User Management REST APIs

Overview

Oracle CPQ customers can leverage identity management solutions such as Oracle Identity Cloud Service (IDCS) to simplify the administration of users and passwords. CPQ’s integration features simplify the implementation of identity services for Enterprise customers by allowing customers to delegate user management activities.

Oracle CPQ supports two User Management REST APIs as follows:

User REST APIs supports activities such as user creation, activation, revocation, and password management for host company users to IDCS or other Identity Service providers.
SCIM-Compliant User REST APIs are compliant with the System for Cross-domain Identity Management (SCIM) specification. The SCIM specification is an open standard that facilitates managing user identities across cloud-based applications and services. These endpoints retrieve user details and perform actions to create, update, or inactivate a user. The SCIM-Compliant User REST APIs are supported beginning with Oracle CPQ 23B and REST v14 and later.

Administration

User REST APIs

Administrators can retrieve user details, create and modify users, and reset user passwords via User REST APIs.

Get All Users

Get All Users
Description	This endpoint returns all users accessible to the current user.
URI Endpoint	/rest/v17/users
Endpoint Query Parameters	This endpoint supports the following query specifications. For more information, see Manage Collections. q - Declares a query specification expression. expand - return child resource details. Supports only groups and accessPermissions limit -Specifies the pagination limit, up to 1000. If no limit is specified or if a limit greater than 1000 is specified, a pagination limit of 1000 will be used. offset - Specifies the offset in the record set to start the response from. Usually used in conjunction with limit parameter to obtain the next set of records. totalResults - Specifies that the total count of records should be included in the response when doing pagination.Only effective when limit or offset are specified. orderby - Specifies a comma-separated list of fields to order the response by. excludeLinks - Exclude links from the response. fields - A list of fields to be returned.
Accept Header	`application/json`	Returns a JSON object (default application type)
`application/zip`	Returns a zip file
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	The response will contain a list of all the users that the logged in user is authorized to view. The logged in user's access is governed by their company type, their user type, their user permissions and the administrator group(s) to which they are a member. Please review Administrator Access Control for additional details on user authorization.

Get All Company Users

Get All Company Users
Description	This endpoint returns all users for the specified company accessible to the current user.
URI Endpoint	/rest/v17/companies/{companyName}/users
Endpoint Parameters	companyName	The company name associated with the user. For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
Endpoint Query Parameters	This endpoint supports the following query specifications. For more information, see Manage Collections. q - Declares a query specification expression. expand - return child resource details. Supports only groups and accessPermissions limit -Specifies the pagination limit, up to 1000. If no limit is specified or if a limit greater than 1000 is specified, a pagination limit of 1000 will be used. offset - Specifies the offset in the record set to start the response from. Usually used in conjunction with limit parameter to obtain the next set of records. totalResults - Specifies that the total count of records should be included in the response when doing pagination. Only effective when limit or offset are specified. orderby - Specifies a comma-separated list of fields to order the response by. excludeLinks - Exclude links from the response. fields - A list of fields to be returned.
Accept Header	`application/json`	Returns a JSON object (default application type)
`application/zip`	Returns a zip file
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	This endpoint returns a list of users for the specified company as JSON data or as a Zip file depending on Accept type passed in the request header.

Import Company Users

Import Company Users
Description	This endpoint is used to import users of specified company stored in a zip file. If administration groups are enabled, then only users with User Administrator permission and Access to the Bulk Upload segment are allowed to import users.
URI Endpoint	/rest/v17/companies/{companyName}/actions/import
Endpoint Parameters	companyName	The company name associated with the user. For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
Request Supported Media Type	form-data
Form Parameters	File	Select zip file to be imported
HTTP Method	POST
Request Body Parameters	None
Response Body Parameters	Upload File Task details

Get Company User Details

Get Company User Details
Description	This operation returns user details for a specific user.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	JSON data for the user. Returns all attributes from the user object in JSON format.

