content/operate/rs/references/rest-api/requests/users/_index.md
| Method | Path | Description |
|---|---|---|
| GET | /v1/users | Get all users |
| GET | /v1/users/{uid} | Get a single user |
| PUT | /v1/users/{uid} | Update a user's configuration |
| POST | /v1/users | Create a new user |
| DELETE | /v1/users/{uid} | Delete a user |
GET /v1/users
Get a list of all users.
| Permission name | Roles |
|---|---|
| [view_all_users_info]({{< relref "/operate/rs/references/rest-api/permissions#view_all_users_info" >}}) | admin |
| user_manager |
GET /v1/users
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
Returns a JSON array of [user objects]({{< relref "/operate/rs/references/rest-api/objects/user" >}}).
[
{
"uid": 1,
"password_issue_date": "2017-03-02T09:43:34Z",
"email": "[email protected]",
"name": "John Doe",
"email_alerts": true,
"bdbs_email_alerts": ["1","2"],
"role": "admin",
"auth_method": "regular",
"status": "active"
},
{
"uid": 2,
"password_issue_date": "2017-03-02T09:43:34Z",
"email": "[email protected]",
"name": "Jane Poe",
"email_alerts": true,
"role": "db_viewer",
"auth_method": "regular",
"status": "active"
}
]
| Code | Description |
|---|---|
| 200 OK | No error |
GET /v1/users/{int: uid}
Get a single user's details.
| Permission name | Roles |
|---|---|
| [view_user_info]({{< relref "/operate/rs/references/rest-api/permissions#view_user_info" >}}) | admin |
| user_manager |
GET /v1/users/1
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
| Field | Type | Description |
|---|---|---|
| uid | integer | The user's unique ID |
Returns a [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}) that contains the details for the specified user ID.
{
"uid": 1,
"password_issue_date": "2017-03-07T15:11:08Z",
"role": "db_viewer",
"email_alerts": true,
"bdbs_email_alerts": ["1","2"],
"email": "[email protected]",
"name": "John Doe",
"auth_method": "regular",
"status": "active"
}
| Code | Description |
|---|---|
| 200 OK | Success. |
| 403 Forbidden | Operation is forbidden. |
| 404 Not Found | User does not exist. |
PUT /v1/users/{int: uid}
Update an existing user's configuration.
| Permission name | Roles |
|---|---|
| [update_user]({{< relref "/operate/rs/references/rest-api/permissions#update_user" >}}) | admin |
| user_manager |
Any user can change their own name, password, or alert preferences.
PUT /v1/users/1
{
"email_alerts": false,
"role_uids": [ 2, 4 ]
}
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
| Field | Type | Description |
|---|---|---|
| dry_run | Validate the updated [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}) but don't apply the update. |
| Field | Type | Description |
|---|---|---|
| uid | integer | The user's unique ID |
Include a [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}) with updated fields in the request body.
Returns the updated [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}).
{
"uid": 1,
"password_issue_date": "2017-03-07T15:11:08Z",
"email": "[email protected]",
"name": "Jane Poe",
"email_alerts": false,
"role": "db_viewer",
"role_uids": [ 2, 4 ],
"auth_method": "regular"
}
{{<note>}}
For [RBAC-enabled clusters]({{< relref "/operate/rs/security/access-control" >}}), the returned user details include role_uids instead of role.
{{</note>}}
When errors are reported, the server may return a JSON object with error_code and message field that provide additional information. The following are possible error_code values:
| Code | Description |
|---|---|
| password_not_complex | The given password is not complex enough (Only works when the password_complexity feature is enabled). |
| new_password_same_as_current | The given new password is identical to the old password. |
| email_already_exists | The given email is already taken. |
| change_last_admin_role_not_allowed | At least one user with admin role should exist. |
| Code | Description |
|---|---|
| 200 OK | Success, the user is updated. |
| 400 Bad Request | Bad or missing configuration parameters. |
| 404 Not Found | Attempting to change a non-existing user. |
| 406 Not Acceptable | The requested configuration is invalid. |
POST /v1/users
Create a new user.
| Permission name | Roles |
|---|---|
| [create_new_user]({{< relref "/operate/rs/references/rest-api/permissions#create_new_user" >}}) | admin |
| user_manager |
POST /v1/users
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
| Field | Type | Description |
|---|---|---|
| dry_run | Validate the new [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}) but don't apply the update. |
Include a single [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}) in the request body. The user object must have an email, password, and role.
{{<note>}}
For [RBAC-enabled clusters]({{< relref "/operate/rs/security/access-control" >}}), use role_uids instead of role in the request body.
{{</note>}}
email_alerts can be configured either as:
true - user will receive alerts for all databases configured in bdbs_email_alerts. The user will receive alerts for all databases by default if bdbs_email_alerts is not configured. bdbs_email_alerts can be a list of database UIDs or [‘all’] meaning all databases.
false - user will not receive alerts for any databases
{
"email": "[email protected]",
"password": "my-password",
"name": "Pat Doe",
"email_alerts": true,
"bdbs_email_alerts": ["1","2"],
"role_uids": [ 3, 4 ],
"auth_method": "regular"
}
Returns the newly created [user object]({{< relref "/operate/rs/references/rest-api/objects/user" >}}).
{
"uid": 1,
"password_issue_date": "2017-03-07T15:11:08Z",
"email": "[email protected]",
"name": "Pat Doe",
"email_alerts": true,
"bdbs_email_alerts": ["1","2"],
"role": "db_viewer",
"role_uids": [ 3, 4 ],
"auth_method": "regular"
}
When errors are reported, the server may return a JSON object with error_code and message field that provide additional information.
The following are possible error_code values:
| Code | Description |
|---|---|
| password_not_complex | The given password is not complex enough (Only works when the password_complexity feature is enabled). |
| email_already_exists | The given email is already taken. |
| name_already_exists | The given name is already taken. |
| Code | Description |
|---|---|
| 200 OK | Success, user is created. |
| 400 Bad Request | Bad or missing configuration parameters. |
| 409 Conflict | User with the same email already exists. |
$ curl -k -X POST -u '[username]:[password]' \
-H 'Content-Type: application/json' \
-d '{ "email": "[email protected]", \
"password": "my-password", \
"name": "Pat Doe", \
"email_alerts": true, \
"bdbs_email_alerts": ["1","2"], \
"role_uids": [ 3, 4 ], \
"auth_method": "regular" }' \
'https://[host][:port]/v1/users'
import requests
import json
url = "https://[host][:port]/v1/users"
auth = ("[username]", "[password]")
payload = json.dumps({
"email": "[email protected]",
"password": "my-password",
"name": "Pat Doe",
"email_alerts": True,
"bdbs_email_alerts": [
"1",
"2"
],
"role_uids": [
3,
4
],
"auth_method": "regular"
})
headers = {
'Content-Type': 'application/json'
}
response = requests.request("POST", url, auth=auth, headers=headers, data=payload, verify=False)
print(response.text)
DELETE /v1/users/{int: uid}
Delete a user.
| Permission name | Roles |
|---|---|
| [delete_user]({{< relref "/operate/rs/references/rest-api/permissions#delete_user" >}}) | admin |
| user_manager |
DELETE /v1/users/1
| Key | Value | Description |
|---|---|---|
| Host | cnm.cluster.fqdn | Domain name |
| Accept | application/json | Accepted media type |
| Field | Type | Description |
|---|---|---|
| uid | integer | The user's unique ID |
Returns a status code to indicate the success or failure of the user deletion.
| Code | Description |
|---|---|
| 200 OK | Success, the user is deleted. |
| 406 Not Acceptable | The request is not acceptable. |