Using the Users REST API
The users REST API provides a flexible mechanism to automate creation, management and deletion of users, including API clients.
Note that some role names in the REST API are different to the Hub role names. That is, "Manager" in the Hub is "Deploy Admin" in the REST service, and "Author" in the Hub is "Policy Author" in the REST service.
Example GET All Users
The GET request URL looks like:
/opa-hub/api/12.2.22/users
The response to a get all users request looks like the following:
{
"items": [
{
"userName": "admin",
"fullName": "Default admin user",
"status": "Enabled",
"hubAdmin": true,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Policy Author",
"Deploy Admin"
]
}
],
"userType": "User",
"lastLogin": "2022-08-03T01:52:40Z",
"links": // ...
},
// ... more users ...
],
"links": // ...
}
Example GET Single User
The GET request URL looks like:
/opa-hub/api/12.2.22/users/admin
The response to a single user request looks like the following:
{
"userName": "admin",
"fullName": "Default admin user",
"status": "Enabled",
"hubAdmin": true,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Policy Author",
"Deploy Admin"
]
}
],
"userType": "User",
"lastLogin": "2022-08-03T01:52:40Z",
"links": // ...
}
Example GET Single API Client
The GET request URL looks like:
/opa-hub/api/12.2.22/users/apiuser
The response to a single API client request looks like the following:
{
"userName": "apiuser",
"status": "Enabled",
"hubAdmin": false,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Deploy Admin",
"Determinations API"
]
}
],
"userType": "LocalAPIClient",
"links": // ...
}
Example POST Single User
The POST request URL looks like:
/opa-hub/api/12.2.22/users
The basic structure expected for the POST request for the user resource is as follows:
{
"userName": "example",
"hubAdmin": false,
"fullName": "Example",
"email": "user@example.com",
"status": "Enabled",
"password": "...",
"temporaryPassword": false,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Policy Author",
"Deploy Admin"
]
}
],
"userType": "User"
}
Example POST Single API Client
The POST request URL looks like:
/opa-hub/api/12.2.22/users
The basic structure expected for the POST request for the user resource is as follows:
{
"userName": "apiexample",
"fullName": "API Example",
"email": "api@example.com",
"status": "Enabled",
"password": "...",
"hubAdmin": false,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Determinations API"
]
}
],
"userType": "LocalAPIClient"
}
Example PATCH Single User
The request URL looks like:
/opa-hub/api/12.2.22/users
The structure expected for a PATCH request for the user resource is as follows:
{
"userName": "example",
"fullName": "Example",
"email": "user@example.com",
"status": "Disabled",
"hubAdmin": false,
"workspaces": [
{
"name": "Default Collection",
"roles": [
"Policy Author",
"Deploy Admin"
]
},
// ... more workspaces ...
]
}
Example DELETE User
The request URL looks like:
/opa-hub/api/12.2.22/users/author
The response is an HTTP 204 response, with no JSON data returned.