Skip to main content

Hi ALL,

We have requirement to enable form Login for 2000 users in Password Safe. From BT portal, there is no bulk update option available .

I am looking for any API if available then we can use it for bulk update and enable form login. I know alternately we can reach to BT support team and get it done from Backend. However we want to explore first if any API is available to achieve this.

Can anyone please let me know if any REST API available that I can use and update the user profile .

Awaiting for response. thanks in Advance. 

 

Hi ​@immi563,

 

Sadly no, not at this time. Support would be your best option for a one-off go. 

here is a sample script. keep in mind that scripts should be thoroughly tested before using

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

here is a sample script. keep in mind that scripts should be thoroughly tested before using

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

Fantastic workaround! I was thinking of the API for the user specific! 

single user or group? if its a group you can adapt the script to read from txt file

 

single user or group? if its a group you can adapt the script to read from txt file

 

Oh, I was looking for API-specific approach on the user action to change their enabled/disabled forms login. I wasn’t thinking of the groups approach.

here is a sample script. keep in mind that scripts should be thoroughly tested before using

# Authenticate to BeyondInsight API
$headers = @{
    "Authorization" = "PS-Auth key=your_api_key"
    "Content-Type" = "application/json"
}

# Get all users
$users = Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/Users" -Headers $headers

# Assign users to MFA-enabled group
foreach ($user in $users) {
    $body = @{ UserID = $user.UserID } | ConvertTo-Json
    Invoke-RestMethod -Uri "https://your-beyondinsight-server/api/UserGroups/{groupId}/Users" -Method POST -Body $body -Headers $headers
}

Hi frank

thank you so much for help. Can you please let me know what’s the MFA enabled group? Is it Azure MFA enabled group that we are referring to or it is something else? 

This solution could be helpful for me however I need some clarity on what’s the MFA group that we are referring to ?

Regards,

Imran ALiyani

On our environment , MFA is managed by Azure group which is hosted on AD. Hence we wont be able to add user to those group using BT APIs. If I am missing something , please help me understand.

Badge Earners

  • 5 Courses Completed - Privilege Remote Access
    mcastronuovohas earned the badge 5 Courses Completed - Privilege Remote Access
  • 5 Courses Completed
    mcastronuovohas earned the badge 5 Courses Completed
  • 5 Courses Completed - Privilege Remote Access
    eparkhas earned the badge 5 Courses Completed - Privilege Remote Access
  • 5 Courses Completed
    eparkhas earned the badge 5 Courses Completed
  • 5 Workshops Completed - Endpoint Privilege Management - Windows & Mac
    Drew Hollingshas earned the badge 5 Workshops Completed - Endpoint Privilege Management - Windows & Mac
Show all badges
Terms & ConditionsCookie settingsAccessibility statement