POST: Create a user

The POST operation can be used to create both internal, native ALM Octane users or SSO users, and LDAP users.

Contexts in which you can add users

To create a user, perform a POST in one of the following contexts: 

Context Notes
Shared space

Space admin permissions are required.

You can create a shared space user without assigning a role. In this case, the user is created with the predefined viewer role. For an example on assigning roles later using the REST API, see PUT: Update a user's role.

If you do not specify a work space when POSTing the user, the default_workspace is used.

Workspace

Workspace admin permissions are required.

Note: Most roles can be customized. Roles and their permissions might be different for your organization.

You must assign a role when creating a workspace user.

You cannot add users in the site context using the REST API.

Back to top

Creating internal, native or SSO users

Use the following fields when creating a new user:

Field Required Must be unique
uid
name

(used for login)

first_name
last_name
email

If another user exists with the same email address, an error is returned.

Bulk POSTs are supported.

Back to top

Creating LDAP users

As with any other user, use the POST operation to create new LDAP users.

To update existing LDAP user details, re-import the users. For details, see Manage site users.

When creating LDAP users with the REST API, most LDAP properties must be provided with the values as specified in LDAP and ALM Octane Settings. For details about mapping attributes between LDAP and ALM Octane, see:

Property Description
uid

The LDAP attribute that should be used as the immutable, globally-unique identifier. Mandatory.

In this documentation, we also refer to this as the UUID (universally unique ID).

To work with ALM Octane, we generally use entryUUID for OpenLDAP. However, depending on your LDAP, this attribute might be different, such as objectGUID, GUID, or orclguid.

This is the attribute by which ALM Octane identifies each user internally for synchronization between ALM Octane and LDAP, including when importing users into ALM Octane.

If not provided, an error is returned.

ldap_dn

The LDAP dn (distinguished name) often set to the LDAP entryDN attribute. Mandatory. If not provided, an error is returned.

This is comprised of several pairs of attributes and values. The dn is a unique string that typically contains other LDAP attributes, such as cn, ou, and dc.

ldap_server_id ID for the LDAP server. Optional.
name

If using an actual email, this property is optional. In this case, ALM Octane uses the email as the default value for the name property.

password Passwords are managed by the LDAP system, and should not be provided in the POST command.

For an example, see Example: Adding an LDAP user to a workspace.

Back to top

Examples

See also: