Navigation

Create the First User

Create the first Ops Manager user. You can call this endpoint without having an API key.

Exceptions

Ops Manager grants the first Ops Manager user and programmatic API key created through this endpoint the GLOBAL_OWNER role. The returned JSON document includes the first Ops Manager user’s personal API key and the first programmatic API key. With either API key, you can make further API calls.

Important

Ops Manager deprecated Personal API Keys. Use Programmatic API Keys instead.

This endpoint doesn’t create projects or organizations. With the new API keys that it created, you can call the Create a Project endpoint. That endpoint can create a project and organization in one API call. You can’t login to Ops Manager until after you have created a project.

You can use this endpoint to create additional users with the following caveats:

  • Ops Manager doesn’t grant the GLOBAL_OWNER role for those subsequent users unless you add the role to the API request.
  • Ops Manager doesn’t create a programmatic API key for subsequent users.

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

Resource

POST /unauth/users

Request Path Parameters

This endpoint does not use HTTP request path parameters.

Request Query Parameters

Name Type Description
whitelist string

IP address that you want to add to the whitelist for the first Ops Manager user.

Note

You can add more than one whitelist parameter and value.

Request Body Parameters

Name Type Necessity Description
username string Required

Username of the first Ops Manager user. Validated depending on the value of the mms.email.validation property:

Value Description
false (Default) Username is not required to be an email address.
loose Username must contain an @ symbol followed by a period.
strict Username must adhere to a strict email address validation regular expression.

See mms.email.validation for details.

Note

The username is usually an email address. If you set this value to an email address, you do not need to set the emailAddress value explicitly.

password string Required Password of the first Ops Manager user. This field is not included in the HTTP response body. Ops Manager sends this in the HTTP request only when creating the first Ops Manager user.
emailAddress string Optional Email address of the first Ops Manager user.
firstName string Required First name of the first Ops Manager user.
lastName string Required Last name of the first Ops Manager user.

Response

Name Type Description
apiKey string Thirty-one alphanumeric characters and dashes that serve as the password for the personal API Key of the first Ops Manager user.
programmaticApiKey object Details of the first programmatic API key created in Ops Manager.
programmaticApiKey
.desc
string Description of the first programmatic API key.
programmaticApiKey
.id
string Unique identifier of the first programmatic API key.
programmaticApiKey
.links
array of objects One or more links to sub-resources and/or related resources. All links arrays in responses include at least one link called self. The relationships between URLs are explained in the Web Linking Specification.
programmaticApiKey
.privateKey
string Thirty-one alphanumeric characters and dashes that serve as the password of the first programmatic API key.
programmaticApiKey
.publicKey
string Six alphanumeric characters that serve as the username of the first programmatic API key.
programmaticApiKey
.roles
array of objects Roles assigned to the first programmatic API key.
programmaticApiKey
.roles.roleName
string Name of the assigned role. Ops Manager grants the first programmatic API key the Global Owner role (GLOBAL_OWNER).
user object Details of the first Ops Manager user.
user
.emailAddress
string Email address of the first Ops Manager user.
user
.firstName
string First name of the first Ops Manager user.
user
.id
string Unique identifier of the first Ops Manager user.
user
.lastName
string Last name of the first Ops Manager user.
user
.links
array of objects One or more links to sub-resources and/or related resources. All links arrays in responses include at least one link called self. The relationships between URLs are explained in the Web Linking Specification.
user
.mobileNumber
string Mobile number of the first Ops Manager user.
user
.roles
array of objects Roles assigned to the first Ops Manager user.
user
.roles.roleName
string Name of the assigned role. Ops Manager grants the first Ops Manager user the Global Owner role (GLOBAL_OWNER).
user
.teamIds
array of strings List of unique identifiers for the teams to which the first Ops Manager user belongs.
user
.username
string Username of the first Ops Manager user.

Example Request

curl --digest \
     --header "Accept: application/json" \
     --header "Content-Type: application/json" \
     --include \
     --request POST "https://<OpsManagerHost>:<Port>/api/public/v1.0/unauth/users?pretty=true&whitelist=1.2.3.4&whitelist=2.3.4.5" \
     --data '
       {
         "username": "jane.doe@example.com",
         "password": "Passw0rd.",
         "firstName": "Jane",
         "lastName": "Doe"
       }'

Example Response

Response Header

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 201 Created
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}
X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}

Response Body

{
  "apiKey": "Personal API Key string",
  "programmaticApiKey": {
    "desc": "Automatically generated Global API key",
    "id": "{API-KEY}",
    "links": [{
      "href": "http://<OpsManagerHost>:<Port>/api/public/v1.0/orgs/null/apiKeys/{API-KEY}",
      "rel": "self"
    }],
    "privateKey": "private key string",
    "publicKey": "public key string",
    "roles": [{
      "roleName": "GLOBAL_OWNER"
    }]
  },
  "user": {
    "emailAddress": "jane.doe@example.com",
    "firstName": "Jane",
    "id": "{USER-ID}",
    "lastName": "Doe",
    "links": [
      {
       "href" : "https://<OpsManagerHost>:<Port>/api/public/v1.0/users/{USER-ID}",
       "rel" : "self"
      }
    ],
    "roles": [
      {
        "roleName": "GLOBAL_OWNER"
      }
    ],
    "username": "jane.doe@example.com"
  }
}