Create Database access user using atlas administrative API

Kanaka_Raju · 2024-04-26T00:26:52.204Z

Hey, I’m trying to create atlas users using AWS IAM Authentication using administrative API and I’m currently facing issues with the format of the JSON payloads and the structure of the curl command.

currently, I’m using the below command, which gives an authorization error.

curl --user “:<PRIVATE-KEY” --digest
–header ‘Content-Type: application/json’
–include
–request PATCH https://cloud.mongodb.com/api/atlas/v2/groups//databaseUsers
–data ’
{
“awsIAMType”: “USER”,
“databaseName”: “$external”,
“groupId”: “”,
“roles”: [
{
“databaseName”: “sales”,
“CollectionName”: “test”,
“roleName”: “readWrite”
}
],
“username”: “< USER ARN>”
}'```


And the payload would throw the below error.

HTTP/2 401
date: Thu, 25 Apr 2024 10:26:21 GMT
www-authenticate: Digest realm="MMS Public API", domain="", nonce="sYAWln1laokBvhRXV5DWacdUEtQt+prX", algorithm=MD5, qop="auth", stale=false
content-length: 0
x-envoy-upstream-service-time: 3
server: mdbws

HTTP/2 406
date: Thu, 25 Apr 2024 10:26:22 GMT
strict-transport-security: max-age=31536000; includeSubdomains;
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
content-type: application/json
content-length: 140
x-envoy-upstream-service-time: 9
server: mdbws

{"detail":"Invalid accept header or version date.","error":406,"errorCode":"INVALID_VERSION_DATE","parameters":[],"reason":"Not Acceptable"}zsh: command not found: --data



Any idea on what would be missing here.

chris · 2024-04-26T11:54:40.637Z

Hi @Kanaka_Raju

For the v2 api the header Accept: application/vnd.atlas.2023-11-15+json needs to be set, this is the cause oft the error.

Also based on the zsh error line continuation character is missing the ‘space backslash newline’

see the example for correct invocation:
https://www.mongodb.com/docs/atlas/reference/api-resources-spec/v2/

Kanaka_Raju · 2024-04-26T16:41:07.280Z

So, I’m using API-V2 to update user permission and roles, and get the below error:

curl --user "<keys>" \
  --digest \
  --header "Accept: application/vnd.atlas.2023-11-15+json" \
  --request POST "https://cloud.mongodb.com/api/atlas/v2/groups/id/databaseUsers/$external/<AWS-ARN>"
  --data '
  {

    "awsIAMType": "USER",
    "databaseName": "$external",
    "groupId": "id",

  "roles": [
  {
  "collectionName": "test",
  "databaseName": "test2",
  "roleName": "read"
  }
],

"username": "ARN",
  }'

And get the below error`:

<h1>Bad Message 400</h1><pre>reason: Ambiguous URI empty segment</pre>zsh: command not found: --data```

Kanaka_Raju · 2024-04-26T16:44:54.724Z

@chris , Thanks for writing back, I’m currently using API V1 for my use case, Also, would you help in what’s the major difference between these ??

using V1.

curl --user “:” --digest --include
–header “Content-Type: application/json”
–request POST “https://cloud.mongodb.com/api/atlas/v1.0/groups/id/databaseUsers”
–data ’
{
“awsIAMType”: “USER”,
“databaseName”: “$external”,
“groupId”: “id”,
“roles”: [
{
“databaseName”: “sale1”,
“roleName”: “readWrite”,
“collectionName”: “sale2,sale1,sale3”
}
],
“username”: “ARN”
}'```



Would you also mind guiding with the API to update the existing users permission, I'm currently having a pretty hard time to figure this part.

chris · 2024-04-26T21:02:24.648Z

This one is missing the line continuation after the --request line and the --data line

Topic	Replies	Views	Activity
Online Archive Using _id? MongoDB Atlas	2	579	Aug 2024
how to use mongodb registry in source in terraform MongoDB Atlas	0	209	May 2024
vpc peering and not connected MongoDB Atlas	0	251	May 2024
How are you all gathering inventory and DB metrics? MongoDB Atlas python	5	547	Jul 2024
Am getting a “Not Found” page whenever I try to access the “Network Access” Page. MongoDB Atlas	0	163	Jul 2024

Create Database access user using atlas administrative API

New & Unread Topics

Want to read more? Browse other topics in MongoDB Atlas or view latest topics.