Package com.softlayer.api.service.user

Interface Customer.Service

  • All Superinterfaces:
    Maskable, ResultLimitable, Service
    All Known Subinterfaces:
    OpenIdConnect.Service, TrustedProfile.Service
    Enclosing class:
    Customer
    @ApiService("SoftLayer_User_Customer")
public static interface Customer.Service
extends Service
    Every SoftLayer account has one or more portal users which are defined by the SoftLayer_User_Customer service. Every SoftLayer customer account has a master user account whose name corresponds to their account id preceded by the letters "SL". Users exist in a parent-child relationship. Child users inherit the properties and permissions of their parent user while conversely a user may have more than one child users.

    API users have full access to their own portal user account and they could also have access to other users under their SoftLayer customer account, if they have "Manage Users" permission in the customer portal.

    There are two relational properties that contain the permissions assigned to a customer user; permissions and actions. These are simply two different representations of the same information. The permissions ORM key creates a SoftLayer_Container_Collection_Permissions collection from SoftLayer_User_Customer_CustomerPermission_Permission objects which is populated from the same data source as the actions ORM key which creates a SoftLayer_Container_Collection_Permissions collection from SoftLayer_User_Permission_Action objects.
    See Also:
    SoftLayer_User_Customer

    • Method Detail

      • withNewMask

        Customer.Mask withNewMask()
        Description copied from interface: Maskable
        Overwrite the existing mask on this service with a new one and return it
        Specified by:
        withNewMask in interface Maskable

      • withMask

        Customer.Mask withMask()
        Description copied from interface: Maskable
        Use the existing mask on this service or create it if not present
        Specified by:
        withMask in interface Maskable

      • addBulkDedicatedHostAccess

        @ApiMethod(instanceRequired=true)
Boolean addBulkDedicatedHostAccess​(List<Long> dedicatedHostIds)
        Grants the user access to one or more dedicated host devices. The user will only be allowed to see and access devices in both the portal and the API to which they have been granted access. If the user's account has devices to which the user has not been granted access, then "not found" exceptions are thrown if the user attempts to access any of these devices.

        Users can assign device access to their child users, but not to themselves. An account's master has access to all devices on their customer account and can set dedicated host access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::addBulkDedicatedHostAccess

      • addBulkHardwareAccess

        @ApiMethod(instanceRequired=true)
Boolean addBulkHardwareAccess​(List<Long> hardwareIds)
        Add multiple hardware to a portal user's hardware access list. A user's hardware access list controls which of an account's hardware objects a user has access to in the SoftLayer customer portal and API. Hardware does not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. addBulkHardwareAccess() does not attempt to add hardware access if the given user already has access to that hardware object.

        Users can assign hardware access to their child users, but not to themselves. An account's master has access to all hardware on their customer account and can set hardware access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::addBulkHardwareAccess

      • addBulkPortalPermission

        @ApiMethod(instanceRequired=true)
Boolean addBulkPortalPermission​(List<Permission> permissions)
        Add multiple permissions to a portal user's permission set. [[SoftLayer_User_Customer_CustomerPermission_Permission]] control which features in the SoftLayer customer portal and API a user may use. addBulkPortalPermission() does not attempt to add permissions already assigned to the user.

        Users can assign permissions to their child users, but not to themselves. An account's master has all portal permissions and can set permissions for any of the other users on their account.

        Use the [[SoftLayer_User_Customer_CustomerPermission_Permission::getAllObjects]] method to retrieve a list of all permissions available in the SoftLayer customer portal and API. Permissions are removed based on the keyName property of the permission objects within the permissions parameter.
        See Also:
        SoftLayer_User_Customer::addBulkPortalPermission

      • addBulkVirtualGuestAccess

        @ApiMethod(instanceRequired=true)
Boolean addBulkVirtualGuestAccess​(List<Long> virtualGuestIds)
        Add multiple CloudLayer Computing Instances to a portal user's access list. A user's CloudLayer Computing Instance access list controls which of an account's CloudLayer Computing Instance objects a user has access to in the SoftLayer customer portal and API. CloudLayer Computing Instances do not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. addBulkVirtualGuestAccess() does not attempt to add CloudLayer Computing Instance access if the given user already has access to that CloudLayer Computing Instance object.

