- API >
- API Resources >
- Database Users >
- Create a Database User
Create a Database User¶
On this page
Base URL: https://cloud.mongodb.com/
The Atlas API uses HTTP Digest Authentication. Provide your Atlas username as the username and group API key as the password as part of the HTTP request.
This endpoint requires that the Atlas user has the Owner
role. To view the available Atlas users, click on
Users in the left-hand navigation.
For complete documentation on configuring API access for an Atlas group, see Configure Atlas API Access.
Atlas supports a maximum of 100 MongoDB users per Atlas group.
Syntax¶
POST /api/atlas/v1.0/groups/{GROUP-ID}/databaseUsers
Request Path Parameters¶
| Parameter | Required/Optional | Description |
|---|---|---|
GROUP-ID |
Required. | The unique identifier for the group. |
Request Query Parameters¶
| Field | Required/Optional | Description |
|---|---|---|
envelope |
Optional. | A boolean that specifies whether or not to wrap the response in an envelope. Defaults to |
pretty |
Optional | A boolean that specifies whether or not to return a “pretty-printed” JSON document. Defaults to |
Request Body Parameters¶
| Name | Description |
|---|---|
databaseName |
The user’s authentication database. A
user must provide both a username and authentication database to log
into MongoDB. In Atlas deployments of MongoDB, the authentication
database is always the admin database. |
groupId |
ID of the Atlas group the user belongs to. |
username |
The username for authenticating to MongoDB. |
roles |
An array of the user’s roles and the database on which the user has
each role. A role allows the user to perform particular actions on the
specified database. A role on the admin database can include
privileges that apply to the other databases as well. |
roles.databaseName |
The database on which the user has the specified role. A role on the
admin database can include privileges that apply to the other
databases. |
roles.roleName |
The name of the role. The following possible values of
The following possible values of |
password |
The user’s password. This field is NOT included in the entity returned from the server. |
Response Elements¶
If you set the query element envelope to true, the response is wrapped
by the content object.
| Name | Description |
|---|---|
links |
One or more links to sub-resources and/or related resources. |
databaseName |
The user’s authentication database. A
user must provide both a username and authentication database to log
into MongoDB. In Atlas deployments of MongoDB, the authentication
database is always the admin database. |
groupId |
ID of the Atlas group the user belongs to. |
username |
The username for authenticating to MongoDB. |
roles |
An array of the user’s roles and the database on which the user has
each role. A role allows the user to perform particular actions on the
specified database. A role on the admin database can include
privileges that apply to the other databases as well. |
roles.databaseName |
The database on which the user has the specified role. A role on the
admin database can include privileges that apply to the other
databases. |
roles.roleName |
The name of the role. The possible values are:
|
Example Request¶
Request¶
Important
You must modify the following code block with the appropriate credentials and group ID.
curl -i -u "username:apiKey" --digest -H "Content-Type: application/json" -X POST "https://cloud.mongodb.com/api/atlas/v1.0/groups/5356823b3794dee37132bb7b/databaseUsers" --data '
{
"databaseName" : "admin",
"roles" : [ {
"databaseName" : "sales",
"roleName" : "readWrite"
}, {
"databaseName" : "marketing",
"roleName" : "read"
} ],
"username" : "david",
"password" : "changeme123"
}'
Response¶
HTTP/1.1 201 Created
{
"databaseName" : "admin",
"groupId" : "5356823b3794dee37132bb7b",
"links" : [ ... ],
"roles" : [ {
"databaseName" : "sales",
"roleName" : "readWrite"
}, {
"databaseName" : "marketing",
"roleName" : "read"
} ],
"username" : "david"
}