Managing users
Use the DevOps API to create, modify, and delete users for your organization.
The following roles use the application token to execute DevOps API queries:
-
Organization Administrator
-
Database Administrator
Prerequisites
-
Create an application token to authenticate your service account in the DevOps API.
-
Once you have authenticated your service account, you can create and delete users in the DevOps API.
Inviting a user
-
Check existing users within the organization:
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/users' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'{ "OrgID":"dacb3c32-cc2a-4bea-bd95-47ab8eb20410”, "OrgName":"DataStax”, "Users”:[ {"UserID":"388def78-0040-4dge-b235-d67806929c8f”, "Email":"john.smith@datastax.com”, "Status":"active”, "Roles”:[{"ID":"704fc2af-9c11-4c57-b9e5-5667b8889b3e”, "Name":"Admin User”}] }, {"UserID":"d8bb706b-95a0-499b-aadc-5a43b4f9042d”, "Email":"jane.doe@datastax.com”, "Status":"active”, "Roles”:[{"ID":"21ef3576-0197-415a-b167-d510af12ecf0”,"Name":"Organization Administrator”}] }] } -
Inviting a new user to your organization:
curl --request PUT \ --url 'https://api.astra.datastax.com/v2/organizations/users' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>' \ --data '{ "email":"<userEmail>", "orgID":"<organizationId>", "roles": ["<roleId1>", "<roleId2>", "<roleId3>"] }'
For roles, use the id UUID value by Getting existing roles in your organization. The API results will show the UUID for each role id.
|
Your invited user must validate their email address in their invitation before they can log in to Astra. |
For more, see Invite a user to an organization in the DevOps API.
Getting user information
-
Check for a specified user’s information within the organization:
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/users/<userId>' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'{ "UserID":"388def78-0040-4dfe-b235-d67806939c8f", "Email":"sebastian.estevez@datastax.com", "Status":"active", "Roles":[{"ID":"704fc2af-9c11-4c57-b9e5-5667b8889b3e","Name":"Admin User"}] }
For more, see Get an organization’s user in the DevOps API.
Removing a user
-
Delete a user by their ID:
curl --request DELETE \ --url 'https://api.astra.datastax.com/v2/organizations/users/<userId>' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>' -
Confirm user no longer exists:
curl --request GET \ --url 'https://api.astra.datastax.com/v2/organizations/users/<userId>' \ --header 'Accept: application/json' \ --header 'Authorization: Bearer <application_token>'{ "OrgID":"dccb8c32-cc2a-4bea-bd95-47ab8eb20510", "ID":"b125f9ab-675e-4bc7-9306-5e50a05b7c56", "Name":"newRoleName", "Policy":"{ \"description\":\"keyspaces\", \"resources\":[\"drn:astra:org:dccb8c32-cc2a-4bea-bd95-47ab8eb20510\"], \"actions\":[\"db-all-keyspace-create\",\"db-all-keyspace-describe\"], \"effect\":\"allow\" }", "LastUpdateDateTime":"", "LastUpdateUserID":"wsbCtHyXCfuSHkiKbYWHsYZa" }
For more, see Remove or uninvite a user from an organization in the DevOps API.
What’s next?
Learn how to manage tokens using the DevOps API.