        Users can assign CloudLayer Computing Instance access to their child users, but not to themselves. An account's master has access to all CloudLayer Computing Instances on their customer account and can set CloudLayer Computing Instance access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::addBulkVirtualGuestAccess

      • addDedicatedHostAccess

        @ApiMethod(instanceRequired=true)
Boolean addDedicatedHostAccess​(Long dedicatedHostId)
        Grants the user access to a single dedicated host device. The user will only be allowed to see and access devices in both the portal and the API to which they have been granted access. If the user's account has devices to which the user has not been granted access, then "not found" exceptions are thrown if the user attempts to access any of these devices.

        Users can assign device access to their child users, but not to themselves. An account's master has access to all devices on their customer account and can set dedicated host access for any of the other users on their account.

        Only the USER_MANAGE permission is required to execute this.
        See Also:
        SoftLayer_User_Customer::addDedicatedHostAccess

      • addHardwareAccess

        @ApiMethod(instanceRequired=true)
Boolean addHardwareAccess​(Long hardwareId)
        Add hardware to a portal user's hardware access list. A user's hardware access list controls which of an account's hardware objects a user has access to in the SoftLayer customer portal and API. Hardware does not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user already has access to the hardware you're attempting to add then addHardwareAccess() returns true.

        Users can assign hardware access to their child users, but not to themselves. An account's master has access to all hardware on their customer account and can set hardware access for any of the other users on their account.

        Only the USER_MANAGE permission is required to execute this.
        See Also:
        SoftLayer_User_Customer::addHardwareAccess

      • addPortalPermission

        @ApiMethod(instanceRequired=true)
Boolean addPortalPermission​(Permission permission)
        Add a permission to a portal user's permission set. [[SoftLayer_User_Customer_CustomerPermission_Permission]] control which features in the SoftLayer customer portal and API a user may use. If the user already has the permission you're attempting to add then addPortalPermission() returns true.

        Users can assign permissions to their child users, but not to themselves. An account's master has all portal permissions and can set permissions for any of the other users on their account.

        Use the [[SoftLayer_User_Customer_CustomerPermission_Permission::getAllObjects]] method to retrieve a list of all permissions available in the SoftLayer customer portal and API. Permissions are added based on the keyName property of the permission parameter.
        See Also:
        SoftLayer_User_Customer::addPortalPermission

      • addVirtualGuestAccess

        @ApiMethod(instanceRequired=true)
Boolean addVirtualGuestAccess​(Long virtualGuestId)
        Add a CloudLayer Computing Instance to a portal user's access list. A user's CloudLayer Computing Instance access list controls which of an account's CloudLayer Computing Instance objects a user has access to in the SoftLayer customer portal and API. CloudLayer Computing Instances do not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user already has access to the CloudLayer Computing Instance you're attempting to add then addVirtualGuestAccess() returns true.

        Users can assign CloudLayer Computing Instance access to their child users, but not to themselves. An account's master has access to all CloudLayer Computing Instances on their customer account and can set CloudLayer Computing Instance access for any of the other users on their account.

        Only the USER_MANAGE permission is required to execute this.
        See Also:
        SoftLayer_User_Customer::addVirtualGuestAccess

      • assignNewParentId

        @ApiMethod(instanceRequired=true)
Customer assignNewParentId​(Long parentId,
                           Boolean cascadePermissionsFlag)
        This method can be used in place of [[SoftLayer_User_Customer::editObject]] to change the parent user of this user.

        The new parent must be a user on the same account, and must not be a child of this user. A user is not allowed to change their own parent.

        If the cascadeFlag is set to false, then an exception will be thrown if the new parent does not have all of the permissions that this user possesses. If the cascadeFlag is set to true, then permissions will be removed from this user and the descendants of this user as necessary so that no children of the parent will have permissions that the parent does not possess. However, setting the cascadeFlag to true will not remove the access all device permissions from this user. The customer portal will need to be used to remove these permissions.
        See Also:
        SoftLayer_User_Customer::assignNewParentId

      • checkExternalAuthenticationStatus

        @ApiMethod
Token checkExternalAuthenticationStatus​(Binding authenticationContainer)
        This service checks the result of a previously requested external authentication. [[SoftLayer_Container_User_Customer_External_Binding_Phone|Phone external binding]] container can be used for this service. Make sure to set the [[SoftLayer_Container_User_Customer_External_Binding_Phone::authenticationToken|authenticationToken]] that is generated by [[SoftLayer_User_Customer|initiateExternalAuthentication]] service.
        See Also:
        SoftLayer_User_Customer::checkExternalAuthenticationStatus

      • createObject

        @ApiMethod
Customer createObject​(Customer templateObject,
                      String password,
                      String vpnPassword)
        Create a new user in the SoftLayer customer portal. It is not possible to set up SLL enable flags during object creation. These flags are ignored during object creation. You will need to make a subsequent call to edit object in order to enable VPN access.

