Post
/api/v1/abac/users/sync
- Syncs ABAC attributes for specified users from LDAP.
- Refreshes user ABAC attributes by reading current data from LDAP and applying the configured LDAP → ABAC attribute mapping.
- Users can be identified by usernames, ids, emails, or ldapIds.
- Requires LDAP Enterprise license and ABAC to be enabled.
Header parameters
X-Auth-Token
stringRequired
The authToken of the authenticated user.
ExampleRScctEHSmLGZGywfIhWyRpyofhKOiMoUIpimhvheU3f
X-User-Id
stringRequired
The userId of the authenticated user.
ExamplerbAXPnMktTFbNpwtJ
Body parameters
At least one of these properties is required:
- usernames (string[]) — Array of Rocket.Chat usernames (1–100 items, unique)
- ids (string[]) — Array of Rocket.Chat user IDs (1–100 items, unique)
- emails (string[]) — Array of email addresses (1–100 items, unique)
- ldapIds (string[]) — Array of LDAP IDs (1–100 items, unique)
Example 1
{
"usernames": [
"alice"
],
"ids": [
"userId1"
],
"emails": [
"bob@example.com"
],
"ldapIds": [
"ldapId123"
]
}object
usernames
Array of string
string
ids
Array of string
string
emails
Array of string
string
ldapIds
Array of string
string
Responses
200
OK
Success
{
"success": true
}object
success
boolean
400
Bad Request
ABAC disabled
{
"success": false,
"error": "error-abac-not-enabled"
}Invalid body (schema validation)
{
"success": false,
"error": "error-invalid-body-params"
}object
success
boolean
error
string
401
Unauthorized
Unauthorized login attempt
{
"success": false,
"error": "error-unauthorized"
}object
success
boolean
error
string
403
Forbidden
No "abac-management"
{
"success": false,
"error": "error-not-authorized"
}object
success
boolean
error
string