Query structured spec data via REST or MCP. Get exactly what your agent needs.
https://console.jumpcloud.com/api/v2
/activedirectories/{id}
This endpoint allows you to update Active Directory.
curl -X PATCH https://console.jumpcloud.com/api/v2/activedirectories/{Domain_ID} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"domain": "{DC=DOMAIN;DC=COM}",
"use_case": "{ADASAUTHORITY}"
}' \
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | ObjectID of this Active Directory instance. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
active-directory
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| domain | string | optional |
| useCase | string | optional |
| primaryAgent | string | optional |
PATCH /activedirectories/{id}
/authn/policies/{id}
Patch the specified authentication policy.
curl -X PATCH https://console.jumpcloud.com/api/v2/authn/policies/{id} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{ "disabled": false }'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | Unique identifier of the authentication policy |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
AuthnPolicy
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| name | string | optional |
| type | string | optional |
| effect | object | optional |
| └ action | string | required |
| └ obligations | object | optional |
| └ mfa | object | optional |
| └ required | boolean | optional |
| └ userVerification | object | optional |
| └ requirement | string | optional |
| targets | object | optional |
| └ users | object | optional |
| └ inclusions | array | optional |
| └ resources | array | optional |
| └ id | string | optional |
| └ type | string | required |
| └ userGroups | object | optional |
| └ exclusions | array | optional |
| └ inclusions | array | optional |
| └ userAttributes | object | optional |
| └ exclusions | array | optional |
| └ field | string | optional |
| └ value | object | optional |
| └ operator | string | optional |
| └ inclusions | array | optional |
| └ field | string | optional |
| └ value | object | optional |
| └ operator | string | optional |
| disabled | boolean | optional |
| conditions | object | optional |
| description | string | optional |
OK
PATCH /authn/policies/{id}
/bulk/users
The endpoint allows you to create a bulk job to asynchronously update users. See Update a System User for full list of attributes.
curl -X PATCH https://console.jumpcloud.com/api/v2/bulk/users \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '[
{
"id":"5be9fb4ddb01290001e85109",
"firstname":"{UPDATED_FIRSTNAME}",
"department":"{UPDATED_DEPARTMENT}",
"attributes":[
{"name":"Custom","value":"{ATTRIBUTE_VALUE}"}
]
},
{
"id":"5be9fb4ddb01290001e85109",
"firstname":"{UPDATED_FIRSTNAME}",
"costCenter":"{UPDATED_COST_CENTER}",
"phoneNumbers":[
{"type":"home","number":"{HOME_PHONE_NUMBER}"},
{"type":"work","number":"{WORK_PHONE_NUMBER}"}
]
}
]
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
BulkUsersUpdateRequest
of object
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| string | optional | |
| lastname | string | optional |
| username | string | optional |
| firstname | string | optional |
| attributes | array | optional |
| organization | string | optional |
PATCH /bulk/users
/gsuites/{id}
This endpoint allows updating some attributes of a G Suite.
curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"userLockoutAction": "suspend",
"userPasswordExpirationAction": "maintain"
}'
Sample Request, set a default domain
curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"defaultDomain": {
"id": "{domainObjectID}"
}
}'
Sample Request, unset the default domain
curl -X PATCH https://console.jumpcloud.com/api/v2/gsuites/{GSUITE_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"defaultDomain": {}
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | Unique identifier of the GSuite. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
gsuite
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| name | string | optional |
| defaultDomain | object | optional |
| └ id | string | optional |
| └ domain | string | optional |
| groupsEnabled | boolean | optional |
| userLockoutAction | string | optional |
| userPasswordExpirationAction | string | optional |
PATCH /gsuites/{id}
/google-emm/enterprises/{enterpriseId}
Updates a Google EMM enterprise details.
curl -X PATCH https://console.jumpcloud.com/api/v2/google-emm/enterprises \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{ 'allowDeviceEnrollment': true, 'deviceGroupId': 'string' }' \
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| enterpriseId | path | required | string | — |
application/json
EnterprisesPatchEnterpriseRequest
| Property | Type | Required |
|---|---|---|
| deviceGroupId | string | optional |
| allowDeviceEnrollment | boolean | optional |
A successful response.
