Service accounts (oauth2)
Learn more about Service Accounts.
| Flow type | clientCredentials |
|---|---|
| Token URL | https://cloud.mongodb.com/api/oauth/token |
Authentication
The API accepts 2 different authentication methods:
Remove One Atlas Search Index
Deprecated
Removes one Atlas Search index that you identified with its unique ID. To use this resource, the requesting Service Account or API Key must have the Project Data Access Admin role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Name of the cluster that contains the database and collection with one or more Application Search indexes.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Unique 24-hexadecimal digit string that identifies the Atlas Search index. Use the Get All Atlas Search Indexes for a Collection API endpoint to find the IDs of all Atlas Search indexes.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
DELETE
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/fts/indexes/{indexId}
Atlas CLI
atlas api deleteAtlasSearchIndexDeprecated --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.DeleteAtlasSearchIndexDeprecatedApiParams{}
httpResp, err := client.AtlasSearchApi.
DeleteAtlasSearchIndexDeprecatedWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/fts/indexes/{indexId}"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/fts/indexes/{indexId}"
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Update Search Nodes
Updates the Search Nodes for the specified cluster. Deprecated versions: v2-{2023-01-01}
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Label that identifies the cluster to update the Search Nodes for.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
PATCH
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/deployment
Atlas CLI
atlas api updateAtlasSearchDeployment --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.UpdateAtlasSearchDeploymentApiParams{}
sdkResp, httpResp, err := client.AtlasSearchApi.
UpdateAtlasSearchDeploymentWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/deployment" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/deployment" \
-d '{ <Payload> }'
Request examples
{
"specs": [
{
"instanceSize": "S20_HIGHCPU_NVME",
"nodeCount": 2
}
]
}
Response examples (200)
{
"encryptionAtRestProvider": "NONE",
"groupId": "32b6e34b3d91647abb20e7b8",
"id": "32b6e34b3d91647abb20e7b8",
"specs": [
{
"instanceSize": "S20_HIGHCPU_NVME",
"nodeCount": 2
}
],
"stateName": "IDLE"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return All Atlas Search Indexes for One Collection
Returns all Atlas Search indexes on the specified collection. Atlas Search indexes contain the indexed fields and the analyzers used to create the indexes. To use this resource, the requesting Service Account or API Key must have the Project Data Access Read Write role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Name of the cluster that contains the collection with one or more Atlas Search indexes.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Name of the collection that contains one or more Atlas Search indexes.
-
Label that identifies the database that contains the collection with one or more Atlas Search indexes.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{databaseName}/{collectionName}
Atlas CLI
atlas api listAtlasSearchIndexes --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListAtlasSearchIndexesApiParams{}
sdkResp, httpResp, err := client.AtlasSearchApi.
ListAtlasSearchIndexesWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{databaseName}/{collectionName}?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{databaseName}/{collectionName}?pretty=true"
Response examples (200)
[
{
"collectionName": "string",
"database": "string",
"indexID": "32b6e34b3d91647abb20e7b8",
"latestDefinition": {
"numPartitions": 1,
"analyzer": "lucene.standard",
"analyzers": [
{
"charFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"name": "string",
"tokenFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"tokenizer": {
"additionalProperty1": {},
"additionalProperty2": {}
}
}
],
"mappings": {
"dynamic": true,
"fields": {
"additionalProperty1": {},
"additionalProperty2": {}
}
},
"searchAnalyzer": "lucene.standard",
"storedSource": {
"include | exclude": [
"field1",
"field2"
]
},
"synonyms": [
{
"analyzer": "lucene.standard",
"name": "string",
"source": {
"collection": "string"
}
}
]
},
"latestDefinitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"name": "string",
"queryable": true,
"status": "DELETING",
"statusDetail": [
{
"hostname": "string",
"mainIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"queryable": true,
"stagedIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"status": "DELETING"
}
],
"type": "search",
"synonymMappingStatus": "FAILED",
"synonymMappingStatusDetail": [
{
"additionalProperty1": {
"message": "string",
"queryable": true,
"status": "FAILED"
},
"additionalProperty2": {
"message": "string",
"queryable": true,
"status": "FAILED"
}
}
]
}
]
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}
Response examples (503)
{
"badRequestDetail": {
"fields": [
{
"description": "string",
"field": "string"
}
]
},
"detail": "string",
"error": 42,
"errorCode": "string",
"parameters": [
{}
],
"reason": "string"
}Update One Atlas Search Index by ID
Updates one Atlas Search index that you identified with its unique ID. Atlas Search indexes define the fields on which to create the index and the analyzers to use when creating the index. To use this resource, the requesting Service Account or API Key must have the Project Data Access Admin role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Name of the cluster that contains the collection whose Atlas Search index you want to update.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Unique 24-hexadecimal digit string that identifies the Atlas Search index. Use the Get All Atlas Search Indexes for a Collection API endpoint to find the IDs of all Atlas Search indexes.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
PATCH
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{indexId}
Atlas CLI
atlas api updateAtlasSearchIndex --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.UpdateAtlasSearchIndexApiParams{}
sdkResp, httpResp, err := client.AtlasSearchApi.
UpdateAtlasSearchIndexWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{indexId}" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/search/indexes/{indexId}" \
-d '{ <Payload> }'
Request examples
{
"definition": {
"analyzer": "lucene.standard",
"analyzers": [
{
"charFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"name": "string",
"tokenFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"tokenizer": {
"additionalProperty1": {},
"additionalProperty2": {}
}
}
],
"mappings": {
"dynamic": true,
"fields": {
"additionalProperty1": {},
"additionalProperty2": {}
}
},
"numPartitions": 1,
"searchAnalyzer": "lucene.standard",
"storedSource": {
"include | exclude": [
"field1",
"field2"
]
},
"synonyms": [
{
"analyzer": "lucene.standard",
"name": "string",
"source": {
"collection": "string"
}
}
]
}
}
Response examples (200)
Textsearchindexresponse
{
"collectionName": "string",
"database": "string",
"indexID": "32b6e34b3d91647abb20e7b8",
"latestDefinition": {
"numPartitions": 1,
"analyzer": "lucene.standard",
"analyzers": [
{
"charFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"name": "string",
"tokenFilters": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
],
"tokenizer": {
"additionalProperty1": {},
"additionalProperty2": {}
}
}
],
"mappings": {
"dynamic": true,
"fields": {
"additionalProperty1": {},
"additionalProperty2": {}
}
},
"searchAnalyzer": "lucene.standard",
"storedSource": {
"include | exclude": [
"field1",
"field2"
]
},
"synonyms": [
{
"analyzer": "lucene.standard",
"name": "string",
"source": {
"collection": "string"
}
}
]
},
"latestDefinitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"name": "string",
"queryable": true,
"status": "DELETING",
"statusDetail": [
{
"hostname": "string",
"mainIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"queryable": true,
"stagedIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"status": "DELETING"
}
],
"type": "search",
"synonymMappingStatus": "FAILED",
"synonymMappingStatusDetail": [
{
"additionalProperty1": {
"message": "string",
"queryable": true,
"status": "FAILED"
},
"additionalProperty2": {
"message": "string",
"queryable": true,
"status": "FAILED"
}
}
]
}{
"collectionName": "string",
"database": "string",
"indexID": "32b6e34b3d91647abb20e7b8",
"latestDefinition": {
"numPartitions": 1,
"fields": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
]
},
"latestDefinitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"name": "string",
"queryable": true,
"status": "DELETING",
"statusDetail": [
{
"hostname": "string",
"mainIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"queryable": true,
"stagedIndex": {
"definition": {
"numPartitions": 1
},
"definitionVersion": {
"createdAt": "2025-05-04T09:42:00Z",
"version": 42
},
"message": "string",
"queryable": true,
"status": "DELETING"
},
"status": "DELETING"
}
],
"type": "search"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Update Auditing Configuration for One Project
Updates the auditing configuration for the specified project. The auditing configuration defines the events that MongoDB Cloud records in the audit log. To use this resource, the requesting Service Account or API Key must have the Project Owner role. This feature isn't available for M0, M2, M5, or serverless clusters.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Updated auditing configuration for the specified project.
-
JSON document that specifies which events to record. Escape any characters that may prevent parsing, such as single or double quotes, using a backslash (
\).Custom Auditing Filter -
Flag that indicates whether someone enabled database auditing for the specified project.
Default value is
false.
PATCH
/api/atlas/v2/groups/{groupId}/auditLog
Atlas CLI
atlas api updateAuditingConfiguration --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.UpdateAuditingConfigurationApiParams{}
sdkResp, httpResp, err := client.AuditingApi.
UpdateAuditingConfigurationWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/auditLog" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/auditLog" \
-d '{ <Payload> }'
Request examples
{
"auditAuthorizationSuccess": false,
"auditFilter": "string",
"enabled": false
}
Response examples (200)
{
"auditAuthorizationSuccess": false,
"auditFilter": "string",
"configurationType": "NONE",
"enabled": false
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}AWS Clusters DNS
Returns and edits custom DNS configurations for MongoDB Cloud database deployments on AWS. The resource requires your Project ID. If you use the VPC peering on AWS and you use your own DNS servers instead of Amazon Route 53, enable custom DNS. Before 31 March 2020, applications deployed within AWS using custom DNS services and VPC-peered with MongoDB Cloud couldn't connect over private IP addresses. Custom DNS resolved to public IP addresses. AWS internal DNS resolved to private IP addresses. Applications deployed with custom DNS services in AWS should use Private IP for Peering connection strings.
Return One Restore Job for One Cluster
Returns one cloud backup restore job for one cluster from the specified project. To use this resource, the requesting Service Account or API Key must have the Project Backup Manager role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cluster with the restore jobs you want to return.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Unique 24-hexadecimal digit string that identifies the restore job to return.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/restoreJobs/{restoreJobId}
Atlas CLI
atlas api getBackupRestoreJob --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetBackupRestoreJobApiParams{}
sdkResp, httpResp, err := client.CloudBackupsApi.
GetBackupRestoreJobWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/restoreJobs/{restoreJobId}?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/restoreJobs/{restoreJobId}?pretty=true"
Response examples (200)
{
"cancelled": true,
"components": [
{
"downloadUrl": "string",
"privateDownloadDeliveryUrls": [
{
"deliveryUrl": "string",
"endpointId": "vpce-3bf78b0ddee411ba1"
}
],
"replicaSetName": "string"
}
],
"deliveryType": "automated",
"deliveryUrl": [
"string"
],
"desiredTimestamp": {
"date": "2025-05-04T09:42:00Z",
"increment": 1199145600
},
"expired": true,
"expiresAt": "2025-05-04T09:42:00Z",
"failed": true,
"finishedAt": "2025-05-04T09:42:00Z",
"id": "32b6e34b3d91647abb20e7b8",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"oplogInc": 1,
"oplogTs": 42,
"pointInTimeUTCSeconds": 42,
"privateDownloadDeliveryUrls": [
{
"deliveryUrl": "string",
"endpointId": "vpce-3bf78b0ddee411ba1"
}
],
"snapshotId": "32b6e34b3d91647abb20e7b8",
"targetClusterName": "string",
"targetGroupId": "32b6e34b3d91647abb20e7b8",
"timestamp": "2025-05-04T09:42:00Z"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Remove One Replica Set Cloud Backup
Removes the specified snapshot. To use this resource, the requesting Service Account or API Key must have the Project Backup Manager role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cluster.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Unique 24-hexadecimal digit string that identifies the desired snapshot.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
DELETE
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/snapshots/{snapshotId}
Atlas CLI
atlas api deleteReplicaSetBackup --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.DeleteReplicaSetBackupApiParams{}
httpResp, err := client.CloudBackupsApi.
DeleteReplicaSetBackupWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/snapshots/{snapshotId}"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/backup/snapshots/{snapshotId}"
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return All Restore Jobs for One Serverless Instance
Returns all restore jobs for one serverless instance from the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner role.
This API can also be used on Flex clusters that were created with the createServerlessInstance endpoint or Flex clusters that were migrated from Serverless instances. This endpoint will be sunset in January 2026. Please use the listFlexBackupRestoreJobs endpoint instead.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the serverless instance.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response returns the total number of items (totalCount) in the response.
Default value is
true. -
Number of items that the response returns per page.
Minimum value is
1, maximum value is500. Default value is100. -
Number of the page that displays the current set of the total objects that the response returns.
Minimum value is
1. Default value is1. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/serverless/{clusterName}/backup/restoreJobs
Atlas CLI
atlas api listServerlessBackupRestoreJobs --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListServerlessBackupRestoreJobsApiParams{}
sdkResp, httpResp, err := client.CloudBackupsApi.
ListServerlessBackupRestoreJobsWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/serverless/{clusterName}/backup/restoreJobs?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/serverless/{clusterName}/backup/restoreJobs?pretty=true"
Response examples (200)
{
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"results": [
{
"cancelled": true,
"deliveryType": "automated",
"deliveryUrl": [
"string"
],
"desiredTimestamp": {
"date": "2025-05-04T09:42:00Z",
"increment": 1199145600
},
"expired": true,
"expiresAt": "2025-05-04T09:42:00Z",
"failed": true,
"finishedAt": "2025-05-04T09:42:00Z",
"id": "32b6e34b3d91647abb20e7b8",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"oplogInc": 1,
"oplogTs": 42,
"pointInTimeUTCSeconds": 42,
"snapshotId": "32b6e34b3d91647abb20e7b8",
"targetClusterName": "string",
"targetGroupId": "32b6e34b3d91647abb20e7b8",
"timestamp": "2025-05-04T09:42:00Z"
}
],
"totalCount": 42
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Cloud Migration Service
Manages the Cloud Migration Service. Source organizations, projects, and MongoDB clusters reside on Cloud Manager or Ops Manager. Destination organizations, projects, and MongoDB clusters reside on MongoDB Cloud. Source databases can't use any authentication except SCRAM-SHA.
Validate One Migration Request
Verifies whether the provided credentials, available disk space, MongoDB versions, and so on meet the requirements of the migration request. If the check passes, the migration can proceed. Your API Key must have the Organization Owner role to successfully call this resource. Deprecated versions: v2-{2023-01-01}
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
One migration to be validated.
-
Document that describes the destination of the migration.
-
Flag that indicates whether the migration process drops all collections from the destination cluster before the migration starts.
Default value is
false. -
List of migration hosts used for this migration.
At least
1but not more than1element. -
Document that configures sharding on the destination cluster when migrating from a replica set source to a sharded cluster destination on MongoDB 6.0 or higher. If you don't wish to shard any collections on the destination cluster, leave this empty.
-
Document that describes the source of the migration.
POST
/api/atlas/v2/groups/{groupId}/liveMigrations/validate
Atlas CLI
atlas api validateMigration --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ValidateMigrationApiParams{}
sdkResp, httpResp, err := client.CloudMigrationServiceApi.
ValidateMigrationWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/liveMigrations/validate" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/liveMigrations/validate" \
-d '{ <Payload> }'
Request examples
{
"destination": {
"clusterName": "string",
"groupId": "32b6e34b3d91647abb20e7b8",
"hostnameSchemaType": "PUBLIC",
"privateLinkId": "string"
},
"dropDestinationData": false,
"migrationHosts": [
"vm001.example.com"
],
"sharding": {
"createSupportingIndexes": true,
"shardingEntries": [
{
"collection": "string",
"database": "string",
"shardCollection": {
"key": [
{
"additionalProperty1": {},
"additionalProperty2": {}
}
]
}
}
]
},
"source": {
"caCertificatePath": "string",
"clusterName": "string",
"groupId": "32b6e34b3d91647abb20e7b8",
"managedAuthentication": true,
"password": "string",
"ssl": true,
"username": "string"
}
}
Response examples (200)
{
"_id": "32b6e34b3d91647abb20e7b8",
"errorMessage": "string",
"groupId": "32b6e34b3d91647abb20e7b8",
"sourceGroupId": "32b6e34b3d91647abb20e7b8",
"status": "PENDING"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Pin Namespaces
Pin provided list of namespaces for collection-level latency metrics collection for the given Group and Cluster. This initializes a pinned namespaces list or replaces any existing pinned namespaces list for the Group and Cluster.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cluster to pin namespaces to.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false.
PUT
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/collStats/pinned
Atlas CLI
atlas api pinNamespacesPut --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.PinNamespacesPutApiParams{}
sdkResp, httpResp, err := client.CollectionLevelMetricsApi.
PinNamespacesPutWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PUT "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/collStats/pinned" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PUT "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/collStats/pinned" \
-d '{ <Payload> }'
Request examples
{
"namespaces": [
"string"
]
}
Response examples (200)
{
"clusterId": "32b6e34b3d91647abb20e7b8",
"groupId": "32b6e34b3d91647abb20e7b8",
"pinnedNamespaces": [
"string"
]
}
Response examples (201)
{
"clusterId": "32b6e34b3d91647abb20e7b8",
"groupId": "32b6e34b3d91647abb20e7b8",
"pinnedNamespaces": [
"string"
]
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return Ranked Namespaces from a Cluster
Return the subset of namespaces from the given cluster sorted by highest total execution time (descending) within the given time window.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cluster to pin namespaces to.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Human-readable label that identifies the cluster topology to retrieve metrics for.
