Modify Details of One Project Service Account
On this page
Cloud Manager will no longer support Automation, Backup, and Monitoring for MongoDB 3.6 and 4.0 after August 30th, 2024. Please upgrade your MongoDB deployment or migrate to Atlas.
- OAuth 2.0 authentication for programmatic access to Cloud Manager is available as a Preview feature.
- The feature and the corresponding documentation might change at any time during the Preview period. To use OAuth 2.0 authentication, create a service account to use in your requests to the Cloud Manager Public API.
Base URL: https://cloud.mongodb.com/api/public/v1.0
Resource
PATCH /groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}
Request Path Parameters
Name | Type | Description |
|---|---|---|
PROJECT-ID | string | Unique identifier for the Project whose service account you want to
update. Use the
/groups endpoint
to retrieve all projects to which the authenticated
user has access. |
CLIENT-ID | string | Unique identifier for the service account you want to update. Request
the
/groups/{PROJECT-ID}/serviceAccounts
endpoint to retrieve all service accounts to which the authenticated
user has access for the specified project. |
Request Query Parameters
The following query parameters are optional:
Name | Type | Description | Default | ||||||
|---|---|---|---|---|---|---|---|---|---|
pageNum | integer | Page number (1-index based). | 1 | ||||||
itemsPerPage | integer | Number of items to return per page, up to a maximum of 500. | 100 | ||||||
pretty | boolean | Indicates whether the response body should be in a
prettyprint format. | false | ||||||
envelope | boolean | Indicates whether or not to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or
status code. To remediate this, set For endpoints that return one result, response body includes:
For endpoints that return a list of results, the | None |
Request Body Parameters
The body parameter is required.
Name | Type | Necessity | Description | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
name | string | Optional | Name of the service account. Accepted characters are A-Z, a-z,
0-9, space, period ., apostrophe ', comma ,, underscore _,
and dash -. | ||||||||||||||||||||||
description | string | Optional | Description of the service account. Accepted characters are A-Z, a-z,
0-9, space, period ., apostrophe ', comma ,, underscore _,
and dash -. | ||||||||||||||||||||||
roles | string array | Required | List of roles that the service account should be granted. A minimum of one role must be provided. Any roles provided must be valid for the assigned Project:
Include all roles that you want this service account to have. Any roles not in this array are removed. |
Response
Name | Type | Description |
|---|---|---|
clientId | string | Unique identifier for the service account. |
createdAt | timestamp | Service account creation time. |
name | string | Name of the service account. |
description | string | Description of the service account. |
roles | string array | List of roles that the service account has in the project. Project roles include: |
secrets | object array | List of service account secrets. |
secrets.id | string | Unique 24-hexadecimal character string that identifies the secret. |
secrets.createdAt | timestamp | Timestamp representing secret creation time. |
secrets.expiresAt | timestamp | Timestamp representing secret expiration time. |
secrets.lastUsedAt | timestamp | Timestamp representing last secret usage. |
secrets.maskedSecretValue | string | Masked secret that only displays the prefix and last four characters. |
Example Request
Note
The user who makes the request can be formatted as {PUBLIC-KEY}:{PRIVATE-KEY}.
1 curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \ 2 --header "Accept: application/json" \ 3 --header "Content-Type: application/json" \ 4 --include \ 5 --request PATCH "https://cloud.mongodb.com/api/public/v1.0/groups/{PROJECT-ID}/serviceAccounts/{CLIENT-ID}?pretty=true" \ 6 --data '{ 7 "roles": [ "GROUP_OWNER" ] 8 }'
Example Response
Response Header
401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive
200 OK Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes} X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}
Response Body
1 { 2 "createdAt" : "2024-08-04T01:16:21Z", 3 "description" : "Service account for Cloud Manager users.", 4 "clientId" : "mdb_sa_id_66aed6653e07126244a84cc1", 5 "name" : "Cloud Manager service account", 6 "roles" : [ "GROUP_OWNER" ], 7 "secrets" : [ { 8 "createdAt" : "2024-08-04T01:16:21Z", 9 "expiresAt" : "2024-11-02T01:16:21Z", 10 "lastUsedAt" : "2024-08-24T21:10:35Z", 11 "id" : "66aed6653e07126244a84cc0", 12 "maskedSecretValue" : "mdb_sa_sk_...MeyM" 13 } ] 14 }