Create One Organization

POST /api/atlas/v2/orgs

Creates one organization in MongoDB Cloud and links it to the requesting Service Account's or API Key's organization. To use this resource, the requesting Service Account or API Key must have the Organization Owner role. The requesting Service Account's or API Key's organization must be a paying organization. To learn more, see Configure a Paying Organization in the MongoDB Atlas documentation.

Configure a Paying Organization

Query parameters

  • envelope boolean

    Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

    Default value is false.

  • pretty boolean

    Flag that indicates whether the response body should be in the prettyprint format.

    Default value is false.

    Prettyprint
application/vnd.atlas.2023-01-01+json

Body Required

Organization that you want to create.

  • apiKey object

    Organization Service Account that Atlas creates for this organization. If omitted, Atlas doesn't create an organization Service Account for this organization. If specified, this object requires all body parameters. Note that API Keys cannot be specified in the same request.

    Hide apiKey attributes Show apiKey attributes object
    • desc string Required

      Purpose or explanation provided when someone created this organization API key.

      Minimum length is 1, maximum length is 250.

    • roles array[string] Required

      List of roles to grant this API key. If you provide this list, provide a minimum of one role and ensure each role applies to this organization.

      At least 1 element. Values are ORG_OWNER, ORG_MEMBER, ORG_GROUP_CREATOR, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, or ORG_READ_ONLY.

  • federationSettingsId string

    Unique 24-hexadecimal digit string that identifies the federation to link the newly created organization to. If specified, the proposed Organization Owner of the new organization must have the Organization Owner role in an organization associated with the federation.

    Format should match the following pattern: ^([a-f0-9]{24})$.

  • name string Required

    Human-readable label that identifies the organization.

    Format should match the following pattern: ^[\p{L}\p{N}\-_.(),:&@+']{1,64}$.

  • orgOwnerId string

    Unique 24-hexadecimal digit string that identifies the MongoDB Cloud user that you want to assign the Organization Owner role. This user must be a member of the same organization as the calling API key. If you provide federationSettingsId, this user must instead have the Organization Owner role on an organization in the specified federation. This parameter is required only when you authenticate with Programmatic API Keys.

    Format should match the following pattern: ^([a-f0-9]{24})$.

  • serviceAccount object

    Organization Service Account that Atlas creates for this organization. If omitted, Atlas doesn't create an organization Service Account for this organization. If specified, this object requires all body parameters. Note that API Keys cannot be specified in the same request.

    Hide serviceAccount attributes Show serviceAccount attributes object
    • description string Required

      Human readable description for the Service Account.

      Minimum length is 1, maximum length is 250. Format should match the following pattern: ^[\p{L}\p{N}\-_.,' ]*$.

    • name string Required

      Human-readable name for the Service Account. The name is modifiable and does not have to be unique.

      Minimum length is 1, maximum length is 64. Format should match the following pattern: ^[\p{L}\p{N}\-_.,' ]*$.

    • roles array[string] Required

      A list of organization-level roles for the Service Account.

      At least 1 element. Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, ORG_GROUP_CREATOR, or ORG_OWNER.

    • secretExpiresAfterHours integer(int32) Required

      The expiration time of the new Service Account secret, provided in hours. The minimum and maximum allowed expiration times are subject to change and are controlled by the organization's settings.

  • skipDefaultAlertsSettings boolean

    Disables automatic alert creation. When set to true, no organization level alerts will be created automatically.

    Default value is false.

Responses

  • 201 application/vnd.atlas.2023-01-01+json

    Created

    Hide response attributes Show response attributes object
    • apiKey object

      Details of the Programmatic API Keys.

      Hide apiKey attributes Show apiKey attributes object
      • desc string

        Purpose or explanation provided when someone created this organization API key.

        Minimum length is 1, maximum length is 250.

      • id string

        Unique 24-hexadecimal digit string that identifies this organization API key assigned to this project.

        Format should match the following pattern: ^([a-f0-9]{24})$.

      • privateKey string

        Redacted private key returned for this organization API key. This key displays unredacted when first created.

      • publicKey string

        Public API key value set for the specified organization API key.

        Minimum length is 8, maximum length is 8.

      • roles array[object]

        List that contains the roles that the API key needs to have. All roles you provide must be valid for the specified project or organization. Each request must include a minimum of one valid role. The resource returns all project and organization roles assigned to the API key.

        MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. Each role can apply to one organization or one project but not both.

        Hide roles attributes Show roles attributes object
        • groupId string

          Unique 24-hexadecimal digit string that identifies the project to which this role belongs. You can set a value for this parameter or orgId but not both in the same request.

          Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.

        • orgId string

          Unique 24-hexadecimal digit string that identifies the organization to which this role belongs. You can set a value for this parameter or groupId but not both in the same request.

          Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.

        • roleName string

          Human-readable label that identifies the collection of privileges that MongoDB Cloud grants a specific API key, MongoDB Cloud user, or MongoDB Cloud team. These roles include organization- and project-level roles.

          Values are ORG_MEMBER, ORG_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_GROUP_CREATOR, ORG_OWNER, GROUP_OWNER, GROUP_READ_ONLY, GROUP_DATA_ACCESS_ADMIN, GROUP_DATA_ACCESS_READ_ONLY, GROUP_DATA_ACCESS_READ_WRITE, GROUP_CLUSTER_MANAGER, GROUP_SEARCH_INDEX_EDITOR, GROUP_STREAM_PROCESSING_OWNER, GROUP_BACKUP_MANAGER, GROUP_OBSERVABILITY_VIEWER, or GROUP_DATABASE_ACCESS_ADMIN.

    • federationSettingsId string

      Unique 24-hexadecimal digit string that identifies the federation that you linked the newly created organization to.

      Format should match the following pattern: ^([a-f0-9]{24})$.

    • orgOwnerId string

      Unique 24-hexadecimal digit string that identifies the MongoDB Cloud user that you assigned the Organization Owner role in the new organization.

      Format should match the following pattern: ^([a-f0-9]{24})$.

    • organization object

      Details that describe the organization.

      Hide organization attributes Show organization attributes object
      • id string

        Unique 24-hexadecimal digit string that identifies the organization.

        Format should match the following pattern: ^([a-f0-9]{24})$.

      • isDeleted boolean

        Flag that indicates whether this organization has been deleted.

      • name string Required

        Human-readable label that identifies the organization.

        Format should match the following pattern: ^[\p{L}\p{N}\-_.(),:&@+']{1,64}$.

      • skipDefaultAlertsSettings boolean

        Disables automatic alert creation. When set to true, no organization level alerts will be created automatically.

        Default value is false.

    • serviceAccount object

      Organization Service Account that Atlas created for the organization.

      Hide serviceAccount attributes Show serviceAccount attributes object
      • clientId string

        The Client ID of the Service Account.

        Format should match the following pattern: ^mdb_sa_id_[a-fA-F\d]{24}$.

      • createdAt string(date-time)

        The date that the Service Account was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

      • description string

        Human readable description for the Service Account.

      • name string

        Human-readable name for the Service Account.

      • roles array[string]

        A list of Organization roles associated with the Service Account.

        Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_STREAM_PROCESSING_ADMIN, ORG_GROUP_CREATOR, or ORG_OWNER.

      • secrets array[object]

        A list of secrets associated with the specified Service Account.

        Hide secrets attributes Show secrets attributes object
        • createdAt string(date-time) Required

          The date that the secret was created on. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

        • expiresAt string(date-time) Required

          The date for the expiration of the secret. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

        • id string Required

          Unique 24-hexadecimal digit string that identifies the secret.

          Format should match the following pattern: ^([a-f0-9]{24})$.

        • lastUsedAt string(date-time)

          The last time the secret was used. This parameter expresses its value in the ISO 8601 timestamp format in UTC.

        • maskedSecretValue string

          The masked Service Account secret.

        • secret string

          The secret for the Service Account. It will be returned only the first time after creation.

    • skipDefaultAlertsSettings boolean

      Disables automatic alert creation. When set to true, no organization level alerts will be created automatically.

      Default value is false.

  • 400 application/json

    Bad Request.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 401 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 403 application/json

    Forbidden.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 404 application/json

    Not Found.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 409 application/json

    Conflict.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

  • 500 application/json

    Internal Server Error.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.

POST /api/atlas/v2/orgs
atlas api organizations createOrg --help
import (
	"os"
	"context"
	"log"
	sdk "go.mongodb.org/atlas-sdk/v20231115001/admin"
)

func main() {
	ctx := context.Background()
	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")

	// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth
	client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))

	if err != nil {
		log.Fatalf("Error: %v", err)
	}

	params = &sdk.CreateOrgApiParams{}
	sdkResp, httpResp, err := client.OrganizationsApi.
		CreateOrgWithParams(ctx, params).
		Execute()
}
curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \
  --header "Accept: application/vnd.atlas.2023-11-15+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/orgs" \
  -d '{ <Payload> }'
curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
  --digest --include \
  --header "Accept: application/vnd.atlas.2023-11-15+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/orgs" \
  -d '{ <Payload> }'
Request examples
{
  "apiKey": {
    "desc": "string",
    "roles": [
      "ORG_OWNER"
    ]
  },
  "federationSettingsId": "32b6e34b3d91647abb20e7b8",
  "name": "string",
  "orgOwnerId": "32b6e34b3d91647abb20e7b8",
  "serviceAccount": {
    "description": "string",
    "name": "string",
    "roles": [
      "ORG_MEMBER"
    ],
    "secretExpiresAfterHours": 8
  },
  "skipDefaultAlertsSettings": false
}
Response examples (201)
{
  "apiKey": {
    "desc": "string",
    "id": "32b6e34b3d91647abb20e7b8",
    "links": [
      {
        "href": "https://cloud.mongodb.com/api/atlas",
        "rel": "self"
      }
    ],
    "privateKey": "55c3bbb6-b4bb-0be1-e66d20841f3e",
    "publicKey": "zmmrboas",
    "roles": [
      {
        "groupId": "32b6e34b3d91647abb20e7b8",
        "orgId": "32b6e34b3d91647abb20e7b8",
        "roleName": "ORG_MEMBER"
      }
    ]
  },
  "federationSettingsId": "32b6e34b3d91647abb20e7b8",
  "orgOwnerId": "32b6e34b3d91647abb20e7b8",
  "organization": {
    "id": "32b6e34b3d91647abb20e7b8",
    "isDeleted": true,
    "links": [
      {
        "href": "https://cloud.mongodb.com/api/atlas",
        "rel": "self"
      }
    ],
    "name": "string",
    "skipDefaultAlertsSettings": false
  },
  "serviceAccount": {
    "clientId": "mdb_sa_id_1234567890abcdef12345678",
    "createdAt": "2025-05-04T09:42:00Z",
    "description": "string",
    "name": "string",
    "roles": [
      "ORG_MEMBER"
    ],
    "secrets": [
      {
        "createdAt": "2025-05-04T09:42:00Z",
        "expiresAt": "2025-05-04T09:42:00Z",
        "id": "32b6e34b3d91647abb20e7b8",
        "lastUsedAt": "2025-05-04T09:42:00Z",
        "maskedSecretValue": "mdb_sa_sk_...",
        "secret": "mdb_sa_sk_..."
      }
    ]
  },
  "skipDefaultAlertsSettings": false
}
Response examples (400)
{
  "error": 400,
  "detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
  "reason": "Bad Request",
  "errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
  "error": 403,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Forbidden",
  "errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
  "error": 404,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "reason": "Not Found",
  "errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
  "error": 409,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
  "reason": "Conflict",
  "errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}