PATCH /google-emm/enterprises/{enterpriseId}
/iplists/{id}
Update a specific IP list.
curl -X PATCH https://console.jumpcloud.com/api/v2/iplists/{id} \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{"name": "New IP List Name"}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
IPListRequest
| Property | Type | Required |
|---|---|---|
| ips | array | optional |
| name | string | optional |
| description | string | optional |
OK
PATCH /iplists/{id}
/ldapservers/{id}
This endpoint allows updating some attributes of an LDAP server.
Sample Request
curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"userLockoutAction": "remove",
"userPasswordExpirationAction": "disable"
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| id | path | required | string | Unique identifier of the LDAP server. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
LdapserversPatchRequest
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| userLockoutAction | string | optional |
| userPasswordExpirationAction | string | optional |
PATCH /ldapservers/{id}
/office365s/{office365_id}
This endpoint allows updating some attributes of an Office 365 instance.
#####
Sample Request
curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"userLockoutAction": "maintain",
"userPasswordExpirationAction": "suspend",
}'
Sample Request, set a default domain
curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"defaultDomain": {
"id": "{domainObjectID}"
}
}'
Sample Request, unset the default domain
curl -X PATCH https://console.jumpcloud.com/api/v2/office365s/{OFFICE365_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"defaultDomain": {}
}'
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| office365_id | path | required | string | ObjectID of the Office 365 instance. |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
office365
| Property | Type | Required |
|---|---|---|
| id | string | optional |
| name | string | optional |
| defaultDomain | object | optional |
| └ id | string | optional |
| └ domain | string | optional |
| groupsEnabled | boolean | optional |
| userLockoutAction | string | optional |
| userPasswordExpirationAction | string | optional |
PATCH /office365s/{office365_id}
/integrations/autotask/{UUID}
Update the Autotask integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Autotask.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
AutotaskIntegrationPatchReq
| Property | Type | Required |
|---|---|---|
| secret | string | optional |
| username | string | optional |
OK
Unprocessable Entity. The server failed to validate credentials with Autotask.
PATCH /integrations/autotask/{UUID}
/integrations/autotask/{UUID}/mappings
Create, edit, and/or delete mappings between Jumpcloud organizations and Autotask companies/contracts/services. You must be associated to the same provider as the Autotask integration to use this api.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
AutotaskMappingRequest
| Property | Type | Required |
|---|---|---|
| data | array | optional |
| └ delete | boolean | optional |
| └ company | object | required |
| └ id | string | required |
| └ name | string | required |
| └ service | object | optional |
| └ id | string | optional |
| └ name | string | optional |
| └ nonBillableUsers | integer | optional |
| └ contract | object | optional |
| └ id | string | optional |
| └ name | string | optional |
| └ organization | object | required |
| └ id | string | required |
| └ name | string | required |
No Content
PATCH /integrations/autotask/{UUID}/mappings
/integrations/autotask/{UUID}/settings
Create, edit, and/or delete Autotask settings. You must be associated to the same provider as the Autotask integration to use this endpoint.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
AutotaskSettingsPatchReq
| Property | Type | Required |
|---|---|---|
| companyTypeIds | array | optional |
| automaticTicketing | boolean | optional |
OK
PATCH /integrations/autotask/{UUID}/settings
/integrations/connectwise/{UUID}
Update the ConnectWise integration configuration. A 422 Unprocessable Entity response means the server failed to validate with ConnectWise.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
ConnectwiseIntegrationPatchReq
| Property | Type | Required |
|---|---|---|
| url | string | optional |
| companyId | string | optional |
| publicKey | string | optional |
| privateKey | string | optional |
OK
Unprocessable Entity. The server failed to validate credentials with ConnectWise.
