Conductor's User Management API
Product
Plan
What is my plan?
Conductor’s User Management API allows our users the flexibility to create and manage users in our platform through an API. This supports our customers who prefer to configure and manage users in their proprietary or third-party user access management systems.
Note!
Conductor provides APIs for several different uses across its Conductor Monitoring and Conductor Intelligence products. This article describes Conductor Monitoring's Reporting API. If you are looking for information about a different API offering, consider the following articles:
Benefits
- Centralized Management. A user management API allows for the centralized management of user accounts and access control. This means that user information can be maintained in one location, making it easier to manage and update.
- Integration. By providing a user management API, organizations can enable other applications to easily integrate with their user management system. This allows for a more seamless user experience, as users can use a single set of credentials to access multiple applications.
- Customization. A user management API can provide more flexibility and customization options for organizations, allowing them to tailor user management to their specific needs. For example, an organization might have unique requirements for user roles and permissions, which can be implemented through a custom user management API.
- Security. By centralizing user management and access control, a user management API can improve security by reducing the risk of unauthorized access or misuse of user data.
- Scalability. A user management API can also help to improve scalability, as it allows for the management of a large number of users and user accounts. By providing an API, organizations can more easily accommodate an increasing number of users and user-related requests.
Overall, using a user management API can provide significant value for organizations by streamlining user management, improving security, and enabling easier integration with other applications, while also improving their users’ experience.
What can I accomplish with Conductor's User Management API?
The User Management API let's your organization:
- Get lists of and details about your current users
- Create new users and update existing users' access
- Activate and deactivate existing users
Configure the User Management API
Note that whichever team you work with to build this connection will need Conductor credentials to access both the instructions linked above and the User Management API itself. Learn how to add users here.
User Management API (1.0.1, 2023-07-13)
Download OpenAPI specification:Download
This is Conductor’s REST API for user management.
We use a bearer token except for the login endpoint, which uses a username and password.
Application Identity
The application identity is a set of credentials used to interact with this API. These credentials must belong to a user configured separately, without SSO enabled, and with the Admin user type. Afterward, the Standard and Read-only users belonging to the same accounts may be managed through the API.
The Conductor platform has two different dimensions of permissions:
- User Type: Whether the user can write or read data only. This applies in general, not just single accounts. Conductor’s user types include: Admin, Standard, and Read-only.
- Accounts: Accounts grant access to specific sets of data.
There are two operations to manage these two dimensions separately.
Log in with a Conductor username and password
Login operation to obtain a token (jwt).
Request Body schema: application/json
Login credentials of the application Identity.
| password | string |
| username | string |
Responses
Request samples
- Payload
{- "password": "string",
- "username": "string"
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "accessToken": "abc",
- "expiresIn": 86400,
- "idToken": "abc",
- "refreshToken": "abc"
}Note: Only Standard and Read-only users may be created, updated, or otherwise managed with this API. The User List endpoint includes Admin users, but they cannot be managed with this API.
Get a List of Available Accounts
Returns a list of the accounts your authenticated service has access to. These are the accounts that can be assigned to the users you manage with this API.
Authorizations:
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
[- {
- "name": "Account 1",
- "account_id": 1,
- "creation_date": "2019-08-24T14:15:22Z"
}
]Get a List of All users
Returns the list of users associated with the same accounts as the authenticated user. Both active and inactive users are returned.
Authorizations:
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
[- {
- "accounts": [
- 1,
- 2,
- 3
], - "email": "user@example.com",
- "firstname": "User",
- "lastname": "User",
- "sso_access": true,
- "type": "READ_ONLY",
- "view": "CONTENT_MARKETING",
- "status": "ACTIVE"
}
]Create a user
Creates a user.
- The type
ADMINcannot be created - In most cases, the view parameter should be set to
COMPLETE. Refer to Conductor’s Knowledge Base to learn more about role-based user views. - Some public email providers (such as Gmail) are not allowed. You will get a
HTTP 400error.
If you try to re-create an existing user, the resource will respond with error 409.
