Company directories Resource

Provides management functions for company directories.

GET /{tenantGuid}/api/v1/directories

Available Since:
12.20.0

Search company directory instance. Search all company directory instances which have the certificate, and they will expire on and after 2026-01-01T00:00:00.000Z and before 2040-01-01T00:00:00.000Z. This will populate the relevant certificate fields, name and type of the Directory Instance in on-premise deployments. To obtain the certificate information of all LDAP Directory instances in cloud deployments, use GET Servers. For Active Directory instances, this can be used for both on-premise and cloud deployments.

Sample request 1

 GET /SRP00000/api/v1/directories?query=expiryDate>=2026-01-01T00:00:00.000Z,expiryDate<2040-01-01T00:00:00.000Z
 

Sample response 1 body

  {
     "companyDirectoryConnections": [
         {
             "name": "abc",
             "type": "LDAP",
             "certificate": {
                 "expiryDate": "2036-10-02T16:46:32.000Z",
                 "alias": "directory.ldap.enablessl.x.yes.sslcertificate_alias:1",
                 "subject": "CN=Example,DC=Example,DC=com",
                 "altNames": "DNSName=*.us.example.com\r\nDNSName=*.ca.example.com"
             }
         } ]
  }
 

Sample request 2

       GET /SRP00000/api/v1/directories?query=type=ACTIVE_DIRECTORY
 

Sample response 2 body

        {
           "companyDirectoryConnections": [
               {
                   "name": "abc",
                   "type": "ACTIVE_DIRECTORY",
                   }
               } ]
        }
 

Request Parameters
Name Location Description
query query Query parameter for filtering the results.

The format is operator field name< field-value (field-name)(operator)(field-value). Also, we can have a multiple filters separated by comma. (field-name)(operator)(field-value) , (field-name)(operator)(field-value).

We also have a filter criteria for specific type.TYPE which can filter company directory by the specific type. For example: (field-name)=field-value.

The following table describes the fields that can be used in the query. > or >= for the minimum date, and/or < or <= for the maximum date. For example: expiryDate>=2021-07-01T00:00:00.000Z,expiryDate<2021-07-31T00:00:00.000Z
Field Type Description
type string Type of the Directory Connection. Supported Values are LDAP, ACTIVE_DIRECTORY, BCN, and AZURE
expiryDate string The directory connection's certificate expiry date.
Response Codes
Code Condition Data type
200 OK (even if no Directory Connections are found).
400 Invalid request. For example, invalid field semantics or missing required field.
Response Body
Media type Data type Description
application/vnd.blackberry.directory-v1+json Directory Connections (JSON)

GET /{tenantGuid}/api/v1/directories/users

Available Since:
12.6.0

Search for users in all configured company directories. This will most often be used in order to create a directory-linked user (see the "Users" resource for creating a directory-linked user).

Sample request

 GET /SRP00000/api/v1/directories/users?search=pmorley
 

Sample response body

  {
    "directoryUsers": [ {
      "username": "pmorley",
      "displayName": "Paul Morley",
      "firstName": "Paul",
      "lastName": "Morley",
      "emailAddress": "pmorley@example.com",
      "directoryId": "e7aad64542784faeab305304abea36fa"
    } ]
  }
 

Request Parameters
Name Location Description Type
includeExistingUsers query A flag to control whether directory users that have already been added to the system are included in the response or not. If set to true those users will be included in the response; if set to false those users will not be included in the response. Defaults to false if not provided. boolean
limit query The maximum number of matching directory users to get. If specified, the value must be between 1 and 100, inclusive. Defaults to 100 if not provided. int
search query A required non-empty value to search for directory users, using a case-insensitive prefix match. For AD company directories, an Ambiguous Name Resolution (ANR) search is performed. For LDAP company directories, the search is performed across various configured fields, for example displayName, emailAddress, firstName, lastName, username.  
Response Codes
Code Condition Data type
200 OK (even if no users are found).
400 Invalid request. For example, invalid field semantics or missing required field.
409 No company directories configured.
Response Body
Media type Data type Description
application/vnd.blackberry.directoryusers-v1+json Directory users (JSON)