PATCH /integrations/connectwise/{UUID}
/integrations/connectwise/{UUID}/mappings
Create, edit, and/or delete mappings between Jumpcloud organizations and ConnectWise companies/agreements/additions. You must be associated to the same provider as the ConnectWise integration to use this api.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
ConnectWiseMappingRequest
| Property | Type | Required |
|---|---|---|
| data | array | optional |
| └ delete | boolean | optional |
| └ company | object | required |
| └ id | string | required |
| └ name | string | required |
| └ addition | object | optional |
| └ id | string | optional |
| └ name | string | optional |
| └ agreement | object | optional |
| └ id | string | optional |
| └ name | string | optional |
| └ organization | object | required |
| └ id | string | required |
| └ name | string | required |
No Content
PATCH /integrations/connectwise/{UUID}/mappings
/integrations/connectwise/{UUID}/settings
Create, edit, and/or delete ConnectWiseIntegration settings. You must be associated to the same provider as the ConnectWise integration to use this endpoint.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
ConnectWiseSettingsPatchReq
| Property | Type | Required |
|---|---|---|
| companyTypeIds | array | optional |
| automaticTicketing | boolean | optional |
OK
PATCH /integrations/connectwise/{UUID}/settings
/integrations/syncro/{UUID}
Update the Syncro integration configuration. A 422 Unprocessable Entity response means the server failed to validate with Syncro.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
SyncroIntegrationPatchReq
| Property | Type | Required |
|---|---|---|
| apiToken | string | optional |
| subdomain | string | optional |
OK
Unprocessable Entity. The server failed to validate credentials with Syncro.
PATCH /integrations/syncro/{UUID}
/integrations/syncro/{UUID}/mappings
Create, edit, and/or delete mappings between Jumpcloud organizations and Syncro companies. You must be associated to the same provider as the Syncro integration to use this api.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
SyncroMappingRequest
| Property | Type | Required |
|---|---|---|
| data | array | optional |
| └ delete | boolean | optional |
| └ company | object | required |
| └ id | string | required |
| └ name | string | required |
| └ organization | object | required |
| └ id | string | required |
| └ name | string | required |
| └ billingConfigurations | object | optional |
| └ fields | object | optional |
| └ schedule_id | object | optional |
| └ line_item_id | object | optional |
| └ schedule_name | object | optional |
| └ line_item_name | object | optional |
No Content
PATCH /integrations/syncro/{UUID}/mappings
/integrations/syncro/{UUID}/settings
Create, edit, and/or delete SyncroIntegration settings. You must be associated to the same provider as the Syncro integration to use this endpoint.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| UUID | path | required | string | — |
application/json
SyncroSettingsPatchReq
| Property | Type | Required |
|---|---|---|
| automaticTicketing | boolean | optional |
OK
PATCH /integrations/syncro/{UUID}/settings
/users/{user_id}/pushendpoints/{push_endpoint_id}
This endpoint will update a push endpoint associated with a user.
| Name | In | Required | Type | Description |
|---|---|---|---|---|
| user_id | path | required | string | — |
| push_endpoint_id | path | required | string | — |
| x-org-id | header | optional | string | Organization identifier that can be obtained from console settings. |
application/json
PushEndpointsPatchRequest
| Property | Type | Required |
|---|---|---|
| name | string | optional |
| state | string | optional |
OK
PATCH /users/{user_id}/pushendpoints/{push_endpoint_id}
ADE
{
"type": "object",
"title": "ADE",
"properties": {
"setupOptions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/SetupAssistantOption"
},
"description": "A list of configured setup options for this enrollment."
},
"welcomeScreen": {
"$ref": "#/components/schemas/DEPWelcomeScreen"
},
"setupAssistantOptions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/DEPSetupAssistantOption"
},
"description": "A Setup Option wrapped as an object",
"x-deprecated": true
},
"enableZeroTouchEnrollment": {
"type": "boolean",
"description": "A toggle to determine if ADE registered devices should go through JumpCloud Zero Touch Enrollment."
},
"defaultDeviceGroupObjectIds": {
"type": "array",
"items": {
"type": "string"
},
"nullable": true,
"description": "An array of ObjectIDs identifying the default device groups for this specific type (based on the OS family) of automated device enrollment. Currently, only a single DeviceGroupID is supported."
