Cloud Administration Local Groups Public API
Use the Cloud Administration Local Groups Public API to perform create, read, update, and delete operations for local groups, as well as to manage local group user memberships. The API supports creating and managing user groups within the cloud. Local Groups support users from multiple identity sources, regardless of their identity source type within the same group. For more information about managing access to this API, see Accessing the Cloud Administration APIs.
Authentication
Clients calling this API must authenticate themselves by including a JSON Web Token in a request. For more information about using this token, see Authentication for the Cloud Administration APIs.
Software Developer Kit
You can download the API Software Developer Kit (SDK) from Cloud Administration REST API Download.
Note: This API is accessible only via OAuth and does not support the legacy JWT flow. For more information, see Manage OAuth API Clients.
This topic describes how to:
Note: The administrator should have the appropriate permissions within the OAuth scope to access these endpoints. For more information, see OAuth 2.0-Based Permissions for the Cloud Administration APIs.
Create Local Group
The following information describes how to create a local group with the provided name and description.
Prerequisite: The administrator should have the "rsa.group.manage" OAuth permission assigned to use this endpoint.
Request Overview
Use the following information to create a local group with the provided name and description.
| Action | Method | Request URL | Response Content Type | Response Body |
|---|---|---|---|---|
| Creates a local group with the provided name and description. | POST | /AdminInterface/restapi/v1/localGroups | application/json | Local group object containing metadata about the group. |
Request Body Parameters
The following table describes the request body parameters.
| Request Parameter | Description | Required | Data Type |
|---|---|---|---|
| name | Desired name of the local group | Yes | String |
| description | Description of the local group | No | String |
Example Request Body
The following is an example request body.
{
"name": "Sales Department Group"
"description": "This group contains all employees in the sales department"
}Response Body Parameters
The following table describes the response body parameters.
| Parameter | Description | Data Type |
|---|---|---|
| id | Unique identifier that represents the local group. | UUID |
| name | Name of the local group. | String |
| description | Description of the local group. | String |
| readOnly | Flag that indicates that this group is created and managed internally in the system. | Boolean |
| createdAt | Date that the local group has been created. | Timestamp |
| updatedAt | Date that the local group has been updated. | Timestamp |
Example Response Body
The following is an example response body.
{
"id": "f6b0b45e-a0d6-2864-7ee5-71a9806977cc",
"name": "Sales Department Group",
"description": "This group contains all employees in the sales department",
"readOnly": false,
"createdAt": "2024-12-29T05:20:00.120Z",
"updatedAt": "2024-12-31T07:51:00.978Z"
}Response Codes
The following table lists the response codes and their descriptions for this API.
| HTTP Status Code | Description |
|---|---|
| 200 | Local group created successfully. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. |
Retrieve Local Group
The following information describes how to find a local group by the provided id.
Prerequisite: The administrator should have the "rsa.group.read" OAuth permission assigned to use this endpoint.
Request Overview
Use the following information to find a local group by the provided id.
| Action | Method | Request URL | Response Content Type | Response Body |
|---|---|---|---|---|
| Finds a local group with the provided id. | GET | /AdminInterface/restapi/v1/localGroups/{id} | application/json | Local group object containing metadata about the group with the provided id. |
Response Body Parameters
The following table describes the response body parameters.
| Parameter | Description | Data Type |
|---|---|---|
| id | Unique identifier that represents the local group. | UUID |
| name | Name of the local group. | String |
| description | Description of the local group. | String |
| readOnly | Flag that indicates that this group is created and managed internally in the system. | Boolean |
| createdAt | Date that the local group has been created. | Timestamp |
| updatedAt | Date that the local group has been updated. | Timestamp |
Example Response Body
The following is an example response body.
{
"id": "f6b0b45e-a0d6-2864-7ee5-71a9806977cc",
"name": "Sales Department Group",
"description": "This group contains all employees in the sales department",
"readOnly": false,
"createdAt": "2024-12-29T05:20:00.120Z",
"updatedAt": "2024-12-31T07:51:00.978Z"
}Response Codes
The following table lists the response codes and their descriptions for this API.
| HTTP Status Code | Description |
|---|---|
| 200 | Local group created successfully. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. |
Update Local Group
The following information describes how to update a local group with the provided name and description.
Prerequisite: The administrator should have the "rsa.group.manage" OAuth permission assigned to use this endpoint.
Request Overview
Use the following information to update a local group with the provided name and description.
| Action | Method | Request URL | Response Content Type | Response Body |
|---|---|---|---|---|
| Updates a local group with the provided name and description. | PATCH | /AdminInterface/restapi/v1/localGroups/{id} | application/json | Local group object containing metadata about the updated group. |
Request Body Parameters
The following table describes the request body parameters.
| Request Parameter | Description | Required | Data Type |
|---|---|---|---|
| name | Desired name of the local group | Yes | String |
| description | Description of the local group | No | String |
Example Request Body
The following is an example request body.
{
"name": "Sales Department Group"
"description": "This group contains all employees in the sales department"
}Response Body Parameters
The following table describes the response body parameters.
| Parameter | Description | Data Type |
|---|---|---|
| id | Unique identifier that represents the local group. | UUID |
| name | Name of the local group. | String |
| description | Description of the local group. | String |
| readOnly | Flag that indicates that this group is created and managed internally in the system. | Boolean |
| createdAt | Date that the local group has been created. | Timestamp |
| updatedAt | Date that the local group has been updated. | Timestamp |
Example Response Body
The following is an example response body.