        An account's master user and sub-users who have the User Manage permission can add new users.

        Users are created with a default permission set. After adding a user it may be helpful to set their permissions and device access.

        secondaryPasswordTimeoutDays will be set to the system configured default value if the attribute is not provided or the attribute is not a valid value.

        Note, neither password nor vpnPassword parameters are required.

        Password When a new user is created, an email will be sent to the new user's email address with a link to a url that will allow the new user to create or change their password for the SoftLayer customer portal.

        If the password parameter is provided and is not null, then that value will be validated. If it is a valid password, then the user will be created with this password. This user will still receive a portal password email. It can be used within 24 hours to change their password, or it can be allowed to expire, and the password provided during user creation will remain as the user's password.

        If the password parameter is not provided or the value is null, the user must set their portal password using the link sent in email within 24 hours.  If the user fails to set their password within 24 hours, then a non-master user can use the "Reset Password" link on the login page of the portal to request a new email. A master user can use the link to retrieve a phone number to call to assist in resetting their password.

        The password parameter is ignored for VPN_ONLY users or for IBMid authenticated users.

        vpnPassword If the vpnPassword is provided, then the user's vpnPassword will be set to the provided password.  When creating a vpn only user, the vpnPassword MUST be supplied.  If the vpnPassword is not provided, then the user will need to use the portal to edit their profile and set the vpnPassword.

        IBMid considerations When a SoftLayer account is linked to a Platform Services (PaaS, formerly Bluemix) account, AND the trait on the SoftLayer Account indicating IBMid authentication is set, then SoftLayer will delegate the creation of an ACTIVE user to PaaS. This means that even though the request to create a new user in such an account may start at the IMS API, via this delegation we effectively turn it into a request that is driven by PaaS. In particular this means that any "invitation email" that comes to the user, will come from PaaS, not from IMS via IBMid.

        Users created in states other than ACTIVE (for example, a VPN_ONLY user) will be created directly in IMS without delegation (but note that no invitation is sent for a user created in any state other than ACTIVE).
        See Also:
        SoftLayer_User_Customer::createObject

      • createSubscriberDeliveryMethods

        @ApiMethod(instanceRequired=true)
Boolean createSubscriberDeliveryMethods​(String notificationKeyName,
                                        List<String> deliveryMethodKeyNames)
        Create delivery methods for a notification that the user is subscribed to. Multiple delivery method keyNames can be supplied to create multiple delivery methods for the specified notification. Available delivery methods - 'EMAIL'. Available notifications - 'PLANNED_MAINTENANCE', 'UNPLANNED_INCIDENT'.
        See Also:
        SoftLayer_User_Customer::createSubscriberDeliveryMethods

      • editObject

        @ApiMethod(instanceRequired=true)
Boolean editObject​(Customer templateObject)
        Account master users and sub-users who have the User Manage permission in the SoftLayer customer portal can update other user's information. Use editObject() if you wish to edit a single user account. Users who do not have the User Manage permission can only update their own information.
        See Also:
        SoftLayer_User_Customer::editObject

      • editObjects

        @ApiMethod
Boolean editObjects​(List<Customer> templateObjects)
        Account master users and sub-users who have the User Manage permission in the SoftLayer customer portal can update other user's information. Use editObjects() if you wish to edit multiple users at once. Users who do not have the User Manage permission can only update their own information.
        See Also:
        SoftLayer_User_Customer::editObjects

      • getActiveExternalAuthenticationVendors

        @ApiMethod
List<Vendor> getActiveExternalAuthenticationVendors()
        The getActiveExternalAuthenticationVendors method will return a list of available external vendors that a SoftLayer user can authenticate against. The list will only contain vendors for which the user has at least one active external binding.
        See Also:
        SoftLayer_User_Customer::getActiveExternalAuthenticationVendors

      • getHardwareCount

        @ApiMethod(instanceRequired=true)
Long getHardwareCount()
        Retrieve the number of servers that a portal user has access to. Portal users can have restrictions set to limit services for and to perform actions on hardware. You can set these permissions in the portal by clicking the "administrative" then "user admin" links.
        See Also:
        SoftLayer_User_Customer::getHardwareCount

