Guides
GuidesAPI ReferenceRecipesChangelog

User & Access Control APIs Overview

Suggest Edits

N-able's N-Central's User & Access Control APIs provide comprehensive tools for managing user accounts, access permissions, and role-based security within your N-central environment.

These APIs enable you to automate user management tasks, configure access controls, and maintain security policies programmatically.

API Methods

User Management

Manage user accounts and retrieve user information across your N-central environment.

Key Endpoints

  • GET /api/users: List available user management endpoints and capabilities
  • GET /api/org-units/{orgUnitId}/users: Retrieve a list of users within a specified organization unit

Key Parameters

  • pageSize: Control the number of results per page (1-1000, default 50)
  • pageNumber: Specify which page of results to retrieve
  • sortBy: Sort by fields like lastName, username, accountstatus, roles
  • sortOrder: Define sort direction (asc/desc)

User Fields

  • userName: Email address or username of the user
  • firstName/lastName: User's name details
  • apiOnlyUser: Flag indicating if user is API-only
  • isEnabled: User account status
  • twoFactorEnabled: Two-factor authentication status
  • roleIds: Associated role identifiers

Access Groups

Configure and manage access control groups to define security boundaries for users and devices.

Key Endpoints

  • GET /api/access-groups: List access group management endpoints
  • GET /api/org-units/{orgUnitId}/access-groups: Retrieve organization access groups
  • POST /api/org-units/{orgUnitId}/access-groups: Create organization unit access groups
  • POST /api/org-units/{orgUnitId}/device-access-groups: Create device-specific access groups
  • GET /api/access-groups/{accessGroupId}: Get detailed information about a specific access group

Access Group Creation

  • Organization Unit Groups:
    • Create groups to manage access at the organizational level
    • Set auto-include options for new organization units
    • Define group descriptions and member lists
  • Device Groups:
    • Create groups to manage device-specific access
    • Associate specific devices and users
    • Set group permissions and boundaries

Access Group Types

  • Organization Unit Groups: Control access to specific parts of the organization hierarchy
  • Device Groups: Manage access to specific devices or device collections

Key Parameters

  • groupName: Name of the access group
  • groupDescription: Description of the group's purpose
  • deviceIds: List of device IDs (for device groups)
  • orgUnitIds: List of organization unit IDs (for org unit groups)
  • autoIncludeNewOrgUnits: Automatically include new organization units

User Roles

Define and manage role-based access control (RBAC) for your N-central environment.

Key Endpoints

  • GET /api/org-units/{orgUnitId}/user-roles: List user roles in an organization
  • POST /api/org-units/{orgUnitId}/user-roles: Create new user roles
  • GET /api/org-units/{orgUnitId}/user-roles/{userRoleId}: Get specific role details

Role Management Features

  • Role creation with custom permissions
  • Assignment of users to roles
  • Hierarchical role inheritance
  • Organization-specific role configurations

Key Features

Granular Permission Control

Define precise access levels for users through a combination of roles and access groups, ensuring users have exactly the permissions they need - no more, no less.

Hierarchical Access Management

Leverage organization unit hierarchy to create inherited access controls, simplifying management of large-scale deployments.

Flexible Role Configuration

Create and customize roles with specific permission sets, supporting both broad and narrow access patterns based on job functions.

Automated User Management

Streamline user administration through API-driven processes, enabling integration with your existing identity management systems.

Implementation Examples

Creating a New User Role

POST /api/org-units/{orgUnitId}/user-roles
Authorization: Bearer <YOUR_TOKEN>
Content-Type: application/json

{
  "roleName": "Support Team Lead",
  "description": "Senior support team access with elevated permissions",
  "permissionIds": ["1", "2", "3"],
  "userIds": ["5001", "5002"]
}

Creating an Organization Unit Access Group

POST /api/org-units/{orgUnitId}/access-groups
Authorization: Bearer <YOUR_TOKEN>
Content-Type: application/json

{
  "groupName": "Regional Managers",
  "groupDescription": "Access group for regional management team",
  "orgUnitIds": ["1001", "1002"],
  "userIds": ["5001", "5002"],
  "autoIncludeNewOrgUnits": "false"
}

Retrieving Access Group Details

GET /api/access-groups/1549311915
Authorization: Bearer <YOUR_TOKEN>

Creating a Device Access Group

POST /api/org-units/{orgUnitId}/device-access-groups
Authorization: Bearer <YOUR_TOKEN>
Content-Type: application/json

{
  "groupName": "Production Servers",
  "groupDescription": "Access group for production server management",
  "deviceIds": ["1001", "1002"],
  "userIds": ["5001", "5002"]
}

Updated 6 days ago