Skip to main content

createAccount

You can use this method to create a user account and assign it a password.

Parameters

Parameter

Type

Optional

Description

email

String

No

The email address for the new account.

profile

Object

No

An object containing profile information:

  • fullName - mandatory, the full name of the user.

  • timezone - optional, the timezone the user.

  • language - optional, the language displayed in the GravityZone console.

password

String

Yes

The password for the new account.

If this value is omitted a password will be created and sent by email to the user.

The password should be at least twelve characters in length, and must contain at least one upper case character, one lower case character, one digit, one special character, and needs to be different from previously used passwords.

companyId

String

Yes

The company ID of the company you want to create the user under.

If not specified, the account will be linked to the company that holds the API key used to send the request.

role

Number

Yes

The role of the new account.

Possible values:

  • 1 - Company Administrator

  • 2 - Network Administrator

  • 3 - Reporter

  • 4 - Partner

  • 5 - Custom.

    Note

    If you assign this parameter the value 5, you need to also include the rights parameter in the request.

Default value: 1

Tip

For more information regarding user roles and the associated rights, refer to User roles

rights

Object

Yes

An object containing the rights of a user account.

Important

Only use this parameter if the role is included in your request and is assigned the value 5. In any other situation, the values assigned to the rights parameter are ignored.

The available rights are:

  • manageCompanies - Allows users to create, delete, suspend, manage licensing and security for client companies.

  • manageNetworks - Provides administrative privileges over these network security settings:

    • Network inventory

    • Policies

    • Tasks

    • Installation packages

    • Quarantine

    Tip

    The manageNetworks attribute is deprecated. We recommend using the manageInventory, managePoliciesRead, and managePoliciesWrite attributes instead.

    If set to true, the manageReports right is automatically given the same value.

    Important

    If manageNetworks is present, its value will automatically be assigned to the manageInventory, managePoliciesRead, and managePoliciesWrite attributes. Trying to assign a different value to any of the three keys in the same request will result in an error.

  • manageUsers - Allows users to create, delete, or edit user accounts for their own company.

  • manageReports - Allows users to create, view, and edit reports for their own company.

  • companyManager - Provides users access to edit their company profile settings and make changes to licensing.

  • manageRemoteShell - Enables users to start Remote Shell sessions on managed target endpoints and perform advanced forensics.

    If set to true, the manageNetworks attribute is automatically set to true.

  • manageInventory - Provides administrative privileges over network inventories, tasks, installation packages and quarantined items.

    Note

    Can not be included in the request if manageNetworks is present.

  • managePoliciesRead - Allows users to view company policies.

    Note

    Can not be included in the request if manageNetworks is present.

  • managePoliciesWrite - allows users to create and edit company policies.

    If the value is set to true, the value assigned to the managePoliciesRead parameter must also be set to true. Not including the managePoliciesRead attribute or assigning a different value to it will result in an error.

    Note

    Can not be included in the request if manageNetworks is present.

Possible values:

  • true - the right is enabled for this user.

  • false - the right is not enabled for this user.

Default value: false.

targetIds

Array

Yes

A list of IDs representing the targets to be managed by the user account.

Return value

This method returns a String: The ID of the created user account.

Example

Request

 {
       "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f",
       "jsonrpc": "2.0",
       "method": "createAccount",
       "params": {
           "email": "[email protected]",
           
           "profile": {
               "fullName": "Bitdefender User",
               "language": "en_US",
               "timezone": "Europe/Bucharest"
           },
           "password": "P@s4w0rd",
           "role": 5,
           "rights": {
               "companyManager": true,
               "manageInventory": true,
               "managePoliciesRead": true,
               "managePoliciesWrite": true,
               "manageReports": true,
               "manageUsers": false
           },
           "companyId": "58541613aaed7090058b4567",
           "targetIds": [
               "585d2dc9aaed70820e8b45b4",
               "585d2dd5aaed70b8048b45ca"
           ]
       }

Response

  {
   "id": "787b5e36-89a8-4353-88b9-6b7a32e9c87f",
   "jsonrpc": "2.0",
   "result": "585d2dc9aaed70820abc45b4"
   }