Add Users to an Identity Domain (v1)
Creates a batch of users in an identity domain using an ANSI or UTF-8 encoded Comma Separated Value (CSV) file that was previously uploaded to the environment. The CSV file should not include the account of the user who executes this command. You can use the Upload REST API to upload the file. The file should be deleted after the API executes. With this API, you can see which records failed and the reason why they failed in addition to how many records passed and failed. The file format is as follows:
First Name,Last Name,Email,User Login
Jane,Doe,jane.doe@example.com,jdoe
John,Doe,john.doe@example.com,john.doe@example.comThis API sends each new user an email with details about their accounts (user name and password) if resetpassword is set to true. If resetpassword is set to false, the email is not sent. If you set resetpassword to false, you should specify userpassword. Otherwise, a unique temporary password will be assigned to each user, but, because no email is sent, the passwords will not be known to the users so they will not be able to log in.
See Importing a Batch of User Accounts in Getting Started with Oracle Cloud for a detailed description of the CSV file format.
If a user definition in the CSV file matches a user account that exists in the identity domain, no changes will be made to the existing user account. This API creates accounts only for new users whose account information is included in the file. Because user accounts are common to all service environments that an identity domain supports, new users are available to all the environments that share the identity domain.
This API should be run only by an Identity Domain Administrator in the identity domain where users are to be created. In addition, the user running the API must also be the Service Administrator of the environment where the API is targeted.
The API is asynchronous and returns the Job ID. The presence of status -1 in the response indicates that the creation of users is in progress. Use the job status URI to determine whether the creation of users is complete. Any non-zero status except -1 indicates failure of adding users.
Note:
This API assigns one password (value of userpassword) to all the users
specified in the CSV file. Assigning the same password to all users may be desirable if
you are creating users purely for testing purposes.
If you are creating real EPM Cloud users and want to assign a specific password to each user, use this API for a single user at a time. That is, specify a single user in the CSV file and provide a password for this user in the API. Then, specify the other user in the CSV file and provide a different password for this user in the API.
When you add users using this API, unlike when you add users from My Services, Oracle
Cloud does not send automatic emails to each newly added user. You should manually email
credentials (login name and password) to each new user. Additionally, you should force new
users to change password at first login by specifying resetpassword as
true.
This API is version v1.
Required Roles
Identity Domain Administrator and any predefined role (Service Administrator, Power User, User, or Viewer)
REST Resource
POST /interop/rest/security/<api_version>/users
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-2 Tasks for Add Users to an Identity Domain
| Task | Request | REST Resource |
|---|---|---|
| Add users | POST | /interop/rest/security/<api_version>/users |
| Add users status | GET | /interop/rest/security/<api_version>/jobs/<jobid> |
Request
Supported Media Types: application/x-www-form-urlencoded
The following table summarizes the POST request parameters.
Table 12-3 Parameters
| Name | Description | Type | Required | Default |
|---|---|---|---|---|
filename |
The name of the uploaded ANSI or UTF-8 encoded CSV file containing the users to
add, such as |
Form | Yes | None |
userpassword |
Optionally, indicates the default password that you want to assign to all the
new users who are created in the identify domain. If specified, this password must
meet the minimum identity domain password requirements.
If specified, the value
of the user password parameter is used as the password for all users specified in
the CSV file. Assigning the same password to all users may be desirable if you are
creating users purely for testing purposes. If you are creating real EPM Cloud
users and want to assign a specific password to each user, use this command
without specifying a valid for the |
Form | No | None |
resetpassword |
Optionally, indicates whether new users must change password at the first
login. Unless this parameter is set to false, new users will be
forced to change the password at the first login.
