Skip to main content
Close

We've Moved!

Product Documentation has moved to docs.hitachivantara.com
Hitachi Vantara Knowledge

User management resources

  1. Last updated
  2. Save as PDF

This module describes the user management resources.

Child Topics
  • Generate S3 user credentials

    You can generate new S3 user credentials for access to the bucket. This endpoint returns a new secretKey-accessKey pair corresponding to the user associated with the OAuth token that was submitted. The creation of a new key pair invalidates any previous key pairs for the user. A user account cannot generate S3 credentials associated with a different user account.

  • List users

    You can retrieve a list of all users of the HCP for cloud scale system by user ID and display name. You can also filter the list to retrieve a subset.

  • List user buckets

    You can retrieve a list of buckets owned by users of the HCP for cloud scale system by user ID and bucket name. You can also filter the list to retrieve a subset.

  • Revoke OAuth user tokens

    You can revoke OAuth tokens belonging to a specific user. You can use the endpoint /user/list to look up the ID of the user whose tokens you want to revoke.

  • Revoke S3 user credentials

    You can revoke all S3 credentials belonging to a specific user. Users can revoke their own S3 credentials. Users with appropriate permissions can revoke other users' S3 credentials. You can use the endpoint /user/list to look up the ID of the user whose credentials you want to revoke.

Generate S3 user credentials

You can generate new S3 user credentials for access to the bucket. This endpoint returns a new secretKey-accessKey pair corresponding to the user associated with the OAuth token that was submitted. The creation of a new key pair invalidates any previous key pairs for the user. A user account cannot generate S3 credentials associated with a different user account.

HTTP request syntax (URI) 
POST https://host_ip:9099/mapi/v1/s3/user/generate_credentials
Request structure

Not applicable.

Response structure

The response body is shown below:

{
  "id": {
    "id": "uuid"
  },
  "secretKey": "key",
  "accessKey": "key"
}

Parameter

Type

Description

idUUID The ID of the user.
secretKeyStringThe secret key of the S3 credentials to access the bucket.
accessKeyStringThe access key of the S3 credentials to access the bucket.
Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
401 Unauthorized Access was denied due to invalid credentials.
405 Method Not Allowed The specified HTTP method is not allowed for user data. Resend using POST.
Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/s3/user/generate_credentials

JSON response:

{
  "id": {
    "id": "edded8d-99f1-43f4-88fa-0cd9032ef7bd"
  },
  "secretKey": "bff...",
  "accessKey": "TSPl8Pop..."
}
Parent Topic

List users

You can retrieve a list of all users of the HCP for cloud scale system by user ID and display name. You can also filter the list to retrieve a subset.

HTTP request syntax (URI) 
POST https://host_ip:9099/mapi/v1/user/list
Request structure

The request body is shown below:

{
  "count": [nnnn],
  "startingFrom": ["uuid"],
  "nameFilter": ["match_string"]
}
ParameterRequiredType Description
count NoIntegerEnter the number of users to return. Up to 1000 users; default: 1000.
startingFromNoUUIDEnter the UUID to start from. Leave blank to start from the beginning of the list.
nameFilterNoStringEnter a string used to filter the list to return only names that start with this string.
Response structure

The response body structure is shown below:

[
  {
    "displayName": "",
    "id": ""
  }
  .
  .
  .
]

Parameter

Type

Description

displayNameStringThe display name of the user.
idUUID The ID of the user.
Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
401 Unauthorized Access was denied due to invalid credentials.
405 Method Not Allowed The specified HTTP method is not allowed for user data. Resend using POST.
Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/user/list

JSON request:

{
  "count": 1,
  "startingFrom": "3fa85f64-0810-1954-b3fc-2c963f66afa6",
  "nameFilter": ""
}

JSON response:

[
  {
    "displayName": "Zhang.Guo-Ming@company.com",
    "id": "3fa85f64-0810-1954-b3fc-2c963f66afa6"
  }
]
Parent Topic

List user buckets

You can retrieve a list of buckets owned by users of the HCP for cloud scale system by user ID and bucket name. You can also filter the list to retrieve a subset.

