Users

Users are individuals who have access to some part of Sage Intacct. Most users are employees, but users might also be outside the company, such as accountants, attorneys, bankers, vendors, customers, or auditors.

Please be aware that this object is currently "Uncertified", signifying that it has not undergone the complete review process and the design may change during ongoing refinement. Users are advised to exercise discretion in using this object and are encouraged to provide feedback.

List users

get/objects/company-config/user

Returns a collection with a key, ID, and link for each user. This operation is mostly for use in testing; use the query service to find users that meet certain criteria and specify the properties that are returned.

SecurityOAuth2
Responses
200

OK

400

Bad Request

Request samples 
Response samples 
application/json
{
  • "ia::result": [
    • {
      • "key": "1",
      • "id": "Admin",
      • "href": "/objects/company-config/user/1"
      },
    • {
      • "key": "2",
      • "id": "Jane Doe",
      • "href": "/objects/company-config/user/2"
      },
    • {
      • "key": "4",
      • "id": "Larry Smith",
      • "href": "/objects/company-config/user/4"
      }
    ],
  • "ia::meta": {
    • "totalCount": 3,
    • "start": 1,
    • "pageSize": 100,
    • "next": null,
    • "previous": null
    }
}
Create a user
post/objects/company-config/user
Creates a new user.


SecurityOAuth2 
Request 
Request Body schema: application/json
User to create


id
required
string
User login ID


 
 Example:  "john.doe"
accountEmail
required
string
User email id


 
 Example:  "[email protected]"
required
object
User contact information


 
id
string
Contact ID


 
 Example:  "jsmith"
lastName
string
Last name


 
 Example:  "Smith"
firstName
string
First name


 
 Example:  "John"
middleName
string
Middle name


 
 Example:  "Archibald"
prefix
string
Prefix


 
 Example:  "Mr"
printAs
string
Print as


 
 Example:  "John Smith"
email1
string
Primary email


 
 Example:  "[email protected]"
email2
string
Secondary email


 
 Example:  "[email protected]"
phone1
string
Primary phone


 
 Example:  "14085551212"
phone2
string
Secondary phone


 
 Example:  "14085559876"
mobile
string
Mobile phone


 
 Example:  "14085554420"
pager
string
Pager


 
 Example:  "14085559987"
fax
string
Fax


 
 Example:  "14085555309"
URL1
string
Primary URL


 
 Example:  "https://mycompany.com"
URL2
string
Secondary URL


 
 Example:  "https://anothercompany.com"
companyName
string
Company name


 
 Example:  "AlcoSoft Inc"
object
Mailing Address


 
addressLine1
string
Address 1


 
 Example:  "300 Park Avenue"
addressLine2
string
Address 2


 
 Example:  "Suite 1400"
addressLine3
string
Address 3


 
 Example:  "Western industrial area"
city
string
City


 
 Example:  "San Jose"
state
string
State


 
 Example:  "California"
postCode
string
Zip or Postal Code


 
 Example:  "95110"
country
string
Country


 
 Example:  "USA"
userName
string
User name


 
 Example:  "John Doe"
adminPrivileges
string
 Default:  "off"
User admin privileges. Setting to full or limited requires that the userType is business.


    

  • off - No admin privileges
    • 

  • full - Complete administration privileges including the ability to create other full administrators and use Platform Services features.
    • 

  • limited - All administration privileges, except for the previously mentioned items.
    • 



 Enum: "full" "limited" "off"  
 Example:  "off"
userType
string
 Default:  "business"
 Enum: "business" "constructionManager" "crm" "dashboard" "employee" "paymentApprover" "platform" "projectManager" "viewOnly" "warehouse"  
 Example:  "employee"
status
string
 Default:  "active"
User status.


 Enum: "active" "inactive" "lockedOut"  
 Example:  "active"
object
Web Services / API properties


 
isEnabled
boolean
 Default:  true
Set to true to allow the user to use web services (API).