Create Company User

Create Company User
Description	This operation creates a new user.
URI Endpoint	/rest/v17/companies/{companyName}/users
Endpoint Parameters	companyName	The company name associated with the user. For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
HTTP Method	POST
Request Body Parameters	displayValue property is optional for all complex properties (type, language, currency, numberFormat, timeZone, units , dateFormat, status, enabledForSso).
email	The email address of the user (Required)
firstName	The first name of the user (Required)
login	The login ID of the user (Required)
type	The type of user (Required)
language	The language to associate with the user
currency	The currency to associate with the user
lastName	The last name of the user
emailPassword	Send an email containing the password to the email address specified in the email field? Yes = true No = false
jobTitle	The job title of the user
phone	The phone number of the user
fax	The fax number of the user
billFirstName	The billing first name
billLastName	The billing last name
billCompany	The billing company
billCompany2	Additional billing company information
billAddress1	The billing address
billAddress2	Additional billing address information
billCity	The city associated with the billing address
billStateProvince	The state or province to associate with the billing address
billZip	The zip code to associate with the billing address
billCountry	The country to associate with the billing address
billPhone	The phone number to associate with the billing address
billFax	The fax number to associate with the billing address
billEmail	The email address to associate with the billing address
shipFirstName	The shipping first name
shipLastName	The shipping last name
shipCompany	The shipping company
shipCompany2	Additional shipping company information
shipAddress1	The shipping address
shipAddress2	Additional shipping address information
shipCity	The city associated with the shipping address
shipStateProvince	The state or province associated with the shipping address
shipZip	The zip code to associate with the shipping address
shipCountry	The country to associate with the shipping address
shipPhone	The phone number to associate with the shipping address
shipFax	The fax number to associate with the shipping address
shipEmail	The email address to associate with the shipping address
timeZone	The time zone of the user
externalSsoId	The external Single Sign On ID to associate with the user
approvalDelegate	The approval delegate associated with the user
separateShipAddr	Is there a separate shipping address for the user? Yes = true No = false
isNotifyEmail	Is the notification preference email? Yes = true No = false
isNotifyFax	Is the notification preference fax? Yes = true No = false
isSuperUserPermEnabled	Is User Administrator permission enabled? Yes = true No = false
isWebServicesOnly	Is Web Services Only enabled? Yes = true No = false
numberFormat	The number format preference
units	The user’s unit-type preference
dateFormat	The user’s date preference
status	The status of the user
enabledForSso	The Single Sign-On information associated with the user
isAccessAdminPremEnabled	Is Access Administrator permissions enabled? Yes = true No = false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true No = false
groups	A list of groups that the user has access to.
accessPermissions	A list of access permissions for Product Families, Supported Product Families, and Data Table Folders for the user.
Response Body Parameters	JSON data for the new user.