HTTP request syntax (URI) 
POST https://host_ip:9099/mapi/v1/user/list_buckets
Request structure

The request body is shown below:

{
  "id": "uuid",
  "count": [nnnn],
  "startingAfter": ["string"]
}
ParameterRequiredType Description
idYesUUIDThe ID of the user.
count NoIntegerEnter the number of buckets to return. Up to 1000 buckets; default: 1000.
startingAfterNoStringEnter the bucket name to start after. Leave blank to start from the beginning of the list. Use this parameter to retrieve bucket lists in groups.
Response structure
NoteIf the user ID provided does not exist, the response is an empty list.

The response body structure is shown below:

[
  {
    "bucketId": "",
    "bucketName": ""
  },
  .
  .
  .
]

Parameter

Type

Description

bucketIdUUIDThe UUID of the bucket.
bucketNameStringThe display name of the bucket.
Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
400Bad RequestThe request is missing a valid parameter.
401 Unauthorized Access was denied due to invalid credentials.
405 Method Not Allowed The specified HTTP method is not allowed for user data. Resend using POST.
Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/user/list_buckets

JSON request:

{
  "id": "3fa85f64-0810-1954-b3fc-2c963f66afa6",
  "count": 1,
  "startingAfter": "September"
}

JSON response:

[
  {
    "bucketId: "9b805cee-56aa-42a7-b89e-9087d6ade984",
    "bucketName": "October"
  }
]
Parent Topic

Revoke OAuth user tokens

You can revoke OAuth tokens belonging to a specific user. You can use the endpoint /user/list to look up the ID of the user whose tokens you want to revoke.

HTTP request syntax (URI) 
POST https://host_ip:9099/mapi/v1/user/revoke_tokens
Request structure

The request body is shown below:

{
  "id": "uuid"
}
ParameterRequiredType Description
id YesUUIDThe UUID of the user whose OAuth credentials you are revoking.
Response structure

Not applicable.

Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
400Bad RequestInvalid user ID.
401 Unauthorized Access was denied due to invalid credentials.
404Not FoundThe user ID was not found.
405 Method Not Allowed The specified HTTP method is not allowed for user data. Resend using POST.
Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/user/revoke_tokens

JSON request:

{
    "id": "3fa85f64-1024-1954-b3fc-2c963f66afa6"
  }
Parent Topic

Revoke S3 user credentials

You can revoke all S3 credentials belonging to a specific user. Users can revoke their own S3 credentials. Users with appropriate permissions can revoke other users' S3 credentials. You can use the endpoint /user/list to look up the ID of the user whose credentials you want to revoke.

HTTP request syntax (URI) 
POST https://host_ip:9099/mapi/v1/user/revoke_credentials
Request structure

The request body is shown below:

{
  "id": "uuid"
}
ParameterRequiredType Description
id YesUUIDThe UUID of the user whose S3 credentials you are revoking.
Response structure

The response body is shown below:

{
  "id": {
    "id": "uuid"
  },
  "secretKey": "key",
  "accessKey": "key"
}

Parameter

Type

Description

idUUID The ID of the user.
secretKeyStringThe secret key of the S3 credentials.
accessKeyStringThe access key of the S3 credentials.
Return codes

Status code

HTTP name

Description

200 OK The request was executed successfully.
400Bad RequestInvalid user ID.
401 Unauthorized Access was denied due to invalid credentials.
404Not FoundThe user ID was not found.
405 Method Not Allowed The specified HTTP method is not allowed for user data. Resend using POST.
Example

Request example:

POST https://10.10.24.195:9099/mapi/v1/user/revoke_credentials

JSON request:

{
    "id": "3fa85f64-1024-1954-b3fc-2c963f66afa6"
  }

JSON response:

{
  "id": {
    "id": "3fa85f64-1024-1954-b3fc-2c963f66afa6"
  },
  "secretKey": "bff...",
  "accessKey": "TSPl8Pop..."
}
Parent Topic