User API
Users who have can_access_user_api permission have access to the user API endpoints which can be used to list and modify user records in the TrialGrid system.
Users can be granted this permission at the organization level, see organization user list.
The API only provides access to users in the same Organization as the user making the request. You cannot update users who belong to other Organizations.
Reading user information
The API provides a number of endpoints for listing Urls, Projects, Project Roles and users. See the API documentation for more information.
Writing user information
The API provides endpoints for updating user information.
Important
A user with can_access_user_api has access to ALL users within their Organization and can use the endpoints described here to modify users. It is similar to Admin role in Medidata Rave.
/api/v2/user_project_invite/email/
This endpoint takes a JSON payload containing the user email address and the names of the url, project and project role to be assigned to the user. It can also optionally take a unique_employee_id identifier which, if provided, must be unique across all users in the organization.
This endpoint is exactly the same as using the invite user functionality from the Project Team page - it looks up and invites users via the provided email address.
If the user does not exist then they will be created and the system will send the user an invite.
If the user already exists in the system but has not yet claimed their account then they will be sent another invite.
If the user already exists in the system and has an active account they will be sent an email notification that they have been invited to this Project.
If the user exists and has previously claimed their account but the account is inactive then their account will be re-activated so that they can log in but their password will be changed to a random string. They will be notified that their account has been reactivated and that they must change their password before they can log in via email. The user should use the forgot password functionality to reset their password if they are using standard authentication - if the user is activated for Single Sign On (SSO) then they will be able to log in immediately via SSO.
/api/v2/user_project_invite/unique_employee_id/
This endpoint takes a JSON payload containing the user unique employee id, email address and the names of the url, project and project role to be assigned to the user.
It is useful when you want to invite a user to a project, identifying them via their unique employee id rather than by their email address. If the email address sent is different to the one recorded for that user then it will be changed. Note that the email address must be universally unique - no other user in the system must have the same email address or the attempt to change the email address will fail.
This endpoint is exactly the same as using the invite user functionality from the Project Team page except that it looks up existing users to invite via their unique_employee_id and updates email addresses.
If the user does not exist then they will be created and the system will send the user an invite.
If the user already exists in the system but has not yet claimed their account then they will be sent another invite.
If the user already exists in the system and has an active account they will be sent an email notification that they have been invited to this Project.
If the user exists and has previously claimed their account but the account is inactive then their account will be re-activated so that they can log in but their password will be changed to a random string. They will be notified that their account has been reactivated and that they must change their password before they can log in via email. The user should use the forgot password functionality to reset their password if they are using standard authentication - if the user is activated for Single Sign On (SSO) then they will be able to log in immediately via SSO.
/api/v2/deactivate_user/email/
This endpoint takes a JSON payload containing the user email address. It will:
Remove all Project Roles from the user
Remove the user from all URLs in the TrialGrid system
Remove the user as owner from any Project where they are set as owner
Deactivate the user so they cannot log in
Note that you cannot deactivate a user who does not belong to your organization.
/api/v2/deactivate_user/unique_employee_id/
This endpoint takes a JSON payload containing the users unique employee id. It will:
Remove all Project Roles from the user
Remove the user from all URLs in the TrialGrid system
Remove the user as owner from any Project where they are set as owner
Deactivate the user so they cannot log in
Note that you cannot deactivate a user who does not belong to your organization.
/api/v2/remove_user_from_project/email/
This endpoint takes a JSON payload containing the user email address and the names of the url and project the user should be removed from. It will remove the user Project Role from that Project (if any) but does not remove the user from being the owner of the project if they are set as the owner. It also does not remove them from the URL so they may have ongoing read-only access to the Project if it is set to allow it via the "All users in URL can view" setting.
/api/v2/remove_user_from_project/unique_employee_id/
This endpoint takes a JSON payload containing the user unique employee id and the names of the url and project the user should be removed from. It will remove the user Project Role from that Project (if any) but does not remove the user from being the owner of the project if they are set as the owner. It also does not remove them from the URL so they may have ongoing read-only access to the Project if it is set to allow it via the "All users in URL can view" setting.
See the API documentation for more information.