      • getLoginToken

        @ApiMethod
Common getLoginToken​(Contract request)
        Attempt to authenticate a user to the SoftLayer customer portal using the provided authentication container. Depending on the specific type of authentication container that is used, this API will leverage the appropriate authentication protocol. If authentication is successful then the API returns a list of linked accounts for the user, a token containing the ID of the authenticated user and a hash key used by the SoftLayer customer portal to maintain authentication.
        See Also:
        SoftLayer_User_Customer::getLoginToken

      • getMappedAccounts

        @ApiMethod(instanceRequired=true)
List<Account> getMappedAccounts​(String providerType)
        An OpenIdConnect identity, for example an IBMid, can be linked or mapped to one or more individual SoftLayer users, but no more than one SoftLayer user per account. This effectively links the OpenIdConnect identity to those accounts. This API returns a list of all the accounts for which there is a link between the OpenIdConnect identity and a SoftLayer user. Invoke this only on IBMid-authenticated users.
        See Also:
        SoftLayer_User_Customer::getMappedAccounts

      • getObject

        @ApiMethod(instanceRequired=true)
Customer getObject()
        getObject retrieves the SoftLayer_User_Customer object whose ID number corresponds to the ID number of the init parameter passed to the SoftLayer_User_Customer service. You can only retrieve users that are assigned to the customer account belonging to the user making the API call.
        See Also:
        SoftLayer_User_Customer::getObject

      • getPortalLoginToken

        @ApiMethod
Token getPortalLoginToken​(String username,
                          String password,
                          Long securityQuestionId,
                          String securityQuestionAnswer)
        Attempt to authenticate a username and password to the SoftLayer customer portal. Many portal user accounts are configured to require answering a security question on login. In this case getPortalLoginToken() also verifies the given security question ID and answer. If authentication is successful then the API returns a token containing the ID of the authenticated user and a hash key used by the SoftLayer customer portal to maintain authentication.
        See Also:
        SoftLayer_User_Customer::getPortalLoginToken

      • getRequirementsForPasswordSet

        @ApiMethod(instanceRequired=true)
PasswordSet getRequirementsForPasswordSet​(PasswordSet passwordSet)
        Retrieve the authentication requirements for an outstanding password set/reset request. The requirements returned in the same SoftLayer_Container_User_Customer_PasswordSet container which is provided as a parameter into this request. The SoftLayer_Container_User_Customer_PasswordSet::authenticationMethods array will contain an entry for each authentication method required for the user. See SoftLayer_Container_User_Customer_PasswordSet for more details.

        If the user has required authentication methods, then authentication information will be supplied to the SoftLayer_User_Customer::processPasswordSetRequest method within this same SoftLayer_Container_User_Customer_PasswordSet container. All existing information in the container must continue to exist in the container to complete the password set/reset process.
        See Also:
        SoftLayer_User_Customer::getRequirementsForPasswordSet

      • getUserIdForPasswordSet

        @ApiMethod
Long getUserIdForPasswordSet​(String key)
        Retrieve a user id using a password token provided to the user in an email generated by the SoftLayer_User_Customer::initiatePortalPasswordChange request. Password recovery keys are valid for 24 hours after they're generated.

        When a new user is created or when a user has requested a password change using initiatePortalPasswordChange, they will have received an email that contains a url with a token. That token is used as the parameter for getUserIdForPasswordSet. Once the user id is known, then the SoftLayer_User_Customer object can be retrieved which is necessary to complete the process to set or reset a user's password.
        See Also:
        SoftLayer_User_Customer::getUserIdForPasswordSet

      • getVirtualGuestCount

        @ApiMethod(instanceRequired=true)
Long getVirtualGuestCount()
        Retrieve the number of CloudLayer Computing Instances that a portal user has access to. Portal users can have restrictions set to limit services for and to perform actions on CloudLayer Computing Instances. You can set these permissions in the portal by clicking the "administrative" then "user admin" links.
        See Also:
        SoftLayer_User_Customer::getVirtualGuestCount

      • initiateExternalAuthentication

        @ApiMethod
String initiateExternalAuthentication​(Binding authenticationContainer)
        The service initiates an external authentication with the given external authentication vendor. The authentication container and its content will be verified before an attempt is made to initiate an external authentication. [[SoftLayer_Container_User_Customer_External_Binding_Phone|Phone external binding]] container can be used for this service.