}
}
}
ADES
{
"type": "object",
"title": "ADES",
"properties": {
"ios": {
"$ref": "#/components/schemas/ADE"
},
"macos": {
"$ref": "#/components/schemas/ADE"
}
}
}
AccessRequestApiRevokeAccessRequestResponse
{
"type": "object",
"example": {},
"properties": {}
}
AccessRequestApiUpdateAccessRequestRequest
{
"type": "object",
"properties": {
"expiry": {
"type": "string",
"format": "date-time"
},
"remarks": {
"type": "string"
},
"additionalAttributes": {
"type": "object"
},
"organizationObjectId": {
"type": "string",
"format": "byte"
}
}
}
AccessRequestApiUpdateAccessRequestResponse
{
"type": "object",
"example": {},
"properties": {}
}
ActivedirectoriesAgentsListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/active-directory-agent-list"
}
}
ActivedirectoriesListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/active-directory"
}
}
Address
{
"type": "object",
"properties": {
"id": {
"type": "string"
},
"type": {
"type": "string",
"maxLength": 1024
},
"poBox": {
"type": "string",
"maxLength": 1024
},
"region": {
"type": "string",
"maxLength": 1024
},
"country": {
"type": "string",
"maxLength": 1024
},
"locality": {
"type": "string",
"maxLength": 1024
},
"postalCode": {
"type": "string",
"maxLength": 1024
},
"streetAddress": {
"type": "string",
"maxLength": 1024
},
"extendedAddress": {
"type": "string",
"maxLength": 1024
}
}
}
Administrator
{
"type": "object",
"title": "Administrator",
"example": {
"id": "0123456789abcdef01234567",
"email": "joe@example.com",
"lastname": "Blough",
"firstname": "Joe",
"registered": false,
"enableMultiFactor": true
},
"properties": {
"id": {
"type": "string"
},
"role": {
"type": "string"
},
"email": {
"type": "string"
},
"lastname": {
"type": "string"
},
"roleName": {
"type": "string"
},
"apiKeySet": {
"type": "boolean"
},
"firstname": {
"type": "string"
},
"suspended": {
"type": "boolean"
},
"registered": {
"type": "boolean"
},
"apiKeyAllowed": {
"type": "boolean"
},
"enableMultiFactor": {
"type": "boolean"
},
"organizationAccessTotal": {
"type": "number"
}
}
}
AdministratorOrganizationLink
{
"type": "object",
"title": "AdministratorOrganizationLink",
"example": {
"organization": "6230a0d26a4e4bc86c6b36f1",
"administrator": "6230a0c233a6cbea7c470398"
},
"properties": {
"organization": {
"type": "string",
"description": "The identifier for an organization"
},
"administrator": {
"type": "string",
"description": "The identifier for an administrator"
}
}
}
AdministratorOrganizationLinkReq
{
"type": "object",
"title": "AdministratorOrganizationLinkReq",
"example": {
"organization": "6230a0d26a4e4bc86c6b36f1"
},
"properties": {
"organization": {
"type": "string",
"description": "The identifier for an organization to link this administrator to."
}
}
}
AdministratorOrganizationsListByAdministratorResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AdministratorOrganizationLink"
}
}
AdministratorOrganizationsListByOrganizationResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AdministratorOrganizationLink"
}
}
AnyValue
{
"description": "Can be any value - string, number, boolean, array or object."
}
AppleMDM
{
"type": "object",
"title": "AppleMDM",
"required": [
"id"
],
"properties": {
"id": {
"type": "string",
"description": "ObjectId uniquely identifying an MDM Enrollment,"
},
"dep": {
"$ref": "#/components/schemas/DEP"
},
"ades": {
"$ref": "#/components/schemas/ADES"
},
"name": {
"type": "string",
"maxLength": 255,
"description": "A friendly name to identify this enrollment. Not required to be unique."
},
"organization": {
"type": "string",
"description": "The identifier for an organization"
},
"apnsPushTopic": {
"type": "string",
"description": "The push topic assigned to this enrollment by Apple after uploading the Signed CSR plist."
},
"apnsCertExpiry": {
"type": "string",
"description": "The expiration date and time for the APNS Certificate."
},
"depServerTokenState": {
"enum": [
"unknown",
"missing",
"valid",
"expired"
],
"type": "string",
"description": "The state of the dep server token, presence and expiry."
},
"defaultSystemGroupID": {
"type": "string",
"description": "ObjectId uniquely identifying the MDM default System Group.",
"x-deprecated": true
},
"depAccessTokenExpiry": {
"type": "string",
"description": "The expiration date and time for the DEP Access Token. This aligns with the DEP Server Token State."
},
"appleCertSerialNumber": {
"type": "string",
"description": "The serial number of the Apple signed certificate associated to the Device Manager."
