Versions Compared

Old Version 21

changes.mady.by.user Technische Redaktion

Saved on

compared with

New Version Current

changes.mady.by.user Technische Redaktion

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.



Page Properties
hiddentrue
idDONErDOC

Product Version
Report Note
AssigneeMartin

Resources & Remarks

  • Version 2.4 - options" ...  "synchronousContentAnalysis": true (OKTO-4309)

Modification History

NameDateProduct VersionAction
Antje08 FEB 20212.4New page properties macro.
Antje12 FEB 20212020 WinterrDOC
Agnieszka15 FEB 20212020 WinterrLANG
Antje04 JUN 20212021 Autumngroups added
Antje12 JUL 20222022 Autumnadd YUUVIS_MANAGE_SETTINGS default role



POST /api-tm

to the given address by Keycloak.

POST /tenant-management/api/admin/users?withInvitation=true HTTP/1.1

If the parameter withInvitation is not given the default is "false".

Beginning with 2021 Autumn Alpha 4: 
POST /tenant-management/api/admin/users?

withInvitation%20

withInvitation=true

HTTP

&temporaryPassword=false HTTP/1.1

If the temporaryPassword parameter is not specified, the default is "true".

As of Versionproduct version 2.4 2020 Winter | component version 1.0
Request MethodPOST
Response FormatJSON
Required Permission

Available if listed in authorization.accesses in authentication-prod.yml and the specified access condition is matched. In the default configuration, access is granted via the YUUVIS_TENANT_ADMIN and YUUVIS_MANAGE_SETTINGS (as of 2022 Autumn) roles.

>> AUTHENTICATION Service
Description


Create
Excerpt
Creates a new user in the tenant with the given properties.


The properties for the new user are passed in JSON format.
Required: user with  In the response, the user ID is returned again in JSON format.

The only required parameter is username, but specifying the email parameter  is recommended. The specified e-mail address is used to invite users after they have been created and in case they have forgotten their password. If no SMTP parameters are set for a new user, no invitation e-mail can be sent. The currently logged-in user will be informed.

It is not allowed to assign the YUUVIS_SYSTEM_INTEGRATOR default role to new users.

As of 2022 Autumn, in the default configuration, users with the YUUVIS_MANAGE_SETTINGS role are allowed to use the endpoint as well. However, they are not allowed to assign the roles YUUVIS_TENANT_ADMIN

role

Notes:

  • Only username is mandatory but email is recommended.
  • The reference client shows the user data in this format: lastName, firstName (username)
  • email is used when the user clicks 'Password forgotten' on the login dialog or in case of an invitation after creation.
    • It is recommended to disable users instead of deleting them if their names are needed in case of compliance requirements

    or YUUVIS_SYSTEM_INTEGRATOR.

    It is recommended to deactivate users instead of deleting them. Their user names might be required for compliance reasons.

    New users are created with the Keycloak settings shown in the screenshot below (click to enlarge). The first actions newly created users have to carry out are specified under Required User Actions. In this configuration, these are Update Password and Update Profile. Hence, new users have to register by setting a password and other user data. The URL to the registration page is specified in the e-mail invitation.

    Image Added

    yuuvis® Momentum client as reference implementation displays the user's name in the following format: lastName, firstName (username).

    Meaning of the response status codes:


    HTTP Status CodeMeaning
    201 CREATEDSuccessful, the user has been created with the specified properties.
    401 UNAUTHORIZEDThe call was unauthorized.
    409 CONFLICT

    At least one of the following situations occurred:

    • The username is not unique.
    • The email address is not unique.
    • The email address or password must be set.
    • The role {ROLE_NAME} was not found.
    • The group {GROUP_NAME} was not found.


    Request Example

    Will be introduced with the Release Candidate with the tag 1.1.0-rc2: If the password is not set, but email e-mail and the withInvitation withInvitation call parameter is given with are defined as true, an e-mail invitation mail invitation is sent by Keycloak to the given address.

    Panel
    Code Block
    languageyml
    {

    
  "email": "
    bartonitz@optimal-systems
    example@exampleprovider.de"

    ,
  "username":
    :
     "
    bartonitz
    mrexample",

    ,
    
  "firstName":
    :
     "
    Martin
    Examplename",

    ,
    
  "lastName"
    :
    : "
    Bartonitz
    Examplesurname",

    
  "roles": ["role1","role2"],
  "groups": ["group4","mygroup","group2"],

    
  "enabled": true,

    
  "password": "asecurepassword"

    
}


    Result Response Example
    Meaning of the response status codes:

    201 CREATED

    The user with his properties has been created

    401 UNAUTHORIZED

    The call was unauthorized


    Code Blockpanel
    languageyml
    {

    
  "id": "
    a69a0eb6
    a00a0bb1-
    3662
    1234-
    4c00
    5c66-
    8096
    7890-
    38fbb2c4a922
    00fbb1c1a222"

    }
    Responses
    
}