \"PreventExternalMembershipChanges\": false,\r\n \"Email\": null,\r\n \"DistinguishedName\": \"CN=33d32cc1-967a-4ae0-86b6-c31e183b26d2,DC=Docs Tracking\",\r\n \"ResourceID\": 677636,\r\n \"GroupID\": 745433,\r\n \"ResourceGUID\": null,\r\n \"ValidUntil\": null,\r\n \"IsMailEnabled\": false,\r\n \"Notes\": null,\r\n \"RiskFactorLastCalculated\": \"2022-04-11T20:35:18.5\",\r\n \"ResourceTypeID\": 6,\r\n \"AuxAssigned\": null,\r\n \"AuxInherited\": null\r\n },\r\n {\r\n \"LogonName\": \"dggroup\",\r\n \"NetBiosName\": \"Docs Tracking\",\r\n \"FriendlyName\": \"Docs Generic Group\",\r\n \"Description\": \"Docs Generic Group\",\r\n \"GroupTypeName\": \"Generic Group\",\r\n \"AllowJoinRequests\": true,\r\n \"IsHighSecurityGroup\": false,\r\n \"RiskFactorTotal\": 0,\r\n \"PreventExternalMembershipChanges\": false,\r\n \"Email\": null,\r\n \"DistinguishedName\": \"CN=4e9c0fe3-72bc-4638-bc22-10a90cba13a0,DC=Docs Tracking\",\r\n \"ResourceID\": 658673,\r\n \"GroupID\": 743201,\r\n \"ResourceGUID\": null,\r\n \"ValidUntil\": null,\r\n \"IsMailEnabled\": false,\r\n \"Notes\": \"Docs Generic Group\",\r\n \"RiskFactorLastCalculated\": \"2022-04-11T20:35:18.5\",\r\n \"ResourceTypeID\": 6,\r\n \"AuxAssigned\": null,\r\n \"AuxInherited\": null\r\n },\r\n {\r\n \"LogonName\": \"dgroup\",\r\n \"NetBiosName\": \"Docs Tracking\",\r\n \"FriendlyName\": \"Docs-Test-Domain-Group\",\r\n \"Description\": \"Docs-Test-Domain-Group\",\r\n \"GroupTypeName\": \"Generic Group\",\r\n \"AllowJoinRequests\": true,\r\n \"IsHighSecurityGroup\": false,\r\n \"RiskFactorTotal\": 0,\r\n \"PreventExternalMembershipChanges\": false,\r\n \"Email\": null,\r\n \"DistinguishedName\": \"CN=08ab4929-887a-4eeb-aab5-94da74768af0,DC=Docs Tracking\",\r\n \"ResourceID\": 681079,\r\n \"GroupID\": 745511,\r\n \"ResourceGUID\": null,\r\n \"ValidUntil\": null,\r\n \"IsMailEnabled\": false,\r\n \"Notes\": null,\r\n \"RiskFactorLastCalculated\": \"2022-04-11T20:35:18.5\",\r\n \"ResourceTypeID\": 6,\r\n \"AuxAssigned\": null,\r\n \"AuxInherited\": null\r\n }\r\n ],\r\n \"OutParameters\": [\r\n {\r\n \"Name\": \"totalCount\",\r\n \"Value\": 11\r\n }\r\n ]\r\n}"}]},{"type":"paragraph","content":[]}]},"icon":"bootstrap/FillCircleFill"},{"label":"401","id":"2","content":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"This error occurs when there is an issue with the access token."}]},{"type":"paragraph","content":[]}]},"icon":"bootstrap/FillCircleFill"},{"label":"500","id":"6a16m5mmd","content":{"version":1,"type":"doc","content":[{"type":"paragraph","content":[{"type":"text","text":"This error indicates that the API call included an invalid parameter."}]},{"type":"codeBlock","attrs":{"language":"json"},"content":[{"type":"text","text":"{\n {\n \"Message\": \"An error has occurred.\",\r\n \"ExceptionMessage\": \"The given key was not present in the dictionary.\"\n}"}]},{"type":"paragraph","content":[]}]},"icon":"bootstrap/FillCircleFill"}] |
Page Properties | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Account PropertiesThe below table includes Account Properties that can be added to
|
Div | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
IN THIS ARTICLE
|
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|