Values are
PRIMARY,SECONDARY, orINDIVIDUAL_PROCESS.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Date and time when MongoDB Cloud begins reporting the metrics. This parameter expresses its value in the ISO 8601 timestamp format in UTC. Include this parameter when you do not set period.
-
Date and time when MongoDB Cloud stops reporting the metrics. This parameter expresses its value in the ISO 8601 timestamp format in UTC. Include this parameter when you do not set period.
-
Duration over which Atlas reports the metrics. This parameter expresses its value in the ISO 8601 duration format in UTC. Include this parameter when you do not set start and end.
GET
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/collStats/namespaces
Atlas CLI
atlas api getCollStatsLatencyNamespacesForCluster --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetCollStatsLatencyNamespacesForClusterApiParams{}
sdkResp, httpResp, err := client.CollectionLevelMetricsApi.
GetCollStatsLatencyNamespacesForClusterWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/collStats/namespaces?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/collStats/namespaces?pretty=true"
Response examples (200)
{
"groupId": "32b6e34b3d91647abb20e7b8",
"identifierId": "string",
"rankedNamespaces": [
"string"
]
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return Cluster-Level Query Latency
Get a list of the Coll Stats Latency cluster-level measurements for the given namespace.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cluster to retrieve metrics for.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$. -
Human-readable label that identifies the cluster topology to retrieve metrics for.
Values are
PRIMARY,SECONDARY, orINDIVIDUAL_PROCESS. -
Human-readable label that identifies the database.
-
Human-readable label that identifies the collection.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
List that contains the metrics that you want to retrieve for the associated data series. If you don't set this parameter, this resource returns data series for all Coll Stats Latency metrics.
Values are
READS_OPS,READS_LATENCY,AVERAGE_READS_LATENCY,READS_P50_VALUE,READS_P95_VALUE,READS_P99_VALUE,WRITES_OPS,WRITES_LATENCY,AVERAGE_WRITES_LATENCY,WRITES_P50_VALUE,WRITES_P95_VALUE,WRITES_P99_VALUE,COMMANDS_OPS,COMMANDS_LATENCY,AVERAGE_COMMANDS_LATENCY,COMMANDS_P50_VALUE,COMMANDS_P95_VALUE,COMMANDS_P99_VALUE,TOTAL_OPS,TOTAL_LATENCY,AVERAGE_TOTAL_OPS_LATENCY,TOTAL_OPS_P50_VALUE,TOTAL_OPS_P95_VALUE, orTOTAL_OPS_P99_VALUE. -
Date and time when MongoDB Cloud begins reporting the metrics. This parameter expresses its value in the ISO 8601 timestamp format in UTC. Include this parameter when you do not set period.
-
Date and time when MongoDB Cloud stops reporting the metrics. This parameter expresses its value in the ISO 8601 timestamp format in UTC. Include this parameter when you do not set period.
-
Duration over which Atlas reports the metrics. This parameter expresses its value in the ISO 8601 duration format in UTC. Include this parameter when you do not set start and end.
GET
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/{databaseName}/{collectionName}/collStats/measurements
Atlas CLI
atlas api getCollStatsLatencyNamespaceClusterMeasurements --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetCollStatsLatencyNamespaceClusterMeasurementsApiParams{}
sdkResp, httpResp, err := client.CollectionLevelMetricsApi.
GetCollStatsLatencyNamespaceClusterMeasurementsWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/{databaseName}/{collectionName}/collStats/measurements?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/{clusterView}/{databaseName}/{collectionName}/collStats/measurements?pretty=true"
Response examples (200)
{
"clusterId": "string",
"clusterView": "string",
"collectionName": "string",
"databaseName": "string",
"end": "2025-05-04T09:42:00Z",
"granularity": "PT1M",
"groupId": "32b6e34b3d91647abb20e7b8",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"measurements": [
{
"dataPoints": [
{
"timestamp": "2025-05-04T09:42:00Z",
"value": 42.0
}
],
"name": "string",
"units": "BYTES"
}
],
"processId": "mongodb.example.com:27017",
"start": "2025-05-04T09:42:00Z"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return All Custom Roles in One Project
Returns all custom roles for the specified project. To use this resource, the requesting Service Account or API Key must have the Project Read Only role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/customDBRoles/roles
Atlas CLI
atlas api listCustomDatabaseRoles --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListCustomDatabaseRolesApiParams{}
sdkResp, httpResp, err := client.CustomDatabaseRolesApi.
ListCustomDatabaseRolesWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles?pretty=true"
Response examples (200)
[
{
"actions": [
{
"action": "FIND",
"resources": [
{
"cluster": true,
"collection": "string",
"db": "string"
}
]
}
],
"inheritedRoles": [
{
"db": "string",
"role": "string"
}
],
"roleName": "string"
}
]
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Create One Custom Role
Creates one custom role in the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner role, Project Stream Processing Owner role, or the Project Database Access Admin role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Creates one custom role in the specified project.
-
List of the individual privilege actions that the role grants.
Privilege action that the role grants.
-
List of the built-in roles that this custom role inherits.
Role inherited from another context for this database user.
-
Human-readable label that identifies the role for the request. This name must be unique for this custom role in this project.
POST
/api/atlas/v2/groups/{groupId}/customDBRoles/roles
Atlas CLI
atlas api createCustomDatabaseRole --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreateCustomDatabaseRoleApiParams{}
sdkResp, httpResp, err := client.CustomDatabaseRolesApi.
CreateCustomDatabaseRoleWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/customDBRoles/roles" \
-d '{ <Payload> }'
Request examples
{
"actions": [
{
"action": "FIND",
"resources": [
{
"cluster": true,
"collection": "string",
"db": "string"
}
]
}
],
"inheritedRoles": [
{
"db": "string",
"role": "string"
}
],
"roleName": "string"
}
Response examples (202)
{
"actions": [
{
"action": "FIND",
"resources": [
{
"cluster": true,
"collection": "string",
"db": "string"
}
]
}
],
"inheritedRoles": [
{
"db": "string",
"role": "string"
}
],
"roleName": "string"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Delete One Query Limit for One Federated Database Instance
Deletes one query limit for one federated database instance. To use this resource, the requesting Service Account or API Key must have the Project Owner role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the federated database instance to which the query limit applies.
-
Human-readable label that identifies this data federation instance limit.
Limit Name Description Default bytesProcessed.query Limit on the number of bytes processed during a single data federation query N/A bytesProcessed.daily Limit on the number of bytes processed for the data federation instance for the current day N/A bytesProcessed.weekly Limit on the number of bytes processed for the data federation instance for the current week N/A bytesProcessed.monthly Limit on the number of bytes processed for the data federation instance for the current month N/A Values are
bytesProcessed.query,bytesProcessed.daily,bytesProcessed.weekly, orbytesProcessed.monthly.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false.
DELETE
/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/limits/{limitName}
Atlas CLI
atlas api deleteOneDataFederationInstanceQueryLimit --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.DeleteOneDataFederationInstanceQueryLimitApiParams{}
httpResp, err := client.DataFederationApi.
DeleteOneDataFederationInstanceQueryLimitWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/limits/{limitName}"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/limits/{limitName}"
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Download Query Logs for One Federated Database Instance
Downloads the query logs for the specified federated database instance. To use this resource, the requesting Service Account or API Key must have the Project Owner or Project Data Access Read Write roles. The API does not support direct calls with the json response schema. You must request a gzip response schema using an accept header of the format: "Accept: application/vnd.atlas.YYYY-MM-DD+gzip".
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the federated database instance for which you want to download query logs.
Query parameters
-
Timestamp that specifies the end point for the range of log messages to download. MongoDB Cloud expresses this timestamp in the number of seconds that have elapsed since the UNIX epoch.
Format should match the following pattern:
1199145600. -
Timestamp that specifies the starting point for the range of log messages to download. MongoDB Cloud expresses this timestamp in the number of seconds that have elapsed since the UNIX epoch.
Format should match the following pattern:
1199145600.
GET
/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/queryLogs.gz
Atlas CLI
atlas api downloadFederatedDatabaseQueryLogs --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.DownloadFederatedDatabaseQueryLogsApiParams{}
sdkResp, httpResp, err := client.DataFederationApi.
DownloadFederatedDatabaseQueryLogsWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/queryLogs.gz?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/dataFederation/{tenantName}/queryLogs.gz?pretty=true"
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Remove One Federated Database Instance and Online Archive Private Endpoint from One Project
Removes one private endpoint for Federated Database Instances and Online Archives in the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 22-character alphanumeric string that identifies the private endpoint to remove. Atlas Data Federation supports AWS private endpoints using the AWS PrivateLink feature.
