User management APIs

APIs to manage users.

Base path: https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users

Get information about all users

API version

1.0.0

API URI components

Scheme

HTTPS

Host IP

cluster_lb_address

Port number

8443

Path

/idmgmt/identity/api/v1/users

Command

GET

Command output format

application/json

The sample curl command resembles the following code:

curl -k -X GET --header "Authorization: Bearer $ACCESS_TOKEN" 'https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users'

The output resembles the following code:

[{"userId":"aaa","directoryId":"fb01b1d0-1fa4-11e8-80d6-15882dd657a0","firstName":"AAA","lastName":"","email":"aaa@ibm.com","lastLogin":"","userBaseDN":"uid=aaa,ou=people,dc=ibm,dc=com","type":"LDAP"},{"userId":"testuser","directoryId":"fb01b1d0-1fa4-11e8-80d6-15882dd657a0","firstName":"TestUser","lastName":"","email":"testuser@ibm.com","lastLogin":"","userBaseDN":"uid=testuser,ou=people,dc=ibm,dc=com","type":"LDAP"},{"userId":"bbb","directoryId":"fb01b1d0-1fa4-11e8-80d6-15882dd657a0","firstName":"BBB","lastName":"","email":"bbb@ibm.com","lastLogin":"","userBaseDN":"uid=bbb,ou=people,dc=ibm,dc=com","type":"LDAP"}]

Get the highest role that is assigned to a user across teams

API version

1.0.0

API URI components

Scheme

HTTPS

Host IP

cluster_lb_address

Port number

8443

Path

/idmgmt/identity/api/v1/users/{ID}/getHighestRole

Command

GET

Command output format

application/json

Note: Only the logged in user can view the highest role that is assigned to the user.

The sample curl command resembles the following code:

curl -k -X GET --header "Authorization: Bearer $ACCESS_TOKEN" https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users/admin/getHighestRole

The output resembles the following code:

"ClusterAdministrator"

Get the team resources that are assigned to a user

API version

1.0.0

API URI components

Scheme

HTTPS

Host IP

cluster_lb_address

Port number

8443

Path

/idmgmt/identity/api/v1/users/{user}/getTeamResources

Command

GET

Command output format

application/json

Note: Only the logged in user can view the resources that are assigned to the user.

The sample curl command resembles the following code:

curl -k -X GET --header "Authorization: Bearer $ACCESS_TOKEN" https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users/admin/getTeamResources

The output resembles the following code:

[{"crn":"crn:v1:icp:private:k8:mycluster:n/default:::","serviceName":"k8","region":"mycluster","namespaceId":"default"},{"crn":"crn:v1:icp:private:k8:mycluster:n/kube-public:::","serviceName":"k8","region":"mycluster","namespaceId":"kube-public"},{"crn":"crn:v1:icp:private:k8:mycluster:n/kube-system:::","serviceName":"k8","region":"mycluster","namespaceId":"kube-system"},{"crn":"crn:v1:icp:private:k8:mycluster:n/platform:::","serviceName":"k8","region":"mycluster","namespaceId":"platform"},{"crn":"crn:v1:icp:private:k8:mycluster:n/services:::","serviceName":"k8","region":"mycluster","namespaceId":"services"}]

Delete a user

API version

1.0.0

API URI components

Scheme

HTTPS

Host IP

cluster_lb_address

Port number

8443

Path

/idmgmt/identity/api/v1/users/{id}

Command

DELETE

Command output format

application/json

The sample curl command resembles the following code:

curl -k -X DELETE --header "Authorization: Bearer $ACCESS_TOKEN" 'https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users/aaa'

The output resembles the following code:

"Count: 1"

Get a user's account information

API version

1.0.0

API URI components

Scheme

HTTPS

Host IP

cluster_lb_address

Port number

8443

Path

/idmgmt/identity/api/v1/users/{user}/getAccounts

Command

GET

Command output format

application/json

The sample curl command resembles the following code:

curl -k -X GET --header "Authorization: Bearer $ACCESS_TOKEN" 'https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/users/testuser/getAccounts'

The output resembles the following code:

{"userId":"testuser","directoryId":"fb01b1d0-1fa4-11e8-80d6-15882dd657a0","firstName":"TestUser","lastName":"","email":"testuser@ibm.com","lastLogin":"","userBaseDN":"uid=testuser,ou=people,dc=ibm,dc=com","type":"LDAP","url":"/identity/api/v1/users/testuser"}