Users and Access Groups Administration

The REST API provides the following methods for managing users and access groups:

Users
- GET /admin/usermanagement/users
- PUT /admin/usermanagement/users
Access Groups
- GET /admin/usermanagement/accessgroups
- PUT /admin/usermanagement/accessgroups

For details on how to manage groups and users, refer to Access Control in Rhapsody.

Users

GET /admin/usermanagement/users

URI	`GET /admin/usermanagement/users`
Description	Returns the list of users added to the engine. When saving the users, the Administrator user is not returned. This method fails if LDAP is enabled.
Request Header	`Accept: application/json`
Request Header	`Accept: application/vnd.orchestral.rhapsody.6_3+json`
Request Body	Empty.
Response Status	`200 OK` - returns the users information in JSON format.
Response Body	The `groups` attribute is the name of the default access group (`administrator`, `dashboard`, `developer`, `monitoring`) or the GUID of a user-defined group. { "data":{ "users":[ { "disabled": false, "forceChangePassword": false, "fullName": "ana", "name": "ana", "passwordNeverExpires": false, "password": "******", "groups":[ "f08872ac-e2ef-48cf-88e5-ad1d923b3092" ] }, { "disabled": false, "forceChangePassword": true, "fullName": "bob", "name": "bob", "passwordNeverExpires": false, "password": "******", "groups":[ "administrator" ] }] }, "error": null }
Access Rights	'Save users REST API'.

PUT /admin/usermanagement/users

URI	`PUT /admin/usermanagement/users`
Description	Overrides existing users on the engine with the ones provided. Existing users that are not included in the request body are deleted. Changes made to users through this method are primarily used for set-up purposes. The Administrator cannot be modified via this method. This method fails if LDAP is enabled. You cannot delete a user who is currently calling the method. New users must provide a password; this is optional for existing users.
Request Header	`Content-Type: application/json` CSRF Protection Enabled
Request Header	`Content-Type: application/vnd.orchestral.rhapsody.6_3+json` CSRF Protection Enabled
Request Body	The `groups` attribute is the name of the default access group (`administrator`, `dashboard`, `developer`, `monitoring`) or the GUID of a user-defined group. { "users":[ { "disabled": false, "forceChangePassword": false, "fullName": "ana", "name": "ana", "passwordNeverExpires": false, "password": "********", "groups":[ "f08872ac-e2ef-48cf-88e5-ad1d923b3092" ] }] }
Response Status	`204 No Content` - the users were loaded successfully.
Response Body	Empty.
Access Rights	'Load users REST API'.

Access Groups

Access rights give an access group global default permissions to all lockers. An access group can be accorded specific access rights to specific lockers by explicitly setting the access rights for each locker.

GET /admin/usermanagement/accessgroups

URI	`GET /admin/usermanagement/accessgroups`
Description	Returns the access groups. This method provides the internal value of access rights in the response body.
Request Header	`Accept: application/json`
Request Header	`Accept: application/vnd.orchestral.rhapsody.6_2+json`
Request Body	Empty.
Response Status	`200 OK` - returns the access groups information in JSON format.
Response Body	{ "data":{ "accessGroups":[ { "disabled":false, "displayName":"Deploy", "id":"8425c1b0-3975-439d-8b41-710efe7553f6", "passwordNeverExpires":false, "accessRights":[ "engine debugging", "ide view", "monitoring view", "keys export private", "notification-delivery-methods edit" ], "lockerRights":[ { "uuid":"63995af9-5ce9-447b-bbce-3eb6fe3db6e5", "lockerUuid":"f93b8036-6e58-48fd-8017-b77ee079a995", "accessRights":[ "monitoring view", "locker view" ] }, { "uuid":"024e2682-91be-4460-b02e-4f0396a583c6", "lockerUuid":"0a07eff7-d9e3-4225-9acf-b0ca2e058967", "accessRights":[ "ide edit", "ide view" ] } ] } ] }, "error":null }
Access Rights	'Save access groups REST API'.

PUT /admin/usermanagement/accessgroups

URI	`PUT /admin/usermanagement/accessgroups`
Description	Overrides access groups with the ones provided. Existing access groups that are not included in the request body are deleted. A new group is created when the access group ID parameter `id` is not provided in the request body. Changes made to access groups through this method are primarily used for set-up purposes. This method uses the internal value of access rights in the request body.
Request Header	`Content-Type: application/json` CSRF Protection Enabled
Request Header	`Content-Type: application/vnd.orchestral.rhapsody.6_2+json` CSRF Protection Enabled
Request Body	{ "accessGroups":[ { "disabled":false, "displayName":"Deploy", "id":"8425c1b0-3975-439d-8b41-710efe7553f6", "passwordNeverExpires":false, "accessRights":[ "engine debugging", "ide view", "monitoring view", "keys export private", "notification-delivery-methods edit" ], "lockerRights":[ { "uuid":"63995af9-5ce9-447b-bbce-3eb6fe3db6e5", "lockerUuid":"f93b8036-6e58-48fd-8017-b77ee079a995", "accessRights":[ "monitoring view", "locker view" ] }, { "uuid":"024e2682-91be-4460-b02e-4f0396a583c6", "lockerUuid":"0a07eff7-d9e3-4225-9acf-b0ca2e058967", "accessRights":[ "ide edit", "ide view" ] } ] } ] }
Response Status	`204 No Content` - the access groups were loaded successfully.
Response Body	Empty.
Access Rights	'Load access groups REST API'.