},
"appleCertCreatorAppleID": {
"type": "string",
"description": "The Apple ID of the admin who created the Apple signed certificate associated to the Device Manager."
},
"allowMobileUserEnrollment": {
"type": "boolean",
"description": "A toggle to allow mobile device enrollment for an organization."
},
"defaultIosUserEnrollmentDeviceGroupID": {
"type": "string",
"description": "ObjectId uniquely identifying the MDM default iOS user enrollment device group."
}
}
}
ApplemdmsDevicesClearActivationLock500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesClearActivationLockResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesOsUpdateStatusResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesRefreshActivationLockInformation500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesRefreshActivationLockInformationResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesScheduleOsUpdateResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceserase500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceseraseRequest
{
"type": "object",
"properties": {
"pin": {
"type": "string",
"example": "123456",
"pattern": "^[0-9]{6}$",
"description": "6-digit PIN, required for MacOS, to erase the device"
}
}
}
ApplemdmsDeviceseraseResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceslistResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/apple-mdm-device"
}
}
ApplemdmsDeviceslock500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDeviceslockRequest
{
"type": "object",
"properties": {
"pin": {
"type": "string",
"example": "123456",
"pattern": "^[0-9]{6}$",
"description": "6-digit PIN, required for MacOS, to lock the device"
}
}
}
ApplemdmsDeviceslockResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesrestart500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesrestartRequest
{
"type": "object",
"properties": {
"kextPaths": {
"type": "array",
"items": {
"type": "string"
},
"description": "The string to pass when doing a restart and performing a RebuildKernelCache."
}
}
}
ApplemdmsDevicesrestartResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesshutdown500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsDevicesshutdownResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsEnrollmentprofileslistResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AppleMDM"
}
}
ApplemdmsListResponse
{
"type": "array",
"items": {
"$ref": "#/components/schemas/AppleMDM"
}
}
ApplemdmsRefreshdepdevices500Response
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplemdmsRefreshdepdevicesResponse
{
"type": "object",
"properties": {
"message": {
"type": "string"
}
}
}
ApplicationsGetResponse
{
"type": "object",
"example": {},
"properties": {}
}
ApplicationsPostLogoRequest
{
"type": "object",
"properties": {
"image": {
"type": "string",
"format": "binary",
"description": "The file to upload."
}
}
}
Apps
{
"type": "array",
"items": {
"type": "object",
"properties": {
"osId": {
"type": "integer",
"format": "int32",
"example": 1
},
"appVersion": {
"type": "string",
"example": "1.1.1"
}
}
}
}
AuthnPolicy
{
"type": "object",
"title": "AuthnPolicy",
"properties": {
"id": {
"type": "string",
"readOnly": true
},
"name": {
"type": "string"
},
"type": {
"$ref": "#/components/schemas/AuthnPolicyType"
},
"effect": {
"$ref": "#/components/schemas/AuthnPolicyEffect"
},
"targets": {
"$ref": "#/components/schemas/AuthnPolicyTargets"
},
"disabled": {
"type": "boolean"
},
"conditions": {
"type": "object",
"description": "Conditions may be added to an authentication policy using the following conditional language:\n\n```\n<conditions> ::= <expression>\n<expression> ::= <deviceEncrypted> | <deviceManaged> | <ipAddressIn> |\n <locationIn> | <notExpression> | <allExpression> |\n <anyExpression>\n<deviceEncrypted> ::= { \"deviceEncrypted\": <boolean> }\n<deviceManaged> ::= { \"deviceManaged\": <boolean> }\n<ipAddressIn> ::= { \"ipAddressIn\": [ <objectId>, ... ] }\n<locationIn> ::= { \"locationIn\": {\n \"countries\": [\n <iso_3166_country_code>, ...\n ]\n }\n }\n<notExpression> ::= { \"not\": <expression> }\n<allExpression> ::= { \"all\": [ <expression>, ... ] }\n<anyExpression> ::= { \"any\": [ <expression>, ... ] }\n```\n\nFor example, to add a condition that applies to IP addresses in a given list, the following condition can be added:\n\n```\n{\"ipAddressIn\": [ <ip_list_object_id> ]}\n```\n\nIf you would rather exclude IP addresses in the given lists, the following condition could be added:\n\n```\n{\n \"not\": {\n \"ipAddressIn\": [ <ip_list_object_id_1>, <ip_list_object_id_2> ]\n }\n}\n```\n\nYou may also include more than one condition and choose whether \"all\" or \"any\" of them must be met for the policy to apply:\n\n```\n{\n \"all\": [\n {\n \"ipAddressIn\": [ <ip_list_object_id>, ... ]\n },\n {\n \"deviceManaged\": true\n },\n {\n \"locationIn\": {\n countries: [ <iso_3166_country_code>, ... ]\n }\n }\n ]\n}\n```"
},
"description": {
"type": "string"
}
},
"description": "This represents an authentication policy. See the details of each field for valid values and restrictions."
}
AuthnPolicyEffect
{
"type": "object",
"title": "AuthnPolicyEffect",
"required": [
"action"
],
"properties": {
"action": {
"enum": [
"allow",
"deny",
"unknown"
],
"type": "string"
},
"obligations": {
"$ref": "#/components/schemas/AuthnPolicyObligations"
}
},
"x-examples": {
"example-deny": {
"action": "deny"
},
"example-allow": {
"action": "allow"
},
"example-allow-with-mfa": {
"action": "allow",
"obligations": {
"mfa": {
"required": true
}
}
}
}
}
AuthnPolicyObligations
{
"type": "object",
"title": "AuthnPolicyObligations",
"properties": {
"mfa": {
"type": "object",
"properties": {
"required": {
"type": "boolean"
}
}
},
"userVerification": {
"type": "object",
"properties": {
"requirement": {
"enum": [
"none",
"optional",
"required"
],
"type": "string"
}
}
}
}
}
AuthnPolicyResourceTarget
{
"type": "object",
"title": "AuthnPolicyResourceTarget",
"required": [
"type"
],
"properties": {
"id": {
"type": "string",
"description": "Object ID of the resource target. If undefined, then all resources of the given type are targeted."
},
"type": {
"enum": [
"user_portal",
"application",
"ldap"
],
"type": "string"
}
}
}
AuthnPolicyTargets
{
"type": "object",
"title": "AuthnPolicyTargets",
"properties": {
"users": {
"$ref": "#/components/schemas/AuthnPolicyUserTarget"
},
"resources": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyResourceTarget"
}
},
"userGroups": {
"$ref": "#/components/schemas/AuthnPolicyUserGroupTarget"
},
"userAttributes": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeTarget"
}
}
}
AuthnPolicyType
{
"enum": [
"user_portal",
"application",
"ldap"
],
"type": "string",
"title": "AuthnPolicyType",
"default": "user_portal"
}
AuthnPolicyUserAttributeFilter
{
"type": "object",
"title": "AuthnPolicyUserAttributeFilter",
"properties": {
"field": {
"type": "string",
"description": "The only field that is currently supported is ldap_binding_user"
},
"value": {
"$ref": "#/components/schemas/AnyValue"
},
"operator": {
"enum": [
"EQ"
],
"type": "string"
}
}
}
AuthnPolicyUserAttributeTarget
{
"type": "object",
"title": "AuthnPolicyUserAttributeTarget",
"properties": {
"exclusions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeFilter"
}
},
"inclusions": {
"type": "array",
"items": {
"$ref": "#/components/schemas/AuthnPolicyUserAttributeFilter"
}
}
},
"description": "User attribute targets are currently only supported for LDAP policies."
}
AuthnPolicyUserGroupTarget
{
"type": "object",
"title": "AuthnPolicyUserGroupTarget",
"properties": {
"exclusions": {
"type": "array",
"items": {
"type": "string"
}
},
"inclusions": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
AuthnPolicyUserTarget
{
"type": "object",
"title": "AuthnPolicyUserTarget",
"properties": {
"inclusions": {
"type": "array",
"items": {
"type": "string"
}
}
}
}
| Version | Endpoints | Schemas | Ingested | Status |
|---|---|---|---|---|
| 2.0 | 416 | 669 | 2026-05-11 | current |
| 2.0 | 416 | 669 | 2026-04-20 | |
| 2.0 | 416 | 669 | 2026-04-20 | |
| 2.0 | 416 | 669 | 2026-04-16 |