Format should match the following pattern:
^vpce-[0-9a-f]{17}$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
DELETE
/api/atlas/v2/groups/{groupId}/privateNetworkSettings/endpointIds/{endpointId}
Atlas CLI
atlas api deleteDataFederationPrivateEndpoint --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.DeleteDataFederationPrivateEndpointApiParams{}
httpResp, err := client.DataFederationApi.
DeleteDataFederationPrivateEndpointWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/privateNetworkSettings/endpointIds/{endpointId}"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X DELETE "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/privateNetworkSettings/endpointIds/{endpointId}"
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}
Return All Ingestion Schedules for One Data Lake Pipeline
Deprecated
Returns a list of backup schedule policy items that you can use as a Data Lake Pipeline source. To use this resource, the requesting Service Account or API Key must have the Project Read Only role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the Data Lake Pipeline.
Format should match the following pattern:
^[^/\\ "$]{1,64}$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/pipelines/{pipelineName}/availableSchedules
Atlas CLI
atlas api listPipelineSchedules --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListPipelineSchedulesApiParams{}
sdkResp, httpResp, err := client.DataLakePipelinesApi.
ListPipelineSchedulesWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/pipelines/{pipelineName}/availableSchedules?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/pipelines/{pipelineName}/availableSchedules?pretty=true"
Response examples (200)
[
{
"frequencyInterval": 1,
"frequencyType": "daily",
"id": "32b6e34b3d91647abb20e7b8",
"retentionUnit": "days",
"retentionValue": 42
}
]
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return One Private Endpoint for Encryption at Rest Using Customer Key Management
Returns one private endpoint, identified by its ID, for encryption at rest using Customer Key Management.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies the cloud provider of the private endpoint.
Values are
AZUREorAWS. -
Unique 24-hexadecimal digit string that identifies the private endpoint.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/encryptionAtRest/{cloudProvider}/privateEndpoints/{endpointId}
Atlas CLI
atlas api getEncryptionAtRestPrivateEndpoint --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetEncryptionAtRestPrivateEndpointApiParams{}
sdkResp, httpResp, err := client.EncryptionatRestusingCustomerKeyManagementApi.
GetEncryptionAtRestPrivateEndpointWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/encryptionAtRest/{cloudProvider}/privateEndpoints/{endpointId}?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/encryptionAtRest/{cloudProvider}/privateEndpoints/{endpointId}?pretty=true"
Response examples (200)
Azurekeyvaultearprivateendpoint
{
"cloudProvider": "AZURE",
"errorMessage": "string",
"id": "32b6e34b3d91647abb20e7b8",
"regionName": "US_CENTRAL",
"status": "INITIATING",
"privateEndpointConnectionName": "string"
}{
"cloudProvider": "AZURE",
"errorMessage": "string",
"id": "32b6e34b3d91647abb20e7b8",
"regionName": "US_CENTRAL",
"status": "INITIATING",
"privateEndpointConnectionName": "string"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return One Managed Namespace in One Global Cluster
Returns one managed namespace within the specified global cluster. A managed namespace identifies a collection using the database name, the dot separator, and the collection name. To use this resource, the requesting Service Account or API Key must have the Project Read Only role. Deprecated versions: v2-{2023-02-01}, v2-{2023-01-01}
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies this cluster.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites
Atlas CLI
atlas api getManagedNamespace --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetManagedNamespaceApiParams{}
sdkResp, httpResp, err := client.GlobalClustersApi.
GetManagedNamespaceWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites?pretty=true"
Response examples (200)
{
"customZoneMapping": {
"additionalProperty1": "32b6e34b3d91647abb20e7b8",
"additionalProperty2": "32b6e34b3d91647abb20e7b8"
},
"managedNamespaces": [
{
"collection": "string",
"customShardKey": "string",
"db": "string",
"isCustomShardKeyHashed": false,
"isShardKeyUnique": false,
"numInitialChunks": 42,
"presplitHashedZones": false
}
],
"selfManagedSharding": true
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Add One Custom Zone Mapping to One Global Cluster
Creates one custom zone mapping for the specified global cluster. A custom zone mapping matches one ISO 3166-2 location code to a zone in your global cluster. By default, MongoDB Cloud maps each location code to the closest geographical zone. To use this resource, the requesting Service Account or API Key must have the Project Owner role. Deprecated versions: v2-{2023-02-01}, v2-{2023-01-01}
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Human-readable label that identifies this cluster.
