Create user groups
This API call creates multiple cluster user groups.
Authentication
The ServiceProviderAPI (Service Provider API) Api-Token scope is required to get the default realm password policy configuration using the Dynatrace API. With this API method, you can preset user's password by passing passwordClearText value. This is allowed only if a specific Feature Flag is enabled. To do this, Please contact a Dynatrace ONE product specialist by selecting the chat button in the upper-right corner of the Dynatrace menu bar..
Endpoint
/api/v1.0/onpremise/groups/bulk
Parameter
| Parameter | Type | Description | In | Required |
|---|---|---|---|---|
| body | Group | - | body | optional |
Request body objects
The RequestBody object
The object doesn't provide any parameters.
The GroupConfig object
The configuration of the group.
| Element | Type | Description | Required |
|---|---|---|---|
| isClusterAdminGroup | boolean | If true, then the group has the cluster administrator rights. | required |
| hasAccessAccountRole | boolean | If true, then the group has the access account rights. | optional |
| hasManageAccountAndViewProductUsageRole | boolean | If true, then the group has the manage account rights. | optional |
| isAccessAccount | boolean | - | optional |
| isManageAccount | boolean | - | optional |
| id | string | Group ID. Leave empty if creating group. Set if updating group. | required |
| name | string | Group name | required |
| ldapGroupNames | string[] | LDAP group names | optional |
| ssoGroupNames | string[] | SSO group names. If defined it's used to map SSO group name to Dynatrace group name, otherwise mapping is done by group name | optional |
| accessRight | object | Access rights | optional |
Request body JSON model
This is a model of the request body, showing the possible elements. It has to be adjusted for usage in an actual request.
[
{
"isClusterAdminGroup": true,
"hasAccessAccountRole": true,
"hasManageAccountAndViewProductUsageRole": true,
"isAccessAccount": true,
"isManageAccount": true,
"id": "string",
"name": "string",
"ldapGroupNames": [
"string"
],
"ssoGroupNames": [
"string"
],
"accessRight": {}
}
]Response
Response codes
| Code | Type | Description |
|---|---|---|
| 200 | Group | Success |
| 400 | No group information received for the create-group request | |
| 406 | GroupConfig | Unacceptable or incomplete request. Some groups were added. |
Response body objects
The ResponseBody object
The object doesn't provide any parameters.
The GroupConfig object
The configuration of the group.
| Element | Type | Description |
|---|---|---|
| isClusterAdminGroup | boolean | If true, then the group has the cluster administrator rights. |
| hasAccessAccountRole | boolean | If true, then the group has the access account rights. |
| hasManageAccountAndViewProductUsageRole | boolean | If true, then the group has the manage account rights. |
| isAccessAccount | boolean | - |
| isManageAccount | boolean | - |
| id | string | Group ID. Leave empty if creating group. Set if updating group. |
| name | string | Group name |
| ldapGroupNames | string[] | LDAP group names |
| ssoGroupNames | string[] | SSO group names. If defined it's used to map SSO group name to Dynatrace group name, otherwise mapping is done by group name |
| accessRight | object | Access rights |
Response body JSON model
[
{
"isClusterAdminGroup": true,
"hasAccessAccountRole": true,
"hasManageAccountAndViewProductUsageRole": true,
"isAccessAccount": true,
"isManageAccount": true,
"id": "string",
"name": "string",
"ldapGroupNames": [
"string"
],
"ssoGroupNames": [
"string"
],
"accessRight": {}
}
]Example
In this example, you add user groups Sales Group and Developers in a single request. This will set their data and assign environment permissions. As a response, you will receive back persisted state of the entities.
Curl
curl -X 'POST' \
'https://mymanaged.cluster.com/api/v1.0/onpremise/groups/bulk' \
-H 'accept: application/json' \
-H 'Authorization: Api-Token FG563.LKJHDFLKJHDFHLKJDGV.ABCDEFGHJKLMNOP' \
-H 'Content-Type: application/json' \
-d '[
{
"isClusterAdminGroup": true,
"isAccessAccount": true,
"isManageAccount": true,
"name": "Sales Group",
"ldapGroupNames": [
"sales-group"
],
"ssoGroupNames": [
"sales-group"
],
"accessRight": {
"VIEWER": [
"3fcc5d83-d9e5-4bf9-9e00-d997f9c4c63d"
],
"REPLAY_SESSION_DATA": [
"3fcc5d83-d9e5-4bf9-9e00-d997f9c4c63d"
]
}
},
{
"isClusterAdminGroup": true,
"isAccessAccount": true,
"isManageAccount": true,
"name": "Developers",
"ldapGroupNames": [
"dev-group"
],
"ssoGroupNames": [
"dev-group"
],
"accessRight": {
"VIEWER": [
"3fcc5d83-d9e5-4bf9-9e00-d997f9c4c63d"
]
}
}
]'Request URL
https://mymanaged.cluster.com/api/v1.0/onpremise/groups/bulkResponse body
[
{
"isClusterAdminGroup": true,
"isManageAccount": true,
"isAccessAccount": true,
"id": "salesgroup",
"name": "Sales Group",
"ldapGroupNames": [
"sales-group"
],
"ssoGroupNames": [
"sales-group"
],
"accessRight": {}
},
{
"isClusterAdminGroup": true,
"isManageAccount": true,
"isAccessAccount": true,
"id": "developers",
"name": "Developers",
"ldapGroupNames": [
"dev-group"
],
"ssoGroupNames": [
"dev-group"
],
"accessRight": {}
}
]Response code
200