Update/Create Company User

Update/Create Company User
Description	This operation replaces the details of an existing user or creates a new user. If the Request URI references an existing user, the existing user details are replaced with an updated version of the user details. If the Request URI references a user that does not already exist, a new user is created. CPQ is standardizing v11 REST APIs with the PUT method. Beginning in v11, any parameters that are not explicitly included in the request body will be set to the default value, including "isAccessAdminPremEnabled" and "isWebServicesOnly" properties. If you are not sending all parameters in the request to update a user, you should use the PATCH method to avoid clearing unspecified properties.
URI Endpoint	/rest/v17/companies/{companyName}/users/{userName}
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
HTTP Method	PUT
Request Body Parameters	password and emailPassword properties are only considered for new user request and are ignored for existing users. displayValue property is optional for all complex properties (type, language, currency, numberFormat, timeZone, units , dateFormat, status, enabledForSso).
type	The type of user
language	The language to associate with the user
currency	The currency to associate with the user
login	The login ID of the user
firstName	The first name of the user
lastName	The last name of the user
jobTitle	The job title of the user
email	The email address of the user
phone	The phone number of the user
fax	The fax number of the user
billFirstName	The billing first name
billLastName	The billing last name
billCompany	The billing company
billCompany2	Additional billing company information
billAddress1	The billing address
billAddress2	Additional billing address information
billCity	The city associated with the billing address
billStateProvince	The state or province to associate with the billing address
billZip	The zip code to associate with the billing address
billCountry	The country to associate with the billing address
billPhone	The phone number to associate with the billing address
billFax	The fax number to associate with the billing address
billEmail	The email address to associate with the billing address
shipFirstName	The shipping first name
shipLastName	The shipping last name
shipCompany	The shipping company
shipCompany2	Additional shipping company information
shipAddress1	The shipping address
shipAddress2	Additional shipping address information
shipCity	The city associated with the shipping address
shipStateProvince	The state or province associated with the shipping address
shipZip	The zip code to associate with the shipping address
shipCountry	The country to associate with the shipping address
shipPhone	The phone number to associate with the shipping address
shipFax	The fax number to associate with the shipping address
shipEmail	The email address to associate with the shipping address
timeZone	The time zone of the user
externalSsoId	The external Single Sign On ID to associate with the user
approvalDelegate	The approval delegate associated with the user
separateShipAddr	Is there a separate shipping address for the user? Yes = true No = false
isNotifyEmail	Is the notification preference email? Yes = true No = false
isNotifyFax	Is the notification preference fax? Yes = true No = false
isSuperUserPermEnabled	Is User Administrator permission enabled? Yes = true No = false
isWebServicesOnly	Is Web Services Only enabled? Yes = true No = false
numberFormat	The number format preference
units	The user’s unit-type preference
dateFormat	The user’s date preference
status	The status of the user
enabledForSso	The Single Sign-On information associated with the user
isAccessAdminPremEnabled	Is Access Admin permissions enabled? Yes = true No = false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true No = false
groups	A list of groups that the user has access to.
accessPermissions	A list of access permissions for Product Families, Supported Product Families, and Data Table Folders for the user.
Response Body Parameters	JSON data for the new version of user details.

Update Company User

Update Company User
Description	This operation applies changes to an existing user.
URI Endpoint	/rest/v17/companies/{companyName}/users/{userName}
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
HTTP Method	PATCH
Request Body Parameters	type	The type of user
language	The language to associate with the user
currency	The currency to associate with the user
login	The login ID of the user
firstName	The first name of the user
lastName	The last name of the user
jobTitle	The job title of the user
email	The email address of the user
phone	The phone number of the user
fax	The fax number of the user
billFirstName	The billing first name
billLastName	The billing last name
billCompany	The billing company
billCompany2	Additional billing company information
billAddress1	The billing address
billAddress2	Additional billing address information
billCity	The city associated with the billing address
billStateProvince	The state or province to associate with the billing address
billZip	The zip code to associate with the billing address
billCountry	The country to associate with the billing address
billPhone	The phone number to associate with the billing address
billFax	The fax number to associate with the billing address
billEmail	The email address to associate with the billing address
shipFirstName	The shipping first name
shipLastName	The shipping last name
shipCompany	The shipping company
shipCompany2	Additional shipping company information
shipAddress1	The shipping address
shipAddress2	Additional shipping address information
shipCity	The city associated with the shipping address
shipStateProvince	The state or province associated with the shipping address
shipZip	The zip code to associate with the shipping address
shipCountry	The country to associate with the shipping address
shipPhone	The phone number to associate with the shipping address
shipFax	The fax number to associate with the shipping address
shipEmail	The email address to associate with the shipping address
timeZone	The time zone of the user
externalSsoId	The external Single Sign On ID to associate with the user
approvalDelegate	The approval delegate associated with the user
separateShipAddr	Is there a separate shipping address for the user? Yes = true No = false
isNotifyEmail	Is the notification preference email? Yes = true No = false
isNotifyFax	Is the notification preference fax? Yes = true No = false
isSuperUserPermEnabled	Is User Administrator permission enabled? Yes = true No = false
isWebServicesOnly	Is Web Services Only enabled? Yes = true No = false
numberFormat	The number format preference
units	The user’s unit-type preference
dateFormat	The user’s date preference
status	The status of the user
enabledForSso	The Single Sign-On information associated with the user
isAccessAdminPremEnabled	Is Access Admin permissions enabled? Yes = true No = false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true No = false
groups	A list of groups that the user has access to.
accessPermissions	A list of access permissions for Product Families, Supported Product Families, and Data Table Folders for the user.
Success Response	HTTP Code 204

