Navigation
This version of the documentation is archived and no longer supported. It will be removed on EOL_DATE. To learn how to upgrade your version of MongoDB Ops Manager, refer to the upgrade documentation.
You were redirected from a different version of the documentation. Click here to go back.
This version of the manual is no longer supported. It will be removed on EOL_DATE.

Create the First User

Create the first Ops Manager user. This endpoint is the only API call you can make without first having an API key.

Exceptions

The user created through this endpoint is automatically granted the GLOBAL_OWNER role. The returned document includes the new user’s Public API key, which you can use to make further API calls.

The endpoint does not create a group, but you can use the new user and API key to create a group through the Projects resource in the API. You cannot login to Ops Manager until after you have created a group.

You can use this endpoint to create additional users. Users created after the first are not granted the GLOBAL_OWNER role automatically.

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

Resource

POST /unauth/users

Request Path Parameters

This endpoint does not use HTTP request path parameters.

Request Query Parameters

Name Type Description
whitelist string

The IP address that you want to add to the new user’s whitelist.

Note

You can add more than one whitelist parameter and value.

Request Body Parameters

Name Type Description
username string

Ops Manager username of the new Ops Manager user.

Note

The username is usually an email address. If you set this value to an email address, you do not need to set the emailAddress value explicitly.

password string Password of the new Ops Manager user. This field is not included in the HTTP response body. It can only be sent in the HTTP request when creating a new user.
emailAddress string (Optional.) Email address of the new Ops Manager user.
firstName string First name of the new Ops Manager user.
lastName string Last name of the new Ops Manager user.

Response

Name Type Description
emailAddress string Email address of the Ops Manager user.
firstName string First name of the Ops Manager user.
id string Unique identifier of the Ops Manager user.
lastName string Last name of the Ops Manager user.
links object array Links to related sub-resources. All links arrays in responses include at least one link called self. The relations between URLs are explained in the Web Linking Specification.
mobileNumber string Mobile number of the Ops Manager user.
roles object array Role assignments.
roles.groupId string

Unique identifier for the project in which the user has the specified role.

For the “global” roles (those whose name starts with GLOBAL_) there is no groupId since these roles are not tied to a project.

roles.orgId string Unique identifier for the organization in which the user has the specified role.
roles.roleName string

Name of the role. Accepted values are:

Value Description
ORG_MEMBER Organization Member
ORG_READ_ONLY Organization Read Only
ORG_GROUP_CREATOR Organization Project Creator
ORG_OWNER Organization Owner
GROUP_AUTOMATION_ADMIN Project Automation Admin
GROUP_BACKUP_ADMIN Project Backup Admin
GROUP_MONITORING_ADMIN Project Monitoring Admin
GROUP_OWNER Project Owner
GROUP_READ_ONLY Project Read Only
GROUP_USER_ADMIN Project User Admin
GROUP_DATA_ACCESS_ADMIN Project Data Access Admin
GROUP_DATA_ACCESS_READ_ONLY Project Data Access Read Only
GROUP_DATA_ACCESS_READ_WRITE Project Data Access Read/Write
GLOBAL_AUTOMATION_ADMIN Global Automation Admin
GLOBAL_BACKUP_ADMIN Global Backup Admin
GLOBAL_MONITORING_ADMIN Global Monitoring Admin
GLOBAL_OWNER Global Owner
GLOBAL_READ_ONLY Global Read Only
GLOBAL_USER_ADMIN Global User Admin
username string Ops Manager username of the Ops Manager user.

Example Request

curl --digest \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --include \
  --request POST "https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0/unauth/users?pretty=true&whitelist=1.2.3.4&whitelist=2.3.4.5" \
  --data '
    {
      "username": "jane.doe@example.com",
      "password": "Passw0rd.",
      "firstName": "Jane",
      "lastName": "Doe"
    }'

Example Response

Response Header

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 201 Created
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}

Response Body

{
  "apiKey": "1234abcd-ab12-cd34-ef56-1234abcd1234",
  "user": {
    "emailAddress": "jane.doe@example.com",
    "firstName": "Jane",
    "id": "{USER-ID}",
    "lastName": "Doe",
    "links": [
      {
       "href" : "https://cloud.mongodb.com/api/public/v1.0/users/{USER-ID}",
       "rel" : "self"
      }
    ],
    "roles": [
      {
        "roleName": "GLOBAL_OWNER"
      }
    ],
    "username": "jane.doe@example.com"
  }
}