Update data access rules

put
https://{api-gateway-hostname}
/admin/v1/users/{username}/data-access

Update a user's data access rules

username
string<identifier>
required

The account's username identifier

The data access rules to apply to the user account

Data access ensures a user only sees the records for which they have permission

organization
array[object]

An association between a role and a unit group

role
string<identifier>
required

Role where this data access is available

<= 10240 characters
data_view
string<identifier>

Data view where this data access is available

<= 10240 characters
unit_group
string<identifier>
required

Unit group in the organization hierarchy

<= 10240 characters
unit_group_display_name
string

Display name for the Unit Group

<= 10240 characters
segments
array[object]

Segments associates the role with records meeting a specific criteria based on field values in the record

role
string<identifier>
required

Role where this data access is available

<= 10240 characters
data_view
string<identifier>

Data view where this data access is available

<= 10240 characters
field
string
required

Survey Field key

<= 10240 characters
field_display_name
string

Display name of the Survey Field

<= 10240 characters
option
string

Field option value

<= 10240 characters

The updated data access rules

X-Medallia-Rpc-Request-Id
string<identifier>

The request ID, used by Medallia support for troubleshooting

Example:
94615edd-d9d0-4921-8b3e-60615b3d3431
X-RateLimit-Limit
string

Indicates the request quota closest to reaching its limit amongst all available quotas. Follows the semantics of IETF draft-polli-ratelimit-headers.

Example:
10, 10;w=1, 100;w=86400
X-RateLimit-Limit-day
integer
deprecated

The number of requests allowed in total in a 24-hour period. Deprecated as of Sept. 2022 in favor of X-RateLimit-Limit.

Example:
10000
X-RateLimit-Limit-second
integer
deprecated

The number of requests allowed in total in a 1-second period. Deprecated as of Sept. 2022 in favor of X-RateLimit-Limit.

Example:
10
X-RateLimit-Remaining
integer

Indicates the number of requests remaining in the quota that is closest to expiring (as indicated by X-RateLimit-Limit). Follows the semantics of IETF draft-polli-ratelimit-headers.

Example:
10
X-RateLimit-Remaining-day
integer
deprecated

The number of requests available to make in a 24-hour period. Deprecated as of Sept. 2022 in favor of X-RateLimit-Remaining.

Example:
10000
X-RateLimit-Remaining-second
integer
deprecated

The number of requests available to make in a 1-second period. Deprecated as of Sept. 2022 in favor of X-RateLimit-Remaining.

Example:
10
X-RateLimit-Reset
integer

Indicates the number of seconds remaining until the quota resets. Follows the semantics of IETF draft-polli-ratelimit-headers.

Example:
10
responses
/
200
username
string<identifier>
required

The username used to identify the account

<= 10240 characters
Match pattern:
^[a-zA-Z0-9\\-_.@]+$
first_name
string
required

The first name of the user

<= 10240 characters
last_name
string
required

The last name of the user

<= 10240 characters
email
string<email>

The email address of the user

phone
string

The phone number of the user

<= 10240 characters
automatic_update
boolean

Indicates whether the user account is able to be automatically updated by Medallia ETL processes

excluded_from_user_activity
boolean

Indicates whether the user account is included in user-activity-account-split nodes in Medallia AA2 reports

company_account_id
string

The user's account ID in the company's authentication systems, set automatically during auto-logon processes

<= 10240 characters
login_blocked
boolean

Indicates whether the direct-to-Medallia user logins are blocked and, as a consequence, password resets are also blocked. This has no bearing on SSO-based authentication or mobile access codes.

data-access
object

Data access ensures a user only sees the records for which they have permission

organization
array[object]

An association between a role and a unit group

segments
array[object]

