GET Teams/(prefix)/{universal}

Lists all properties of an identity group. With View permission and Read permission in the UI, you can also see team owners and members.

View team members and owners in the UI

Requirements

  • Permissions: The caller must have Create permission. However, results are limited to the identity provider that authenticated the caller.
  • Token scope:  Configuration:Manage

Headers

  • Content type: Content-Type:application/json.

  • Token: The bearer access token that you received. For example, Authorization:Bearer 4MyGeneratedBearerTknz==. For more information, see Passing a bearer token in your API calls.

Parameters

Input parameters

Name

Description

(prefix)

In the request URL, specify the word local. To get {prefix} and {universal} information, call POST Identity/Browse.

{universal} In the request URL, specify the Universal Unique Identifier (UUID) of the local group. The format of the UUID, including the absence or presence of curly braces, depends on the settings from the identity provider. Use the value from Identity/Browse.

Returns

Response description

Name

Description
Assets

An array of Policy folders that this group manages.
Description The purpose of the identity group.

ID
  • FullName:The Distinguished Name (DN) of the identity group.
  • IsGroup: The value is true if this instance is a group, otherwise false.
  • Name: The group name.
  • Prefix: The AD, LDAP or Identity provider. For more information, see Identity Information.
  • PrefixedName: The concatenated Prefix: and Group Name.
  • PrefixedUniversal: The concatenated Prefix: and Universal.
  • Type: The type of identity:
    • 1: User
    • 2: SecurityGroups

    • 8: DistributionGroups

      -OR-

    • [Combo value]. Any combination of identity types that are related to the Filter. For example: SecurityGroupsandDistributionGroups = 10.
  • Universal: The Universal Unique ID (UUID) that identifies a user or group identity. The formatting including curly braces depends on the settings from the identity provider. For example, Universal: {f32b5c37-c2d7-49aa-9ef4-2d38954a8b9b}.

Members

An array of users and groups who are members of the group.

  • FullName:The Distinguished Name (DN) of the identity group.
  • IsGroup: The value is true if this instance is a group, otherwise false.
  • Name: The group name.
  • Prefix: The AD, LDAP or Identity provider. For more information, see Identity Information.
  • PrefixedName: The concatenated Prefix: and Group Name.
  • PrefixedUniversal: The concatenated Prefix: and Universal.
  • Type: The type of identity:
    • 1: User
    • 2: SecurityGroups

    • 8: DistributionGroups

      -OR-

    • [Combo value]. Any combination of identity types that are related to the Filter. For example: SecurityGroupsandDistributionGroups = 10.
  • Universal: The Universal Unique ID (UUID) that identifies a user or group identity. The formatting including curly braces depends on the settings from the identity provider. For example, Universal: {f32b5c37-c2d7-49aa-9ef4-2d38954a8b9b}.

Message

If the response is a HTTP 400, it only contains Message and the reason for failure. Omits all other return values.

  • Failed to read the team identity assets: [Identity Error].
  • Failed to read the team identity description: [Identity Error].
  • Failed to read the team identity members: [Identity Error].
  • Failed to read the team identity owners: [Identity Error].
  • Failed to read the team identity products: [Identity Error].
  • Failed to read the team identity; Members list is empty.
  • Failed to read the team identity; owners are empty.
  • The prefix or principal for the team identity is missing.
  • The team identity is not valid or it doesn't exist.

Owners

An array of Identity group owners.
Products

An array of Venafi product names.

Example: List group assets

Request for Example

GET https://tpp.venafi.example/vedsdk/Teams/local/{aecc642b-ded6-4928-a6aa-0143c21f41f1}
Authorization:Bearer 4MyGeneratedBearerTknz==

Response for Example

HTTP/1.1 200 OK
{
   "Assets":[
      "\\VED\\Policy\\20.1 Standard Workflow Testing"
   ],
   "Description":"Apache DevOps Group",
   "ID":{
      "FullName":"\\VED\\Identity\\Apache Team",
      "IsGroup":true,
      "Name":"Apache Team",
      "Prefix":"local",
      "PrefixedName":"local:Apache Team",
      "PrefixedUniversal":"local:{7cfd6da3-8b53-40d0-8922-2eb21507bfbb}",
      "Type":2,
      "Universal":"{7cfd6da3-8b53-40d0-8922-2eb21507bfbb}"
   },
   "Members":[
      {
         "FullName":"\\VED\\Identity\\Master1",
         "Name":"Master1",
         "Prefix":"local",
         "PrefixedName":"local:Master1",
         "PrefixedUniversal":"local:{dacb0fad-8014-4b7d-960c-da579e221f5b}",
         "Type":1,
         "Universal":"{dacb0fad-8014-4b7d-960c-da579e221f5b}"
      }
   ],
   "Owners":[

   ],
   "Products":[
      "Code Signing",
      "SSH"
   ]
}