        This service returns a unique authentication request token. You can use [[SoftLayer_User_Customer::checkExternalAuthenticationStatus|checkExternalAuthenticationStatus]] service to check if the authentication request is complete or not.
        See Also:
        SoftLayer_User_Customer::initiateExternalAuthentication

      • initiatePortalPasswordChange

        @ApiMethod
Boolean initiatePortalPasswordChange​(String username)
        Sends password change email to the user containing url that allows the user the change their password. This is the first step when a user wishes to change their password. The url that is generated contains a one-time use token that is valid for only 24-hours.

        If this is a new master user who has never logged into the portal, then password reset will be initiated. Once a master user has logged into the portal, they must setup their security questions prior to logging out because master users are required to answer a security question during the password reset process. Should a master user not have security questions defined and not remember their password in order to define the security questions, then they will need to contact support at live chat or Revenue Services for assistance.

        Due to security reasons, the number of reset requests per username are limited within a undisclosed timeframe.
        See Also:
        SoftLayer_User_Customer::initiatePortalPasswordChange

      • initiatePortalPasswordChangeByBrandAgent

        @ApiMethod(instanceRequired=true)
Boolean initiatePortalPasswordChangeByBrandAgent​(String username)
        A Brand Agent that has permissions to Add Customer Accounts will be able to request the password email be sent to the Master User of a Customer Account created by the same Brand as the agent making the request. Due to security reasons, the number of reset requests are limited within an undisclosed timeframe.
        See Also:
        SoftLayer_User_Customer::initiatePortalPasswordChangeByBrandAgent

      • isMasterUser

        @Deprecated
@ApiMethod(instanceRequired=true)
Boolean isMasterUser()
        Deprecated.
        Portal users are considered master users if they don't have an associated parent user. The only users who don't have parent users are users whose username matches their SoftLayer account name. Master users have special permissions throughout the SoftLayer customer portal.
        See Also:
        SoftLayer_User_Customer::isMasterUser

      • performExternalAuthentication

        @ApiMethod
Token performExternalAuthentication​(Binding authenticationContainer)
        The perform external authentication method will authenticate the given external authentication container with an external vendor. The authentication container and its contents will be verified before an attempt is made to authenticate the contents of the container with an external vendor.
        See Also:
        SoftLayer_User_Customer::performExternalAuthentication

      • processPasswordSetRequest

        @ApiMethod(instanceRequired=true)
Boolean processPasswordSetRequest​(PasswordSet passwordSet,
                                  Binding authenticationContainer)
        Set the password for a user who has an outstanding password request. A user with an outstanding password request will have an unused and unexpired password key. The password key is part of the url provided to the user in the email sent to the user with information on how to set their password. The email was generated by the SoftLayer_User_Customer::initiatePortalPasswordRequest request. Password recovery keys are valid for 24 hours after they're generated.

        If the user has required authentication methods as specified by in the SoftLayer_Container_User_Customer_PasswordSet container returned from the SoftLayer_User_Customer::getRequirementsForPasswordSet request, then additional requests must be made to processPasswordSetRequest to authenticate the user before changing the password. First, if the user has security questions set on their profile, they will be required to answer one of their questions correctly. Next, if the user has Verisign, Google Authentication, or Phone Factor on their account, they must authenticate according to the two-factor provider. All of this authentication is done using the SoftLayer_Container_User_Customer_PasswordSet container. If the user has Phone Factor authentication, additional requests to SoftLayer_User_Customer::checkPhoneFactorAuthenticationForPasswordSet is required until a response other than Awaiting Response is received.

        User portal passwords must match the following restrictions. Portal passwords must...
        * ...be over eight characters long.
        * ...be under twenty characters long.
        * ...contain at least one uppercase letter
        * ...contain at least one lowercase letter
        * ...contain at least one number
        * ...contain one of the special characters _ - | @ . , ? / ! ~ # $ % ^ & * ( ) { } [ ] \ + =
        * ...not match your username
        See Also:
        SoftLayer_User_Customer::processPasswordSetRequest

      • removeAllDedicatedHostAccessForThisUser

        @ApiMethod(instanceRequired=true)
Boolean removeAllDedicatedHostAccessForThisUser()
        Revoke access to all dedicated hosts on the account for this user. The user will only be allowed to see and access devices in both the portal and the API to which they have been granted access. If the user's account has devices to which the user has not been granted access or the access has been revoked, then "not found" exceptions are thrown if the user attempts to access any of these devices. If the current user does not have administrative privileges over this user, an inadequate permissions exception will get thrown.

