Navigation

Update an Atlas User

Update an Atlas user's roles with an organization. You must have the appropriate Owner roles to use this API endpoint.

Important

You can always update your own user account.

If you are the owner of an Atlas organization or project, you can also update the user roles for any user with membership in that organization or project. You cannot modify any other user profile information.

The Atlas API authenticates using HTTP Digest Authentication. Provide a programmatic API public key and corresponding private key as the username and password when constructing the HTTP request.

To learn how to configure API access for an Atlas project, see Configure Atlas API Access.

Note

Groups and projects are synonymous terms. Your {GROUP-ID} is the same as your project ID. For existing groups, your group/project ID remains the same. The resource and corresponding endpoints use the term groups.

Base URL: https://cloud.mongodb.com/api/atlas/v1.0

PATCH /users/{USER-ID}
Path Parameter
Type
Necessity
Description
USER-ID
string
Required
Unique identifier of the user that you want to update. If you know the user's Atlas username, use the /users/byName/{USER-NAME} endpoint to retrieve the user's profile and unique identifier.

This endpoint might use any of the HTTP request query parameters available to all Atlas API resources. All of these are optional.

Name
Type
Necessity
Description
Default
pretty
boolean
Optional
Flag indicating whether the response body should be in a prettyprint format.
false
envelope
boolean
Optional

Flag indicating if Atlas should wrap the response in a JSON envelope.

This option may be needed for some API clients. These clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query.

For endpoints that return one result, the response body includes:

status
HTTP response code
envelope
Expected response body
false

Specify one or more of the following parameters for modification. To add a user to an Organization or Project, you need to specify the Organization or Project ID and the role you want to assign the user. Only parameters included in the request are modified.

Response Parameter
Type
Required
Description
roles
array of objects
Required
Each object in the array represents either an Atlas organization or project the Atlas user is assigned to and the Atlas role has for the associated organization or project. You can specify either roles.orgId or roles.groupId per object.
roles.groupId
string
Required
unique identifier of the project in which the user has the specified roles.roleName.
roles.orgId
string
Required
unique identifier of the organization in which the user has the specified roles.roleName.
roles.roleName
string
Required

name of the role.

When associated to roles.orgId, the valid roles and their mappings are:

Role
Mapping
ORG_OWNER
ORG_GROUP_CREATOR
ORG_BILLING_ADMIN
ORG_READ_ONLY
ORG_MEMBER

When associated to roles.groupId, the valid roles and their mappings are:

Role
Mapping
GROUP_OWNER
GROUP_CLUSTER_MANAGER
GROUP_READ_ONLY
GROUP_DATA_ACCESS_ADMIN
GROUP_DATA_ACCESS_READ_WRITE
GROUP_DATA_ACCESS_READ_ONLY

The JSON document contains each of the following elements:

Response Parameter
Type
Required
Description
country
string
Required
ISO-3166-1 alpha 2 country code of the Atlas user's country of residence.
emailAddress
string
Required
Atlas user's email address.
firstName
string
Required
Atlas user's first name.
id
string
Required
Unique identifier for the Atlas user.
lastName
string
Required
Atlas user's last name.
links
array of objects
Required

One or more links to sub-resources and/or related resources. The relation-types between URLs are explained in the Web Linking Specification.

mobileNumber
string
Required
Atlas user's mobile or cell phone number, if it is listed in the user's profile.
password
string
Required

Password. Atlas doesn't return this parameter except in response to creating a new user.

You cannot update the password via API once set. The user must log into Atlas and update their password from the Atlas console.

roles
array of objects
Required
Each object in the array represents either an Atlas organization or project the Atlas user is assigned to and the Atlas role has for the associated organization or project. You can specify either roles.orgId or roles.groupId per object.
roles.groupId
string
Required
unique identifier of the project in which the user has the specified roles.roleName.
roles.orgId
string
Required
unique identifier of the organization in which the user has the specified roles.roleName.
roles.roleName
string
Required

name of the role.

When associated to roles.orgId, the valid roles and their mappings are:

Role
Mapping
ORG_OWNER
ORG_GROUP_CREATOR
ORG_BILLING_ADMIN
ORG_READ_ONLY
ORG_MEMBER

When associated to roles.groupId, the valid roles and their mappings are:

Role
Mapping
GROUP_OWNER
GROUP_CLUSTER_MANAGER
GROUP_READ_ONLY
GROUP_DATA_ACCESS_ADMIN
GROUP_DATA_ACCESS_READ_WRITE
GROUP_DATA_ACCESS_READ_ONLY
teamIds
array of strings
Required
Unique identifiers for each team to which the user belongs.
username
string
Required
Atlas username. Must use email address formatting. You cannot modify the username once set.
1 curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
2 --header "Accept: application/json" \
3 --header "Content-Type: application/json" \
4 --include \
5 --request PATCH "https://cloud.mongodb.com/api/atlas/v1.0/users/{USER-ID}" \
6 --data '
7 {
8 "roles": [{
9 "groupId": "{GROUP-ID}",
10 "roleName": "{ROLE}"
11 }]
12 }'
HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}
1{
2 "country" : "US",
3 "emailAddress": "john.doe@example.com",
4 "firstName": "John",
5 "id": "5b06ed7083fb5a40df86e93b",
6 "lastName": "Doe",
7 "links": [
8 {
9 "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b",
10 "rel": "self"
11 },
12 {
13 "href": "https://cloud.mongodb.com/api/atlas/v1.0/users/5b06ed7083fb5a40df86e93b/accessList",
14 "rel": "http://mms.mongodb.com/accessList"
15 }
16 ],
17 "roles": [
18 {
19 "orgId" : "8dbbe4570bd55b23f25444db",
20 "roleName" : "ORG_MEMBER"
21
22 },
23 {
24 "groupId" : "2ddoa1233ef88z75f64578ff",
25 "roleName" : "GROUP_READ_ONLY"
26
27 }
28 ],
29 "teamIds": [],
30 "username": "john.doe@example.com"
31}
Give Feedback