Get User Access Permissions

Get User Access Permissions
Description	This endpoint returns Product Family, Supported Product Families, and Data Table folder access permissions for the specified user. Access permissions for a user will be available only when Administration Groups are disabled.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/accessPermissions
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
fields	Restrict which fields shall be returned. The value is a comma delimited string and each token is a field name.
excludeLinks	Exclude given link types from response.
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	name	Name of the entity to which access restrictions apply.
variableName	Variable name of the entity to which access restrictions apply.
hasAccess	Boolean attribute that indicates if a user has access to the restricted entity.
type	Type of the restricted entity. Possible values productFamily, supportedProductFamily and dataTableFolder.

Update User Access Permissions

Update User Access Permissions
Description	This endpoint replaces the access permissions of an existing user with new permissions passed in the request body.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/accessPermissions
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
HTTP Method	PUT
Request Body Parameters	name	(Optional) Name of the entity to which access restrictions apply.
variableName	Variable name of the entity to which access restrictions apply.
hasAccess	Boolean attribute that indicates if a user has access to the restricted entity. The default value is false. This parameter is required to grant and continue access to a restricted entity.
type	Type of the restricted entity. Possible values productFamily, supportedProductFamily and dataTableFolder.
Response Body Parameters	Returns the updated user access permissions.

Get User Groups

Get User Groups
Description	This endpoints returns all groups assigned to specified user.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/groups
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
Endpoint Query Parameters	This endpoint supports the following query specifications. For more information, see Manage Collections. q - Declares a query specification expression. expand - return child resource details. Supports only groups and accessPermissions limit -Specifies the pagination limit, up to 1000. If no limit is specified or if a limit greater than 1000 is specified, a pagination limit of 1000 will be used. offset - Specifies the offset in the record set to start the response from. Usually used in conjunction with limit parameter to obtain the next set of records. totalResults - Specifies that the total count of records should be included in the response when doing pagination. Only effective when limit or offset are specified. orderby - Specifies a comma-separated list of fields to order the response by. excludeLinks - Exclude links from the response. fields - A list of fields to be returned.
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	Returns the group name, group variable name, and group type for the groups the user is assigned to.

Update User Groups

Update User Groups
Description	This operation to update assigned groups for the specified user.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/groups
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user
HTTP Method	PUT
Request Body Parameters	An array of group names, group variable names, and group types to which user should belong. Note: The user will be removed from the existing groups which are not passed in request.
Response Body Parameters	JSON data for the user groups. Returns all attributes from the user groups object in JSON format.

Get User Password Security Question

Get User Password Security Question
Description	This endpoint returns the password security question for the specified user.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/password
Endpoint Parameters	companyName	The company name of the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user.
HTTP Method	GET
Request Body Parameters	None
Success Response	Returns the user security question.

Update User Security Question or Password

Update User Security Question or Password
Description	This endpoint is used to change the password, security question, or the secret answer of the current user.
URI Endpoint	/rest/v17/companies/{companyName}/users/{userName}/password
Endpoint Parameters	companyName	The company name associated with the user For Host Company users, use _host. For Partner Organization users, use the Partner Organization company login name.
	userName	The login ID of the user
HTTP Method	PATCH
Request Body Parameters	currentPassword	Current Password of User
newPassword	New Password for User
securityQuestion	Security Question for User
secretAnswer	Secret Answer for User
Success Response	responses: 204 Change password is successful

Reset User Password

Reset User Password
Description	This operation creates a temporary password and sends it to the user’s email.
URI Endpoint	/rest/v17/companies/{companyname}/users/{userName}/actions/resetPassword
Endpoint Parameters	companyName	The company name of the user For Host Company users, use _host For Partner Organization users, use the Partner Organization company login name.
userName	The login ID of the user.
HTTP Method	POST
Request Body Parameters	password	Password is an optional parameter. When no password is provided an email will be sent to the user prompting them to create a new password.
Success Response	HTTP Code 204

Bulk Update User Status

Bulk Update User Status
Description	This endpoint is used to perform a bulk update of user status based on the criteria passed in the request body.
URI Endpoint	/rest/v17/users/actions/bulkUpdate
Endpoint Parameters	None
HTTP Method	POST
Request Body Parameters	userData	Contains the property names to be updated. Currently, only the status field is supported. To update status for users that match the specified criteria, use one of the following values: `"value": 0` - to change status to "Inactive" `"value": 1` - to change status to "Active" displayValue property is optional for status.
criteria	Use the "q" query specification to declare a user query specification expression in MongoDB format. For more information, see Criteria Query Parameters.
Response Body Parameters	204: All Users updated successfully.

SCIM-Compliant User REST APIs

The SCIM specification is an open standard that facilitates managing user identities across cloud-based applications and services. This REST API retrieves user details and performs actions to create, update, or inactivate a user.

Beginning in Oracle CPQ 23C, the SCIM-Compliant User Management REST API supports PATCH method which allows administrators to update a user record instead of fully replacing the entire record. Administrators need to determine the best method for adding, updating, or removing migration package contents. The differences in the SCIM-Compliant User Management PUT and PATCH methods are as follows:

PUT – replaces the entire set of values with an entire new set of values which include the added and/or updated resource. You may want to use this method when there are many changes to the values. If there is a validation failure with any field, the request fails and the content remains unchanged.

PATCH – adds or updates resource within the existing set of values. You may to use this method when the sequence of resource changes is key to the content result and when error checking for each modification is desired.

Oracle CPQ and Core User Schema Attribute Mapping

Oracle CPQ Attribute	Core User Scheme Attribute	Extension User	Oracle CPQ Extension User	Required	Notes
login	userName			Yes
password	password			No	To auto-generate a temporary password, leave the password field blank.
First Name	name.givenName			Yes
Last Name	name.familyName			No
Email	emails emails{<type}.primary emails{work}.value			Yes	An error occurs if the request payload has more than one email
Email Password
Company		organization		No	Default value is host company
Language	preferredLanguage			No	Possible values: en_US (default) de_DE fr_FR es_ES it_IT
Type			userType	No	Possible values: FULL_ACCESS CHANNEL_AGENT FULL_ACCESS SALES_AGENT RESTRICTED_ACCESS (default value if the field is blank)
Status	active			No	Possible values: True (default) False
Time Zone	timezone			No	Default is America/Chicago
Currency			currency	No	Default is USD
Date/Time Format			dateFormat	No	Possible values: MM/dd/yyyy h:mm a" "MM/dd/yyyy HH:mm" "dd/MM/yyyy HH:mm" "dd.MM.yyyy HH:mm" "yyyy/MM/dd HH:mm" "yyyy.MM.dd HH:mm" "dd/MM/yyyy HH:mm" "dd/MM/yyyy H:mm" "yyyy/MM/dd H:mm" "yyyy-MM-dd h:mm a" "yyyy-MM-dd h:mm a" "yyyy/MM/dd h:mm a" "dd/MM/yyyy HH:mm" "dd/MM/yyyy H:mm" "yyyy/MM/dd H:mm" "MM/dd/yyyy h:mm a" "dd/MM/yyyy h:mm a" "yyyy-MM-dd HH:mm"
Number Format			numberFormat	No	Possible values: ####.## ####,##
Units				No	Possible values: System (defualt) English Metric
Notification Preference			isNotifyEmail isNotifyFax	No
Delegated Approver			approvalDelegate	No
Job Title	title			No
Fax Number Phone Number	phoneNumbers phoneNumbers{<type>}.primary phoneNumbers{work}.value (Mobile and/or Fax)			No	If a <type> value is not provided, it is taken as a phone number (default)
EnabledForSso			enabledForSso	No	Possible values: NOT_ENABLED SSO_ENABLED SSO_ONLY
External SSO ID			ExternalSsoId	No
IDCS GUID			Idcs_guid	No
isSuperUserPermEnabled			isSuperUserPermEnabled	No
isWebServicesOnly			isWebServicesOnly	No
isAccessAdminPermEnabled			isAccessAdimPermEnabled	No
isProxyPermEnabled			isProxyPermEnabled	No
isMobileEnabled			isMobileEnabled	No
Partner Login			partnerLogin	No
stdcOrgId			sfdcOrgId	No
id	id				CPQ GUID
Separate Ship Addr			separateShipAddr	No	Use to indicate both ship and bill address are same or different address.
Bill To/Ship To (SCIM : Field type: addresses (Complex mulit-valued attribute))
	addresses.type				SCIM Attribute BILL_TO/SHIP_TO
First Name			address[<Type>].name.givenName	No
Last Name			address[<Type>].name.lastName	No
Company Name			address[<Type>].companyName	No
Company Name 2			address[<Type>].companyName2	No
City			address[<Type>].locality	No
State/Province			address[<Type>].region	No
Zip/Postal Code			address[<Type>].postalCode	No
Country			address[<Type>].country	No
Phone			address[<Type>].phone	No
Fax			address[<Type>].fax
Email			address[<Type>].email	No