 
 Example:  true
isRestricted
boolean
 Default:  false
Set to true to restrict the user to Web Services only. That is, the user cannot log in to the Sage Intacct.


 
 Example:  true
object
Password properties


 
neverExpires
boolean
 Default:  false
Set to true to prevent the user's password from expiring.


 
 Example:  true
requiresReset
boolean
 Default:  false
Set to true to trigger the password reset flow for the user.


 
 Example:  false
disablePassword
boolean
 Default:  false
Disable password requirements


 
 Example:  false
object
SSO settings


 
isSSOEnabled
boolean
 Default:  false
Set to true to enable single sign-on for the user.


 
 Example:  true
federatedSSOId
string
Federated SSO user ID.


 
 Example:  "john.doe"
object
Entity level restrictions


 
allowUnrestrictedAccess
boolean
 Default:  true
Set to true to allow the user to access all entities in the company.


 
 Example:  true
allowToplevelAccess
boolean
 Default:  false
Set to true to enable access to the top-level. It's a best practice to enable access to the top level for all users who are restricted to a single entity in a multi-entity shared company.


 
 Example:  false
trustedDevices
string
 Default:  "companyDefault"
Allow trusted devices. The user can specify whether to use the company setting or have it enforced.


 Enum: "always" "companyDefault" "never"  
 Example:  "always"
isChatterDisabled
boolean
 Default:  false
Set to true to prevent this user from accessing the Intacct Collaborate feature.


 
 Example:  false
hideOtherDepartmentTransactions
boolean
 Default:  false
Set to true to hide transactions that do not belong to the departments listed in the departments array.


 
 Example:  false
Array of objects
Locations that the user is allowed to view and work with. Leave empty to allow the user to work with all locations.


 
 Array 
key
string
Location key


 
 Example:  "42"
id
string
Location ID


 
 Example:  "PNW"
Array of objects
Departments that the user is allowed to view and work with. Leave empty to allow the user to work with all departments.


 
 Array 
key
string
Department key


 
 Example:  "79"
id
string
Department ID


 
 Example:  "Sales"
Array of objects
List of territories that the user is assigned to.


 
 Array 
key
string
Territory key


 
 Example:  "9"
id
string
Territory ID


 
 Example:  "T1"
Array of objects
List of roles assigned to the user.


 
 Array 
key
string
Unique key for the role


 
 Example:  "7"
id
string
Role ID


 
 Example:  "Employee"
Array of objects
 
 Array 
object
 
accessRights
Array of strings
Permission access rights


Items Enum: "ach" "achSetup" "add" "addExpense" "apiProxy" "approvalLevel1" "approvalLevel2" "approvalLevel3" "approvalLevel4" "approvalLevel5" "approvalLevel6" "authorize" "calendar" "cancel" "clone" "close" "config" "confirm" "delete" "deleteExpense" "edit" "editExpense" "enable" "export" "final" "financial" "group" "ignore" "impersonate" "import" "level1" "level2" "level3" "level4" "level5" "level6" "list" "listExpenses" "manualMatch" "mapAccount" "menu" "modify" "offsetAccount" "open" "overrideException" "permission" "post" "print" "readonly" "readonlyExpense" "receipts" "reclass" "reclassExpense" "reconcile" "refresh" "release" "reopen" "report" "resend" "reversalEdit" "reverse" "reverseExpense" "run" "statutoryReportingPeriod" "submit" "subscribe" "template" "uncancel" "unmask" "upload" "view" "viewAll" "void"  
 Example:  ["list","readonly","add","modify","delete"]
object
 
key
string
Entity Key.


 
 Example:  "54"
id
string
Entity ID.