        Users can call this function on child users, but not to themselves. An account's master has access to all users permissions on their account.
        See Also:
        SoftLayer_User_Customer::removeAllDedicatedHostAccessForThisUser

      • removeAllHardwareAccessForThisUser

        @ApiMethod(instanceRequired=true)
Boolean removeAllHardwareAccessForThisUser()
        Remove all hardware from a portal user's hardware access list. A user's hardware access list controls which of an account's hardware objects a user has access to in the SoftLayer customer portal and API. If the current user does not have administrative privileges over this user, an inadequate permissions exception will get thrown.

        Users can call this function on child users, but not to themselves. An account's master has access to all users permissions on their account.
        See Also:
        SoftLayer_User_Customer::removeAllHardwareAccessForThisUser

      • removeAllVirtualAccessForThisUser

        @ApiMethod(instanceRequired=true)
Boolean removeAllVirtualAccessForThisUser()
        Remove all cloud computing instances from a portal user's instance access list. A user's instance access list controls which of an account's computing instance objects a user has access to in the SoftLayer customer portal and API. If the current user does not have administrative privileges over this user, an inadequate permissions exception will get thrown.

        Users can call this function on child users, but not to themselves. An account's master has access to all users permissions on their account.
        See Also:
        SoftLayer_User_Customer::removeAllVirtualAccessForThisUser

      • removeBulkDedicatedHostAccess

        @ApiMethod(instanceRequired=true)
Boolean removeBulkDedicatedHostAccess​(List<Long> dedicatedHostIds)
        Revokes access for the user to one or more dedicated host devices. The user will only be allowed to see and access devices in both the portal and the API to which they have been granted access. If the user's account has devices to which the user has not been granted access or the access has been revoked, then "not found" exceptions are thrown if the user attempts to access any of these devices.

        Users can assign device access to their child users, but not to themselves. An account's master has access to all devices on their customer account and can set dedicated host access for any of the other users on their account.

        If the user has full dedicatedHost access, then it will provide access to "ALL but passed in" dedicatedHost ids.
        See Also:
        SoftLayer_User_Customer::removeBulkDedicatedHostAccess

      • removeBulkHardwareAccess

        @ApiMethod(instanceRequired=true)
Boolean removeBulkHardwareAccess​(List<Long> hardwareIds)
        Remove multiple hardware from a portal user's hardware access list. A user's hardware access list controls which of an account's hardware objects a user has access to in the SoftLayer customer portal and API. Hardware does not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user does not has access to the hardware you're attempting to remove then removeBulkHardwareAccess() returns true.

        Users can assign hardware access to their child users, but not to themselves. An account's master has access to all hardware on their customer account and can set hardware access for any of the other users on their account.

        If the user has full hardware access, then it will provide access to "ALL but passed in" hardware ids.
        See Also:
        SoftLayer_User_Customer::removeBulkHardwareAccess

      • removeBulkPortalPermission

        @ApiMethod(instanceRequired=true)
Boolean removeBulkPortalPermission​(List<Permission> permissions,
                                   Boolean cascadePermissionsFlag)
        Remove (revoke) multiple permissions from a portal user's permission set. [[SoftLayer_User_Customer_CustomerPermission_Permission]] control which features in the SoftLayer customer portal and API a user may use. Removing a user's permission will affect that user's portal and API access. removePortalPermission() does not attempt to remove permissions that are not assigned to the user.

        Users can grant or revoke permissions to their child users, but not to themselves. An account's master has all portal permissions and can grant permissions for any of the other users on their account.

        If the cascadePermissionsFlag is set to true, then removing the permissions from a user will cascade down the child hierarchy and remove the permissions from this user along with all child users who also have the permission.

        If the cascadePermissionsFlag is not provided or is set to false and the user has children users who have the permission, then an exception will be thrown, and the permission will not be removed from this user.

        Use the [[SoftLayer_User_Customer_CustomerPermission_Permission::getAllObjects]] method to retrieve a list of all permissions available in the SoftLayer customer portal and API. Permissions are removed based on the keyName property of the permission objects within the permissions parameter.
        See Also:
        SoftLayer_User_Customer::removeBulkPortalPermission

      • removeBulkVirtualGuestAccess

        @ApiMethod(instanceRequired=true)
Boolean removeBulkVirtualGuestAccess​(List<Long> virtualGuestIds)
        Remove multiple CloudLayer Computing Instances from a portal user's access list. A user's CloudLayer Computing Instance access list controls which of an account's CloudLayer Computing Instance objects a user has access to in the SoftLayer customer portal and API. CloudLayer Computing Instances do not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user does not has access to the CloudLayer Computing Instance you're attempting remove add then removeBulkVirtualGuestAccess() returns true.