Get All Users

Get All Users
Description	This endpoint returns a list of all users.
URI Endpoint	/rest/v17/scim/users
Endpoint Query Parameters	q	Optional) This endpoint supports query specifications that follow Oracle CPQ query and pagination parameters syntax. The following SCIM attribute filters are available: `startIndex` `count` `filter` `totalResults` `resources` `sortBy` `sortOrder` Query specifications follow a subset of MongoDB syntax and can be used to organize or narrow return data. For more information,see Manage Collections.
HTTP Method	GET
Request Body Parameters	None
Response Body Parameters	The response will contain a list of all the users that the logged in user is authorized to view. The logged in user's access is governed by their company type, their user type, their user permissions and the administrator group(s) to which they are a member. Please review Administrator Access Control for additional details on user authorization.

Get a User

Get a User
Description	This endpoint returns details about a specific user.
URI Endpoint	/rest/v17/scim/users/{id}
Endpoint Parameters	id	The unique identifier for the user.
HTTP Method	GET
Request Body Parameters	NONE
Response Body Parameters	JSON data for the specific user. Note: HTTP Code 404 displays if user does not exist

Create a User

Create a User
Description	This endpoint creates a new user.
URI Endpoint	/rest/v17/scim/users
Endpoint Parameters	None
HTTP Method	POST
Request Body Parameters	emails	The primary email of the user (Required)
givenName	The first name of the user (Required)
familyName	The last name of the user
userName	The login of the user (Required)
preferredLanguage	The preferred language of the user
currency	The currency to associate with the user
active	The status of the user. This value must be set to true. (Required)
oraganization	The company name of the user. The default value is the host company.
userType	The type of user. The default is RESTRICTED_ACCESS.
dateFormat	The ID of the date format preference
numberFormat	The ID of the number format preference
units	The ID of the user's unit type preference
approvalDelegate	The approval delegate assoicated with the user
address	The address type (Ship to or Bill to)
address1	The shipping/billing address 1
address2	The shipping/billing address 2
locality	The city/locality of the shipping/billing address
companyName	The shipping/billing company
companyName2	The shipping/billing company 2
region	The state/region of the shipping/billing address
postalCode	The zip code/postal code of the shipping/billing address
country	The country of the shipping/billing address
phone	The phone number to associate with the shipping/billing address
fax	The fax number to associate with the shipping/billing address
enabledForSSO	The Single Sign-On information associated with the user
externalSsoId	The external Single Sign On ID to associate with the user
isNotifyFax	Is the notification preference fax? Yes = true Not - false
isNotifyEmail	Is the notification preference email? Yes = true Not - false
fax	The fax number of the user
isSuperUserPermEnabled	Is SuperUser Administrator permission enabled? Yes = true Not - false
isWebServiesOnly	Is Web Services Only enabled? Yes = true Not - false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true Not - false
isAccessAdminPermEnabled	Is Access Administrator permission enabled? Yes = true Not - false
partnerLogin	The partner login of the user
SeparateShipAddr	Is there a separate shipping address? Yes = true Not - false
Response Body Parameters	JSON data for the specific user. Note: HTTP Code 400 is provided if the new user is not created