 
 Example:  "313131"
Responses 
201
Created


400
Bad Request


Request samples 
application/json
{
  • "id": "Admin",
  • "userName": "Admin",
  • "userType": "business",
  • "status": "active",
  • "accountEmail": "[email protected]",
  • "adminPrivileges": "off",
  • "contact": {
    • "id": "Smith",
    • "lastName": "Smith",
    • "firstName": "Alex",
    • "email1": "[email protected]",
    • "mailingAddress": {
      • "addressLine1": "300 Park Avenue",
      • "city": "San Jose",
      • "state": "California",
      • "postCode": "95110",
      • "country": "United States"
      }
    },
  • "disableChatter": true,
  • "permissionAssignments": [
    • {
      • "permission": {
        },
      • "accessRights": [
        ]
      },
    • {
      • "permission": {
        },
      • "accessRights": [
        ]
      }
    ]
}
Response samples 
application/json
{
  • "ia::result": {
    • "key": "1",
    • "id": "Admin",
    • "href": "/objects/company-config/user/1"
    },
  • "ia::meta": {
    • "totalCount": 1,
    • "totalSuccess": 1,
    • "totalError": 0
    }
}
Get a user
get/objects/company-config/user/{key}
Returns detailed information for a specified user.


SecurityOAuth2 
Request 
path Parameters
key
required
string
System-assigned key for the user.


 
 Example:  65
Responses 
200
OK


400
Bad Request


Request samples 
Response samples 
application/json
{
  • "ia::result": {
    • "key": "65",
    • "id": "Admin",
    • "userName": "Admin",
    • "href": "/objects/company-config/user/65",
    • "accountEmail": "[email protected]",
    • "isChatterDisabled": false,
    • "hideOtherDepartmentTransactions": false,
    • "trustedDevices": "never",
    • "adminPrivileges": "off",
    • "userType": "business",
    • "status": "active",
    • "contact": {
      • "mailingAddress": {
        },
      • "id": "contact01650967341",
      • "lastName": "John",
      • "firstName": "E.",
      • "middleName": "Doe",
      • "prefix": "Mr",
      • "printAs": "John E. Doe",
      • "email1": "[email protected]",
      • "email2": "[email protected]",
      • "phone1": "6692248123",
      • "phone2": "1222455566",
      • "mobile": "1222455566",
      • "pager": "12566",
      • "fax": "1222455566",
      • "URL1": "http://john.example.com",
      • "URL2": "http://john.doe.example.com",
      • "companyName": "Sage Inc",
      • "key": "3446",
      • "href": "/objects/company-config/contact/3446"
      },
    • "webServices": {
      • "isEnabled": true,
      • "isRestricted": false
      },
    • "password": {
      • "neverExpires": true,
      • "requiresReset": false,
      • "disablePassword": false
      },
    • "sso": {
      • "isSSOEnabled": true,
      • "federatedSSOId": "john.doe"
      },
    • "entityAccess": {
      • "allowUnrestrictedAccess": true,
      • "allowTopLevelAccess": false
      },
    • "audit": {
      • "createdDateTime": "2022-04-26T10:17:12Z",
      • "modifiedDateTime": "2022-04-26T11:05:26Z",
      • "createdBy": "110",
      • "modifiedBy": "109"
      },
    • "disableChatter": true,
    • "locations": [
      • {
        },
      • {
        }
      ],
    • "roles": [
      • {
        },
      • {
        }
      ],
    • "departments": [
      • {
        },
      • {
        }
      ],
    • "territories": [
      • {
        },
      • {
        }
      ],
    • "permissionAssignments": [
      • {
        },
      • {
        }
      ],
    • "entity": {
      • "key": "54",
      • "id": "313131",
      • "name": "Central Region",
      • "herf": "/objects/company-config/entity/54"
      }
    },
  • "ia::meta": {
    • "totalCount": 1,
    • "totalSuccess": 1,
    • "totalError": 0
    }
}
Update a user
patch/objects/company-config/user/{key}
Updates an existing user by setting field values. Any fields not provided remain unchanged.


SecurityOAuth2 
Request 
path Parameters
key
required
string
System-assigned key for the user.


 
 Example:  65
Request Body schema: application/json
userName
string
User name


 
 Example:  "John Doe"
accountEmail
string
User email id


 
 Example:  "[email protected]"
adminPrivileges
string
 Default:  "off"
User admin privileges. Setting to full or limited requires that the userType is business.


