Adding an individual user¶
You can create an individual user. To register an LDAP group, follow the instructions in Adding an LDAP server. To create users that are based on an LDAP group, follow the instructions in Adding users that are based on an LDAP group.
Method and URI¶
To add a user, use a POST method with a URI:
POST https://{hostname|IPv4}/api/security/user
Parameters¶
None.
Data¶
Data 1: name
The username of the new user. Do not use root
, admin
, or test
.
Example value: Sarah
Type: String. Required. Available in the web user interface.
Data 2: password
The password of the new user. Use at least 8 characters.
Example value:
MyPassw0rd!
Type: String. Required. Available in the web user interface.
Data 3: type
The type of user.
Value:
NATIVE_USER
Type: System string. Available in the web user interface.
Data 4: permissions
Define permissions for the new user. Roles define what actions users can take and resource groups define what resources they can access.
Example value: Use the following syntax to specify the roles and the resource groups for the user. You must specify the same roles for all resource groups.
[
{
"resourcePoolId": {resourcePoolId 1},
"roleIds": [
{roleId 1},
{roleId 2},
...
]
}
{
"resourcePoolId": {resourcePoolId 2},
"roleIds": [
{roleId 1},
{roleId 2},
...
]
},
...
]
Tip
To get a {roleId}
value based on its name, follow the instructions in Getting a {roleId}. To get the {resourcepoolId}
value based on its name, follow the instructions in Getting a {resourcepoolId}.
Type: Array. Required. Available in the web user interface.
Example: Add a new individual user¶
Assume that you are an administrator of IBM Spectrum Protect Plus. A new member Sarah has joined your team. You want to create a new individual user for her.
Sarah must have permissions to view all hypervisor objects and some additional resources that are available in the appliance, such as the VMware instances. Sarah must have permissions to start backup jobs manually. But she must not start any other operations.
You can add the following user:
Username: Sarah
Password:
MyPassw0rd!
Type: An individual new user
Roles to assign:
Backup Only (
{roleId}
992)Self Service (
{roleId}
994)
Resource groups to access:
BlueMachines - Dallas (
{resourcepoolId}
1002)Virtualized System All Resource Group (
{resourcepoolId}
1000)
A Python snippet that is similar to the following example can be used to send a request to IBM Spectrum Protect Plus to add the new individual user:
_data = f'''{{
"name": "Sarah",
"password": "MyPassw0rd!",
"type": "NATIVE_USER",
"sourceProvider": null,
"sourceUser": null,
"sourceUserDN": "",
"permissions": [
{{
"resourcePoolId": "1002",
"roleIds": ["992", "994"]
}},
{{
"resourcePoolId": "1000",
"roleIds": ["992", "994"]
}}
]
}}'''
requests.post('https://' + spp_ipv4 + '/api/security/user',
headers={...}, data=_data, verify=...)

Figure 77 The same action can be taken in the IBM Spectrum Protect Plus web user interface: In the navigation pane, click Accounts > User and click Add User. You proceed to the Add User - User Information and Role section. To add an individual user, from the Select the type of user or group you want to add list, select Individual new user. Enter the username and the password. Select roles for the new user. Click Continue.¶

Figure 78 In the Add User - Assign Resources section, select resource groups that you want to assign to the new user. Click Add resources and click Create user.¶
The request prompts a response that is structured as shown, with the HTTP status of 201 (Created). Review the response to ensure that the new user, Sarah, was added. The response body is similar to the JSON object for Sarah , as shown in Getting user information.