profiles

4 endpoints
POST/rest/profiles

Add custom profile

Creates a new custom user type profile cloned from an existing built-in profile (e.g., Standard). The new profile's name must be unique. Returns 404 if the specified prototype profile does not exist.

Parameters
Query Parameters
returnEntity
Optional
boolean

If set to true, returns information about the newly created entity.

mode
Optional
string

Determines the detail level of the response body.


Request Body
name
Required
string

Display name of the profile

prototype
integer

Id of the prototype profile to be cloned. If not passed, the Standard profile will be used


Responses

Custom profile created successfully.

id
Required
integer

Unique Profile identifier

name
Required
string

Display name of the profile

prototype
Required
integer

Prototype Profile identifier

builtIn
Required
integer

Indicates whether the profile is a built-in profile

cloneable
Required
integer

Indicates whether the profile can be used as a prototype for new custom profiles

allowSftp
boolean

Indicates whether SFTP access is allowed

maxStorage
integer

Max storage in bytes

linkExpiration
integer

Link expiration date in days

maxLinkExpiration
integer

Max time period of link expiration in hours

setExpirationLower
boolean

Enable user to set expiration date of the file they are sending

sendExternal
boolean

Allow user to send files to external users

acNoAuth
boolean

Allow user to send file to a user without their having to authenticate

folderCreate
Required
integer

Indicates whether the user is permitted to create top-level folders

allowedFolderRoles
Required
string[]

Role options allowed for user profile

sysFolderCreate
Required
integer

Indicates whether the user is permitted to create system quota folders

sysFolderMaxQuota
Required
integer

Max quota for a system quota folder

sysFolderMaxCount
Required
integer

Maximum number of system quota folder

sysFolderDefaultQuota
Required
integer

Default quota for a system quota folder

storageQuota
Required
integer

Maximum storage space allocated to the user, in bytes

ldapMapping
string

LDAP Mapping value to determine the user profile type

acVerifyRecipient
boolean

Who can download file via the secure link

acl
string[]

List of access control levels permitted for this user profile

defaultAcl
string

Default access control level applied when sending files for this user profile

mobileSyncItemsLimit
integer

Maximum files amount allowed to keep in mobile sync list

personalFolder
boolean

User can have personal folder

requireScanZipContentDefault
boolean

Indicates whether scanning compressed file content is required by default

blockNewFileTypesDefault
boolean

Indicates whether new or unspecified file types are blocked by default

excludedFileExtensions
string[]

Get list of excluded file extensions

fileFilterExclusionGroups
string[]

Get list of excluded file groups

fileFilterCustomFileTypes
string[]

Get list of custom file types

secureMessageBody
string
secureMessageBodyDefault
boolean
secureContainerRequired
boolean
returnReceipt
string
returnReceiptDefault
boolean
selfCopy
string
selfCopyDefault
boolean
includeFingerprint
string
includeFingerprintDefault
boolean
requestFile
boolean
requestFileAllowViewableFile
boolean
requestFileUploadAuth
string
requestFileAuthDefault
string
requestFileExpiration
integer
requestFileExpirationUserDecide
boolean
requestFileExpirationMax
integer
requestFileUploadLimit
integer
requestFileUploadLimitUserDecide
boolean
requestFileUploadsMax
integer
twoFactorAuth
string
inactiveExpiration
integer
userCanReactivate
string
cleanupInactiveAccount
boolean
withdrawInactiveAccountFileLinks
boolean
allowCollaboration
boolean

Indicates whether Collaboration and Shared Folders are allowed

allowLeavingSharedFolder
boolean

Indicates whether Collaboration and Shared Folders are allowed

sendFileLimit
integer

Upper limit allowed for number of attachments per mail.

remoteWipe
boolean
deleteUnsharedData
boolean
retainData
boolean
retainPermissionToSharedData
boolean
folderExpirationLimit
integer