    

  • off - No admin privileges
    • 

  • full - Complete administration privileges including the ability to create other full administrators and use Platform Services features.
    • 

  • limited - All administration privileges, except for the previously mentioned items.
    • 



 Enum: "full" "limited" "off"  
 Example:  "off"
userType
string
 Default:  "business"
 Enum: "business" "constructionManager" "crm" "dashboard" "employee" "paymentApprover" "platform" "projectManager" "viewOnly" "warehouse"  
 Example:  "employee"
status
string
 Default:  "active"
User status.


 Enum: "active" "inactive" "lockedOut"  
 Example:  "active"
object
Web Services / API properties


 
isEnabled
boolean
 Default:  true
Set to true to allow the user to use web services (API).


 
 Example:  true
isRestricted
boolean
 Default:  false
Set to true to restrict the user to Web Services only. That is, the user cannot log in to the Sage Intacct.


 
 Example:  true
object
Password properties


 
neverExpires
boolean
 Default:  false
Set to true to prevent the user's password from expiring.


 
 Example:  true
requiresReset
boolean
 Default:  false
Set to true to trigger the password reset flow for the user.


 
 Example:  false
disablePassword
boolean
 Default:  false
Disable password requirements


 
 Example:  false
object
SSO settings


 
isSSOEnabled
boolean
 Default:  false
Set to true to enable single sign-on for the user.


 
 Example:  true
federatedSSOId
string
Federated SSO user ID.


 
 Example:  "john.doe"
object
Entity level restrictions


 
allowUnrestrictedAccess
boolean
 Default:  true
Set to true to allow the user to access all entities in the company.


 
 Example:  true
allowToplevelAccess
boolean
 Default:  false
Set to true to enable access to the top-level. It's a best practice to enable access to the top level for all users who are restricted to a single entity in a multi-entity shared company.


 
 Example:  false
object
User contact information


 
id
string
Contact ID


 
 Example:  "jsmith"
lastName
string
Last name


 
 Example:  "Smith"
firstName
string
First name


 
 Example:  "John"
middleName
string
Middle name


 
 Example:  "Archibald"
prefix
string
Prefix


 
 Example:  "Mr"
printAs
string
Print as


 
 Example:  "John Smith"
email1
string
Primary email


 
 Example:  "[email protected]"
email2
string
Secondary email


 
 Example:  "[email protected]"
phone1
string
Primary phone


 
 Example:  "14085551212"
phone2
string
Secondary phone


 
 Example:  "14085559876"
mobile
string
Mobile phone


 
 Example:  "14085554420"
pager
string
Pager


 
 Example:  "14085559987"
fax
string
Fax


 
 Example:  "14085555309"
URL1
string
Primary URL


 
 Example:  "https://mycompany.com"
URL2
string
Secondary URL


 
 Example:  "https://anothercompany.com"
companyName
string
Company name


 
 Example:  "AlcoSoft Inc"
object
Mailing Address


 
addressLine1
string
Address 1


 
 Example:  "300 Park Avenue"
addressLine2
string
Address 2


 
 Example:  "Suite 1400"
addressLine3
string
Address 3


 
 Example:  "Western industrial area"
city
string
City


 
 Example:  "San Jose"
state
string
State


 
 Example:  "California"
postCode
string
Zip or Postal Code


 
 Example:  "95110"
country
string
Country


 
 Example:  "USA"
trustedDevices
string
 Default:  "companyDefault"
Allow trusted devices. The user can specify whether to use the company setting or have it enforced.


 Enum: "always" "companyDefault" "never"  
 Example:  "always"
isChatterDisabled
boolean
 Default:  false
Set to true to prevent this user from accessing the Intacct Collaborate feature.


 
 Example:  false
hideOtherDepartmentTransactions
boolean
 Default:  false
Set to true to hide transactions that do not belong to the departments listed in the departments array.