This parameter sends each new
user an email with details about their accounts (user name and password) if
If
Note: If you set |
Form | No | true |
Response
Supported Media Types: application/json
Table 12-4 Parameters
| Name | Description |
|---|---|
details |
In the case of errors, details are published with the error string |
status |
See Migration Status Codes |
links |
Detailed information about the link |
href |
Links to API call or status API |
action |
The HTTP call type |
rel |
Possible values: self or Job Status. If the value is set to Job Status, you can use the href to get the status
|
data |
Parameters as key value pairs passed in the request |
items |
Details about the resource |
links |
Details of the first URL to be requested to get the job details; rel is "Job Details" |
Examples of Response Body
The following examples show the contents of the response body in JSON format:
Example 1: Job is in Progress
{
"links": [
{
"rel": "self",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/users",
"data": {
"jobType": "ADD_USERS",
"filename": "<filename>",
"resetpassword": "<true|false>" },
"action": "POST"
},
{
"rel": "Job Status",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/users",
"data": null,
"action": "GET"
}
],
"details": null,
"status": -1,
"items": null
}Example 2: Job Completes with Errors
{
"links": [
{
"rel": "self",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/jobs/",
"data": null,
"action": "GET"
}
],
"details": "Failed to add users. Input file <fileName> is not found. Specify a valid file name.",
"status": 1,
"items": null
}Example 3: Job Completes without Errors
{
"links": [
{
"rel": "self",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/jobs/",
"data": null,
"action": "GET"
}
],
"details": "Processed - 3, Succeeded - 2, Failed - 1.",
"status": 0,
"items": [
{
"UserName":"<USERNAME>","Error_Details": "User <USERNAME> already exists. Please provide a different user name."
}
]
) Java Sample Code
Prerequisites: json.jar
Common Functions: See CSS Common Helper Functions for Java
public void addUsers(String fileName, String userPassword, boolean resetPassword) {
try {
String url = this.serverUrl + "/interop/rest/security/<api_version>/users";
Map<String, String> reqHeaders = new HashMap<String, String>();
reqHeaders.put("Authorization", "Basic " + DatatypeConverter
.printBase64Binary((this.userName + ":" + this.password).getBytes(Charset.defaultCharset())));
Map<String, String> reqParams = new HashMap<String, String>();
reqParams.put("filename", fileName);
reqParams.put("userpassword", userPassword);
reqParams.put("resetpassword", resetPassword + "");
Map<String, String> resetResult = CSSRESTHelper.callRestApi(new HashMap(), url, reqHeaders, reqParams,
"POST");
String jobStatus = CSSRESTHelper.getCSSRESTJobCompletionStatus(restResult, reqHeaders);
System.out.println(jobStatus);
} catch (Exception e) {
e.printStackTrace();
}
}Shell Script Sample Code
Prerequisites: jq (http://stedolan.github.io/jq/download/linux64/jq)
Common Functions: See CSS Common Helper Functions for cURL
funcAddUsers() {
url="$SERVER_URL/interop/rest/security/$API_VERSION/users"
params="filename=$1&userpassword=$2&resetpassword=$3"
header="Content-Type: application/x-www-form-urlencoded;charset=UTF-8"
cssRESTAPI="AddUsers"
statusMessage=$(funcCSSRESTHelper "POST" "$url" "$header" "$USERNAME" "$PASSWORD" "$params" "$cssRESTAPI")
echo $statusMessage
}Groovy Sample Code
Common Functions: See CSS Common Helper Functions for Groovy
def addUsers(fileName, resetPassword, userPassword) {
String scenario = "Creating users in " + fileName;
String params = "jobtype=ADD_USERS&filename="+ fileName +"&resetpassword="+ resetPassword +"&userpassword="+ userPassword;
def url = null;
def response = null;
try {
url = new URL(serverUrl + "/interop/rest/security/" + apiVersion + "/users");
} catch (MalformedURLException e) {
println "Please enter a valid URL"
System.exit(0);
}
response = executeRequest(url, "POST", params, "application/x-www-form-urlencoded");
if (response != null) {
getJobStatus(getUrlFromResponse(scenario, response, "Job Status"), "GET");
}
}Sample cURL Command Basic Auth
curl -X POST -s -u '<USERNAME>:<PASSWORD>' -H
'Content-Type: application/x-www-form-urlencoded' -d
'filename=<CSV-FILE-NAME>&resetpassword=<TRUE/FALSE>&userpassword=<PASSWORD>'
'https://<BASE-URL>/interop/rest/security/v1/users'
Sample cURL Command OAuth 2.0
curl -X POST --header "Authorization: Bearer <OAUTH_ACCESS_TOKEN>" -H
'Content-Type: application/x-www-form-urlencoded' -d
'filename=<CSV-FILE-NAME>&resetpassword=<VALUE>&userpassword=<PASSWORD>'
'https://<BASE-URL>/interop/rest/security/v1/users'