1. REST API for Oracle Private Cloud Appliance Compute Enclave
  2. Tasks
  3. Identity
  4. Users

Create a User

post

/20160918/users

Create a new user in your tenancy. Specify the OCID of your tenancy for the compartment OCID in the request.

Specify a name for the user, which must be unique across all users in your tenancy and cannot be changed. Allowed characters are letters, numerals, hyphens, periods, underscores, +, and @. The space characer is not allowed. If you specify a name that is already in use, you will receive a 409 error. This name will be the user's login to the Compute Web UI. You might want to choose a name that your company's own identity system (for example, Active Directory, LDAP, etc.) already uses. You can delete a user and then create a new user with the same name because they will have different OCIDs.

You must specify a description for the user, although it can be an empty string. You can use the field to provide the user's full name, a description, a nickname, or other information to identify the user.

After you send your request, the new object's lifecycleState will temporarily be CREATING. Before using the object, make sure its lifecycleState has changed to ACTIVE.

A new user has no permissions until you place the user in one or more groups. See AddUserToGroup. Inform the new user which compartment(s) they have access to.

If the user needs to access the Compute Web UI, you need to provide the user with a password. See CreateOrResetUIPassword.

If the user needs to access the REST API, you need to upload a public API signing key for the user.

Request

Supported Media Types
Header Parameters
  • Minimum Length: 1
    Maximum Length: 64
    A token that uniquely identifies a request so it can be retried in case of a timeout or server error without risk of executing that same action again. Retry tokens expire after 24 hours, but can be invalidated before then due to conflicting operations (for example, if a resource has been deleted and purged from the system, then a retry of the original creation request may be rejected).
Body ()
Request object for creating a new user.
Root Schema : CreateUserDetails
Type: object
Show Source
  • The OCID of the tenancy containing the user.
  • definedTags
    Additional Properties Allowed: additionalProperties
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
  • Minimum Length: 1
    Maximum Length: 400
    The description you assign to the user during creation. Does not need to be unique, and it is changeable. (For tenancies that support identity domains) You can have an empty description.
  • Minimum Length: 0
    Maximum Length: 254
    The email you assign to the user during creation. The email must be unique across all users in the tenancy. (For tenancies that support identity domains) You must provide an email for each user.
  • freeformTags
    Additional Properties Allowed: additionalProperties
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
  • Minimum Length: 1
    Maximum Length: 100
    The name you assign to the user during creation. This is the user's login for the Compute Web UI. The name must be unique across all users in the tenancy and cannot be changed.
Nested Schema : definedTags
Type: object
Additional Properties Allowed
Show Source
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
Nested Schema : freeformTags
Type: object
Additional Properties Allowed
Show Source
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
Nested Schema : additionalProperties
Type: object
Additional Properties Allowed
Show Source
Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{"CostCenter": "42"}`
Nested Schema : additionalProperties
Type: object
The value of the tag. Only the String type is supported.
Back to Top