 
 Example:  false
Array of objects
Locations that the user is allowed to view and work with. Leave empty to allow the user to work with all locations.


 
 Array 
key
string
Location key


 
 Example:  "42"
id
string
Location ID


 
 Example:  "PNW"
Array of objects
Departments that the user is allowed to view and work with. Leave empty to allow the user to work with all departments.


 
 Array 
key
string
Department key


 
 Example:  "79"
id
string
Department ID


 
 Example:  "Sales"
Array of objects
List of territories that the user is assigned to.


 
 Array 
key
string
Territory key


 
 Example:  "9"
id
string
Territory ID


 
 Example:  "T1"
Array of objects
List of roles assigned to the user.


 
 Array 
key
string
Unique key for the role


 
 Example:  "7"
id
string
Role ID


 
 Example:  "Employee"
Array of objects
 
 Array 
object
 
accessRights
Array of strings
Permission access rights


Items Enum: "ach" "achSetup" "add" "addExpense" "apiProxy" "approvalLevel1" "approvalLevel2" "approvalLevel3" "approvalLevel4" "approvalLevel5" "approvalLevel6" "authorize" "calendar" "cancel" "clone" "close" "config" "confirm" "delete" "deleteExpense" "edit" "editExpense" "enable" "export" "final" "financial" "group" "ignore" "impersonate" "import" "level1" "level2" "level3" "level4" "level5" "level6" "list" "listExpenses" "manualMatch" "mapAccount" "menu" "modify" "offsetAccount" "open" "overrideException" "permission" "post" "print" "readonly" "readonlyExpense" "receipts" "reclass" "reclassExpense" "reconcile" "refresh" "release" "reopen" "report" "resend" "reversalEdit" "reverse" "reverseExpense" "run" "statutoryReportingPeriod" "submit" "subscribe" "template" "uncancel" "unmask" "upload" "view" "viewAll" "void"  
 Example:  ["list","readonly","add","modify","delete"]
object
 
key
string
Entity Key.


 
 Example:  "54"
id
string
Entity ID.


 
 Example:  "313131"
Responses 
200
OK


400
Bad Request


Request samples 
application/json
{
  • "userName": "Admin",
  • "status": "inactive",
  • "permissionAssignments": [
    • {
      • "permission": {
        },
      • "accessRights": [
        ]
      }
    ]
}
Response samples 
application/json
{
  • "ia::result": {
    • "key": "65",
    • "id": "Admin",
    • "href": "/objects/company-config/user/65"
    },
  • "ia::meta": {
    • "totalCount": 1,
    • "totalSuccess": 1,
    • "totalError": 0
    }
}
Delete a user
delete/objects/company-config/user/{key}
Deletes a user.


SecurityOAuth2 
Request 
path Parameters
key
required
string
System-assigned key for the user.


 
 Example:  65
Responses 
204
No Content


400
Bad Request


Request samples 
Response samples 
application/json
{
  • "ia::result": {
    • "ia::error": {
      • "code": "invalidRequest",
      • "message": "A POST request requires a payload",
      • "errorId": "REST-1028",
      • "additionalInfo": {
        },
      • "supportId": "Kxi78%7EZuyXBDEGVHD2UmO1phYXDQAAAAo"
      }
    },
  • "ia::meta": {
    • "totalCount": 1,
    • "totalSuccess": 0,
    • "totalError": 1
    }
}
Query users
post/services/core/query
Queries an object for filtered data.


SecurityOAuth2 
Request 
Request Body schema: application/json
object
string
Object type to query, in the form <application-name>/<object name>. For custom objects use platform-apps/nsp::<object-name>.


 
 Example:  "company-config/user"
fields
Array of strings
List of fields to include in the response. Can be any combination of these:


    

  • The name of a field in the object that you are querying, such as id.
    

    • 

  • The name of a field in a related object, using the form relatedObjectName.fieldName, such as vendor.id.
    

