Docs Menu
Docs Home
/
MongoDB Ops Manager
/
API
/
Resources
/
Programmatic API Keys
/
API Keys on Projects

Create and Assign One Organization API Key to One Project

On this page

  • Resource
  • Request Path Parameters
  • Request Query Parameters
  • Request Body Parameters
  • Response
  • Example Request
  • Example Response
  • Response Header
  • Response Body

Base URL: https://{OPSMANAGER-HOST}:{PORT}/api/public/v1.0

Resource

POST /groups/{PROJECT-ID}/apiKeys

Request Path Parameters

Name
Type
Description

PROJECT-ID

string

Unique identifier for the Project whose API keys you want to retrieve. Use the /groups endpoint to retrieve all organizations to which the authenticated user has access.

Request Query Parameters

The following query parameters are optional:

Name
Type
Description
Default

pageNum

integer

Page number (1-index based).

1

itemsPerPage

integer

Number of items to return per page, up to a maximum of 500.

100

pretty

boolean

Indicates whether the response body should be in a prettyprint format.

false

envelope

boolean

Indicates whether or not to wrap the response in an envelope.

Some API clients cannot access the HTTP response headers or status code. To remediate this, set "envelope" : true in the query.

For endpoints that return one result, response body includes:

Name
Description

status

HTTP response code

content

Expected response body

For endpoints that return a list of results, the results object is an envelope. Ops Manager adds the status field to the response body.

None

Request Body Parameters

At least one of the two body parameters are required.

Name
Type
Description

desc

string

Description of the API key. Must be between 1 and 250 characters in length.

roles

string array

List of roles that the API Key needs to have. If the roles array is provided:

  • Provide at least one role

  • Make sure all roles must be valid for the Project

Project roles include:

Role Value in API
Role

GROUP_AUTOMATION_ADMIN

Project Automation Admin

GROUP_BACKUP_ADMIN

Project Backup Admin

GROUP_DATA_ACCESS_ADMIN

Project Data Access Admin

GROUP_DATA_ACCESS_READ_ONLY

Project Data Access Read Only

GROUP_DATA_ACCESS_READ_WRITE

Project Data Access Read/Write

GROUP_MONITORING_ADMIN

Project Monitoring Admin

GROUP_OWNER

Project Owner

GROUP_READ_ONLY

Project Read Only

GROUP_USER_ADMIN

Project User Admin

Response

Name
Type
Description

desc

string

Description of this Organization API key assigned to this Project.

id

string

Unique identifier for this Organization API key assigned to this Project.

privateKey

string

Redacted Private key for this Organization API key assigned to this Project.

This key displays unredacted when first created.

publicKey

string

Public key for this Organization API key assigned to this Project.

roles

object array

Roles that this Organization API key assigned to this Project has. This array returns all the Organization and Project roles the user has in Ops Manager.

roles.groupId

string

Unique identifier of the Project to which this role belongs.

roles.orgId

string

Unique identifier of the Organization to which this role belongs.

roles.roleName

string

Name of the role. This resource returns all the roles the user has in Ops Manager. Possible values are:

Organization Roles

If this is an roles.orgId (Organization), values include:

Role Value in API
Role

ORG_OWNER

Organization Owner

ORG_MEMBER

Organization Member

ORG_GROUP_CREATOR

Organization Project Creator

ORG_READ_ONLY

Organization Read Only

Project Roles

If this is an roles.groupId (Project), values include:

Role Value in API
Role

GROUP_AUTOMATION_ADMIN

Project Automation Admin

GROUP_BACKUP_ADMIN

Project Backup Admin

GROUP_DATA_ACCESS_ADMIN

Project Data Access Admin

GROUP_DATA_ACCESS_READ_ONLY

Project Data Access Read Only

GROUP_DATA_ACCESS_READ_WRITE

Project Data Access Read/Write

GROUP_MONITORING_ADMIN

Project Monitoring Admin

GROUP_OWNER

Project Owner

GROUP_READ_ONLY

Project Read Only

GROUP_USER_ADMIN

Project User Admin

Example Request

Note

The user who makes the request can be formatted either as {PUBLIC-KEY}:{PRIVATE-KEY}.

1curl --user "{PUBLIC-KEY}:{PRIVATE-KEY}" --digest \
2  --header "Accept: application/json" \
3  --header "Content-Type: application/json" \
4  --include \
5  --request POST "https://<OpsManagerHost>:<Port>/api/public/v1.0/groups/{PROJECT-ID}/apiKeys?pretty=true" \
6  --data '{
7    "desc" : "New API key for test purposes",
8    "roles": ["GROUP_READ_ONLY", "GROUP_DATA_ACCESS_ADMIN"]
9  }'

Example Response

Response Header

HTTP/1.1 401 Unauthorized
Content-Type: application/json;charset=ISO-8859-1
Date: {dateInUnixFormat}
WWW-Authenticate: Digest realm="MMS Public API", domain="", nonce="{nonce}", algorithm=MD5, op="auth", stale=false
Content-Length: {requestLengthInBytes}
Connection: keep-alive
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: application/json
Strict-Transport-Security: max-age=300
Date: {dateInUnixFormat}
Connection: keep-alive
Content-Length: {requestLengthInBytes}
X-MongoDB-Service-Version: gitHash={gitHash}; versionString={ApplicationVersion}

Response Body

1{
2  "desc" : "New API key for test purposes",
3  "id" : "5d1d143c87d9d63e6d694746",
4  "links" : [ {
5    "href" : "https://<OpsManagerHost>:<Port>/api/public/v1.0/orgs/5980cfe20b6d97029d82fa63/apiKeys/5d1d143c87d9d63e6d694746",
6    "rel" : "self"
7  } ],
8  "privateKey" : "********-****-****-db2c132ca78d",
9  "publicKey" : "{PUBLIC-KEY}",
10  "roles" : [ {
11    "groupId" : "{PROJECT-ID}",
12    "roleName" : "GROUP_READ_ONLY"
13  }, {
14    "groupId" : "{PROJECT-ID}",
15    "roleName" : "GROUP_DATA_ACCESS_ADMIN"
16  } ]
17}

Back

Get All

Next

Assign