Get profile max folder expiration

fileLifetime
integer

Get profile max file lifetime

Forbidden

Possible error codes: ERR_ACCESS_USER

code
string

Error code

message
string

Error message

Conflict

Possible error codes: ERR_ENTITY_EXISTS

code
string

Error code

message
string

Error message

Unprocessable Content

Possible error codes: ERR_INPUT_NOT_IN_RANGE, ERR_INPUT_NOT_ALPHA_DASH, ERR_INPUT_REQUIRED

code
string

Error code

message
string

Error message

Request blocked by WAF

Empty response body.
Shell
curl -X POST \
  "https://{instance}.kiteworks.com/rest/profiles" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "name": "string",
         "prototype": 1
       }'
Python
import requests

url = "https://{instance}.kiteworks.com/rest/profiles"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "name": "string",
  "prototype": 1
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())
Responses
{ "id": 5, "name": "Custom Standard", "builtIn": 0, "cloneable": 0, "prototype": 1 }
{ "errors": { "code": "ERR_ACCESS_USER", "message": "Insufficient access permissions" } }
{ "errors": { "code": "ERR_ENTITY_EXISTS", "message": "Entity exists" } }
{ "errors": { "code": "ERR_INPUT_REQUIRED", "message": "Field is required" } }
// Error - No Body
GET/rest/profiles/{id}

Return user type (profile) details

Returns the details of the current user's own type profile, including its name, built-in status, and cloneability. Returns 403 if the requested profile does not belong to the current user.

Parameters
Path Parameters
id
Required
integer

ID of the user type (profile) to be retrieved


Responses

User type profile details retrieved successfully.

id
Required
integer

Unique Profile identifier

name
Required
string

Display name of the profile

prototype
Required
integer

Prototype Profile identifier

builtIn
Required
integer

Indicates whether the profile is a built-in profile

cloneable
Required
integer

Indicates whether the profile can be used as a prototype for new custom profiles

allowSftp
boolean

Indicates whether SFTP access is allowed

maxStorage
integer

Max storage in bytes

linkExpiration
integer

Link expiration date in days

maxLinkExpiration
integer

Max time period of link expiration in hours

setExpirationLower
boolean

Enable user to set expiration date of the file they are sending

sendExternal
boolean

Allow user to send files to external users

acNoAuth
boolean

Allow user to send file to a user without their having to authenticate

folderCreate
Required
integer

Indicates whether the user is permitted to create top-level folders

allowedFolderRoles
Required
string[]

Role options allowed for user profile

sysFolderCreate
Required
integer

Indicates whether the user is permitted to create system quota folders

sysFolderMaxQuota
Required
integer

Max quota for a system quota folder

sysFolderMaxCount
Required
integer

Maximum number of system quota folder

sysFolderDefaultQuota
Required
integer

Default quota for a system quota folder

storageQuota
Required
integer

Maximum storage space allocated to the user, in bytes

ldapMapping
string

LDAP Mapping value to determine the user profile type

acVerifyRecipient
boolean

Who can download file via the secure link

acl
string[]

List of access control levels permitted for this user profile

defaultAcl
string

Default access control level applied when sending files for this user profile

mobileSyncItemsLimit
integer

Maximum files amount allowed to keep in mobile sync list

personalFolder
boolean

User can have personal folder

requireScanZipContentDefault
boolean

Indicates whether scanning compressed file content is required by default

blockNewFileTypesDefault
boolean

Indicates whether new or unspecified file types are blocked by default

excludedFileExtensions
string[]

Get list of excluded file extensions

fileFilterExclusionGroups
string[]

Get list of excluded file groups

fileFilterCustomFileTypes
string[]

Get list of custom file types

secureMessageBody
string
secureMessageBodyDefault
boolean
secureContainerRequired
boolean
returnReceipt
string
returnReceiptDefault
boolean
selfCopy
string
selfCopyDefault
boolean
includeFingerprint
string
includeFingerprintDefault
boolean
requestFile
boolean
requestFileAllowViewableFile
boolean
requestFileUploadAuth
string
requestFileAuthDefault
string
requestFileExpiration
integer
requestFileExpirationUserDecide
boolean
requestFileExpirationMax
integer
requestFileUploadLimit
integer
requestFileUploadLimitUserDecide
boolean
requestFileUploadsMax
integer
twoFactorAuth
string
inactiveExpiration
integer
userCanReactivate
string
cleanupInactiveAccount
boolean
withdrawInactiveAccountFileLinks
boolean
allowCollaboration
boolean

