Update Roles for One User
On this page
Note
Groups and projects are synonymous terms. Your {PROJECT-ID}
is the
same as your project id. For existing groups, your group/project id
remains the same. This page uses the more familiar term group when
referring to descriptions. The endpoint remains as stated in the
document.
Add, update, or remove a user's roles within an organization or
project. By default, any new non-global organization and project
roles in the payload send users an invitation to the organization or
project first. You can add users directly to an organization or project
only if you set the mms.user.bypassInviteForExistingUsers
setting to true
.
Resource
Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0
PATCH /users/{USER-ID}
Required Roles
You must have the appropriate Owner roles to use this API endpoint.
Level | Needed Role |
---|---|
Organization | |
Project |
Important
You can always update your own user account.
If you own an organization or project, you can update the user roles for any user with membership in that organization or project. You cannot modify any other user profile information.
Request Path Parameters
Name | Type | Necessity | Description |
---|---|---|---|
USER-ID | string | Required | Unique identifier of the user that you want to
retrieve. To retrieve the USER-ID for a user, see
Get All Users in One Project. |
Request Query Parameters
The following query parameters are optional:
Name | Type | Necessity | Description | Default | ||||||
---|---|---|---|---|---|---|---|---|---|---|
pretty | boolean | Optional | Flag indicating whether the response body should be in a
prettyprint format. | false | ||||||
envelope | boolean | Optional | Flag that indicates whether or not to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. For endpoints that return one result, the response body includes:
| false |
Request Body Parameters
Name | Type | Necessity | Description | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
roles | array of objects | Required | Role assigned to the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
roles .orgId | string | Optional | Unique identifier of the organization in which the Ops Manager user
has the specified role. | ||||||||||||||||||||||||||||||||||||||||
roles .groupId | string | Optional | Unique identifier of the project in which the Ops Manager user has the specified role. Roles that start with | ||||||||||||||||||||||||||||||||||||||||
roles .roleName | string | Optional | Name of the role. Accepted values are:
|
Response
The JSON document contains each of the following elements:
Name | Type | Description | ||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
emailAddress | string | Email address of the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
firstName | string | First name of the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
id | string | Unique identifier of the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
lastName | string | Last name of the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
links | object array | Links to related sub-resources. All links arrays in
responses include at least one link called self. The
relationship between URLs are explained in the
Web Linking Specification. | ||||||||||||||||||||||||||||||||||||||||
mobileNumber | string | Mobile number of the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
roles | empty array | Role assigned to the Ops Manager user. | ||||||||||||||||||||||||||||||||||||||||
roles .groupId | string | Unique identifier for the project in which the user has the specified role. Roles that start with | ||||||||||||||||||||||||||||||||||||||||
roles .orgId | string | Unique identifier for the organization in which the user has
the specified role. | ||||||||||||||||||||||||||||||||||||||||
roles .roleName | string | Name of the role. Accepted values are:
| ||||||||||||||||||||||||||||||||||||||||
username | string | Username of the Ops Manager user. |
Example Request
1 curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \ 2 --header "Accept: application/json" \ 3 --header "Content-Type: application/json" \ 4 --include \ 5 --request PATCH "https://<OpsManagerHost>:<Port>/api/public/v1.0/users/{USER-ID}" \ 6 --data ' 7 { 8 "roles": [{ 9 "groupId": "{GROUP-ID}", 10 "roleName": "{ROLE}" 11 }] 12 }'
Example Response
Response Header
401 Unauthorized Content-Type: application/json;charset=ISO-8859-1 Date: {dateInUnixFormat} WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false Content-Length: {requestLengthInBytes} Connection: keep-alive
200 OK Vary: Accept-Encoding Content-Type: application/json Strict-Transport-Security: max-age=300 Date: {dateInUnixFormat} Connection: keep-alive Content-Length: {requestLengthInBytes} X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}
Response Body
1 { 2 "id": "{USER-ID}", 3 "username": "jane", 4 "emailAddress": "jane@qa.example.com", 5 "firstName": "Jane", 6 "lastName": "D'oh", 7 "links": [{ 8 "href": "https://<OpsManagerHost>:<Port>/api/public/v1.0/users/{USER-ID}", 9 "rel": "self" 10 }, 11 { 12 "href": "https://<OpsManagerHost>:<Port>/api/public/v1.0/users/{USER-ID}/accessList", 13 "rel": "http://mms.mongodb.com/accessList" 14 }], 15 "roles": [{ 16 "orgId": "{ORG-ID}", 17 "roleName": "ORG_MEMBER" 18 },{ 19 "groupId": "{PROJECT-ID}", 20 "roleName": "GROUP_READ_ONLY" 21 }], 22 "teamIds": [] 23 }