Get a User by UPN (SAML)

{ getUserBySamlPrincipalName }

Get a user using the SAML Principal Name (UPN)

Method

/API2/access/getUserBySamlPrincipalName

  • API Section: /API2/access
  • API Version: 2.0
  • From Release: 2018.5
  • Method operates via POST actions only.
  • Input Parameters

    Name

    PrincipalName

    Type

    string

    Description

    The user's UPN

    Output Response

    Successful Result Code

    200

    Response Type

    Description of Response Type

    The user object contains all relevant meta-data for the user.

    Notes

    Use this function to find users in the system using the SAML UPN, rather than the user's name or other details.

    Examples
    Create new SAML user (JavaScript):

    This example demonstrates how to create a new tenant, user and roles in Pyramid, when using SAML based authentication.

    The example uses API authentication driven from JavaScript. See Authentication APIs for alternatives.

    // URL of the Pyramid installation and the path to the API 2.0 REST methods
    var pyramidURL = "http://mysite.com/api2/";
    
    // step 1: authenticate admin account and get token
    // NOTE: callApi method is a generic REST method shown below.
    let token = callApi("auth/authenticateUser",{
    	"data":{
    		"userName":"adminUser",
    		"password":"abc123!"
    	}
    },false);
    log("got token "+token);
    
    // step 2: creating a SAML user
    let userId="83e631f5-98ca-4424-a696-33e109690ffb"
    
    let createSamlUsers = callApi("access/createSamlUser",{
    	"newSamlUser": {
    		"id":userId,//you can set the user id to a specific valid GUID/UUID. Otherwise a GUID will be auto generated
    		"samlprincipleName":"user@samlDomain.com",//this is the SAML user ID provided by the saml provider
    		"firstName": "john",
    		"lastName":"doe",
    		"adminType":0,//AdminType.None
    		"clientLicenseType":100,//ClientLicenseType.Viewer
    		"email":"user@mySite.com",
    	},
    	"auth": token // admin token generated above
    });
    
    // step 3: optional step to update user's first name
    let updateUser=callApi("access/updateSamlUsers",{
    	"updateUser":[{
    		"id":userId,
    		"firstName":"Paul"
    	}],
    	"auth": token // admin token generated above
    });
    
    
    //step 4: find user by SAML principle name
    let getByPrincipalName=callApi("access/getUserBySamlPrincipalName",{
    	"PrincipalName":"user@samlDomain.com", //this is the SAML user ID provided by the saml provider
    	"auth": token 
    });
    
    //step 5: get user status by id
    let userStatus=callApi("access/getUserStatusById",{
    	"userId": userId,
    	"auth": token
    });
    log("user status "+userStatus);
    
    
    
    
    // ##### optional generic logging method for debugging ##############
    function log(msg){
    	document.write(msg);
    	console.log(msg);
    }
    
    // ##### generic REST API calling method ##############
    function callApi(path,data,parseResult=true){
    	var xhttp = new XMLHttpRequest();
    	xhttp.open("POST", pyramidURL+path, false);
    	xhttp.send(JSON.stringify(data));
    	if(parseResult){
    		return JSON.parse(xhttp.responseText);
    	}else{
    		return xhttp.responseText;
    	}
    }