2
Apr 2024
2 / 5
Apr 2024
Apr 2024
Kanaka_Raju
Apr 2024

Hey, I’m trying to create atlas users using AWS IAM Authentication using administrative API and I’m currently facing issues with the format of the JSON payloads and the structure of the curl command.

currently, I’m using the below command, which gives an authorization error.

curl --user “:<PRIVATE-KEY” --digest
–header ‘Content-Type: application/json’
–include
–request PATCH https://cloud.mongodb.com/api/atlas/v2/groups//databaseUsers
–data ’
{
“awsIAMType”: “USER”,
“databaseName”: “$external”,
“groupId”: “”,
“roles”: [
{
“databaseName”: “sales”,
“CollectionName”: “test”,
“roleName”: “readWrite”
}
],
“username”: “< USER ARN>”
}'```


And the payload would throw the below error.

HTTP/2 401
date: Thu, 25 Apr 2024 10:26:21 GMT
www-authenticate: Digest realm="MMS Public API", domain="", nonce="sYAWln1laokBvhRXV5DWacdUEtQt+prX", algorithm=MD5, qop="auth", stale=false
content-length: 0
x-envoy-upstream-service-time: 3
server: mdbws

HTTP/2 406
date: Thu, 25 Apr 2024 10:26:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
content-type: application/json
content-length: 140
x-envoy-upstream-service-time: 9
server: mdbws

{"detail":"Invalid accept header or version date.","error":406,"errorCode":"INVALID_VERSION_DATE","parameters":[],"reason":"Not Acceptable"}zsh: command not found: --data



Any idea on what would be missing here.
2
Kanaka_Raju
Apr 2024

So, I’m using API-V2 to update user permission and roles, and get the below error:

curl --user "<keys>" \
  --digest \
  --header "Accept: application/vnd.atlas.2023-11-15+json" \
  --request POST "https://cloud.mongodb.com/api/atlas/v2/groups/id/databaseUsers/$external/<AWS-ARN>"
  --data '
  {

    "awsIAMType": "USER",
    "databaseName": "$external",
    "groupId": "id",

  "roles": [
  {
  "collectionName": "test",
  "databaseName": "test2",
  "roleName": "read"
  }
],

"username": "ARN",
  }'

And get the below error`:

<h1>Bad Message 400</h1><pre>reason: Ambiguous URI empty segment</pre>zsh: command not found: --data```
Kanaka_Raju
Apr 2024

@chris , Thanks for writing back, I’m currently using API V1 for my use case, Also, would you help in what’s the major difference between these ??

using V1.

curl --user “:” --digest --include
–header “Content-Type: application/json”
–request POST “https://cloud.mongodb.com/api/atlas/v1.0/groups/id/databaseUsers
–data ’
{
“awsIAMType”: “USER”,
“databaseName”: “$external”,
“groupId”: “id”,
“roles”: [
{
“databaseName”: “sale1”,
“roleName”: “readWrite”,
“collectionName”: “sale2,sale1,sale3”
}
],
“username”: “ARN”
}'```



Would you also mind guiding with the API to update the existing users permission, I'm currently having a pretty hard time to figure this part.

Want to read more? Browse other topics in MongoDB Atlas or view latest topics.