        Users can assign CloudLayer Computing Instance access to their child users, but not to themselves. An account's master has access to all CloudLayer Computing Instances on their customer account and can set hardware access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::removeBulkVirtualGuestAccess

      • removeDedicatedHostAccess

        @ApiMethod(instanceRequired=true)
Boolean removeDedicatedHostAccess​(Long dedicatedHostId)
        Revokes access for the user to a single dedicated host device. The user will only be allowed to see and access devices in both the portal and the API to which they have been granted access. If the user's account has devices to which the user has not been granted access or the access has been revoked, then "not found" exceptions are thrown if the user attempts to access any of these devices.

        Users can assign device access to their child users, but not to themselves. An account's master has access to all devices on their customer account and can set dedicated host access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::removeDedicatedHostAccess

      • removeHardwareAccess

        @ApiMethod(instanceRequired=true)
Boolean removeHardwareAccess​(Long hardwareId)
        Remove hardware from a portal user's hardware access list. A user's hardware access list controls which of an account's hardware objects a user has access to in the SoftLayer customer portal and API. Hardware does not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user does not has access to the hardware you're attempting remove add then removeHardwareAccess() returns true.

        Users can assign hardware access to their child users, but not to themselves. An account's master has access to all hardware on their customer account and can set hardware access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::removeHardwareAccess

      • removePortalPermission

        @ApiMethod(instanceRequired=true)
Boolean removePortalPermission​(Permission permission,
                               Boolean cascadePermissionsFlag)
        Remove (revoke) a permission from a portal user's permission set. [[SoftLayer_User_Customer_CustomerPermission_Permission]] control which features in the SoftLayer customer portal and API a user may use. Removing a user's permission will affect that user's portal and API access. If the user does not have the permission you're attempting to remove then removePortalPermission() returns true.

        Users can assign permissions to their child users, but not to themselves. An account's master has all portal permissions and can set permissions for any of the other users on their account.

        If the cascadePermissionsFlag is set to true, then removing the permission from a user will cascade down the child hierarchy and remove the permission from this user and all child users who also have the permission.

        If the cascadePermissionsFlag is not set or is set to false and the user has children users who have the permission, then an exception will be thrown, and the permission will not be removed from this user.

        Use the [[SoftLayer_User_Customer_CustomerPermission_Permission::getAllObjects]] method to retrieve a list of all permissions available in the SoftLayer customer portal and API. Permissions are removed based on the keyName property of the permission parameter.
        See Also:
        SoftLayer_User_Customer::removePortalPermission

      • removeVirtualGuestAccess

        @ApiMethod(instanceRequired=true)
Boolean removeVirtualGuestAccess​(Long virtualGuestId)
        Remove a CloudLayer Computing Instance from a portal user's access list. A user's CloudLayer Computing Instance access list controls which of an account's computing instances a user has access to in the SoftLayer customer portal and API. CloudLayer Computing Instances do not exist in the SoftLayer portal and returns "not found" exceptions in the API if the user doesn't have access to it. If a user does not has access to the CloudLayer Computing Instance you're attempting remove add then removeVirtualGuestAccess() returns true.

        Users can assign CloudLayer Computing Instance access to their child users, but not to themselves. An account's master has access to all CloudLayer Computing Instances on their customer account and can set instance access for any of the other users on their account.
        See Also:
        SoftLayer_User_Customer::removeVirtualGuestAccess

      • resetOpenIdConnectLink

        @ApiMethod(instanceRequired=true)
Void resetOpenIdConnectLink​(String providerType,
                            String newIbmIdUsername,
                            Boolean removeSecuritySettings)
        This method will change the IBMid that a SoftLayer user is linked to, if we need to do that for some reason. It will do this by modifying the link to the desired new IBMid. NOTE: This method cannot be used to "un-link" a SoftLayer user. Once linked, a SoftLayer user can never be un-linked. Also, this method cannot be used to reset the link if the user account is already Bluemix linked. To reset a link for the Bluemix-linked user account, use resetOpenIdConnectLinkUnifiedUserManagementMode.
        See Also:
        SoftLayer_User_Customer::resetOpenIdConnectLink

