Users¶
The following methods allow for interaction into the Tenable Vulnerability Management users API endpoints.
Methods available on tio.users
:
- class UsersAPI(api: APISession)[source]¶
This will contain all methods related to Users
- change_password(user_id, old_password, new_password)[source]¶
Change the password for a specific user.
- Parameters:
- Returns:
The password has been successfully changed.
- Return type:
Examples
>>> tio.users.change_password(1, 'old_pass', 'new_pass')
- create(username, password, permissions, name=None, email=None, account_type=None)[source]¶
Create a new user.
- Parameters:
username (str) – The username for the new user.
password (str) – The password for the new user.
permissions (int) – The permissions role for the user. The permissions integer is derived based on the desired role of the user. For details describing what permissions values mean what roles, please refer to the User Roles table to see what permissions are accepted.
name (str, optional) – The human-readable name of the user.
email (str, optional) – The email address of the user.
account_type (str, optional) – The account type for the user. The default is local.
- Returns:
The resource record of the new user.
- Return type:
Examples
Create a standard user:
>>> user = tio.users.create('jsmith@company.com', 'password1', 32)
Create an admin user and add the email and name:
>>> user = tio.users.create('jdoe@company.com', 'password', 64, ... name='Jane Doe', email='jdoe@company.com')
- delete(user_id)[source]¶
Removes a user from Tenable Vulnerability Management.
- Parameters:
user_id (int) – The unique identifier of the user.
- Returns:
The user was successfully deleted.
- Return type:
Examples
>>> tio.users.delete(1)
- details(user_id)[source]¶
Retrieve the details of a user.
- Parameters:
user_id (int) – The unique identifier for the user.
- Returns:
The resource record for the user.
- Return type:
Examples
>>> user = tio.users.details(1)
- edit(user_id, permissions=None, name=None, email=None, enabled=None)[source]¶
Modify an existing user.
- Parameters:
user_id (int) – The unique identifier for the user.
permissions (int, optional) –
The permissions role for the user. The permissions integer is derived based on the desired role of the user. For details describing what permissions values mean what roles, please refer to the User Roles table to see what permissions are accepted.
name (str, optional) – The human-readable name of the user.
email (str, optional) – The email address of the user.
enabled (bool, optional) – Is the user account enabled?
- Returns:
The modified user resource record.
- Return type:
Examples
>>> user = tio.users.edit(1, name='New Full Name')
- edit_auths(user_id, api_permitted=None, password_permitted=None, saml_permitted=None)[source]¶
update user authorizations for accessing a Tenable Vulnerability Management instance.
- Parameters:
user_id (int) – The unique identifier for the user.
api_permitted (bool) – Indicates whether API access is authorized for the user.
password_permitted (bool) – Indicates whether user name and password login is authorized for the user.
saml_permitted (bool) – Indicates whether SSO with SAML is authorized for the user.
- Returns:
Returned if Tenable Vulnerability Management successfully updates the user’s authorizations.
- Return type:
Examples
>>> tio.users.edit_auths(1, True, True, False)
- enable_two_factor(user_id, phone, password)[source]¶
Enable phone-based two-factor authorization for a specific user.
- Parameters:
- Returns:
One-time activation code sent to the provided phone number.
- Return type:
Examples
>>> tio.users.enable_two_factor(1, '9998887766')
- enabled(user_id, enabled)[source]¶
Enable the user account.
- Parameters:
- Returns:
The modified user resource record.
- Return type:
Examples
Enable a user:
>>> tio.users.enabled(1, True)
Disable a user:
>>> tio.users.enabled(1, False)
- gen_api_keys(user_id)[source]¶
Generate the API keys for a specific user.
- Parameters:
user_id (int) – The unique identifier for the user.
- Returns:
A dictionary containing the new API Key-pair.
- Return type:
Examples
>>> keys = tio.users.gen_api_keys(1)
- impersonate(name)[source]¶
Impersonate as a specific user.
- Parameters:
name (str) – The user-name of the user to impersonate.
- Returns:
Impersonation successful.
- Return type:
Examples
>>> tio.users.impersonate('jdoe@company.com')
- list()[source]¶
Retrieves a list of users.
- Returns:
List of user resource records.
- Return type:
Examples
>>> for user in tio.users.list(): ... pprint(user)
- list_auths(user_id)[source]¶
list user authorizations for accessing a Tenable Vulnerability Management instance.
- Parameters:
user_id (int) – The unique identifier for the user.
- Returns:
Returns authorizations for the user.
- Return type:
Examples
>>> auth = tio.users.list_auths(1)
- two_factor(user_id, email, sms, phone=None)[source]¶
Configure two-factor authorization for a specific user.
- Parameters:
user_id (int) – The unique identifier for the user.
email (bool) – Whether two-factor should be additionally sent as an email.
sms (bool) – Whether two-factor should be enabled. This will send SMS codes.
phone (str, optional) – The phone number to use for two-factor authentication. Required when sms is set to True.
- Returns:
Setting changes were successfully updated.
- Return type:
Examples
Enable email authorization for a user:
>>> tio.users.two_factor(1, True, False)
Enable SMS authorization for a user:
>>> tio.users.two_factor(1, False, True, '9998887766')
- verify_two_factor(user_id, code)[source]¶
Send the verification code for two-factor authorization.
users: two-factor-enable-verify
- Parameters:
code (str) – The verification code that was sent to the device.
- Returns:
The verification code was valid and two-factor is enabled.
- Return type:
Examples
>>> tio.users.verify_two_factor(1, 'abc123')