Create an Atlas User¶
Groups and projects are synonymous terms. Your {GROUP-ID} is the
same as your project ID. For existing groups, your group/project ID
remains the same. The resource and corresponding endpoints use the
term groups.
The following resource creates a new Atlas user and assigns it to one or more of your Atlas projects and organizations.
Atlas sends an email to the selected users inviting them to join the project. Invited users do not have access to the project until they accept the invitation. Invitations expire after 30 days.
The Atlas API authenticates using HTTP Digest Authentication. Provide a programmatic API public key and corresponding private key as the username and password when constructing the HTTP request.
To learn how to configure API access for an Atlas project, see Configure Atlas API Access.
Atlas limits Atlas user membership to a maximum of 250 Atlas users per team.
Atlas limits Atlas user membership to 500 Atlas users per project and 500 Atlas users per organization, which includes the combined membership of all projects in the organization.
Atlas raises an error if an operation exceeds these limits.
You have an organization with five projects. Each project has 100 Atlas users. Each Atlas user belongs to only one project. You cannot add any Atlas users to this organization without first removing existing Atlas users from the organization membership.
Create a new user.
Resource¶
Base URL: https://cloud.mongodb.com/api/atlas/v1.0
POST /users
Request Path Parameters¶
This endpoint does not use HTTP request path parameters.
Request Query Parameters¶
This endpoint might use any of the HTTP request query parameters available to all Atlas API resources. All of these are optional.
Name | Type | Necessity | Description | Default | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
pretty | boolean | Optional | Flag indicating whether the response body should be in a
prettyprint format. | false | ||||||
envelope | boolean | Optional | Flag indicating if Atlas should wrap the response in a JSON envelope. This option may be needed for some API clients. These clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. For endpoints that return one result, the response body includes:
| false |
Request Body Parameters¶
Body Parameter | Type | Necessity | Description | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
country | string | Required | ISO-3166-1 alpha 2 country code of the Atlas user's country of
residence. | ||||||||||||||||||||||||||
emailAddress | string | Required | Atlas user's email address. | ||||||||||||||||||||||||||
firstName | string | Required | Atlas user's first name. | ||||||||||||||||||||||||||
id | string | Required | Unique identifier for the Atlas user. | ||||||||||||||||||||||||||
lastName | string | Required | Atlas user's last name. | ||||||||||||||||||||||||||
links | array of objects | Required | One or more links to sub-resources and/or related resources. The relation-types between URL �s are explained in the Web Linking Specification. | ||||||||||||||||||||||||||
mobileNumber | string | Required | Atlas user's mobile or cell phone number, if it is listed in
the user's profile. | ||||||||||||||||||||||||||
password | string | Required | Password. Atlas doesn't return this parameter except in response to creating a new user. You cannot update the password via API once set. The user must log into Atlas and update their password from the Atlas console. | ||||||||||||||||||||||||||
roles | array of objects | Required | Each object in the array represents either an Atlas
organization or
project the Atlas user is assigned to
and the Atlas role has for
the associated organization or project. You can specify either
roles.orgId or roles.groupId per object. | ||||||||||||||||||||||||||
roles.groupId | string | Required | unique identifier of the project in which the user has the
specified roles.roleName. | ||||||||||||||||||||||||||
roles.orgId | string | Required | unique identifier of the organization in which the user has the
specified roles.roleName. | ||||||||||||||||||||||||||
roles.roleName | string | Required | name of the role. When associated to roles.orgId, the valid roles and their mappings are:
When associated to roles.groupId, the valid roles and their mappings are:
| ||||||||||||||||||||||||||
teamIds | array of strings | Required | Unique identifiers for each team to which
the user belongs. | ||||||||||||||||||||||||||
username | string | Required | Atlas username. Must use email address formatting. You
cannot modify the username once set. |
Response¶
The JSON document contains each of the following elements:
Response Parameter | Type | Required | Description | ||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
country | string | Required | ISO-3166-1 alpha 2 country code of the Atlas user's country of
residence. | ||||||||||||||||||||||||||
emailAddress | string | Required | Atlas user's email address. | ||||||||||||||||||||||||||
firstName | string | Required | Atlas user's first name. | ||||||||||||||||||||||||||
id | string | Required | Unique identifier for the Atlas user. | ||||||||||||||||||||||||||
lastName | string | Required | Atlas user's last name. | ||||||||||||||||||||||||||
links | array of objects | Required | One or more links to sub-resources and/or related resources. The relation-types between URL �s are explained in the Web Linking Specification. | ||||||||||||||||||||||||||
mobileNumber | string | Required | Atlas user's mobile or cell phone number, if it is listed in
the user's profile. | ||||||||||||||||||||||||||
password | string | Required | Password. Atlas doesn't return this parameter except in response to creating a new user. You cannot update the password via API once set. The user must log into Atlas and update their password from the Atlas console. | ||||||||||||||||||||||||||
roles | array of objects | Required | Each object in the array represents either an Atlas
organization or
project the Atlas user is assigned to
and the Atlas role has for
the associated organization or project. You can specify either
roles.orgId or roles.groupId per object. | ||||||||||||||||||||||||||
roles.groupId | string | Required | unique identifier of the project in which the user has the
specified roles.roleName. | ||||||||||||||||||||||||||
roles.orgId | string | Required | unique identifier of the organization in which the user has the
specified roles.roleName. | ||||||||||||||||||||||||||
roles.roleName | string | Required | name of the role. When associated to roles.orgId, the valid roles and their mappings are:
When associated to roles.groupId, the valid roles and their mappings are:
| ||||||||||||||||||||||||||
teamIds | array of strings | Required | Unique identifiers for each team to which
the user belongs. | ||||||||||||||||||||||||||
username | string | Required | Atlas username. Must use email address formatting. You
cannot modify the username once set. |
Example Request¶
1 curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest --include \ 2 --header "Accept: application/json" \ 3 --header "Content-Type: application/json" \ 4 --request POST "https://cloud.mongodb.com/api/atlas/v1.0/users/" \ 5 --data ' 6 { 7 "username" : "john.doe@example.com", 8 "password" : "myPassword1@", 9 "emailAddress" : "john.doe@example.com", 10 "mobileNumber" : "2125550198", 11 "firstName" : "John", 12 "lastName" : "Doe", 13 "roles" : [ 14 { 15 "orgId" : "8dbbe4570bd55b23f25444db", 16 "roleName" : "ORG_MEMBER" 17 }, 18 { 19 "groupId" : "2ddoa1233ef88z75f64578ff", 20 "roleName" : "GROUP_READ_ONLY" 21 } 22 ], 23 "country" : "US" 24 }'
Example Response¶
Response Header¶
HTTP/1.1 401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive
HTTP/1.1 201 Created Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes}
Response Body¶
1 { 2 "emailAddress": "john.doe@example.com", 3 "firstName": "John", 4 "id": "5b06ed7083fb5a40df86e93b", 5 "lastName": "Doe", 6 "links": [ 7 { 8 "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b", 9 "rel": "self" 10 }, 11 { 12 "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b/accessList", 13 "rel": "http://mms.mongodb.com/accessList" 14 } 15 ], 16 "mobileNumber" : "2125550198", 17 "roles": [ 18 { 19 "orgId" : "8dbbe4570bd55b23f25444db", 20 "roleName" : "ORG_MEMBER" 21 }, 22 { 23 "groupId" : "2ddoa1233ef88z75f64578ff", 24 "roleName" : "GROUP_READ_ONLY" 25 } 26 ], 27 "teamIds": [], 28 "username": "john.doe@example.com" 29 }