Deletes Users
Mark the specified users as deleted. The size of request User UUID is limited (recommend <= 100)
List of user IDs to delete.
The ID of the new owner to whom the data will be transferred, applicable when retainData and/or retainPermissionToSharedData are set to true.
The ID of the user to whom the advanced form data will be transferred, similar to retainToUser but specifically for advanced form components.
Indicates whether to remotely wipe data from both desktop and mobile devices.
Indicates whether data owned by the user should be deleted. This is required and must be set to True if retainData is False, and vice versa.
Indicates whether data should be retained and transferred to another user. This is required and must be True if deleteUnsharedData is False, and vice versa.
Indicates whether permissions to shared folders should be retained.
Indicates whether files sent by deleted or demoted users should be withdrawn.
Indicates whether request files sent by deleted or demoted users should be withdrawn.
If set to true, the operation will continue for the valid items even if some items result in failure.
Determines the detail level of the response body.
Specified users marked as deleted.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_NOT_BOOLEAN, ERR_INPUT_ATTRIBUTE_FORBIDDEN, ERR_INPUT_REQUIRED, ERR_INPUT_NOT_STRING
Error code
Error message
Request blocked by WAF
curl -X DELETE \
"https://{instance}.kiteworks.com/rest/users?id:in=VALUE" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
params = {
"id:in": "VALUE",
}
response = requests.delete(url, params=params, headers=headers)
print(response.json())User login
Handles user login by accepting the user credentials (username and password).
The username of the user attempting to log in.
The password of the user. It must be kept confidential and securely stored.
The URL that referred the user to this login action.
Login successful. Returns a redirect URL and success status.
Indicates whether the login was successful. Always true on a successful response.
The URL to redirect to for the next step in the authentication flow.
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/actions/login" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "string",
"password": "string",
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/actions/login"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"username": "string",
"password": "string",
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Updates token state
Updates current session state to be not outdated any more
Token state updated successfully
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/users/aliveToken" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/aliveToken"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.put(url, headers=headers)
print(response.json())Find users in LDAP by input supplied
Searches the configured LDAP directory for users matching the supplied search criteria.
The user's email or name
With parameters
Determines the detail level of the response body.
Returns users found in LDAP matching the supplied search criteria.
User's email
Users's display name
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/ldapSearch?value=VALUE" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/ldapSearch"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
params = {
"value": "VALUE",
}
response = requests.get(url, params=params, headers=headers)
print(response.json())Retrieve details of the currently logged-in user
Fetches the details of the currently authenticated user, including their email address and name.
Returns the details of the currently authenticated user.
The unique identifier of the user
The unique identifier of the user's root Kiteworks directory.
Date and time the user account was created
The user's email
The unique identifier of the user's mydir system directory.
The name of the user
The unique identifier of the user's 'My Folder'.
The unique identifier of the user type (profile).
Indicates whether the user is an internal user
URL to the user's profile icon image
Indicates whether the user is an External Distribution List
Key name of the custom metadata attribute associated with the user
Value assigned to the custom metadata attribute for the user
The ID of the admin role assigned to the user.
HATEOAS links associated with the entity
Name of the Kiteworks service instance the user is connected to
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Update the current user's details
Updates the details of the currently authenticated user. For example, change their name or password.
The user's password
The user's previous password
The user's name
Currently authenticated user details updated successfully. Returns the updated user object.
The unique identifier of the user
The unique identifier of the user's root Kiteworks directory.
Date and time the user account was created
The user's email
The unique identifier of the user's mydir system directory.
The name of the user
The unique identifier of the user's 'My Folder'.
The unique identifier of the user type (profile).
Indicates whether the user is an internal user
URL to the user's profile icon image
Indicates whether the user is an External Distribution List
Key name of the custom metadata attribute associated with the user
Value assigned to the custom metadata attribute for the user
The ID of the admin role assigned to the user.
HATEOAS links associated with the entity
Name of the Kiteworks service instance the user is connected to
Unprocessable Content
Possible error codes: ERR_INPUT_PASSWORD_COMPLEXITY_ERROR
Error code
Error message
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/users/me" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"password": "string",
"previousPassword": "string",
"name": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"password": "string",
"previousPassword": "string",
"name": "string"
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())Change the password for current user after expired
Change the password for current user after password expired
The user's password
The user's previous password
referral
Password changed successfully. Returns a redirect URL for the next step in the authentication flow.
The URL to redirect to for the next step in the flow.
Unprocessable Content
Possible error codes: ERR_INPUT_PASSWORD_COMPLEXITY_ERROR, ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/forcedPasswordChange" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"password": "string",
"previousPassword": "string",
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/forcedPasswordChange"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"password": "string",
"previousPassword": "string",
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Update mobile number of the current user
Updates the mobile number used for two-factor authentication for the current user. Requires the user's current password for verification. When the test-only flag is set, sends a test SMS to the provided number without saving it and returns an empty 200 response.
The current password of the user
The user's new mobile number
If true, a short message will be sent to the number, and the number will not be saved
Mobile number updated successfully. Returns the updated user settings.
Language identifier of the user the settings represent
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Storage used by the user across the folders they own
Storage quota allocated to the user across all the folders they own
Encrypted key store data used by the mobile client for secure operations
User's mobile number
Indicates whether the mobile number is verified
HATEOAS links associated with the entity
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED, ERR_INPUT_INVALID_FORMAT
Error code
Error message
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/users/me/mobileNumber" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"password": "string",
"mobileNumber": "string",
"testOnly": true
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/mobileNumber"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"password": "string",
"mobileNumber": "string",
"testOnly": true
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())Retrieve user quota
Description:
Retrieves the current user's quota details, including send quota and folder storage quota.Precondition:
The user profile must have "Collaboration Allowed" enabled or have mail access.Response:
Returns the user's quota information.Limit the quota response to a specific quota type.send – Returns send quota usage only.folder – Returns folder storage quota only.
If omitted, both send and folder quota details are returned.
The user quota is successfully retrieved.
The allowed send quota for the user.
The amount of send quota used by the user.
The allowed folder quota for the user.
The amount of folder quota used by the user.
Current number of system folders.
Maximum allowed number of system folders.
List of available quota options per folder.
Default quota assigned to each folder.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Not Found
Possible error codes: ERR_ENTITY_NOT_FOUND
Error code
Error message
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/quota" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/quota"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Two Factor Authentication
Submits the user's Two-Factor Authentication (TFA) passcode to complete the TFA step of the login flow. Returns a redirect URL on success, or a new challenge message if the TFA module requires an additional round of authentication.
OTP
referral
remember device
Two Factor Authentication completed. Returns either a redirectUrl string on success or a challengeMsg string if an additional challenge is required.
The URL to redirect to for the next step in the authentication flow. Present when TFA is accepted; mutually exclusive with challengeMsg.
A message from the TFA module to display to the user (for example, instructions to check their phone). Present when a challenge is in progress; mutually exclusive with redirectUrl.
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/tfa/auth" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"otp": "string",
"referral": "string",
"rememberDevice": true
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/auth"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"otp": "string",
"referral": "string",
"rememberDevice": true
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Two Factor Authentication
Initiates a Two-Factor Authentication (TFA) challenge for the current login session. For challenge-response modules, triggers passcode delivery (for example, via SMS or push notification) and returns a challenge message. If the TFA module accepts immediately, returns a redirect URL to advance the login flow.
Referral URL
Two Factor Authentication challenge initiated successfully. Returns either a challengeMsg string or a redirectUrl string depending on the authentication flow.
The URL to redirect to for the next step in the authentication flow. Present when TFA is accepted; mutually exclusive with challengeMsg.
A message from the TFA module to display to the user (for example, instructions to check their phone). Present when a challenge is in progress; mutually exclusive with redirectUrl.
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/tfa/challenge" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/challenge"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.post(url, headers=headers)
print(response.json())Two Factor Authentication
Returns the Two-Factor Authentication (TFA) configuration for the current login session, including the module name, passcode field labels, and device-remembering settings. For SMSOTP modules, also includes the user's registered mobile number and whether the number can be changed.
Two Factor Authentication configuration retrieved successfully.