Update a User

Update a User
Description	This endpoint updates an existing user.
URI Endpoint	/rest/v17/scim/users/{id}
Endpoint Parameters	id	The unique identifier for the user.
HTTP Method	PUT
Request Body Parameters	emails	The primary email of the user (Required)
givenName	The first name of the user (Required)
familyName	The last name of the user
userName	The login of the user (Required)
preferredLanguage	The preferred language of the user
currency	The currency to associate with the user
active	The status of the user. This value must be set to true. (Required)
oraganization	The company name of the user. The default value is the host company.
userType	The type of user. The default is RESTRICTED_ACCESS.
dateFormat	The ID of the date format preference
numberFormat	The ID of the number format preference
units	The ID of the user's unit type preference
approvalDelegate	The approval delegate assoicated with the user
address	The address type (Ship to or Bill to)
address1	The shipping/billing address 1
address2	The shipping/billing address 2
locality	The city/locality of the shipping/billing address
companyName	The shipping/billing company
companyName2	The shipping/billing company 2
region	The state/region of the shipping/billing address
postalCode	The zip code/postal code of the shipping/billing address
country	The country of the shipping/billing address
phone	The phone number to associate with the shipping/billing address
fax	The fax number to associate with the shipping/billing address
enabledForSSO	The Single Sign-On information associated with the user
externalSsoId	The external Single Sign On ID to associate with the user
isNotifyFax	Is the notification preference fax? Yes = true Not - false
isNotifyEmail	Is the notification preference email? Yes = true Not - false
fax	The fax number of the user
isSuperUserPermEnabled	Is SuperUser Administrator permission enabled? Yes = true Not - false
isWebServiesOnly	Is Web Services Only enabled? Yes = true Not - false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true Not - false
isAccessAdminPermEnabled	Is Access Administrator permission enabled? Yes = true Not - false
partnerLogin	The partner login of the user
SeparateShipAddr	Is there a separate shipping address? Yes = true Not - false
Response Body Parameters	HTTP Code 200