Indicates whether Collaboration and Shared Folders are allowed

allowLeavingSharedFolder
boolean

Indicates whether Collaboration and Shared Folders are allowed

sendFileLimit
integer

Upper limit allowed for number of attachments per mail.

remoteWipe
boolean
deleteUnsharedData
boolean
retainData
boolean
retainPermissionToSharedData
boolean
folderExpirationLimit
integer

Get profile max folder expiration

fileLifetime
integer

Get profile max file lifetime

Request blocked by WAF

Empty response body.
Shell
curl -X GET \
  "https://{instance}.kiteworks.com/rest/profiles/:id" \
  -H "Authorization: Bearer YOUR_TOKEN"
Python
import requests

id = "VALUE"  # ID of the user type (profile) to be retrieved

url = f"https://{{instance}}.kiteworks.com/rest/profiles/{id}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())
Responses
{ "id": 2, "name": "Restricted", "builtIn": 1, "cloneable": 0 }
// Error - No Body
PUT/rest/profiles/{id}

Update profile

Updates the feature settings of the specified user type profile. When disabling collaboration access, optional demotion settings control how existing user data is handled (retained, deleted, or transferred to another user).

Parameters
Path Parameters
id
Required
integer

ID of the profile to be modified


Request Body
allowSftp
boolean

Indicates whether SFTP access is allowed

maxStorage
integer

Max storage in bytes

storageQuota
integer

Maximum storage space that user is entitled to

setExpirationLower
boolean

Allow to modify file secure link expiration

sendExternal
integer

Allow sending files to external users

linkExpiration
integer

Link expiration date in days

ldapMapping
string

LDAP Mapping value to determine the user profile type

folderCreate
integer

Allow to create top level folders

sysFolderCreate
integer

Allow to create system quota folders

sysFolderMaxQuota
integer

Set the maximum quota for a system folder

sysFolderMaxCount
integer

Set the maximum number of system folders

sysFolderDefaultQuota
integer

Set the default quota for a system folder

maxLinkExpiration
integer

Upper limit allowed for secure link expiration

acNoAuth
boolean

Who can download file via the secure link

acVerifyRecipient
boolean

Who can download file via the secure link

excludedFileExtensions
string[]

Set excluded file extensions

fileFilterExclusionGroups
string[]

Set excluded file groups

fileFilterCustomFileTypes
string[]

Set custom file types

secureMessageBody
string
secureMessageBodyDefault
boolean
secureContainerRequired
boolean
returnReceipt
string
returnReceiptDefault
boolean
selfCopy
string
selfCopyDefault
boolean
includeFingerprint
string
includeFingerprintDefault
boolean
requestFile
boolean
requestFileAllowViewableFile
boolean
requestFileUploadAuth
string
requestFileAuthDefault
string
requestFileExpiration
integer
requestFileExpirationUserDecide
boolean
requestFileExpirationMax
integer
requestFileUploadLimit
integer
requestFileUploadLimitUserDecide
boolean
requestFileUploadsMax
integer
twoFactorAuth
string
inactiveExpiration
integer
userCanReactivate
string
cleanupInactiveAccount
boolean
withdrawInactiveAccountFileLinks
boolean
allowCollaboration
boolean

Indicates whether Collaboration and Shared Folders are allowed

sendFileLimit
integer

Upper limit allowed for number of attachments per mail.

remoteWipe
boolean

Disallow Collaboration: Wipe remote devices

deleteUnsharedData
boolean

Disallow Collaboration: Delete all data owned by the user

retainData
boolean

Disallow Collaboration: retain the data owned by the user

retainToUser
string

Disallow Collaboration: re-assign the data to the following user

retainPermissionToSharedData
boolean

Disallow Collaboration: retain all permission to shared data


Responses

Profile updated successfully.