The name of the active Two-Factor Authentication (TFA) module.
The label to display for the passcode input field.
A description of the passcode input field.
The label for the rechallenge action.
Indicates whether the password should be sent along with the challenge request.
A message to display to the user while waiting for the challenge response.
A message to display when prompting the user to rechallenge.
Indicates whether the remember device feature is enabled for this user.
Indicates whether the passcode input should be masked.
The user's mobile number. Present only when the TFA module is SMSOTP.
Indicates whether the user is allowed to change their mobile number. Present only when the TFA module is SMSOTP.
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/tfa/config" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/config"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Reset secret key for time-based OTP of the current user
Resets the TOTP secret key for the current user. Requires the user's current password. When called without an OTP, generates a new secret and returns setup details including a QR code. When called with an OTP, verifies the new secret and completes the reset.
The user's password
OTP to verify the new secret
Returns TOTP setup details when initiating the reset, or a verification result when confirming with an OTP.
The username associated with the TOTP secret.
The issuer name used in the TOTP URI, typically the server hostname.
The base32-encoded TOTP secret key to be stored in the authenticator app.
A base64-encoded QR code image encoding the TOTP URI for scanning with an authenticator app.
Optional first setup instruction. Only present when provided by the authentication backend.
Optional second setup instruction. Only present when provided by the authentication backend.
Unprocessable Content
Possible error codes: ERR_INPUT_PASSWORD_COMPLEXITY_ERROR, ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/tfa/resetTotpSecret" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"password": "string",
"otp": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/resetTotpSecret"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"password": "string",
"otp": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Setup secret key for Time-based OTP of the current user
Generates a new Time-based One-Time Password (TOTP) secret for the current user and returns the secret key along with a QR code for scanning with an authenticator app. Only available during the TFA setup login state and only if the user does not already have a TOTP secret registered.
TOTP secret setup initiated successfully. Returns the username, issuer, secret key, QR code image, and optional setup instructions.
The username associated with the TOTP secret.
The issuer name used in the TOTP URI, typically the server hostname.
The base32-encoded TOTP secret key to be stored in the authenticator app.
A base64-encoded QR code image encoding the TOTP URI for scanning with an authenticator app.
Optional first setup instruction. Only present when provided by the authentication backend.
Optional second setup instruction. Only present when provided by the authentication backend.
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/tfa/setupTotpSecret" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/setupTotpSecret"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Verify code for finalising secret key for Time-based OTP
Verifies the one-time passcode generated by the user's authenticator app to confirm that the new TOTP secret was registered correctly. On success, advances the session to the next step in the authentication flow, skipping a redundant TFA step if one is pending.
OTP
referral
TOTP secret verified successfully. Returns a redirectUrl string for the next step in the authentication flow.
The URL to redirect to for the next step in the flow.
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/tfa/verifyTotpSecret" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"otp": "string",
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfa/verifyTotpSecret"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"otp": "string",
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Setup 2FA settings
Sets the mobile number for the current user's two-factor authentication setup. Only valid when the user's login state is TFA setup. Returns a redirect URL pointing to the next step in the authentication flow.
OTP
referral
remember device
2FA settings updated successfully. Returns a redirect URL for the next step in the authentication flow.
The URL to redirect to for the next step in the flow.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/users/me/tfaSetup" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"otp": "string",
"referral": "string",
"rememberDevice": true
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tfaSetup"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"otp": "string",
"referral": "string",
"rememberDevice": true
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())Terms of Service
Returns the Terms of Service configuration for the currently authenticated user's profile, including the TOS content, acceptance text, and whether acceptance is required.
Terms of Service retrieved successfully. Returns the TOS type, content, acceptance text, occurrence, and whether acceptance is required.
The type of Terms of Service.
The full Terms of Service content.
The text to display on the acceptance button or checkbox.
How often the Terms of Service is shown to the user.
Indicates whether the user is required to accept the Terms of Service.
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/tos" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tos"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Terms of Service
Records the current user's acceptance or rejection of the Terms of Service. In the standard login flow, advances the session to the next authentication step and returns a redirect URL. In OTP login mode, returns an empty 200 response.
accept
referral
Terms of Service acceptance recorded successfully. Returns a redirectUrl string for the next step in the authentication flow. In OTP login mode, returns an empty response.