Response

Supported Media Types

200 Response

The user is being created.
Headers
  • For optimistic concurrency control. See `if-match`.
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : User
Type: object
An individual employee or system that needs to manage or use your company's Oracle Private Cloud Appliance resources. Users might need to launch instances, manage remote disks, work with your cloud network, etc. Users have one or more IAM Service credentials (ApiKey, UIPassword, SwiftPassword and AuthToken). End users of your application are not typically IAM Service users, but for tenancies that have identity domains, they might be. These users are created directly within the Oracle Private Cloud Appliance system, via the IAM service. They are different from federated users, who authenticate themselves to the Compute Web UI via an identity provider. Avoid entering confidential information when you supply string values using the API.
Show Source
  • UserCapabilities
    Properties indicating how the user is allowed to authenticate.
  • The OCID of the tenancy containing the user.
  • Minimum Length: 0
    Maximum Length: 201
    DB username of the DB credential. Has to be unique across the tenancy.
  • definedTags
    Additional Properties Allowed: additionalProperties
    Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
  • Minimum Length: 1
    Maximum Length: 400
    The description you assign to the user. Does not need to be unique, and it is changeable. (For tenancies that support identity domains) You can have an empty description.
  • Minimum Length: 0
    Maximum Length: 254
    The email address you assign to the user. The email address must be unique across all users in the tenancy. (For tenancies that support identity domains) The email address is required unless the requirement is disabled at the tenancy level.
  • Whether the email address has been validated.
  • Identifier of the user in the identity provider
  • freeformTags
    Additional Properties Allowed: additionalProperties
    Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
  • The OCID of the user.
  • The OCID of the IdentityProvider this user belongs to.
  • Returned only if the user's lifecycleState is INACTIVE. A 16-bit value showing the reason why the user is inactive: - bit 0: SUSPENDED (reserved for future use) - bit 1: DISABLED (reserved for future use) - bit 2: BLOCKED (the user has exceeded the maximum number of failed login attempts for the Compute Web UI)
  • Flag indicates if MFA has been activated for the user.
  • The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null. For illustrative purposes, suppose we have a user who has logged in at July 1st, 2020 at 1200 PST and logged out 30 minutes later. They then login again on July 2nd, 2020 at 1500 PST. Their previousSuccessfulLoginTime would be 2020-07-01:19:00.000Z. Their lastSuccessfulLoginTime would be 2020-07-02:22:00.000Z.
  • Minimum Length: 1
    Maximum Length: 64
    Allowed Values: [ "CREATING", "ACTIVE", "INACTIVE", "DELETING", "DELETED" ]
    The user's current state. After creating a user, make sure its lifecycleState changes from CREATING to ACTIVE before using it.
  • Minimum Length: 1
    Maximum Length: 100
    The name you assign to the user during creation. This is the user's login for the Compute Web UI. The name must be unique across all users in the tenancy and cannot be changed.
  • The date and time of when the user most recently logged in the format defined by RFC3339 (ex. 2016-08-25T21:10:29.600Z). If there is no login history, this field is null. For illustrative purposes, suppose we have a user who has logged in at July 1st, 2020 at 1200 PST and logged out 30 minutes later. They then login again on July 2nd, 2020 at 1500 PST. Their previousSuccessfulLoginTime would be 2020-07-01:19:00.000Z. Their lastSuccessfulLoginTime would be 2020-07-02:22:00.000Z.
  • Date and time the user was created, in the format defined by RFC3339. Example: 2016-08-25T21:10:29.600Z
  • SupportAccounts
    The support accounts that an OCI user can links to. An OCI user may links to different SupportAccounts from different support provider. The OCI user can only link to one support account from a a particular support provider.
Nested Schema : UserCapabilities
Type: object
Properties indicating how the user is allowed to authenticate.
Show Source
Nested Schema : definedTags
Type: object
Additional Properties Allowed
Show Source
Defined tags for this resource. Each key is predefined and scoped to a namespace. Example: {"Operations": {"CostCenter": "42"}}
Nested Schema : freeformTags
Type: object
Additional Properties Allowed
Show Source
Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. Example: {"Department": "Finance"}
Nested Schema : SupportAccounts
Type: object
The support accounts that an OCI user can links to. An OCI user may links to different SupportAccounts from different support provider. The OCI user can only link to one support account from a a particular support provider.
Show Source
Nested Schema : additionalProperties
Type: object
Additional Properties Allowed
Show Source
Key-value pair representing a defined tag key and value, scoped to a namespace. Example: `{"CostCenter": "42"}`
Nested Schema : additionalProperties
Type: object
The value of the tag. Only the String type is supported.
Nested Schema : MosSupportAccount
Type: object
Derived object from SupportAccount. The support provider is MOS
Match All
Derived object from SupportAccount. The support provider is MOS
Derived object from SupportAccount. The support provider is MOS
Show Source
  • SupportAccount
    Discriminator: supportProvider
    This is the base object indicating who is the support provider, and what is the userId within the support provider.
Nested Schema : SupportAccount
Type: object
Discriminator: supportProvider
This is the base object indicating who is the support provider, and what is the userId within the support provider.
Show Source
Example Response (application-json)
{   "id" : "ocid1.user.oc1..aaaaaaaaqvrabwexampleuniqueID",   "compartmentId" : "ocid1.tenancy.oc1..aaaaaaaaba3pvexampleuniqueID",   "name" : "JohnSmith@example.com",   "description" : "John Smith",   "lifecycleState" : "ACTIVE",   "timeCreated" : "2016-11-18T18:13:12.210Z" }

400 Response

Bad Request
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

401 Response

Unauthorized
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

403 Response

Forbidden
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

404 Response

Not Found
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

409 Response

Conflict
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

429 Response

Too Many Requests
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

500 Response

Internal Server Error
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.

Default Response

An error has occurred.
Headers
  • Unique Oracle-assigned identifier for the request. If you need to contact Oracle about a particular request, please provide the request ID.
Body ()
Root Schema : Error
Type: object
The properties that define an error.
Show Source
  • A short error code that defines the error, meant for programmatic parsing. See [API Errors](https://docs.us-phoenix-1.oraclecloud.com/Content/API/References/apierrors.htm).
  • A human-readable error string.
Back to Top