List Users

Field	Definition	Type
Result
Users	A list of user objects, each containing its respective fields. All users in the account are listed at once. The maximum number of users that can be shown is subject to the memory available in the Workflows instance. See Workflows platform limits.	List of Objects
ID	The unique identifier of the user.	Text
UUID	The UUID of the user.	Text
Username	The username for the user.	Text
Email	The email address of the user. If this attribute is empty, Tenable Vulnerability Management uses the username value as the email address of the user.	Text
Full Name	The full name of the user.	Text
Is Enabled	Specifies whether the user account is enabled (true) or disabled (false).	True/False
Container UUID	The UUID of the Tenable Vulnerability Management instance to which the user belongs.	Text
Is Lockedout	Specifies whether the user can sign in to the Tenable Vulnerability Management app (false) or is locked out (true). Tenable Vulnerability Management automatically updates this attribute to true if the login_fail_count attribute for the user is greater than 5. To unlock a user account, reset the password of the user using the Change User Password card (change password endpoint). A user can be locked out of the user interface but still submit API requests if they are assigned the appropriate authorizations (api_permitted). To prevent a user from submitting API requests, limit authorizations using the update user authorizations endpoint, or disable the user entirely using the Update User card (update user endpoint) or enable user account endpoint.	True/False
Type	The type of user. The only supported type is local.	Text
Predefined Role	The user role represented as an integer value, as described in User Roles. The value of this field is 0 if the user is assigned a Custom Role.	Number
Groups	A list of UUIDs for the groups to which the user belongs.	List of Text
Two Factor	Two-factor authentication details. This field is omitted unless the user has set up two-factor authentication.	Object
Activated At	Activation time for two-factor authentication, represented in Unix milliseconds.	Number
Is TOTP Enabled	Specifies whether the TOTP two-factor authentication is enabled (true) or disabled (false).	True/False
Is Email Enabled	Indicates whether backup notification for two-factor authentication is enabled (true) or disabled (false). If enabled, Tenable Vulnerability Management sends the two-factor verification code in an email.	True/False
Last Successful Login	The last time (in Unix milliseconds) that the user successfully signed in to the Tenable Vulnerability Management app. This attribute is only present if the user has logged in at least once successfully to the Tenable Vulnerability Management user interface.	Number
Last Failed Login	The time (in Unix milliseconds) of the last time the user failed to sign in to Tenable Vulnerability Management. This attribute is only present if the user has attempted unsuccessfully to sign in to the Tenable Vulnerability Management app.	Number
Login Fail Count	The number of failed sign-in attempts since the user last successfully signed in to the Tenable Vulnerability Management app. If this attribute is greater than 5, Tenable Vulnerability Management locks the user account (updates the Is Lockedout (lockout) attribute for the user to true (1)). You can reset this count to 0 by using Change User Password card (changing the password of the user) or generating the API key of the user.	Number
Login Fail Total	The total number of failed sign-in attempts for the user.	Number
Is UI Permitted	Specifies whether the user can sign in to the Tenable Vulnerability Management app (true) or not (false).	True/False
Is UI SAML Only	Specifies whether the user can sign in to the Tenable Vulnerability Management app only through the IdP (true) or not (false).	True/False
Is API Permitted	Specifies whether the user can invoke Tenable Vulnerability Management APIs (true) or not (false).	True/False
Is Not Deletable	Specifies if the user account is protected from deletion (true) or not (false).	True/False

Result

Users

A list of user objects, each containing its respective fields.

All users in the account are listed at once. The maximum number of users that can be shown is subject to the memory available in the Workflows instance.

See Workflows platform limits.

List of Objects

ID

The unique identifier of the user.

Text

UUID

The UUID of the user.

Text

Username

The username for the user.

Text

Email

The email address of the user. If this attribute is empty, Tenable Vulnerability Management uses the username value as the email address of the user.

Text

Full Name

The full name of the user.

Text

Is Enabled

Specifies whether the user account is enabled (true) or disabled (false).

True/False

Container UUID

The UUID of the Tenable Vulnerability Management instance to which the user belongs.

Text

Is Lockedout

Specifies whether the user can sign in to the Tenable Vulnerability Management app (false) or is locked out (true).

Tenable Vulnerability Management automatically updates this attribute to true if the login_fail_count attribute for the user is greater than 5. To unlock a user account, reset the password of the user using the Change User Password card (change password endpoint).

A user can be locked out of the user interface but still submit API requests if they are assigned the appropriate authorizations (api_permitted). To prevent a user from submitting API requests, limit authorizations using the update user authorizations endpoint, or disable the user entirely using the Update User card (update user endpoint) or enable user account endpoint.

True/False

Type

The type of user.

The only supported type is local.

Text

Predefined Role

The user role represented as an integer value, as described in User Roles.

The value of this field is 0 if the user is assigned a Custom Role.

Number

Groups

A list of UUIDs for the groups to which the user belongs.

List of Text

Two Factor

Two-factor authentication details.

This field is omitted unless the user has set up two-factor authentication.

Object

Activated At

Activation time for two-factor authentication, represented in Unix milliseconds.

Number

Is TOTP Enabled

Specifies whether the TOTP two-factor authentication is enabled (true) or disabled (false).

True/False

Is Email Enabled

Indicates whether backup notification for two-factor authentication is enabled (true) or disabled (false). If enabled, Tenable Vulnerability Management sends the two-factor verification code in an email.

True/False

Last Successful Login

The last time (in Unix milliseconds) that the user successfully signed in to the Tenable Vulnerability Management app.

This attribute is only present if the user has logged in at least once successfully to the Tenable Vulnerability Management user interface.

Number

Last Failed Login

The time (in Unix milliseconds) of the last time the user failed to sign in to Tenable Vulnerability Management.

This attribute is only present if the user has attempted unsuccessfully to sign in to the Tenable Vulnerability Management app.

Number

Login Fail Count

The number of failed sign-in attempts since the user last successfully signed in to the Tenable Vulnerability Management app.

If this attribute is greater than 5, Tenable Vulnerability Management locks the user account (updates the Is Lockedout (lockout) attribute for the user to true (1)). You can reset this count to 0 by using Change User Password card (changing the password of the user) or generating the API key of the user.

Number

Login Fail Total

The total number of failed sign-in attempts for the user.

Number

Is UI Permitted

Specifies whether the user can sign in to the Tenable Vulnerability Management app (true) or not (false).

True/False

Is UI SAML Only

Specifies whether the user can sign in to the Tenable Vulnerability Management app only through the IdP (true) or not (false).

True/False

Is API Permitted

Specifies whether the user can invoke Tenable Vulnerability Management APIs (true) or not (false).

True/False

Is Not Deletable

Specifies if the user account is protected from deletion (true) or not (false).

True/False

Output