The URL to redirect to for the next step in the flow.
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/tos" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"accept": true,
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/tos"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"accept": true,
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())User login preauth
User login preauth.
username
referral
Pre-authentication check completed successfully. Returns the next step in the login flow, either a redirect URL or a signal to show a password field.
The username used for preauth.
The URL to redirect to. Present when type is redirect, null when type is password.
The next step in the login flow. Accepted values: password (show a password field), redirect (redirect the user to redirectUrl).
Whether the login flow requires OTP authentication.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/preauth" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "string",
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/preauth"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"username": "string",
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Register a User
Registers a new User in the system by specifying an email address and password.
User's email
Password
Ref link
activation code
Special handling for redirect (sharedfiles)
Registration initiated successfully. A notification email has been sent to the user depending on their account state.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_INVALID_EMAIL, ERR_INPUT_REQUIRED, ERR_INPUT_PASSWORD_COMPLEXITY_ERROR
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/register" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "string",
"password": "string",
"link": "string",
"activationCode": "string",
"redirect": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/register"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"email": "string",
"password": "string",
"link": "string",
"activationCode": "string",
"redirect": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Request for password reset
Request for password reset of existing user
User's email
Password reset request processed. A notification email may have been sent depending on the account state. Always returns 204 regardless of whether the email address exists.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_INVALID_EMAIL, ERR_INPUT_REQUIRED
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/requestPasswordReset" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/requestPasswordReset"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"email": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Reset password
Reset password of an existing user
The password reset link
Password
Password reset request processed. A notification email may have been sent depending on the account state.
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_REQUIRED, ERR_INPUT_PASSWORD_COMPLEXITY_ERROR
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/resetPassword" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"link": "string",
"password": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/resetPassword"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"link": "string",
"password": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Uploads a profile image
Uploads an image file to use as profile image
The unique identifier of the user.
The binary content of the file.
Profile image uploaded successfully.
Language identifier of the user the settings represent
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Storage used by the user across the folders they own
Storage quota allocated to the user across all the folders they own
Encrypted key store data used by the mobile client for secure operations
User's mobile number
Indicates whether the mobile number is verified
HATEOAS links associated with the entity
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/:id/profileImage" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"body": "string"
}'import requests
id = "VALUE" # The unique identifier of the user.
url = f"https://{{instance}}.kiteworks.com/rest/users/{id}/profileImage"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"body": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Deletes a profile image
Deletes the user's current profile image.
The unique identifier of the user.
Profile image deleted successfully.
Language identifier of the user the settings represent
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Storage used by the user across the folders they own
Storage quota allocated to the user across all the folders they own
Encrypted key store data used by the mobile client for secure operations
User's mobile number
Indicates whether the mobile number is verified
HATEOAS links associated with the entity
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X DELETE \
"https://{instance}.kiteworks.com/rest/users/:id/profileImage" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # The unique identifier of the user.
url = f"https://{{instance}}.kiteworks.com/rest/users/{id}/profileImage"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())Get User Settings
Returns the settings for the specified user, including language preference, location, email signature, storage usage, and mobile number. Users can only retrieve their own settings.
ID of the user to retrieve settings for
User settings returned successfully.
Language identifier of the user the settings represent
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Storage used by the user across the folders they own
Storage quota allocated to the user across all the folders they own
Encrypted key store data used by the mobile client for secure operations
User's mobile number
Indicates whether the mobile number is verified
HATEOAS links associated with the entity
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/:id/settings" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # ID of the user to retrieve settings for
url = f"https://{{instance}}.kiteworks.com/rest/users/{id}/settings"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Update User Settings
Updates the settings for the specified user, including language preference, location, email signature, and timezone. Users can only update their own settings. Returns 400 if the location cannot be changed because it is managed by an LDAP/SSO mapping.
ID of the user to update settings for
Language identifier for user settings
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Encrypted key store data used by the mobile client for secure operations
Indicates whether HATEOAS links should be included in the response
User settings updated successfully.
