/ISAPI/Security/users

Get, set, or delete information of all users; add a new user.

Request URI Definition

Table 1 GET /ISAPI/Security/users

Method

GET

Description

Get information of all users.

Query

security: the version No. of encryption scheme. When security does not exist, it indicates that the data is not encrypted; when security is 1, it indicates that the nodes of sensitive information in the message are encrypted in AES128 CBC mode; when security is 2, it indicates that the nodes of sensitive information in the message are encrypted in AES256 CBC mode.

iv: the initialization vector, and it is required when security is 1 or 2.

Request

None

Response

Succeeded: XML_UserList

Failed: XML_ResponseStatus

Table 2 PUT /ISAPI/Security/users

Method

PUT

Description

Set information of all users。

Query

security: the version No. of encryption scheme. When security does not exist, it indicates that the data is not encrypted; when security is 1, it indicates that the nodes of sensitive information in the message are encrypted in AES128 CBC mode; when security is 2, it indicates that the nodes of sensitive information in the message are encrypted in AES256 CBC mode.

iv: the initialization vector, and it is required when security is 1 or 2.

Request

XML_UserList

Response

XML_ResponseStatus

Table 3 DELETE /ISAPI/Security/users

Method

DELETE

Description

Delete information of all users.

Query

None

Request

None

Response

XML_ResponseStatus

Table 4 POST /ISAPI/Security/users

Method

POST

Description

Add a user。

Query

security: the version No. of encryption scheme. When security does not exist, it indicates that the data is not encrypted; when security is 1, it indicates that the nodes of sensitive information in the message are encrypted in AES128 CBC mode; when security is 2, it indicates that the nodes of sensitive information in the message are encrypted in AES256 CBC mode.

iv: the initialization vector, and it is required when security is 1 or 2.

Request

XML_User

Response

XML_ResponseStatus

Remarks

  • A default account "admin" must be provided with the administrator permission and it cannot be deleted.

  • Passwords can only be uploaded and cannot be displayed when getting the user list of the device.

  • The user ID should be returned when adding users to the user list.

Sample Code for Adding User

POST /ISAPI/Security/users HTTP/1.1
Host: 10.17.132.49
Content-Length: 335
Connection: Keep-Alive
Authorization: Digest username="admin",
realm="DS-2CD2F12FWD-IWS",
nonce="4e6a4d774d6a63304f544936593255335a474d334f54673d",
uri="/ISAPI/Security/users",
cnonce="178e14d4977c835db891b5392b5d0a67",
nc=00000015,
response="d92518fb00cd2772cf212f5326b251be",
qop="auth"

<?xml version="1.0" encoding="UTF-8"?>
<User>
  <id>0</id>
  <userName>test</userName>
  <password>1qaz2wsx</password>
  <bondIpList>
    <bondIp>
      <id>1</id>
      <ipAddress>0.0.0.0</ipAddress>
      <ipv6Address>::</ipv6Address>
    </bondIp>
  </bondIpList>
  <macAddress></macAddress>
  <userLevel>Operator</userLevel>  
  <attribute>
    <inherent>false</inherent>
  </attribute>
</User>

HTTP/1.1 200 OK
Date: Tue, 14 Mar 2017 20:24:31 GMT
Server: App-webs/
Connection: close
Content-Length: 288
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<ResponseStatus version="2.0" xmlns="http://www.isapi.com/ver20/XMLSchema">
  <requestURL>/ISAPI/Security/users</requestURL>
  <statusCode>1</statusCode>
  <statusString>OK</statusString>
  <id>2</id>
  <subStatusCode>ok</subStatusCode>
</ResponseStatus>

Sample Code for Setting User Permission

PUT /ISAPI/Security/UserPermission/2 HTTP/1.1
Host: 10.17.132.49
Content-Length: 891
Connection: Keep-Alive
Authorization: Digest username="admin",
realm="DS-2CD2F12FWD-IWS",
nonce="4e6a4d774d6a63304f544936593255335a474d334f54673d",
uri="/ISAPI/Security/UserPermission/2",
cnonce="178e14d4977c835db891b5392b5d0a67",
nc=00000016,
response="f69a20db00b36e9bb46c26c06e9bae80",
qop="auth"

<?xml version="1.0" encoding="utf-8"?>
<UserPermission>
  <id>2</id>
  <userID>2</userID>
  <userType>operator</userType>
  <remotePermission>
    <parameterConfig>false</parameterConfig>
    <logOrStateCheck>true</logOrStateCheck>
    <upgrade>false</upgrade>
    <voiceTalk>true</voiceTalk>
    <restartOrShutdown>false</restartOrShutdown>
    <alarmOutOrUpload>false</alarmOutOrUpload>
    <contorlLocalOut>false</contorlLocalOut>
    <transParentChannel>false</transParentChannel>
    <preview>true</preview> 
    <record>true</record>
    <ptzControl>true</ptzControl>
    <playBack>true</playBack>
    <videoChannelPermissionList>
      <videoChannelPermission>
        <id>1</id>
        <preview>true</preview>
        <record>true</record>
        <playBack>true</playBack>
      </videoChannelPermission>
    </videoChannelPermissionList>
    <ptzChannelPermissionList>
      <ptzChannelPermission>
        <id>1</id>
        <ptzControl>true</ptzControl>
      </ptzChannelPermission>
    </ptzChannelPermissionList>
  </remotePermission>
</UserPermission>

HTTP/1.1 200 OK
Date: Tue, 14 Mar 2017 20:24:31 GMT
Server: App-webs/
Connection: close
Content-Length: 288
Content-Type: application/xml

<?xml version="1.0" encoding="UTF-8"?>
<ResponseStatus version="2.0" xmlns="http://www.isapi.com/ver20/XMLSchema">
  <requestURL>/ISAPI/Security/UserPermission/2</requestURL>
  <statusCode>1</statusCode>
  <statusString>OK</statusString>
  <subStatusCode>ok</subStatusCode>
</ResponseStatus>