Users

The following methods allow for interaction into the Tenable Security Center User API. These items are typically seen under the Users section of Tenable Security Center.

Methods available on sc.users:

class UserAPI(api: APISession)[source]
create(username, password, role, **kw)[source]

Creates a user.

user: create

Parameters:
  • username (str) – The username for the account

  • password (str) – The password for the user to create

  • role (int) – The role that should be assigned to this user.

  • address (str, optional) – Optional street address information to associate to the user.

  • auth_type (str, optional) – The Authentication type to use for the user. Valid options are ldap, legacy, saml, and tns. If left unspecified the default is tns.

  • city (str, optional) – Optional city information to associate to the user.

  • country (str, optional) – Optional country information to associate to the user.

  • default_objects (bool, optional) – Should the default objects be created for members of this group?

  • email (str, optional) – The email address to associate to the user.

  • email_notice (str, optional) – What type of events should generate an email notification? Valid types are id, password, both, none.

  • fax (str, optional) – A fax number to associate to the user.

  • fingerprint (str, optional) – A fingerprint to associate to the user.

  • firstname (str, optional) – A first name to associate to the user.

  • group (int, optional) – A group to associate to the user. This parameter is required for users that are not Administrators.

  • is_locked (bool, optional) – If the account locked? If left unspecified the default is False.

  • ldap_id (int, optional) – If specifying an LDAP auth type, this is the numeric identifier for the LDAP configuration to use.

  • managed_usergroups (list, optional) – A list of group ids that the user is allowed to manage users within.

  • managed_userobjs (list, optional) – A list of group ids that the user is allowed to manage objects within. This includes asset lists, reports, etc.

  • org (int, optional) – If logged in as an administrator, and creating a security manager account, the organization id must be passed in order to inform Tenable Security Center which organization to create the security manager within.

  • phone (str, optional) – A phone number to associate to the user.

  • responsibility (int, optional) – The asset list detailing what assets the user is responsible for. A value of 0 denotes all assets, any other non-zero integer must be the id of the asset list to associate to the user.

  • state (str, optional) – The state to associate to the user.

  • timezone (str, optional) – A timezone other than the system timezone to associate to the user. This will impact all times displayed within the user interface.

  • title (str, optional) – A title to associate to the user.

  • update_password (bool, optional) – Should the user be forced to update their password next login? If left unspecified, the default is False.

Returns:

The newly created user.

Return type:

dict

Examples

>>> user = sc.users.create('username', 'password', 1, group=1)
delete(id: int, migrate_to: int | None = None)[source]

Removes a user.

user: delete

Parameters:

id (int) – The numeric identifier for the user to remove.

Returns:

An empty response.

Return type:

str

Examples

>>> sc.users.delete(1)
details(id: int, fields: List[str] = None) Dict[source]

Returns the details for a specific user.

user: details

Parameters:
  • id (int) – The identifier for the user.

  • fields (list, optional) – A list of attributes to return.

Returns:

The user resource record.

Return type:

dict

Examples

>>> user = sc.users.details(1)
>>> pprint(user)
edit(id: int, **kw)[source]

Edits a user.

user: edit

Parameters:
  • address (str, optional) – Optional street address information to associate to the user.

  • auth_type (str, optional) – The Authentication type to use for the user. Valid options are ldap, legacy, saml, and tns. If left unspecified the default is tns.

  • city (str, optional) – Optional city information to associate to the user.

  • country (str, optional) – Optional country information to associate to the user.

  • currentPassword (str, optional) – Optional, requirement when updating password for current user in addition to password kwarg.

  • default_dashboards (bool, optional) – Should the default dashboards be created for the user? If left unspecified, the default is True.

  • default_reportcards (bool, optional) – Should the default report cards be created for the user? If left unspecified, the default is True.

  • default_reports (bool, optional) – Should the default reports be created for the user? If left unspecified, the default is True.

  • email (str, optional) – The email address to associate to the user.

  • email_notice (str, optional) – What type of events should generate an email notification? Valid types are id, password, both, none.

  • fax (str, optional) – A fax number to associate to the user.

  • fingerprint (str, optional) – A fingerprint to associate to the user.

  • firstname (str, optional) – A first name to associate to the user.

  • group (int, optional) – A group to associate to the user. This parameter is required for users that are not Administrators.

  • is_locked (bool, optional) – If the account locked? If left unspecified the default is False.

  • ldap_id (int, optional) – If specifying an LDAP auth type, this is the numeric identifier for the LDAP configuration to use.

  • managed_usergroups (list, optional) – A list of group ids that the user is allowed to manage users within.

  • managed_userobjs (list, optional) – A list of group ids that the user is allowed to manage objects within. This includes asset lists, reports, etc.

  • org (int, optional) – If logged in as an administrator, and creating a security manager account, the organization id must be passed in order to inform Tenable Security Center which organization to create the security manager within.

  • password (str, optional) – The user password, currentPassword should be used with this if updating password for logged in user.

  • phone (str, optional) – A phone number to associate to the user.

  • responsibility (int, optional) – The asset list detailing what assets the user is responsible for. A value of 0 denotes all assets, any other non-zero integer must be the id of the asset list to associate to the user.

  • role (int, optional) – The role that should be assigned to this user.

  • state (str, optional) – The state to associate to the user.

  • timezone (str, optional) – A timezone other than the system timezone to associate to the user. This will impact all times displayed within the user interface.

  • title (str, optional) – A title to associate to the user.

  • update_password (bool, optional) – Should the user be forced to update their password next login? If left unspecified, the default is False.

  • username (str, optional) – The username for the account

Returns:

The newly updated user.

Return type:

dict

Examples

>>> user = sc.users.edit(1, username='newusername')
list(fields: List[str] = None) Dict[source]

Retrieves the list of user definitions.

user: list

Parameters:

fields (list, optional) – A list of attributes to return for each user.

Returns:

A list of user resources.

Return type:

list

Examples

>>> for user in sc.users.list():
...     pprint(user)