Docs Menu
Docs Home
/
MongoDB Ops Manager
/ / / /

Modify Roles of One Organization API Key to One Project

On this page

  • Resource
  • Request Path Parameters
  • Request Query Parameters
  • Request Body Parameters
  • Response
  • Example Request
  • Example Response
  • Response Header
  • Response Body

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

PATCH /groups/{PROJECT-ID}/apiKeys/{API-KEY-ID}
Name
Type
Description
PROJECT-ID
string
Unique identifier for the Project whose API keys you want to update. Use the /groups endpoint to retrieve all organizations to which the authenticated user has access.
API-KEY-ID
string
Unique identifier for the API key you want to update. Request the /groups/{PROJECT-ID}/apiKeys endpoint to retrieve all API keys to which the authenticated user has access for the specified organization.

The following query parameters are optional:

Name
Type
Description
Default
pageNum
integer
Page number (1-index based).
1
itemsPerPage
integer
Number of items to return per page, up to a maximum of 500.
100
pretty
boolean
Indicates whether the response body should be in a prettyprint format.
false
envelope
boolean

Indicates whether or not to wrap the response in an envelope.

Some API clients cannot access the HTTP response headers or status code. To remediate this, set "envelope" : true in the query.

For endpoints that return one result, response body includes:

status
HTTP response code
envelope
Expected response body

For endpoints that return a list of results, the results object is an envelope. Ops Manager adds the status field to the response body.

None

The body parameter is required.

Name
Type
Necessity
Description
roles
string array
Required

List of roles that the API Key should be granted. A minimum of one role must be provided. Any roles provided must be valid for the assigned Project:

Role Value in API
Role
GROUP_AUTOMATION_ADMIN
GROUP_BACKUP_ADMIN
GROUP_DATA_ACCESS_ADMIN
GROUP_DATA_ACCESS_READ_ONLY
GROUP_DATA_ACCESS_READ_WRITE
GROUP_MONITORING_ADMIN
GROUP_OWNER
GROUP_READ_ONLY
GROUP_USER_ADMIN

Include all roles that you want this API Key to have. Any roles not in this array are removed.

Name
Type
Description
desc
string
Description of this Organization API key assigned to this Project.
id
string
Unique identifier for this Organization API key assigned to this Project.
privateKey
string

Redacted Private key for this Organization API key assigned to this Project.

This key displays unredacted when first created.

publicKey
string
Public key for this Organization API key assigned to this Project.
roles
object array
Roles that this Organization API key assigned to this Project has. This array returns all the Organization and Project roles the user has in Ops Manager.
roles.groupId
string
Unique identifier of the Project to which this role belongs.
roles.orgId
string
Unique identifier of the Organization to which this role belongs.
roles.roleName
string

Name of the role. This resource returns all the roles the user has in Ops Manager. Possible values are:

Organization Roles

If this is an roles.orgId (Organization), values include:

Role Value in API
Role
ORG_OWNER
ORG_MEMBER
ORG_GROUP_CREATOR
ORG_READ_ONLY

Project Roles

If this is an roles.groupId (Project), values include:

Role Value in API
Role
GROUP_AUTOMATION_ADMIN
GROUP_BACKUP_ADMIN
GROUP_DATA_ACCESS_ADMIN
GROUP_DATA_ACCESS_READ_ONLY
GROUP_DATA_ACCESS_READ_WRITE
GROUP_MONITORING_ADMIN
GROUP_OWNER
GROUP_READ_ONLY
GROUP_USER_ADMIN

Note

The user who makes the request can be formatted either as {USERNAME}:{APIKEY} or {PUBLIC-KEY}:{PRIVATE-KEY}.

1curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
2 --header "Accept: application/json" \
3 --header "Content-Type: application/json" \
4 --include \
5 --request PATCH "https://<OpsManagerHost>:<Port>/api/public/v1.0/groups/{PROJECT-ID}/apiKeys/5d1d143c87d9d63e6d694746?pretty=true" \
6 --data '{
7 "roles": [ "GROUP_READ_ONLY", "GROUP_DATA_ACCESS_READ_WRITE" ]
8 }'
HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}
X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}
1{
2 "desc" : "New API key for test purposes",
3 "id" : "5d1d143c87d9d63e6d694746",
4 "links" : [ {
5 "href" : "https://<OpsManagerHost>:<Port>/api/public/v1.0/orgs/5980cfe20b6d97029d82fa63/apiKeys/5d1d143c87d9d63e6d694746",
6 "rel" : "self"
7 } ],
8 "privateKey" : "********-****-****-eac4256753ba",
9 "publicKey" : "{PUBLIC-KEY}",
10 "roles" : [ {
11 "orgId" : "5980cfe20b6d97029d82fa63",
12 "roleName" : "ORG_BILLING_ADMIN"
13 }, {
14 "groupId" : "{PROJECT-ID}",
15 "roleName" : "GROUP_DATA_ACCESS_READ_WRITE"
16 }, {
17 "orgId" : "5980cfe20b6d97029d82fa63",
18 "roleName" : "ORG_MEMBER"
19 }, {
20 "groupId" : "{PROJECT-ID}",
21 "roleName" : "GROUP_READ_ONLY"
22 } ]
23}

Back

Assign One Organization API Key to One Project