id
Required
integer

Unique Profile identifier

name
Required
string

Display name of the profile

prototype
Required
integer

Prototype Profile identifier

builtIn
Required
integer

Indicates whether the profile is a built-in profile

cloneable
Required
integer

Indicates whether the profile can be used as a prototype for new custom profiles

allowSftp
boolean

Indicates whether SFTP access is allowed

maxStorage
integer

Max storage in bytes

linkExpiration
integer

Link expiration date in days

maxLinkExpiration
integer

Max time period of link expiration in hours

setExpirationLower
boolean

Enable user to set expiration date of the file they are sending

sendExternal
boolean

Allow user to send files to external users

acNoAuth
boolean

Allow user to send file to a user without their having to authenticate

folderCreate
Required
integer

Indicates whether the user is permitted to create top-level folders

allowedFolderRoles
Required
string[]

Role options allowed for user profile

sysFolderCreate
Required
integer

Indicates whether the user is permitted to create system quota folders

sysFolderMaxQuota
Required
integer

Max quota for a system quota folder

sysFolderMaxCount
Required
integer

Maximum number of system quota folder

sysFolderDefaultQuota
Required
integer

Default quota for a system quota folder

storageQuota
Required
integer

Maximum storage space allocated to the user, in bytes

ldapMapping
string

LDAP Mapping value to determine the user profile type

acVerifyRecipient
boolean

Who can download file via the secure link

acl
string[]

List of access control levels permitted for this user profile

defaultAcl
string

Default access control level applied when sending files for this user profile

mobileSyncItemsLimit
integer

Maximum files amount allowed to keep in mobile sync list

personalFolder
boolean

User can have personal folder

requireScanZipContentDefault
boolean

Indicates whether scanning compressed file content is required by default

blockNewFileTypesDefault
boolean

Indicates whether new or unspecified file types are blocked by default

excludedFileExtensions
string[]

Get list of excluded file extensions

fileFilterExclusionGroups
string[]

Get list of excluded file groups

fileFilterCustomFileTypes
string[]

Get list of custom file types

secureMessageBody
string
secureMessageBodyDefault
boolean
secureContainerRequired
boolean
returnReceipt
string
returnReceiptDefault
boolean
selfCopy
string
selfCopyDefault
boolean
includeFingerprint
string
includeFingerprintDefault
boolean
requestFile
boolean
requestFileAllowViewableFile
boolean
requestFileUploadAuth
string
requestFileAuthDefault
string
requestFileExpiration
integer
requestFileExpirationUserDecide
boolean
requestFileExpirationMax
integer
requestFileUploadLimit
integer
requestFileUploadLimitUserDecide
boolean
requestFileUploadsMax
integer
twoFactorAuth
string
inactiveExpiration
integer
userCanReactivate
string
cleanupInactiveAccount
boolean
withdrawInactiveAccountFileLinks
boolean
allowCollaboration
boolean

Indicates whether Collaboration and Shared Folders are allowed

allowLeavingSharedFolder
boolean

Indicates whether Collaboration and Shared Folders are allowed

sendFileLimit
integer

Upper limit allowed for number of attachments per mail.

remoteWipe
boolean
deleteUnsharedData
boolean
retainData
boolean
retainPermissionToSharedData
boolean
folderExpirationLimit
integer

Get profile max folder expiration

fileLifetime
integer

Get profile max file lifetime

Forbidden

Possible error codes: ERR_ACCESS_USER

code
string

Error code

message
string

Error message

Unprocessable Content

Possible error codes: ERR_INPUT_NOT_BOOLEAN, ERR_INPUT_ATTRIBUTE_FORBIDDEN, ERR_INPUT_REQUIRED, ERR_INPUT_NOT_STRING, ERR_INPUT_NOT_INTEGER, ERR_INPUT_MIN_VALUE, ERR_INPUT_NOT_IN_LIST, ERR_INPUT_MAX_VALUE, ERR_INPUT_NOT_LESS_THEN, ERR_INPUT_NOT_ALLOWED, ERR_INPUT_INVALID, ERR_INPUT_NOT_ARRAY

