Instaclustr Logo
Powered by Redocly

Service User Management API

Operations related to service user management.
Service Users are API-only users. Service Users are created in, and have access to, a single account. This account is the account associated with the API key that was used to create the Service User via the API. Owner and Cluster Admin level users in an account can create Service Users. The user who creates a Service User automatically becomes an Administrator of that Service User. Administrators of a Service User may invite additional Cluster Admin users to be Controllers of that user. Owner users in an account automatically have Administrator-level access to all Service Users in that account.
A Service User may not have multiple API keys of the same type, however an account can create multiple Service Users.

Get service users

SecurityBasic Authentication
Responses
200

Successfully retrieved service users' information

get/v1/service-users
Request samples 
Response samples 
application/json
[
  • {
    },
  • {
    }
]
Create a service user
This endpoint can be used to create a service user.
The created service user will be under the account that the API key used is associated with.
The requester user will be the administrator of the created service user.


SecurityBasic Authentication 
Request 
Request Body schema: application/json
username
required
string
Username of the service user. must be unique.


 
email
required
string
Email of the service user. must be unique (including aliases)


 
profile
required
string
Profile of the service user
OWNER can manage clusters and users (excluding other service users)
CLUSTER_ADMIN can manage clusters
READ_ONLY can view clusters and access monitoring


 
displayName
string
Display name of the service user


 
object
 
Responses 
201
Successfully created a service user


400
Request data is invalid


post/v1/service-users
Request samples 
application/json
{
  • "username": "test_service_user",
  • "email": "test_service_user@test.com",
  • "profile": "READ_ONLY",
  • "displayName": "service user",
  • "validationMessages": {
    }
}
Response samples 
application/json
{
  • "administrators": [
    ],
  • "apiKeys": {
    },
  • "displayName": "testservice",
  • "email": "testservice@test.com",
  • "role": "CLUSTER_ADMIN",
  • "username": "testservice"
}
Get a service user
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
Responses 
200
Successfully retrieved a service user's information


get/v1/service-users/{username}
Request samples 
Response samples 
application/json
{
  • "administrators": [
    ],
  • "apiKeys": {
    },
  • "displayName": "testservice",
  • "email": "testservice@test.com",
  • "role": "CLUSTER_ADMIN",
  • "username": "testservice"
}
Update a service user
This endpoint can be used to update a service user's data.
The updatable data are display name, role, and the administrators.


SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
Request Body schema: application/json
displayName
string
Display name of the service user


 
profile
required
string
Profile of the service user
OWNER can manage clusters and users (excluding other service users)
CLUSTER_ADMIN can manage clusters
READ_ONLY can view clusters and access monitoring


 
administrators
Array of strings
Administrators of the service user. Administrators are standard users that administer the service user.
The administrators can perform operations such as update, manage API keys, and delete on service users they administer.


 
object
 
Responses 
200
Successfully updated a service user


400
Request data is invalid


put/v1/service-users/{username}
Request samples 
application/json
{
  • "displayName": "service user",
  • "profile": "READ_ONLY",
  • "administrators": [
    ],
  • "validationMessages": {
    }
}
Response samples 
application/json
{
  • "administrators": [
    ],
  • "apiKeys": {
    },
  • "displayName": "testservice",
  • "email": "testservice@test.com",
  • "role": "CLUSTER_ADMIN",
  • "username": "testservice"
}
Deactivate a service user
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
Responses 
204
Successfully deactivated a service user


delete/v1/service-users/{username}
Request samples 
Generate a service user's API key
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
Request Body schema: application/json
apiKeyType
string
API resource of the service user to revoke / generate


 
object
 
Responses 
200
Successfully generated an API key


400
Request data is invalid


post/v1/service-users/{username}/apikey
Request samples 
application/json
{
  • "apiKeyType": "MONITORING",
  • "validationMessages": {
    }
}
Response samples 
application/json
{
  • "account": "175dc592-26c2-4563-ac29-5d54e16aa344",
  • "apiKeyType": "MONITORING",
  • "cidrAllowList": [
    ],
  • "key": "1f396892fdfv65c0f57e95123b8cf9f7",
  • "username": "testapikeyserviceuser"
}
Revoke a service user's API key
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
Request Body schema: application/json
apiKeyType
string
API resource of the service user to revoke / generate


 
object
 
Responses 
204
Successfully revoked an API key


400
Request data is invalid


delete/v1/service-users/{username}/apikey
Request samples 
application/json
{
  • "apiKeyType": "MONITORING",
  • "validationMessages": {
    }
}
Response samples 
application/json
{
  • "resource": "resource cannot be null."
}
Update API key's IP restrictions for the service user
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
apiKeyType
required
string
API resource of the service user to revoke / generate


 
 Example:  PROVISIONING
Request Body schema: application/json
cidrAllowList
Array of strings
List of IP restrictions for the API key


 
Responses 
200
Successfully updated IP restrictions for an API key


400
Request data is invalid


put/v1/service-users/{username}/apikey/{apiKeyType}
Request samples 
application/json
{
  • "cidrAllowList": [
    ]
}
Response samples 
application/json
{
  • "apiKeyType": "apiKeyType cannot be null.",
  • "username": "username cannot be null."
}
Rotate service user's API key
SecurityBasic Authentication 
Request 
path Parameters
username
required
string
Username of the service user


 
apiKeyType
required
string
API resource of the service user to revoke / generate


 
 Example:  PROVISIONING
Responses 
200
Successfully rotated an API key


400
Request data is invalid


post/v1/service-users/{username}/apikey/{apiKeyType}
Request samples 
Response samples 
application/json
{
  • "account": "175dc592-26c2-4563-ac29-5d54e16aa344",
  • "apiKeyType": "MONITORING",
  • "cidrAllowList": [
    ],
  • "key": "1f396892fdfv65c0f57e95123b8cf9f7",
  • "username": "testapikeyserviceuser"
}
➔ Next to User Management and SCIM 2.0 API