Language identifier of the user the settings represent
Location identifier for user settings. User's personal default location for file send and uploads
Email message signature
Storage used by the user across the folders they own
Storage quota allocated to the user across all the folders they own
Encrypted key store data used by the mobile client for secure operations
User's mobile number
Indicates whether the mobile number is verified
HATEOAS links associated with the entity
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X PUT \
"https://{instance}.kiteworks.com/rest/users/:id/settings" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"languageId": 1,
"locationId": 1,
"signature": "string",
"mobileKeyStore": "string",
"addLinks": true
}'import requests
id = "VALUE" # ID of the user to update settings for
url = f"https://{{instance}}.kiteworks.com/rest/users/{id}/settings"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"languageId": 1,
"locationId": 1,
"signature": "string",
"mobileKeyStore": "string",
"addLinks": true
}
response = requests.put(url, headers=headers, json=payload)
print(response.json())Return user's recent items
Description:
Retrieves the current user's recently accessed files and folders.Precondition:
The user profile must have "Collaboration Allowed" enabled.Response:
Returns the list of the user's recently accessed items.If true, includes the entity in the response body.
Specifies additional fields to include in the response.
Determines the detail level of the response body.
Filter recent items by object type. Accepts a list of type values.d – Directories (folders) only.f – Files only.
If omitted, both files and folders are returned.
Request successfully processed and recent items returned.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/recent" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/recent"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Add objects to user's recent items
Description:
Records one or more files or folders as recently accessed for the current user.Precondition:
User must be authenticated.Response:
The provided objects are added to the user's recent items list.List of recently accessed objects to record, each containing an object UUID and last-accessed timestamp.
All recent items were successfully recorded.
Some recent items were recorded successfully while others failed.
Bad Request
Possible error codes: ERR_REQUEST_INVALID_JSON
Error code
Error message
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INVALID_PARAMETER
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/recent" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"objects": [
{
"id": "string",
"lastAccessed": "2024-01-15"
}
]
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/recent"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"objects": [
{
"id": "string",
"lastAccessed": "2024-01-15"
}
]
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Delete a user's recent item
Description:
Removes the specified object from the current user's recent items list.Precondition:
User must be authenticated.Response:
The item is removed from the user's recent items.The unique identifier of the entity.
The recent item was successfully removed.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Request blocked by WAF
curl -X DELETE \
"https://{instance}.kiteworks.com/rest/users/me/recent/:id" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
id = "VALUE" # The unique identifier of the entity.
url = f"https://{{instance}}.kiteworks.com/rest/users/me/recent/{id}"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())Pin items for the current user
Description:
Pins the specified entities to the current user's pinned list.Precondition:
User must be authenticated.Response:
The specified items are pinned.List of entity IDs to pin or unpin.
The type of entity being pinned or unpinned.source – An external content source.
The items were successfully pinned.
Bad Request
Possible error codes: ERR_REQUEST_INVALID_JSON
Error code
Error message
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_ACCESS_USER
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INVALID_PARAMETER
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/pins" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"ids": [
"string"
],
"type": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/pins"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"ids": [
"string"
],
"type": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Unpin items for the current user
Description:
Removes the specified entities from the current user's pinned list.Precondition:
User must be authenticated.Response:
The specified items are unpinned.List of entity IDs to pin or unpin.
The type of entity being pinned or unpinned.source – An external content source.
The items were successfully unpinned.
Bad Request
Possible error codes: ERR_REQUEST_INVALID_JSON
Error code
Error message
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INVALID_PARAMETER
Error code
Error message
Request blocked by WAF
curl -X DELETE \
"https://{instance}.kiteworks.com/rest/users/me/pins" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/pins"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.delete(url, headers=headers)
print(response.json())Check emails for LDAP distribution list status
Description:
Checks whether the provided email addresses correspond to LDAP distribution lists rather than individual users.Precondition:
User must be authenticated.Response:
Returns each email address along with a flag indicating whether it is an LDAP distribution list.Comma-separated list of email addresses to check for LDAP distribution list status.
The distribution list status for each email has been successfully returned.
Email address of the distribution list or individual contact.