Add, Replace, or Remove User Information

Add, Replace, or Remove User Information
Description	This endpoint performs an operation to add user information, update existing user information or remove existing user information for a specified user. The endpoint supports a single operation request or multiple operation requests performed sequentially.
URI Endpoint	/rest/v17/scim/users/{id}
Endpoint Parameters	id	The unique identifier for the user.
HTTP Method	PATCH
Request Body Parameters	op	The operation type parameter: `add` `replace` `remove` Add/Replace Operation: The operation must contain a "`value`" member whose content specifies the value to be added. The value may be a quoted value, or it may be a JSON object containing the sub-attributes of the complex attribute specified in the operation’s "`path`". If the "`path`" parameter is omitted, the target is assumed to be the resource itself. In this case, the "value" attribute contains a list of one or more attributes that are to be added or replaced. Remove Operation: The "`remove`" operation removes the value at the target location specified by the required attribute "`path`". The operation performs the following functions, depending on the target location specified by "`path`": If "path" is unspecified, the operation fails with HTTP status code 400 and a "`scimType`" error code of "`noTarget`". If the target location is a single-value attribute, the attribute and its associated value is removed, and the attribute is considered unassigned. If the target location is a multi-valued attribute and no filter is specified, the attribute and all values are removed. If the target location is a multi-valued attribute and a complex filter is specified comparing a "`value`", the values matched by the filter are removed. If the target location is a complex multi-valued attribute and a complex filter is specified based on the attribute's sub-attributes, the matching records are removed.
path	Required string value for "`remove`" operation. Optional string value for "`add`" and "`replace`" operations. If the "`value`" is an "`array`" or "`object`" then "`path`" is required. If the value is "`object`" and the "`path`" is not provided, the target resource will not be updated. The "`path`" attribute supports a "`filter`". The filter is applied on the SCIM User model to update based upon provided criteria.
emails	The primary email of the user. Required for "`add`" operation
givenName	The first name of the user. Required for "`add`" operation.
familyName	The last name of the user
userName	The login of the user. Only supported for "`replace`" operation.
preferredLanguage	The preferred language of the user
currency	The currency to associate with the user
active	The status of the user. This value must be set to true. Required for "`add`" operation
oraganization	The company name of the user. The default value is the host company.
userType	The type of user. The default is RESTRICTED_ACCESS.
dateFormat	The ID of the date format preference
numberFormat	The ID of the number format preference
units	The ID of the user's unit type preference
approvalDelegate	The approval delegate associated with the user
address	The address type (Ship to or Bill to)
address1	The shipping/billing address 1
address2	The shipping/billing address 2
locality	The city/locality of the shipping/billing address
companyName	The shipping/billing company
companyName2	The shipping/billing company 2
region	The state/region of the shipping/billing address
postalCode	The zip code/postal code of the shipping/billing address
country	The country of the shipping/billing address
phone	The phone number to associate with the shipping/billing address
fax	The fax number to associate with the shipping/billing address
enabledForSSO	The Single Sign-On information associated with the user
externalSsoId	The external Single Sign On ID to associate with the user
isNotifyFax	Is the notification preference fax? Yes = true Not - false
isNotifyEmail	Is the notification preference email? Yes = true Not - false
fax	The fax number of the user
isSuperUserPermEnabled	Is SuperUser Administrator permission enabled? Yes = true Not - false
isWebServiesOnly	Is Web Services Only enabled? Yes = true Not - false
isProxyPermEnabled	Are proxy permissions enabled? Yes = true Not - false
isAccessAdminPermEnabled	Is Access Administrator permission enabled? Yes = true Not - false
partnerLogin	The partner login of the user
SeparateShipAddr	Is there a separate shipping address? Yes = true Not - false
Response Body Parameters	JSON data for the user

Inactivate a User

Inactivate a User
Description	This endpoint makes a user inactive. When a user is inactive, its owner will not be able to log in to Oracle CPQ and the user will not count in the user license count.
URI Endpoint	/rest/v17/scim/users/{id}
Endpoint Parameters	id	The unique identifier for the user.
HTTP Method	DELETE
Request Body Parameters	None
Response Body Parameters	HTTP Code 204

Notes

The v11 request and response structures for the following existing User Management REST APIs have major changes to provide behavior consistent with the CPQ User Administration UI. These changes also provide support for additional use cases, user access permissions, and user groups.

Get Company User (GET) /rest/v11/companies/{companyName}/users/{userName}
Create a Company User (POST) /rest/v11/companies/{companyName}/users
Update/Create a Company User ( PUT) /rest/v11/companies/{companyName}/users/{userName}
Update a Company User (PATCH) /rest/v11/companies/{companyName}/users/{userName}

The User REST APIs introduced in Oracle CPQ Release 18D support currency and language codes and IDs in the input and response payloads. Oracle CPQ now supports integrations with external applications to specify the preferred currency and language for a user profile to specify the preferred currency and language for a user with standardized code values.

User REST APIs v5 through v10 support Currency Codes and Language Codes.
Beginning in v11, currency and language use complex objects to support value and display items.
When integrating with an external application, the User REST APIs are available via Oracle Integration Cloud Service (ICS) Oracle CPQ Adapter for REST API Services.
When both a currency code and currency ID are provided in the payload, the currency code takes precedence. When both a language code and a language ID are provided in the payload, the language code takes precedence.

Refer to the following topics for supported codes:

In the ICS integration, a new Users category is available. The GET, UPSERT, and UPDATE HTTP Methods are under User. The Update for Reset Password HTTP Method is under User. The Update for Reset Password HTTP Method is under User:Action:Reset Password. The POST HTTP Method is under User: Collection.