Returns data and metadata about a user attribute or attributes. There is no difference if input parameters are sent in query string or request's body.
If only the very existence of attributes needs to be checked, it is faster and less resource-extensive to invoke exists instead of using this endpoint.
While the call's Python equivalent has two versions, one for individual and the other for multiple attributes, with REST there is a single endpoint to cover both cases. Yet, just like in the Python call, it is more efficient to get multiple attributes in one REST call instead of repeatedly reading in individual ones.
| Name | Datatype | Optional | Notes |
|---|---|---|---|
| ust | string | --- | Current user's session token (UST) |
| current_app | string | --- | Name of application that the call is attempted from |
| user_id | string | Yes | ID of the user to get an attribute or attributes of |
| name | string | Yes | If a single attribute is to be returned, the attribute's name |
| decrypt | bool | Yes | Should the attribute's value be decrypted if it is in an encrypted form in the database |
| data | list | Yes | If multiple attributes are to be returned, this is a list of their names |
| Name | Datatype | Optional | Notes |
|---|---|---|---|
| cid | string | --- | Correlation ID assigned to request |
| status | string | --- | Overall status code |
| sub_status | list | Yes | Returned only if status is not "ok", a list of error or warning codes |
| found | bool | Yes | If a single attribute was requested, indicates if it was found or not |
| name | string | Yes | (Returned only if found is "true") Attribute's name rewritten from input |
| value | string | Yes | (Returned only if found is "true") Attribute's value |
| creation_time | datetime | Yes | (Returned only if found is "true") When was the attribute created |
| last_modified | datetime | Yes | (Returned only if found is "true") When was the attribute last modified |
| expiration_time | datetime | Yes | (Returned only if found is "true") When will the attribute expire |
| is_encrypted | string | Yes | (Returned only if found is "true") True if attribute's value is stored encrypted in the database, else otherwise |
$ curl -XGET localhost:17010/zato/sso/user/attr -d '
{
"current_ust": "gAAAAABavmAV3rw6fQUS-HgRE...",
"current_app": "CRM",
"user_id": "zusr6fh6fdgd4997ksjkpx7qnk659q",
"name": "my-attribute"
}
'
{
"status": "ok",
"cid": "b67f4fd8a86c529e92be1e60",
"found": true,
"name": "my-attribute",
"value": "my-value",
"creation_time": "2028-03-27T16:42:45",
"last_modified": "2028-03-27T16:42:45",
"expiration_time": "9999-12-31T00:00:00",
"is_encrypted": false
}