create_user

Add a user to your Guardium® system.

Users are created with the user role. Use the set_user_roles API to change or add other roles.

Note: Before a user can access the GuardAPIs with one of the default CLI accounts (guardcli1, ...guardcli9 ), you must authenticate them by using the set guiuser CLI command. For more information, see User account, password, and authentication CLI Commands.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/user

GuardAPI syntax

create_user parameter=value

Parameters

Parameter Value type Description
confirmPassword String Required. Confirm the password. The confirmPassword must match the value of Password.
country String The ISO 3166 2-letter country code for this user, such as US or ES. For valid values, call create_user from the command line with --help=true.
disabled Boolean Enables or disables this user. Valid values:
  • 0 (false): The user is enabled.
  • 1 (true): The user is disabled.
Default = 0 (enabled)
disablePwdExpiry Boolean

Enables or disables the requirement that a user to reset their password the first time they log in.

Valid values:
  • 0 (false): A user must reset their password on first login.
  • 1 (true): The password does not expire on first login.

Default = 0 (false)

email String  
firstName String Required.
lastName String Required.
password String Required. The password must be at least 8 characters long and include at least one of each:
  • An uppercase letter (A-Z)
  • A lowercase letter (a-z)
  • A number (0-9)
  • A special character, which can be: at sign (@), hashtag (#), dollar sign ($), percent sign (%), caret (^), ampersand (&), asterisk (*), exclamation (!), hyphen (-), underscore (_), plus (+), or equals (=).
smartCardUserName String Common name in the certificate.
Enter the smart card user name when smart card authentication is turned on.
userName String Required. A username for this user.

The following characters are not allowed in usernames : semicolon (;), forward slash (/), dollar sign ($), and percent sign (%).

Examples

For example, the following API creates a user with the username Fred McDerf:

grdapi create_user firstName=Fred lastName=McDerf password=Furball123! 
confirmPassword=Furball123! userName="Fred McDerf" disabled=false

Sample output:

ID=20001
ok