Authorizations:
query Parameters
| send_email | boolean Default: false Set to true if welcome email should be sent |
Request Body schema: application/json
The user to create
| accounts required | Array of integers |
| email required | string |
| firstname required | string |
| lastname required | string |
| sso_access required | boolean |
| type required | string Enum: "READ_ONLY" "STANDARD" "ADMIN" User type, |
| view required | string Enum: "CONTENT_MARKETING" "SEARCH_MARKETING" "EXECUTIVE_ESSENTIALS" "PAID_SEARCH" "RESEARCH" "COMPLETE" |
| status | string Default: true Enum: "ACTIVE" "INACTIVE" Whether the user is active or inactive. Not required when creating a user. |
Responses
Request samples
- Payload
{- "accounts": [
- 0
], - "email": "string",
- "firstname": "string",
- "lastname": "string",
- "sso_access": true,
- "type": "STANDARD",
- "view": "CONTENT_MARKETING"
}Response samples
- 201
- 400
- 401
- 403
- 404
- 409
- 500
{- "accounts": [
- 0
], - "email": "string",
- "firstname": "string",
- "lastname": "string",
- "sso_access": true,
- "type": "READ_ONLY",
- "view": "CONTENT_MARKETING",
- "status": "ACTIVE"
}Get Access Information about a User
Get access information about a single user, including:
- Accounts they have access to
- Email address
- First and last name
- SSO access
- User type
- User view in Conductor
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
], - "email": "user@example.com",
- "firstname": "User",
- "lastname": "User",
- "sso_access": true,
- "type": "STANDARD",
- "view": "COMPLETE",
- "status": "ACTIVE"
}Get a list of a User’s Existing Access to Conductor Accounts
Returns the list of accounts a user has access to.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Replace a User’s Access to Conductor Accounts
Completely replaces the list of accounts a user has access to with the given list. It is only possible to assign accounts that are already owned by the application identity.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
Request Body schema: application/json
The list of accounts the user has access to after the operation.
| accounts | Array of integers |
Responses
Request samples
- Payload
{- "accounts": [
- 1,
- 2,
- 3
]
}Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Add or remove Accounts to the List of Accounts a user can access.
Depending on the value of the parameter removal add or remove accounts from a users' list of
accounts they can access.
Adding an existing account has no effect, removing a non-existing account will be ignored.
It is only possible to assign accounts that are already owned by the application identity.
Examples:
- A user has access to accounts
1and2before and wePUT[2,3], they will have access to1,2and3after the operation is completed. - A user has access to accounts
1and2before and wePUT removal=true[2,3], they will have access to1only after the operation is completed.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
query Parameters
| removal | boolean Default: false True if access is to be removed |
Request Body schema: application/json
The list of accounts to either remove or add.
| accounts | Array of integers |
Responses
Request samples
- Payload
{- "accounts": [
- 1,
- 2
]
}Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Update a User’s Existing Access to a Conductor Account
- Grant access to an account (using no query parameter, or entering
removal=false) - Remove access form an account (using query parameter
removal=true)
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
| accountId required | integer >= 0 Example: 1 An account ID, can be retrieved from the Accounts endpoint |
query Parameters
| removal | boolean Default: false True if access is to be removed |
Request Body schema: application/json
An empty body
Responses
Request samples
- Payload
{ }Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Add a Conductor account to a user’s set of accessible accounts
Grant a user access to an account.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
| accountId required | integer >= 0 Example: 1 An account ID, can be retrieved from the Accounts endpoint |
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Remove a Conductor account from a user’s set of accessible accounts
Remove account access from a user.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
| accountId required | integer >= 0 Example: 1 An account ID, can be retrieved from the Accounts endpoint |
Responses
Response samples
- 200
- 401
- 403
- 404
- 500
{- "accounts": [
- 1,
- 2,
- 3
]
}Activate or Deactivate a user
Modify the status of a user. Inactive users are no longer visible, have no access, but will not be deleted. They can later be reactivated using this same endpoint.
If you try to re-create an existing user, the Users endpoint will respond with error 409.
This endpoint can be used to activate the user.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
Request Body schema: application/json
| status | string Enum: "ACTIVE" "INACTIVE" |
Responses
Request samples
- Payload
{- "status": "ACTIVE"
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "status": "INACTIVE"
}Modify a User’s User Type
You can change a user between STANDARD and READ_ONLY.
This either enables the user to make changes to all data in their accounts or only read.
This is set at the level of all accounts, it cannot be changed for single accounts.
Authorizations:
path Parameters
| userEmail required | string Example: user@example.com The user’s email |
Request Body schema: application/json
| type | string Enum: "STANDARD" "READ_ONLY" |
Responses
Request samples
- Payload
{- "type": "STANDARD"
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
{- "type": "STANDARD"
}