code
string

Error code

message
string

Error message

Request blocked by WAF

Empty response body.
Shell
curl -X PUT \
  "https://{instance}.kiteworks.com/rest/profiles/:id" \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
         "allowSftp": true,
         "maxStorage": 1,
         "storageQuota": 1,
         "setExpirationLower": true,
         "sendExternal": 1,
         "linkExpiration": 1
       }'
Python
import requests

id = "VALUE"  # ID of the profile to be modified

url = f"https://{{instance}}.kiteworks.com/rest/profiles/{id}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
    "Content-Type": "application/json",
}
payload = {
  "allowSftp": true,
  "maxStorage": 1,
  "storageQuota": 1,
  "setExpirationLower": true,
  "sendExternal": 1,
  "linkExpiration": 1
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())
Responses
{ "id": 1, "name": "Standard", "builtIn": 1, "cloneable": 1 }
{ "errors": { "code": "ERR_ACCESS_USER", "message": "Insufficient access permissions" } }
{ "errors": { "code": "ERR_INPUT_NOT_BOOLEAN", "message": "Input is not a valid boolean" } }
{ "errors": { "code": "ERR_INPUT_REQUIRED", "message": "Field is required" } }
{ "errors": { "code": "ERR_INPUT_NOT_INTEGER", "message": "Input is not a valid integer" } }
{ "errors": { "code": "ERR_INPUT_MIN_VALUE", "message": "The specified input below the minimum allowed value." } }
// Error - No Body
DELETE/rest/profiles/{id}/replace/{new_profile}

Delete custom profile and set new profile instead of deleted profile

Permanently deletes the specified custom profile and reassigns all affected users to the specified replacement profile. Optional demotion settings control how existing user data is handled during the transition.

Parameters
Path Parameters
id
Required
integer

ID of the custom profile to be deleted

new_profile
Required
integer

ID of the replacement profile to assign to affected users


Request Body
remoteWipe
boolean

Indicates whether to remotely wipe data from both desktop and mobile devices.

deleteUnsharedData
boolean

Indicates whether data owned by the user should be deleted. This is required and must be set to True if retainData is False, and vice versa.

retainData
boolean

Indicates whether data should be retained and transferred to another user. This is required and must be True if deleteUnsharedData is False, and vice versa.

retainToUser
string

The ID of the new owner to whom the data will be transferred, applicable when retainData and/or retainPermissionToSharedData are set to true.

retainToAdvancedFormUser
string

The ID of the user to whom the advanced form data will be transferred, similar to retainToUser but specifically for advanced form components.

retainPermissionToSharedData
boolean

Indicates whether permissions to shared folder should be retained.

withdrawRequestFiles
boolean

Indicates whether request files should be withdrawn.

withdrawFileLinks
boolean

Indicates whether sent files should be withdrawn.


Responses

Custom profile deleted successfully.

Empty response body.

Forbidden

Possible error codes: ERR_ACCESS_USER

code
string

Error code

message
string

Error message

Unprocessable Content

Possible error codes: ERR_INPUT_NOT_BOOLEAN, ERR_INPUT_ATTRIBUTE_FORBIDDEN, ERR_INPUT_REQUIRED, ERR_INPUT_NOT_STRING

code
string

Error code

message
string

Error message

Request blocked by WAF

Empty response body.
Shell
curl -X DELETE \
  "https://{instance}.kiteworks.com/rest/profiles/:id/replace/:new_profile" \
  -H "Authorization: Bearer YOUR_TOKEN"
Python
import requests

id = "VALUE"  # ID of the custom profile to be deleted
new_profile = "VALUE"  # ID of the replacement profile to assign to affected users

url = f"https://{{instance}}.kiteworks.com/rest/profiles/{id}/replace/{new_profile}"
headers = {
    "Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())
Responses
// Request successful - No Body
{ "errors": { "code": "ERR_ACCESS_USER", "message": "Insufficient access permissions" } }
{ "errors": { "code": "ERR_INPUT_NOT_BOOLEAN", "message": "Input is not a valid boolean" } }
{ "errors": { "code": "ERR_INPUT_REQUIRED", "message": "Field is required" } }
// Error - No Body