    • 

  • The result of an aggregate function run against the values in the returned objects. Use the form function:fieldName, such as min:startDate to return the earliest starting date. Valid function names are:
    

      

    • count
      • 

    • avg
      • 

    • sum
      • 

    • min
      • 

    • max
      • 

    

    • 

  • The result of an aggregate function run against the values in related objects, using the form function:relatedObjectName.fieldName, such as max:vendor.creditLimit. The same functions are supported as for object fields.
    

    • 



 
 Example:  ["key","id","max:vendor.creditLimit"]
Array of equal (object) or not equal (object) or less than (object) or (less than or equal (object)) or greater than (object) or (greater than or equal (object)) or in (object) or not in (object) or between (object) or not between (object) or contains (object) or does not contain (object) or starts with (object) or does not start with (object) or ends with (object) or does not end with (object)
Filter conditions to select the objects to return based on their field values. You use operators and conditions to build your filter, such as {"$eq":{"status":"active"}} to select objects in which status is equal to "active".


 
 Example:  [{"$eq":{"status":"active"}},{"$gt":{"totalDue":"1000"}},{"$contains":{"name":"Acme"}}]
 Array 
Any of:
Field value must be equal to this specified value.


For date fields, you can use these macro values that are relative to the current date or the asOfDate in filterParameters, if set:







    

  • today

  • currentWeek

  • currentMonth

  • currentQuarter

  • currentYear





    

  • yesterday

  • lastWeek

  • priorMonth

  • priorQuarter

  • priorYear









These are most useful for queries that you want to save and use repeatedly, such as for views or reports. Just change the asOfDate each time to retrieve the same data set for different time periods.


For example, {"eq":{"postingDate":"priorYear"}}.


object
The field name and value to be compared with object values.


 
 Example:  {"status":"active"}
filterExpression
string
 Default:  "and"
Logical operators to apply when there are multiple filter conditions. The conditions in the filters array are implicitly numbered starting at 1. Supports and, or, and grouping with parentheses.


Shortcuts:


    

  • and by itself means that all conditions must be true.
    • 

  • or by itself means that at least one condition must be true.
    • 



 
 Example:  "(1 and 2) or 3"
object

Pre-defined filter options.


 
asOfDate
string <date> 
The "as of" date to use with any relative date comparisons in filters. For example, if asOfDate is set to "2022-04-01" then priorMonth will be "03".


The current date is used if asOfDate is not set.


 
 Example:  "2022-04-01"
includeHierarchyFields
boolean
 Default:  false
Set to true to include hierarchical structure information with each object in the response.


 
 Example:  false
caseSensitiveComparison
boolean
 Default:  true
Queries are case-sensitive by default. Set to false to ignore case in a query.


 
 Example:  true
includePrivate
boolean
 Default:  false
By default, in a multi-entity company, queries from the top-level entity do not access data in private entities. Set includePrivate to true if you want to query data in private entities.


 
 Example:  false
Array of objects
Set the order of the results by specifying field names to sort by and whether they should be in ascending or descending order.


 
 Example:  [{"totalDue":"asc"},{"lastPaymentMadeDate":"desc"}]
 Array 
property name*
additional property
string
 Enum: "asc" "desc"  
start
integer
First record of the result set to include in the response.


 
 Example:  1
size
integer
Number of records to include in the response.


 
 Example:  100
Responses 
200
OK


400
Bad Request


Request samples 
application/json
{
  • "object": "company-config/user",
  • "filters": [
    • {
      • "$eq": {
        }
      }
    ],
  • "fields": [
    • "key",
    • "id",
    • "userName",
    • "status",
    • "href"
    ]
}
Response samples 
application/json
{
  • "ia::result": [
    • {
      • "key": "53",
      • "id": "wmikawber",
      • "userName": "Wilkins Micawber",
      • "status": "active",
      • "href": "/objects/company-config/user/53"
      }
    ],
  • "ia::meta": {
    • "totalCount": 1,
    • "start": 1,
    • "pageSize": 100,
    • "next": null,
    • "previous": null
    }
}