Managing local users

Administrators can access the users endpoint to create and manage local user accounts. Turbonomic stores the credentials for these accounts on the local server.

Adding local users

To add a local user, make a POST request to the users endpoint. The following parameters are required:

  • username: Specify a username for the account.

  • password: Specify the password for this user's account.

  • roles: Specify a user role to grant the user access to specific Turbonomic features. Specify the role in uppercase letters.

  • loginProvider: For a local user, specify Local.

  • type: Specify DedicatedCustomer.

Optionally, you can specify one or more scopes for the user, which limit what the user can monitor in your environment. For example, you can scope to a group that contains only the physical machines that support this user’s VMs or applications. This parameter is not valid for users who are in the ADMINISTRATOR role.

  • scope: Specify one or more scopes by using the numeric UUID value for each scope. To get a list of the groups that are available to scope to in your Turbonomic instance, along with their display names and UUIDs, make a GET request to the search endpoint, for example:

    GET https://10.10.10.10/api/v3/search?types=Group

For more information about user roles and scopes, see Managing user accounts.

Example:

POST https://10.10.10.10/api/v3/users

Example input

{
  "username": "myuser",
  "password": "mypassword",
  "roles": [
    {
      "name": "DEPLOYER"
    }
  ],
  "loginProvider": "Local",
  "type": "DedicatedCustomer",
  "scope": [
  {
    "uuid":"286125332284065"
  },
  {
    "uuid":"266725335284010"
  }
 ]
}

Response:

{
  "uuid": "4776186363888",
  "displayName": "myuser",
  "username": "mypassword",
  "roles": [
    {
      "name": "DEPLOYER"
    }
  ],
  "loginProvider": "Local",
  "type": "DedicatedCustomer",
  "scope": [
    {
      "uuid": "286125332284065",
      "isStatic": true,
      "logicalOperator": "AND",
      "groupClassName": "GroupApiDTO"
    }
    {
      "uuid": "266725335284010",
      "isStatic": true,
      "logicalOperator": "AND",
      "groupClassName": "GroupApiDTO"
    }
  ],
  "showSharedUserSC": false
}

Maintaining local users

To edit the details of an existing user or to delete a user, you must know the UUID value for the user.

  • To get a list of all the currently configured user accounts, make a GET request to the users endpoint:
    GET https://10.10.10.10/api/v3/users

    The API returns an array of UserApiDTO objects. Each UserApiDTO object includes the UUID, display name, username, roles, scope, and other details about a user account.

    Response:
    [
      {
        "uuid": "0000000000111",
        "displayName": "extTestUser",
        "username": "extTestUser",
        "roles": [
          {
            "name": "DEPLOYER"
          }
        ],
        "loginProvider": "LDAP",
        "type": "DedicatedCustomer",
        "showSharedUserSC": false
      },
      {
        "uuid": "0000000000112",
        "displayName": "externaluser1",
        "username": "externaluser1",
        "roles": [
          {
            "name": "OBSERVER"
          }
        ],
        "loginProvider": "LDAP",
        "type": "DedicatedCustomer",
        "showSharedUserSC": false
      },
      {
        "uuid": "0000000000113",
        "displayName": "administrator",
        "username": "administrator",
        "roles": [
          {
            "name": "ADMINISTRATOR"
          }
        ],
        "loginProvider": "Local",
        "type": "DedicatedCustomer",
        "showSharedUserSC": false
      },
      {
        "uuid": "0000000000114",
        "displayName": "newTestUser",
        "username": "newTestUser",
        "roles": [
          {
            "name": "DEPLOYER"
          }
        ],
        "loginProvider": "Local",
        "type": "DedicatedCustomer",
        "showSharedUserSC": false
      }
    ]
    • To get details about a specific user, append the UUID of the user to the request:
      GET https://10.10.10.10/api/v3/users/0000000000111
    • To get information about the currently logged-in user, append /me to the request:
      GET https://10.10.10.10/api/v3/users/me
  • To edit the details for a user, make a PUT request to the users endpoint and include the user's UUID:
    PUT https://10.10.10.10/api/v3/users/0000000000114
    The following parameters are required in the request body, regardless of whether you want to modify them:
    • username

    • roles

    • loginProvider

    • type

    Example:

    Include the required parameters in the request body and specify the values that you want to modify. In the following example, the role for the newTestUser user is changed from DEPLOYER to OBSERVER. The other parameters remain unchanged:
    {
      "username": "newTestUser",
      "roles": [
        {
          "name": "OBSERVER"
        }
      ],
      "loginProvider": "Local",
      "type": "DedicatedCustomer"
    }

    Response:

    {
      "uuid": "0000000000114",
      "displayName": "newTestUser",
      "username": "newTestUser",
      "roles": [
        {
          "name": "OBSERVER"
        }
      ],
      "loginProvider": "Local",
      "type": "DedicatedCustomer",
      "showSharedUserSC": false
    }
  • To delete a user, make a DELETE request to the users endpoint and include the user's UUID:
    DELETE https://10.10.10.10/api/v3/users/0000000000111