Users with denied devices (rs/nac/denieduser)

This resource returns a list of device users that are assigned one or more devices with network access status Deny.

Only users from an external LDAP directory are listed.

URL

https://<smc_server_address>/rs/nac/denieduser

Method

GET

Request header

Key Value
X-SMCRS-Auth-Session Session authentication token from the login response

Request body

empty

Response body

JSON array containing objects with the following structure:

Key Type Description
userIdentifier String User name
deniedDevices Array of device objects List of devices with network access status Deny

Device objects have the following structure:

Key Type Description
deviceId Integer Internal device identifier
deniedReason String

Possible values:

denied by compliance violation: Network access is denied because of a compliance violation.

denied by admin: Network access is unconditionally denied in device settings.

Note For customers with internal user management, the service responds with an empty JSON array [].

HTTP response status

Status code Description
200 OK Request was successfully processed
401 Unauthorized Administrator is not authorized or the authentication token has expired
403 Forbidden Administrator does not have sufficient rights

Example request

POST /rs/nac/denieduser HTTP/1.1
Host: smc.yourcompany.com
X-SMCRS-Auth-Session: da81d6d2-3c02-4f18-8115-f4188d84e851

Example response

[
   {
      "userIdentifier": "a user name",
      "deniedDevices": [
         {
            "deviceId": 12069,
            "mac": "023333333333",
            "deniedReason": "denied by admin"
         },
         {
            "deviceId": 22079,
            "mac": "024444444444",
            "deniedReason": "denied by compliance violation"
         }
      ]
   }
]