REST API Guide: Managing Users

Updated September 10, 2025

This guide outlines the steps to add or update a user using the REST API. The tool used for this demonstration is Postman.

1. Generate API Token

  • Log in to Access Control System using the admin operator/profile.

  • Navigate to Configuration → REST API.

  • Click on Get Token, then click Test Function to generate an API token.

    • The generated token will be displayed under the Results section.

    • Important: This token should be used consistently throughout the session. If you regenerate a token, the previous one will become invalid.


2. Verify Token Validity

To confirm that your token is valid:

  1. Use the check_token_api endpoint.

  2. Pass the token as a query parameter.

A valid response will return:

{

"Success": "Valid Token"

}


3. Retrieve Personnel Records

To retrieve personnel records:

  1. Use the get_personnel_api endpoint.

  2. Pass the previously generated token as a parameter.

Upon success, you'll receive a 200 OK response along with personnel records in JSON format.
Note: If you generate a new token at this stage, the previously generated token will no longer work.

 

4. Update or Add a User

Use the json_personnel_save_api endpoint to either update an existing user or add a new one.

To Update a User:

  • Include the ID of the existing user in the JSON body.

  • Modify the fields as needed (e.g., changing first_name to "Saleem" for user ID 28247).

  • A successful update will return a 200 OK response along with the user ID.

To Add a New User:

  • Use the same json_personnel_save_api endpoint.

  • Do not include an ID in the JSON payload.

  • A new user will be created, and you will receive a 200 OK response with the new user ID (e.g., ID = 28256).

Here is the newly created user with ID = 28256


5. Delete a User

To delete a user:

  1. Use the json_personnel_delete_api endpoint.

  2. In the JSON body, pass the ID of the user you want to delete.

A successful request will remove the user from the system. See the screenshot below for reference.


6. View and Modify Access Levels

To View Personnel Access Levels:

  • Use the get_personnel_acl_api endpoint.

  • Pass the same token, generated in step -1, user ID to retrieve access level data for that user.

The response will include all access levels currently assigned to the user.


To Add or Update Access Levels:

  • Use the json_personnel_acl_save_api endpoint.

  • Pass the following in the JSON body:

{

  "ID": "28256",

  "controller_group": "2",

  "acl": "1,2,3"

}

Where:

  • ID is the user ID,

  • controller_group refers to the controller group, in this case controller group 2,

  • acl includes a comma-separated list of access levels, in this example, we are adding access levels 1, 2 and 3 to this user.

  • To delete access levels from user, pass an empty string for acl, as shown below

{

  "ID": "28256",

  "controller_group": "2",

  "acl": ""

}


Was this article helpful?