      • resetOpenIdConnectLinkUnifiedUserManagementMode

        @ApiMethod(instanceRequired=true)
Void resetOpenIdConnectLinkUnifiedUserManagementMode​(String providerType,
                                                     String newIbmIdUsername,
                                                     Boolean removeSecuritySettings)
        This method will change the IBMid that a SoftLayer master user is linked to, if we need to do that for some reason. It will do this by unlinking the new owner IBMid from its current user association in this account, if there is one (note that the new owner IBMid is not required to already be a member of the IMS account). Then it will modify the existing IBMid link for the master user to use the new owner IBMid-realm IAMid. At this point, if the new owner IBMid isn't already a member of the PaaS account, it will attempt to add it. As a last step, it will call PaaS to modify the owner on that side, if necessary. Only when all those steps are complete, it will commit the IMS-side DB changes. Then, it will clean up the SoftLayer user that was linked to the new owner IBMid (this user became unlinked as the first step in this process). It will also call BSS to delete the old owner IBMid. NOTE: This method cannot be used to "un-link" a SoftLayer user. Once linked, a SoftLayer user can never be un-linked. Also, this method cannot be used to reset the link if the user account is not Bluemix linked. To reset a link for the user account not linked to Bluemix, use resetOpenIdConnectLink.
        See Also:
        SoftLayer_User_Customer::resetOpenIdConnectLinkUnifiedUserManagementMode

      • setDefaultAccount

        @ApiMethod(instanceRequired=true)
Account setDefaultAccount​(String providerType,
                          Long accountId)
        An OpenIdConnect identity, for example an IBMid, can be linked or mapped to one or more individual SoftLayer users, but no more than one per account. If an OpenIdConnect identity is mapped to multiple accounts in this manner, one such account should be identified as the default account for that identity. Invoke this only on IBMid-authenticated users.
        See Also:
        SoftLayer_User_Customer::setDefaultAccount

      • silentlyMigrateUserOpenIdConnect

        @ApiMethod(instanceRequired=true)
Boolean silentlyMigrateUserOpenIdConnect​(String providerType)
        As master user, calling this api for the IBMid provider type when there is an existing IBMid for the email on the SL account will silently (without sending an invitation email) create a link for the IBMid. NOTE: If the SoftLayer user is already linked to IBMid, this call will fail. If the IBMid specified by the email of this user, is already used in a link to another user in this account, this call will fail. If there is already an open invitation from this SoftLayer user to this or any IBMid, this call will fail. If there is already an open invitation from some other SoftLayer user in this account to this IBMid, then this call will fail.
        See Also:
        SoftLayer_User_Customer::silentlyMigrateUserOpenIdConnect

      • updateSecurityAnswers

        @ApiMethod(instanceRequired=true)
Boolean updateSecurityAnswers​(List<Question> questions,
                              List<String> answers)
        Update a user's login security questions and answers on the SoftLayer customer portal. These questions and answers are used to optionally log into the SoftLayer customer portal using two-factor authentication. Each user must have three distinct questions set with a unique answer for each question, and each answer may only contain alphanumeric or the . , - _ ( ) [ ] : ; > < characters. Existing user security questions and answers are deleted before new ones are set, and users may only update their own security questions and answers.
        See Also:
        SoftLayer_User_Customer::updateSecurityAnswers

      • updateSubscriberDeliveryMethod

        @ApiMethod(instanceRequired=true)
Boolean updateSubscriberDeliveryMethod​(String notificationKeyName,
                                       List<String> deliveryMethodKeyNames,
                                       Long active)
        Update a delivery method for a notification that the user is subscribed to. A delivery method keyName along with an active flag can be supplied to update the active status of the delivery methods for the specified notification. Available delivery methods - 'EMAIL'. Available notifications - 'PLANNED_MAINTENANCE', 'UNPLANNED_INCIDENT'.
        See Also:
        SoftLayer_User_Customer::updateSubscriberDeliveryMethod

      • updateVpnPassword

        @ApiMethod(instanceRequired=true)
Boolean updateVpnPassword​(String password)
        Update a user's VPN password on the SoftLayer customer portal. As with portal passwords, VPN passwords must match the following restrictions. VPN passwords must...
        * ...be over eight characters long.
        * ...be under twenty characters long.
        * ...contain at least one uppercase letter
        * ...contain at least one lowercase letter
        * ...contain at least one number
        * ...contain one of the special characters _ - | @ . , ? / ! ~ # $ % ^ & * ( ) { } [ ] \ =
        * ...not match your username
        Finally, users can only update their own VPN password. An account's master user can update any of their account users' VPN passwords.
        See Also:
        SoftLayer_User_Customer::updateVpnPassword