Skip to content

PKI Add User REST API

ckelleyRH edited this page Sep 1, 2021 · 4 revisions

Request

  • Path: /<subsystem>/rest/admin/users

  • Method: POST

  • Authentication: Client certificate

  • Parameters: None

  • Content: None

  • Success code: 200

Source

Examples

CA

JSON
$ curl \
  -k \
  -X POST \
  -H "Content-Type:application/json" \
  -H "Accept: application/json" \
  -d '{"id":"testuser","fullName":"Test User","email":"[email protected]","phone":"1234567890","state":"1","userID":"Foo","password":"barbarbar"}' \
  --user caadmin:Secret.123 \
  -s https://localhost.localdomain:8443/ca/rest/admin/users | python -m json.tool
{
    "id": "Foo",
    "userID": "Foo",
    "fullName": "Test User",
    "email": "[email protected]",
    "phone": "1234567890",
    "state": "1",
    "link": {
        "href": "https://localhost.localdomain:8443/ca/rest/admin/users/Foo",
        "rel": "self"
    }
}

Run a second time and the server rejects the duplicate request:

$ curl \
  -k \
  -X POST \
  -H "Content-Type:application/json" \
  -H "Accept: application/json" \
  -d '{"id":"testuser","fullName":"Test User","email":"[email protected]","phone":"1234567890","state":"1","userID":"Foo","password":"barbarbar"}' \
  --user caadmin:Secret.123 \
  -s https://localhost.localdomain:8443/ca/rest/admin/users | python -m json.tool
{
    "Attributes": {
        "Attribute": []
    },
    "ClassName": "com.netscape.certsrv.base.ConflictingOperationException",
    "Code": 409,
    "Message": "Entry already exists."
}

KRA

JSON
$ curl \
  -k \
  -X POST \
  -H "Content-Type:application/json" \
  -H "Accept: application/json" \
  -d '{"id":"testuserkra","fullName":"Test User","email":"[email protected]","password":"12345","phone":"1234567890","state":"1","userID":"doo","password":"barbarbar"}' \
  --user kraadmin:Secret.123 \
  -s https://localhost.localdomain:8443/kra/rest/admin/users
{"id":"doo","userID":"doo","fullName":"Test User","email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/kra/rest/admin/users/doo","rel":"self"}}

OCSP

JSON
$ curl \
  -k \
  -X POST \
  -H "Content-Type:application/json" \
  -H "Accept: application/json" \
  -d '{"id":"testuser","fullName":"Test User","email":"[email protected]","password":"12345","phone":"1234567890","state":"1","userID":"doo","password":"barbarbar"}' \
  --user ocspadmin:Secret.123 \
  -s https://localhost.localdomain:8443/ocsp/rest/admin/users
{"id":"doo","userID":"doo","fullName":"Test User","email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/ocsp/rest/admin/users/doo","rel":"self"}}

TKS

JSON
$ curl \
  -k \
  -X POST \
  -H "Content-Type:application/json" \
  -H "Accept: application/json" \
  -d '{"id":"testuser","fullName":"Test User","email":"[email protected]","password":"12345","phone":"1234567890","state":"1","userID":"doo","password":"barbarbar"}' \
  --user tksadmin:Secret.123 \
  -s https://localhost.localdomain:8443/tks/rest/admin/users
{"id":"doo","userID":"doo","fullName":"Test User","email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/tks/rest/admin/users/doo","rel":"self"}}

See also

The TPS subsystem has a different add user process documented here.

Clone this wiki locally