Adds one role mapping to the specified organization in the specified federation. To use this resource, the requesting Service Account or API Key must have the Organization Owner role.
Unique 24-hexadecimal digit string that identifies your federation.
Format should match the following pattern: ^([a-f0-9]{24})$.
Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.
Format should match the following pattern: ^([a-f0-9]{24})$.
Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.
Default value is false.
The role mapping that you want to create.
Unique human-readable label that identifies the identity provider group to which this role mapping applies.
Minimum length is 1, maximum length is 200.
Atlas roles and the unique identifiers of the groups and organizations associated with each role. The array must include at least one element with an Organization role and its respective orgId. Each element in the array can have a value for orgId or groupId, but not both.
atlas api federatedAuthentication createRoleMapping --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250219001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
// See https://dochub.mongodb.org/core/atlas-go-sdk-oauth
client, err := sdk.NewClient(sdk.UseOAuthAuth(clientID, clientSecret))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreateFederationSettingConnectedOrgConfigRoleMappingApiParams{}
sdkResp, httpResp, err := client.FederatedAuthenticationApi.
CreateFederationSettingConnectedOrgConfigRoleMappingWithParams(ctx, params).
Execute()
}
curl --include --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-02-19+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/federationSettings/{federationSettingsId}/connectedOrgConfigs/{orgId}/roleMappings" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest --include \
--header "Accept: application/vnd.atlas.2025-02-19+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/federationSettings/{federationSettingsId}/connectedOrgConfigs/{orgId}/roleMappings" \
-d '{ <Payload> }'{
"externalGroupName": "string",
"roleAssignments": [
{
"groupId": "32b6e34b3d91647abb20e7b8",
"orgId": "32b6e34b3d91647abb20e7b8",
"role": "string"
}
]
}{
"externalGroupName": "string",
"id": "32b6e34b3d91647abb20e7b8",
"roleAssignments": [
{
"groupId": "32b6e34b3d91647abb20e7b8",
"orgId": "32b6e34b3d91647abb20e7b8",
"role": "string"
}
]
}{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}