User
A user account/login to access certain systems and/or services. Examples include okta-user, aws-iam-user, ssh-user, local-user (on a host), etc.
User properties
| Property | Type | Description | Specifications |
|---|---|---|---|
active | boolean | Specifies whether user account is active or disabled. | |
email | string | The primary email address associated with the user account | Format: email |
emailDomain | array of strings | The domain portion of the email addresses associated with the user account. | |
firstName | string | The user's official first name in the system (such as HR database) | |
lastName | string | The user's official last name in the system (such as HR database) | |
mfaEnabled | boolean | Specifies whether multi-factor authentication (MFA) is enabled for this user. | |
mfaType | string | Specifies what type of multi-factor authentication (MFA) is being used by this user. | |
passwordChangedOn | number | The timestamp (in milliseconds since epoch) of when the user's password was last rotated for this particular account. | Format: date-time |
shortLoginId | string | The shortened login Id. For example, if the username is the full email address (first.last@company.com), the shortLoginId would be the part before @ (first.last). | |
username | string | Username |
Inherited properties
| Property | Type | Description | Specifications |
|---|---|---|---|
_class * | string | array of strings | One or more classes conforming to a standard, abstract security data model. For example, an EC2 instance will have '_class':'Host'. | |
_key * | string | An identifier unique within the scope containing the object. For example, for a Bitbucket repo, this will be the GUID of the repo as assigned by Bitbucket. For an IAM Role, this will be the ARN of the role. | minLength: 10 |
_type * | string | The type of object, typically reflecting the vendor and resource type. For example, 'aws_iam_user'. In some cases, a system knows about a type of entity that other systems know about, such as 'user_endpoint' or 'cve'. | minLength: 3 |
displayName * | string | Display name, e.g. a person's preferred name or an AWS account alias | |
name * | string | Name of this entity | |
classification | string | null | The sensitivity of the data; should match company data classification scheme Examples: critical, confidential, internal, public | |
complianceStatus | number | The compliance status of the entity, as a percentage of compliancy. | minimum: 0, maximum: 1 |
createdBy | string | The source/principal/user that created the entity | |
createdOn | number | The timestamp (in milliseconds since epoch) when the entity was created at the source. This is different than _createdOn which is the timestamp the entity was first ingested into JupiterOne. | Format: date-time |
criticality | integer | A number that represents the value or criticality of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
deletedBy | string | The source/principal/user that deleted the entity | |
deletedOn | number | The timestamp (in milliseconds since epoch) when the entity was deleted at the source. | Format: date-time |
description | string | An extended description of this entity. | |
discoveredBy | string | The source/principal/user that discovered the entity | |
discoveredOn | number | The timestamp (in milliseconds since epoch) when the entity was discovered. | Format: date-time |
expiresOn | number | If the entity is a temporary resource, optionally set the expiration date. For example, the expiration date of an SSL cert. | Format: date-time |
id | string | array | Identifiers of this entity assigned by the providers. Values are expected to be unique within the provider scope. | |
notes | array of strings | User provided notes about this entity | |
owner | string | The owner of this entity. This could reference the name of the owner, or as reference ID/key to another entity in the graph as the owner. | |
public | boolean | Indicates if this is a public-facing resource (e.g. a public IP or public DNS record) or if the entity is publicly accessible. Default is false. | |
risk | integer | The risk level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
status | string | Status of this entity set by the external source system or by a user, e.g. Active, Inactive, Decommissioned Examples: active, inactive, suspended, terminated, open, closed, pending, unknown, other | |
summary | string | A summary / short description of this entity. | |
tags | array of strings | An array of unnamed tags | |
temporary | boolean | Indicates if this node is a temporary resource, such as a lambda instance or an EC2 instance started by ECS. | |
trust | integer | The trust level of this entity, on a scale between 1-10. | minimum: 1, maximum: 10 |
trusted | boolean | Indicates if this is a trusted resource. For example, a trusted Network, Host, Device, Application, Person, User, or Vendor. | |
updatedBy | string | The source/principal/user that updated the entity | |
updatedOn | number | The timestamp (in milliseconds since epoch) when the entity was last updated at the source. | Format: date-time |
validated | boolean | Indicates if this node has been validated as a known/valid Entity. | |
webLink | string | Web link to the source. For example: https://console.aws.amazon.com/iam/home#/roles/Administrator. This property is used by the UI to add a hyperlink to the entity. | Format: uri |
Required properties
_key_class_typenamedisplayName