Create an Atlas User¶

On this page

Resource
Response
Example Request
Example Response

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

The following resource creates a new Atlas user and assigns it to one or more of your Atlas projects and organizations.

Note

Atlas sends an email to the selected users inviting them to join the project. Invited users do not have access to the project until they accept the invitation. Invitations expire after 30 days.

The Atlas API uses HTTP Digest Authentication. Provide a programmatic API public key and corresponding private key as the username and password when constructing the HTTP request.

For complete documentation on configuring API access for an Atlas project, see Configure Atlas API Access.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

Important

Atlas limits Atlas user membership to a maximum of 250 Atlas per team.

Atlas limits Atlas user membership to 500 Atlas users per project and 500 Atlas users per organization, which includes the combined membership of all projects in the organization.

Atlas raises an error if an operation exceeds these limits.

Example

You have an organization with five projects. Each project has 100 Atlas users. Each Atlas user belongs to only one project. You cannot add any Atlas users to this organization without first removing existing Atlas users from the organization membership.

Resource¶

copy

POST /users

Create a new user.

Request Path Parameters¶

This endpoint does not use HTTP request path parameters.

Request Query Parameters¶

The following query parameters are optional:

Query Parameter	Type	Description	Default
`pretty`	boolean	Displays response in a prettyprint format.	`false`
`envelope`	boolean	Specifies whether or not to wrap the response in an envelope.	`false`

Request Body Parameters¶

All fields are required.

Name	Type	Description
`username`	string	The Atlas username. Must use email address formatting. You cannot modify the username once set.
`password`	string	Password. This field is NOT included in the entity returned from the server. it can only be sent in the entity body when creating a new user. You cannot update the password via API once set. The user must log into Atlas and update their password from the Atlas UI.
`country`	string	The ISO 3166-1 alpha 2 country code of the Atlas user’s country of residence.
`emailAddress`	string	The Atlas user’s email address.
`mobileNumber`	string	The Atlas user’s mobile or cell phone number, if it is listed in the user’s profile.
`firstName`	string	The Atlas user’s first name.
`lastName`	string	The Atlas user’s last name.
`roles`	object array	Each object in the array represents either an Atlas organization or project the Atlas user is assigned to and the Atlas role has for the associated organization or project. You can specify either `roles.orgId` or `roles.groupId` per object.
`roles.orgId`	string	The unique identifier of the organization in which the user has the specified `roles.roleName`.
`roles.groupId`	string	The unique identifier of the project in which the user has the specified `roles.roleName`.
`roles.roleName`	string	The name of the role. When associated to `roles.orgId`, the valid roles and their mappings are: `ORG_OWNER` - `Organization Owner` `ORG_GROUP_CREATOR` - `Organization Project Creator` `ORG_BILLING_ADMIN` - `Organization Billing Admin` `ORG_READ_ONLY` - `Organization Read Only` `ORG_MEMBER` - `Organization Member` When associated to `roles.groupId`, the valid roles and their mappings are: `GROUP_OWNER` - `Project Owner` `GROUP_CLUSTER_MANAGER` - `Project Cluster Manager` `GROUP_READ_ONLY` - `Project Read Only` `GROUP_DATA_ACCESS_ADMIN` - `Project Data Access Admin` `GROUP_DATA_ACCESS_READ_WRITE` - `Project Data Access Read/Write` `GROUP_DATA_ACCESS_READ_ONLY` - `Project Data Access Read Only`

Response¶

The HTTP document contains each of the following elements:

Name	Type	Description
`emailAddress`	string	The Atlas user’s email address.
`firstName`	string	The Atlas user’s first name.
`id`	string	Unique identifier for the Atlas user.
`lastName`	string	The Atlas user’s last name.
`links`	object array	One or more links to sub-resources and/or related resources. The relation-types between URLs are explained in the Web Linking Specification.
`mobileNumber`	string	The Atlas user’s mobile or cell phone number, if it is listed in the user’s profile.
`roles`	object array	Each object in the array represents either an Atlas organization or project the Atlas user is assigned to and the Atlas role has for the associated organization or project. You can specify either `roles.orgId` or `roles.groupId` per object.
`roles.orgId`	string	The unique identifier of the organization in which the user has the specified `roles.roleName`.
`roles.groupId`	string	The unique identifier of the project in which the user has the specified `roles.roleName`.
`roles.roleName`	string	The name of the role. When associated to `roles.orgId`, the valid roles and their mappings are: `ORG_OWNER` - `Organization Owner` `ORG_GROUP_CREATOR` - `Organization Project Creator` `ORG_BILLING_ADMIN` - `Organization Billing Admin` `ORG_READ_ONLY` - `Organization Read Only` `ORG_MEMBER` - `Organization Member` When associated to `roles.groupId`, the valid roles and their mappings are: `GROUP_OWNER` - `Project Owner` `GROUP_CLUSTER_MANAGER` - `Project Cluster Manager` `GROUP_READ_ONLY` - `Project Read Only` `GROUP_DATA_ACCESS_ADMIN` - `Project Data Access Admin` `GROUP_DATA_ACCESS_READ_WRITE` - `Project Data Access Read/Write` `GROUP_DATA_ACCESS_READ_ONLY` - `Project Data Access Read Only`
`teamIds`	array	Array of string IDs for each team the user is a member of.
`username`	string	The Atlas username. Must use email address formatting. You cannot modify the username once set.

Example Request¶

copy

curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest --include \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --request POST "https://cloud.mongodb.com/api/atlas/v1.0/users/" \
  --data '
    {
      "username" : "john.doe@example.com",
      "password" : "myPassword1@",
      "emailAddress" : "john.doe@example.com",
      "mobileNumber" : "2125550198",
      "firstName" : "John",
      "lastName" : "Doe",
      "roles" : [
        {
          "orgId" : "8dbbe4570bd55b23f25444db",
          "roleName" : "ORG_MEMBER"

        },
        {
          "groupId" : "2ddoa1233ef88z75f64578ff",
          "roleName" : "GROUP_READ_ONLY"

        }
      ],
      "country" : "US"
    }
  '

Example Response¶

copy

{
    "emailAddress": "john.doe@example.com",
    "firstName": "John",
    "id": "5b06ed7083fb5a40df86e93b",
    "lastName": "Doe",
    "links": [
        {
            "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b",
            "rel": "self"
        },
        {
            "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b/whitelist",
            "rel": "http://mms.mongodb.com/whitelist"
        }
    ],
    "mobileNumber" : "2125550198",
    "roles": [
      {
        "orgId" : "8dbbe4570bd55b23f25444db",
        "roleName" : "ORG_MEMBER"

      },
      {
        "groupId" : "2ddoa1233ef88z75f64578ff",
        "roleName" : "GROUP_READ_ONLY"

      }
    ],
    "teamIds": [],
    "username": "john.doe@example.com"
}

← Get an Atlas User by Name Update an Atlas User →