Axiom.Principals

The database ID of the user.

The login name (user name) of the user.

The first name of the user.

The last name of the user.

The email address of the user.

The domain of the user. Only applies to users that are imported from Active Directory. Returns blank for manually created users.

Passwords are not returned by the query, but this field can be used to save back a new password when using Save Type 4 against Axiom.Principals. If Password is included in the query, it will return blank for all users.

The authentication type of the user: Windows User, LDAP Prompt, Axiom Prompt, OpenID, and SAML. Some older user records may return an authentication type of Unspecified; this type only exists to support backward-compatibility and should not be assigned to any users going forward.

Whether Active Directory synchronization is enabled for the user (True/False). All users default to True, regardless of whether Active Directory synchronization is currently being used. The setting has no effect if Active Directory synchronization is not enabled for the system.

The license type of the user: Standard, Viewer, or AxiomStaff.

Whether the user is enabled (True/False).

Whether the user is an administrator of the current system (True/False).

A comma-separated list of role IDs that the user is assigned to.

A comma-separated list of role names that the user is assigned to.

A comma-separated list of subsystems that the user is assigned to.

Whether Ignore Roles is enabled for the specified table type. Returns NotConfigured if the user has no configured access to the table type; otherwise it returns True or False.

The user's configured read filter for the specified table type. This is not the effective filter; this represents only what has been configured on the user record itself. This will return one of the following:

• NotConfigured: The user has no configured access to the table type.

• FullAccess: The user has been granted full read access to the table type.

• A filter criteria statement: The user has a configured read filter for the table type.

• Blank: The user has no read access to the table type. This is different than NotConfigured; in this case the user's read filter has been explicitly set to blank to indicate no read access.

The user's configured write filter for the specified table type. This is not the effective filter; this represents only what has been configured on the user record itself. This will return one of the following:

• NotConfigured: The user has no configured access to the table type.

• UseRead: The user's write access is the same level as their read access. This is the default setting when any access is configured to the table type. Any setting other than UseRead indicates that the user's write access has been separately configured from the read access.

• FullAccess: The user has been granted full write access to the table type.

• A filter criteria statement: The user has a configured write filter for the table type.

• Blank: The user has no write access to the table type. This is different than NotConfigured; in this case the user's write filter has been explicitly set to blank to indicate no write access.

Whether Ignore Roles is enabled for the specified table. Returns NotConfigured if the user has no configured access to the table; otherwise it returns True or False.

The user's configured read filter for the specified table. This is not the effective filter; this represents only what has been configured on the user record itself. This will return one of the following:

• NotConfigured: The user has no configured access to the table.

• FullAccess: The user has been granted full read access to the table.

• A filter criteria statement: The user has a configured read filter for the table.

• Blank: The user has no read access to the table. This is different than NotConfigured; in this case the user's read filter has been explicitly set to blank to indicate no read access.