• API >
• Public API Resources >
• Programmatic API Keys >
• Organization API Keys on Projects >
• Create and Assign One Organization API Key to One Project

Create and Assign One Organization API Key to One Project

All requests to this endpoint must originate from an IP address on the Ops Manager user’s API access list. For complete documentation on configuring API access lists, see Enable API Whitelisting for Your Organization.

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

Resource

copy

POST /groups/{PROJECT-ID}/apiKeys

Request Path Parameters

Name	Type	Description
PROJECT-ID	string	Unique identifier for the Project whose API keys you want to retrieve. Use the /groups endpoint to retrieve all organizations to which the authenticated user has access.

Request Query Parameters

The following query parameters are optional:

Name	Type	Description	Default
pageNum	integer	Page number (1-index based).	1
itemsPerPage	integer	Number of items to return per page, up to a maximum of 500.	100
pretty	boolean	Indicates whether the response body should be in a prettyprint format.	false
envelope	boolean	Indicates whether or not to wrap the response in an envelope. Some API clients cannot access the HTTP response headers or status code. To remediate this, set "envelope" : true in the query. For endpoints that return one result, response body includes: status HTTP response code envelope Expected response body For endpoints that return a list of results, the results object is an envelope. Ops Manager adds the status field to the response body.	None

Request Body Parameters

At least one of the two body parameters are required.

Name	Type	Description
desc	string	Description of the API key. Must be between 1 and 250 characters in length.
roles	string array	List of roles that the API Key needs to have. If the roles array is provided: Provide at least one role Make sure all roles must be valid for the Project Project roles include: Role Value in API Role GROUP_AUTOMATION_ADMIN Project Automation Admin GROUP_BACKUP_ADMIN Project Backup Admin GROUP_DATA_ACCESS_ADMIN Project Data Access Admin GROUP_DATA_ACCESS_READ_ONLY Project Data Access Read Only GROUP_DATA_ACCESS_READ_WRITE Project Data Access Read/Write GROUP_MONITORING_ADMIN Project Monitoring Admin GROUP_OWNER Project Owner GROUP_READ_ONLY Project Read Only GROUP_USER_ADMIN Project User Admin

Response

Name	Type	Description
desc	string	Description of this Organization API key assigned to this Project.
id	string	Unique identifier for this Organization API key assigned to this Project.
privateKey	string	Redacted Private key for this Organization API key assigned to this Project. Note This key displays unredacted when first created.
publicKey	string	Public key for this Organization API key assigned to this Project.
roles	object array	Roles that this Organization API key assigned to this Project has. This array returns all the Organization and Project roles the user has in Ops Manager.
roles.groupId	string	Unique identifier of the Project to which this role belongs.
roles.orgId	string	Unique identifier of the Organization to which this role belongs.
roles.roleName	string	Name of the role. This resource returns all the roles the user has in Ops Manager. Possible values are: Organization Roles If this is an roles.orgId (Organization), values include: Role Value in API Role ORG_OWNER Organization Owner ORG_MEMBER Organization Member ORG_GROUP_CREATOR Organization Project Creator ORG_READ_ONLY Organization Read Only Project Roles If this is an roles.groupId (Project), values include: Role Value in API Role GROUP_AUTOMATION_ADMIN Project Automation Admin GROUP_BACKUP_ADMIN Project Backup Admin GROUP_DATA_ACCESS_ADMIN Project Data Access Admin GROUP_DATA_ACCESS_READ_ONLY Project Data Access Read Only GROUP_DATA_ACCESS_READ_WRITE Project Data Access Read/Write GROUP_MONITORING_ADMIN Project Monitoring Admin GROUP_OWNER Project Owner GROUP_READ_ONLY Project Read Only GROUP_USER_ADMIN Project User Admin

Example Request

Note

The user who makes the request can be formatted either as {USERNAME}:{APIKEY} or {PUBLIC-KEY}:{PRIVATE-KEY}.

copy

curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
  --header "Accept: application/json" \
  --header "Content-Type: application/json" \
  --include \
  --request POST "https://<OpsManagerHost>:<Port>/api/public/v1.0/groups/{PROJECT-ID}/apiKeys?pretty=true" \
  --data '{
    "desc" : "New API key for test purposes",
    "roles": ["GROUP_READ_ONLY", "GROUP_DATA_ACCESS_ADMIN"]
  }'

Example Response

Response Header

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}
X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}

Response Body

{
  "desc" : "New API key for test purposes",
  "id" : "5d1d143c87d9d63e6d694746",
  "links" : [ {
    "href" : "https://<OpsManagerHost>:<Port>/api/public/v1.0/orgs/5980cfe20b6d97029d82fa63/apiKeys/5d1d143c87d9d63e6d694746",
    "rel" : "self"
  } ],
  "privateKey" : "********-****-****-db2c132ca78d",
  "publicKey" : "{PUBLIC-KEY}",
  "roles" : [ {
    "groupId" : "{PROJECT-ID}",
    "roleName" : "GROUP_READ_ONLY"
  }, {
    "groupId" : "{PROJECT-ID}",
    "roleName" : "GROUP_DATA_ACCESS_ADMIN"
  } ]
}

←   Get All Organization API Keys Assigned to One Project Assign One Organization API Key to One Project  →

© MongoDB, Inc 2008-present. MongoDB, Mongo, and the leaf logo are registered trademarks of MongoDB, Inc.