Segments associates the role with records meeting a specific criteria based on field values in the record

roles
object
required

The roles of which this account is a member

primary_role
object
required

The primary role of this account, which acts as the default role

extra_roles
array[object]
required

Secondary roles of this account

_system_properties
object
status
string

Indicates whether the account is active

Allowed values:
ACTIVEINACTIVE
created_on
string<date-time>

The timestamp when the user account was created, in ISO-8601 format yyyy-MM-dd'T'HH:mm:ss.SSSZZ

created_by
string

The username of the account or the role of the OAuth 2.0 account that created this account (if manual) or null (if the account was created through system-driven processes such as SSO)

<= 10240 characters
modified_on
string<date-time>

The timestamp when the user account was last modified, in ISO-8601 format yyyy-MM-dd'T'HH:mm:ss.SSSZZ

modified_by
string

The username of the account or the role of the OAuth 2.0 account that last modified this account (if manual) or null (if the account was last modified through system-driven processes such as SSO)

<= 10240 characters
login_blocked_reason
string

A human-friendly explanation of why a user account may be blocked

Allowed values:
TOO_MANY_FAILED_LOGINSTOO_MANY_PASSWORD_RESETSMANUAL_BLOCK
last_login
string<date-time>

The timestamp when the user account last authenticated, in ISO-8601 format yyyy-MM-dd'T'HH:mm:ss.SSSZZ

login_count
integer<int32>

The number of successful authentications for the user

failed_login_count
integer<int32>

The number of sequential, unsuccessful authentications

password_last_set
string<date-time>

The timestamp when the account's password was last set, in ISO-8601 format yyyy-MM-dd'T'HH:mm:ss.SSSZZ

password_last_emailed
string<date-time>

The timestamp when a password reset link for the account was last emailed, in ISO-8601 format yyyy-MM-dd'T'HH:mm:ss.SSSZZ

password_not_set_reason
string

The reason why the password is not set for the account

Allowed values:
PASSWORD_RESETPASSWORD_EXPIREDPASSWORD_INSECURENEW_ACCOUNT
Auth
:
Server Variables
:
Parameters
:
Body
curl --request PUT \
--url https://instance-tenant.apis.medallia.com/admin/v1/users/username/data-access \
--header 'Accept: application/json' \
--header 'Authorization: Bearer 123' \
--header 'Content-Type: application/json' \
--data '{
"organization": [
{
"role": "string",
"data_view": "string",
"unit_group": "string",
"unit_group_display_name": "string"
}
],
"segments": [
{
"role": "string",
"data_view": "string",
"field": "string",
"field_display_name": "string",
"option": "string"
}
]
}'
Response Example
1
{
2
"username": "string",
3
"first_name": "string",
4
"last_name": "string",
5
"email": "user@example.com",
6
"phone": "string",
7
"automatic_update": true,
8
"excluded_from_user_activity": true,
9
"company_account_id": "string",
10
"login_blocked": true,
11
"data-access": {
12
"organization": [
13
{
14
"role": "string",
15
"data_view": "string",
16
"unit_group": "string",
17
"unit_group_display_name": "string"
18
}
19
],
20
"segments": [
21
{
22
"role": "string",
23
"data_view": "string",
24
"field": "string",
25
"field_display_name": "string",
26
"option": "string"
27
}
28
]
29
},
30
"roles": {
31
"primary_role": {
32
"role": "string"
33
},
34
"extra_roles": [
35
{
36
"role": "string"
37
}
38
]
39
},
40
"_system_properties": {
41
"status": "ACTIVE",
42
"created_on": "2019-08-24T14:15:22Z",
43
"created_by": "string",
44
"modified_on": "2019-08-24T14:15:22Z",
45
"modified_by": "string",
46
"login_blocked_reason": "TOO_MANY_FAILED_LOGINS",
47
"last_login": "2019-08-24T14:15:22Z",
48
"login_count": -2147483648,
49
"failed_login_count": -2147483648,
50
"password_last_set": "2019-08-24T14:15:22Z",
51
"password_last_emailed": "2019-08-24T14:15:22Z",
52
"password_not_set_reason": "PASSWORD_RESET"
53
}
54
}