Indicates whether the entry is a distribution list.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_ACCESS_DENIED, ERR_ACCESS_USER
Error code
Error message
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/actions/getDistributionList?email:in=VALUE" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/actions/getDistributionList"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
params = {
"email:in": "VALUE",
}
response = requests.get(url, params=params, headers=headers)
print(response.json())Get concurrent session challenge
Description:
Returns information about the existing concurrent session that must be resolved before the current login can proceed.Precondition:
User must be in the `concurrent` login state.Response:
Returns the concurrent session details required to complete the challenge.The concurrent session challenge details have been successfully returned.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_AUTH_WRONG_LOGIN_STATE, ERR_CONCURRENT_NOT_FOUND
Error code
Error message
Request blocked by WAF
curl -X GET \
"https://{instance}.kiteworks.com/rest/users/me/concurrent/challenge" \
-H "Authorization: Bearer YOUR_TOKEN"import requests
url = "https://{instance}.kiteworks.com/rest/users/me/concurrent/challenge"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
}
response = requests.get(url, headers=headers)
print(response.json())Resolve a concurrent session challenge
Description:
Resolves a concurrent login challenge by either terminating the existing session or cancelling the current login attempt.Precondition:
User must be in the `concurrent` login state.Response:
Returns the login result after the concurrent session challenge is resolved.If true, terminates the existing concurrent session and proceeds with the current login. If false, cancels the current login attempt.
The referral token from the concurrent session challenge, used to identify the session to terminate.
The concurrent session challenge was successfully resolved.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_AUTH_WRONG_LOGIN_STATE
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/users/me/concurrent/auth" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"terminate": true,
"referral": "string"
}'import requests
url = "https://{instance}.kiteworks.com/rest/users/me/concurrent/auth"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"terminate": true,
"referral": "string"
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Bulk import users via CSV file
Overview:
Import users in bulk using a CSV file.Precondition:
The user must be an administrator with access to `User Management`.Response:
The users will be either created or updated.The CSV file containing the users to be imported.
If true, existing users will be updated with the new settings.
If true, a notification email will be sent to each newly created user.
If true, only validated users will be imported, while others will be rejected.
Users have been successfully imported.
Number of users successfully added.
Number of users successfully updated.
List of user emails that failed during import.
Unique identifier for the error.
Description of the error.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_ACCESS_ADMIN
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_INVALID_FORMAT, ERR_INVALID_ARGUMENT
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/admin/users/actions/import" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"content": "string",
"updateIfExists": true,
"sendNotification": true,
"partialSuccess": true
}'import requests
url = "https://{instance}.kiteworks.com/rest/admin/users/actions/import"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"content": "string",
"updateIfExists": true,
"sendNotification": true,
"partialSuccess": true
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())Delete TOTP secrets for users
Description:
Deletes the TOTP (Time-based One-Time Password) secret for the specified users.Precondition:
The user must be an administrator. The caller's admin role rank must be sufficient to manage the target users.Response:
The TOTP secrets for the specified users are deleted successfully.List of user UUIDs whose TOTP secrets should be deleted. Must contain between 1 and 100 IDs.
The TOTP secrets were deleted successfully.
Unauthorized
Possible error codes: ERR_AUTH_INVALID_CSRF, ERR_AUTH_UNAUTHORIZED
Error code
Error message
Forbidden
Possible error codes: ERR_ACCESS_ADMIN, ERR_ACCESS_USER, ERR_ADMIN_ROLE_RANK_RESTRICTED
Error code
Error message
Not Found
Possible error codes: ERR_ENTITY_NOT_FOUND
Error code
Error message
Unprocessable Content
Possible error codes: ERR_INPUT_INVALID_FORMAT
Error code
Error message
Request blocked by WAF
curl -X POST \
"https://{instance}.kiteworks.com/rest/admin/users/actions/deleteTotpSecret" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"ids": [
"string"
]
}'import requests
url = "https://{instance}.kiteworks.com/rest/admin/users/actions/deleteTotpSecret"
headers = {
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json",
}
payload = {
"ids": [
"string"
]
}
response = requests.post(url, headers=headers, json=payload)
print(response.json())