{
"id": "f6b0b45e-a0d6-2864-7ee5-71a9806977cc",
"name": "Sales Department Group",
"description": "This group contains all employees in the sales department",
"readOnly": false,
"createdAt": "2024-12-29T05:20:00.120Z",
"updatedAt": "2024-12-31T07:51:00.978Z"
}Response Codes
The following table lists the response codes and their descriptions for this API.
| HTTP Status Code | Description |
|---|---|
| 200 | Local group created successfully. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. |
List Local Groups
The following information describes how to return a list of local groups paginated based on the provided page number and page size.
Prerequisite: The administrator should have the "rsa.group.read" OAuth permission assigned to use this endpoint.
Request Overview
Use the following information to find a local group with provided id.
| Action | Method | Request URL | Response Content Type | Response Body |
|---|---|---|---|---|
| Returns a list of local groups paginated based on the provided page number and page size. | GET | /AdminInterface/restapi/v1/localGroups | application/json | List of Local group objects containing metadata about the existing groups along pagination metadata. |
| Resource Identifier | Required | Description | Type | Default Value | Example Value |
|---|---|---|---|---|---|
| <pageSize> | No | Specifies the maximum number of matching results to return. Valid values are 1 to 10, inclusive. | Integer | 5 | 10 |
| <pageNumber> | No | Zero-based index of the page to return. | Integer | 0 | 5 |
Response Body Parameters
The following table describes the response body parameters.
| Parameter | Description | Data Type |
|---|---|---|
| totalPages | Total number of group pages returned by the query. | Integer |
| totalGroups | Total number of groups returned by the query. | Integer |
| groups | List containing the groups returned by the query. | List |
| id | Unique identifier that represents the local group. | UUID |
| name | Name of the local group. | String |
| description | Description of the local group. | String |
| readOnly | Flag that indicates that this group is created and managed internally in the system. | Boolean |
| createdAt | Date that the local group has been created. | Timestamp |
| updatedAt | Date that the local group has been updated. | Timestamp |
Example Response Body
The following is an example response body.
{
"groups": [
{
"id": "7dd8bf57-b615-30fb-889a-bd08491a6461",
"name": "Group 1",
"description": "Group 1 description",
"readOnly": false,
"createdAt": "2024-12-30T10:18:10.587Z",
"updatedAt": "2024-12-30T10:48:13.168Z"
},
{
"id": "29f31ef0-6ea0-28a9-2afe-9b5afe79858d",
"name": "Group 2",
"description": "Group 2 description",
"readOnly": false,
"createdAt": "2024-12-30T08:56:37.622Z",
"updatedAt": "2024-12-30T08:56:37.622Z"
},
{
"id": "7788e4f3-2122-6a82-d09d-2a54abfe2ccf",
"name": "Group 3",
"description": "Group 3 description",
"readOnly": false,
"createdAt": "2024-12-26T13:47:10.282Z",
"updatedAt": "2024-12-26T13:47:10.282Z"
},
{
"id": "38ed8d0e-b905-026c-730c-639710e13b33",
"name": "Group 4",
"description": "Group 4 description",
"readOnly": false,
"createdAt": "2024-12-03T18:39:36.303Z",
"updatedAt": "2024-12-26T13:24:56.310Z"
},
{
"id": "a5d7b376-0eef-c934-7120-cf205dffae33",
"name": "Group 5",
"description": "Group 5 description",
"readOnly": false,
"createdAt": "2024-12-03T15:40:25.225Z",
"updatedAt": "2024-12-17T20:31:54.875Z"
}
],
"totalGroups": 9,
"totalPages": 2
}Response Codes
The following table lists the response codes and their descriptions for this API.
| HTTP Status Code | Description |
|---|---|
| 200 | Local group created successfully. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. |
Delete Local Group
The following information describes how to delete a local group with the provided id.
Prerequisite: The administrator should have the "rsa.group.manage" OAuth permission assigned to use this endpoint.
Request Overview
Use the following information to delete a local group with the provided id.
| Action | Method | Request URL | Response Content Type | Response Body |
|---|---|---|---|---|
| Deletes a local group with the provided id. | DELETE | /AdminInterface/restapi/v1/localGroups/{id} | application/json | Local group object containing id of deleted group. |
Response Body Parameters
The following table describes the response body parameters.
| Parameter | Description | Data Type |
|---|---|---|
| id | Unique identifier that represents the local group. | UUID |
Example Response Body
The following is an example response body.
{
"id": "f6b0b45e-a0d6-2864-7ee5-71a9806977cc"
}Response Codes
The following table lists the response codes and their descriptions for this API.
| HTTP Status Code | Description |
|---|---|
| 200 | Local group created successfully. |
| 400 | Operation not performed because of client syntax errors. |
| 403 | Not authorized to perform the request. |
| 429 | Too many requests. |
| 500 | Internal error occurred when processing the request. |
For more information about Local Groups Public API, see Managing Local Group Users with the Cloud Administration Local Groups Public API
Related Articles
Download RSA SecurID Access Cloud User Event audit logs using Cloud Administration REST API CLU Number of Views Download RSA SecurID Access Cloud Administration audit logs using Cloud Administration REST API CLU Number of Views Cloud Administration APIs Number of Views Managing Local Group Users with the Cloud Administration Local Groups Public API Number of Views Accessing the Cloud Administration APIs Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.9 Release Notes (January 2026) An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide
