Create the First User¶

On this page

Resource
Response
Example Request
Example Response
- Response Header
- Response Body

Create the first Ops Manager user. This endpoint is the only API call you can make without first having an API key.

Exceptions

This endpoint cannot be used if Ops Manager uses LDAP for authentication.
This endpoint can create the first user only if Ops Manager runs in Invitation Only Mode.

The user created through this endpoint is automatically granted the GLOBAL_OWNER role. The returned document includes the new user’s Public API key, which you can use to make further API calls.

The endpoint does not create a group, but you can use the new user and API key to create a group through the Projects resource in the API. You cannot login to Ops Manager until after you have created a group.

You can use this endpoint to create additional users. Users created after the first are not granted the GLOBAL_OWNER role automatically.

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

Resource¶

copy

POST /unauth/users

Request Path Parameters¶

This endpoint does not use HTTP request path parameters.

Request Query Parameters¶

Name	Type	Description
whitelist	string	The IP address that you want to add to the new user’s whitelist. Note You can add more than one whitelist parameter and value.

Request Body Parameters¶

All fields are required.

Name	Type	Description
username	string	Ops Manager username.
password	string	Password. This field is NOT included in the entity returned from the server. It can only be sent in the entity body when creating a new user.
emailAddress	string	Email address.
firstName	string	First name.
lastName	string	Last name.

Response¶

Name Type Description

emailAddress string Email address.

firstName string First name.

id string Unique identifier.

username string Ops Manager username.

mobileNumber string Mobile number.

lastName string Last name.

links object array Links to related sub-resources. All links arrays in responses include at least one link called self. The relations between URLs are explained in the Web Linking Specification.

roles object array Role assignments.

roles.groupId

string

The ID of the group in which the user has the specified role.

For the “global” roles (those whose name starts with GLOBAL_) there is no groupId since these roles are not tied to a group.

roles.orgId string The ID of the organization in which the user has the specified role.

roles.roleName

string

The name of the role. Accepted values are:

Value	Description
`ORG_MEMBER`	`Organization Member`
`ORG_READ_ONLY`	`Organization Read Only`
`ORG_GROUP_CREATOR`	`Organization Project Creator`
`ORG_OWNER`	`Organization Owner`
`GROUP_AUTOMATION_ADMIN`	`Project Automation Admin`
`GROUP_BACKUP_ADMIN`	`Project Backup Admin`
`GROUP_MONITORING_ADMIN`	`Project Monitoring Admin`
`GROUP_OWNER`	`Project Owner`
`GROUP_READ_ONLY`	`Project Read Only`
`GROUP_USER_ADMIN`	`Project User Admin`
`GROUP_DATA_ACCESS_ADMIN`	`Project Data Access Admin`
`GLOBAL_AUTOMATION_ADMIN`	`Global Automation Admin`
`GLOBAL_BACKUP_ADMIN`	`Global Backup Admin`
`GLOBAL_MONITORING_ADMIN`	`Global Monitoring Admin`
`GLOBAL_OWNER`	`Global Owner`
`GLOBAL_READ_ONLY`	`Global Read Only`
`GLOBAL_USER_ADMIN`	`Global User Admin`

Example Request¶

copy

curl --digest \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --include \
  --request POST "https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0/unauth/users?pretty=true&whitelist=1.2.3.4&whitelist=2.3.4.5" \
  --data '
    {
      "username": "jane.doe@example.com",
      "emailAddress": "jane.doe@example.com",
      "password": "Passw0rd.",
      "firstName": "Jane",
      "lastName": "Doe"
    }'

Example Response¶

Response Header¶

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive

HTTP/1.1 201 Created
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}

Response Body¶

copy

{
  "apiKey": "1234abcd-ab12-cd34-ef56-1234abcd1234",
  "user": {
    "emailAddress": "jane.doe@example.com",
    "firstName": "Jane",
    "id": "{USER-ID}",
    "lastName": "Doe",
    "links": [
      {
       "href" : "https://cloud.mongodb.com/api/public/v1.0/users/{USER-ID}",
       "rel" : "self"
      }
    ],
    "roles": [
      {
        "roleName": "GLOBAL_OWNER"
      }
    ],
    "username": "jane.doe@example.com"
  }
}

← Update a User Remove One User →