Cloud Administration Synchronize User API
Use the Cloud Administration Synchronize User API to synchronize the details of a single user between an identity source and Cloud Access Service (CAS).
For information about managing access to this API, see Accessing the Cloud Administration APIs.
Authentication
Clients calling this API to synchronize a user must authenticate themselves by including a JSON Web Token in a request. For instructions on using this token, see Authentication for the Cloud Administration REST APIs.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Request Requirements
Use the following information to synchronize information about a particular user.
| Method | Request URL | Response Content Type | Response Body | Response Codes |
|---|---|---|---|---|
| POST |
/AdminInterface/restapi/v1/users/<userId>/sync
| application/json | User details with property | 200, 400, 403, 404, 429, 500 |
Resource Identifier
Use the following resource identifier.
| Request Parameter | Description |
|---|---|
| <userId> | Unique user identifier sent in the response to the User Details API. |
Request Body
Request body is empty. Set Content-Length to zero when calling this resource.
Example Request Data
The following example displays a request to synchronize a user.
POST https://localhost/AdminInterface/restapi/v1/users/eb2e12ae-1112-451b-98e1-dfe4e6afd60d/sync
Content-Length: 0
Authorization: Bearer <JWT token>
Response
When the request succeeds, the response body contains user details with updated user information.
Example Response Body
The following example displays a response body.
{
"id": "f85b6e95-f41f-45b4-bc84-559fead6460c",
"emailAddress": "user.one@mycompany.com",
"firstName": "User",
"lastName": "One",
"creationDate": "2018-08-31T19:10:30.045Z",
"identitySource": "My Company AD",
"userStatus": "Enabled",
"markDeleted": false,
"highRiskUser": false,
"markDeletedAt": null,
"markDeletedBy": null,
"smsNumber": "+11235556799",
"voiceNumber": "+1 774 291 4444",
"isTokenLocked": false,
"isSmsLocked": false,
"isVoiceLocked": false,
"lastSyncTime": "2018-08-31T19:20:30.045Z",
"emergencyAccessStatus": "Disabled",
"emergencyTokencodeId": null,
"emergencyTokencodeExpiration": null,
"emergencyTokencodeLastUse": null,
"offlineEmergencyAccessStatus": "Disabled",
"offlineEmergencyTokencodeExpiration": null,
"monthLastAuthenticated": "Nov 2020",
"identitySourceSpecificGroups": [
"Group 1",
"Group 2"
],
"globalGroups": [
"Group 3"
]
}Response Property Descriptions
The following table describes properties used in the response.
| Property | Description | Data Type |
|---|---|---|
| id | Identifies the user. | String |
| emailAddress | User's email address. | String |
| firstName | User's first name. | String |
| lastName | User's last name. | String |
| creationDate | Date when the user account was added to CAS. See https://www.w3.org/TR/NOTE-datetime for information on formatting timestamps in ISO 8601 format. | String |
| identitySource | Name of identity source. | String |
| userStatus | Enabled. Users can access protected resources. Disabled. Users cannot access protected resources or register devices. | String |
| markDeleted | Indicates whether the user is marked deleted. | Boolean |
| markDeletedAt | Date when a user is marked deleted. | String |
| markDeletedBy | Administrator who initiated mark for delete. | String |
| smsNumber | Displays user SMS phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized. | String |
| voiceNumber | Displays user voice phone numbers after you click Show synchronized phone numbers. Phone numbers appear only if corresponding attributes were configured and synchronized. | String |
| isTokenLocked | Tokencode status is either true (locked) or false (unlocked). | Boolean |
| isSmsLocked | SMS Tokencode status is either true (locked) or false (unlocked). | Boolean |
| isVoiceLocked | Voice Tokencode status is either true (locked) or false (unlocked). | Boolean |
| lastSyncTime | Most recent time when user details were synchronized with an identity source. | String |
| highRiskUser | True indicates the user is marked as high risk by an external third-party application. False indicates the user is not marked as high risk by an external third-party application. | Boolean |
| emergencyAccessStatus | Enabled - An Emergency Tokencode has been generated for this user. Disabled - An Emergency Tokencode has not been generated for this user. Locked - Emergency Tokencode is locked for this user. | String |
| emergencyTokencodeId | Identifies the Emergency Tokencode, if one has been generated for this user. | String |
| emergencyTokencodeExpiration | Emergency Tokencode expiration date. | String |
| emergencyTokencodeLastUse | Emergency Tokencode last used date. | String |
| emergencyTokencodeOneTimeUse | True indicates that an Emergency Tokencode can be used only once. False indicates that an Emergency Tokencode can be used multiple times. | Boolean |
| offlineEmergencyTokencodeExpiration | Offline Emergency Tokencode expiration date. | String |
| offlineEmergencyAccessStatus | Enabled - An offline Emergency Tokencode has been generated for this user. Disabled - An offline Emergency Tokencode has not been generated for this user. | String |
| identitySourceSpecificGroups | Names of identity source groups that the user belongs to. | Array of strings |
| globalGroups | Names of CAS groups (local groups) that the user belongs to. | Array of strings |
Response Codes
The following table shows the response codes and their descriptions for this API.
| Code | Description |
|---|---|
| 200 | Successfully synchronized user. Note: This response creates an administration log event. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 404 | User is not found by CAS. Note: This response creates an administration log event. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. Note: This response creates an administration log event. |
Related Articles
Appliance Logs Number of Views Cloud Administration Retrieve Authentication Audit Logs API Number of Views Cloud Administration User Details API Number of Views Cloud Administration Update SMS and Voice Phone API Number of Views Cloud Administration Retrieve Device Registration Code API Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