Format should match the following pattern:
^[a-zA-Z0-9][a-zA-Z0-9-]*$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Custom zone mapping to add to the specified global cluster.
-
List that contains comma-separated key value pairs to map zones to geographic regions. These pairs map an ISO 3166-1a2 location code, with an ISO 3166-2 subdivision code when possible, to the human-readable label for the desired custom zone. MongoDB Cloud maps the ISO 3166-1a2 code to the nearest geographical zone by default. Include this parameter to override the default mappings.
This parameter returns an empty object if no custom zones exist.
Human-readable label that identifies the subset of a global cluster.
POST
/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites/customZoneMapping
Atlas CLI
atlas api createCustomZoneMapping --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreateCustomZoneMappingApiParams{}
sdkResp, httpResp, err := client.GlobalClustersApi.
CreateCustomZoneMappingWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites/customZoneMapping" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/clusters/{clusterName}/globalWrites/customZoneMapping" \
-d '{ <Payload> }'
Request examples
{
"customZoneMappings": [
{
"location": "string",
"zone": "string"
}
]
}
Response examples (200)
{
"customZoneMapping": {
"additionalProperty1": "32b6e34b3d91647abb20e7b8",
"additionalProperty2": "32b6e34b3d91647abb20e7b8"
},
"managedNamespaces": [
{
"collection": "string",
"customShardKey": "string",
"db": "string",
"isCustomShardKeyHashed": false,
"isShardKeyUnique": false,
"numInitialChunks": 42,
"presplitHashedZones": false
}
],
"selfManagedSharding": true
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return All Line Items for One Invoice by Invoice ID
Query the lineItems of the specified invoice and return the result JSON. A unique 24-hexadecimal digit string identifies the invoice.
Path parameters
-
Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 24-hexadecimal digit string that identifies the invoice submitted to the specified organization. Charges typically post the next day.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Number of items that the response returns per page.
Minimum value is
1, maximum value is500. Default value is100. -
Number of the page that displays the current set of the total objects that the response returns.
Minimum value is
1. Default value is1.
Body
Required
Filter parameters for the lineItems query. Send a request with an empty JSON body to retrieve all line items for a given invoiceID without applying any filters.
-
Request body which contains various fields to filter line items as part of certain Invoice Usage Details queries.
-
Specify the field used to specify how to sort query results. Default to bill date.
Values are
USAGE_DATES,BILL_DATES, orTOTAL_PRICE_CENTS. -
Specify the sort order (ascending / descending) used to specify how to sort query results. Defaults to descending.
Values are
ASCENDINGorDESCENDING.
GET
/api/atlas/v2/orgs/{orgId}/invoices/{invoiceId}/lineItems:search
Atlas CLI
atlas api queryLineItemsFromSingleInvoice --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.QueryLineItemsFromSingleInvoiceApiParams{}
sdkResp, httpResp, err := client.InvoicesApi.
QueryLineItemsFromSingleInvoiceWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/invoices/{invoiceId}/lineItems:search?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/invoices/{invoiceId}/lineItems:search?pretty=true"
Request examples
{
"filters": {
"billEndDate": "2025-05-04",
"billStartDate": "2025-05-04",
"clusterIds": [
"32b6e34b3d91647abb20e7b8"
],
"groupIds": [
"32b6e34b3d91647abb20e7b8"
],
"includeZeroCentLineItems": true,
"skuServices": [
"Atlas"
],
"usageEndDate": "2025-05-04",
"usageStartDate": "2025-05-04"
},
"sortField": "USAGE_DATES",
"sortOrder": "ASCENDING"
}
Response examples (200)
{
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"results": [
{
"billDate": "2025-05-04T09:42:00Z",
"clusterName": "string",
"description": "string",
"groupId": "32b6e34b3d91647abb20e7b8",
"quantity": 42.0,
"totalPriceCents": 42,
"unitPriceDollars": 42.0,
"usageDate": "2025-05-04T09:42:00Z"
}
],
"totalCount": 42
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return Status of LDAP Configuration Verification in One Project
Returns the status of one request to verify one LDAP configuration for the specified project. To use this resource, the requesting Service Account or API Key must have the Project Owner role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique string that identifies the request to verify an Lightweight Directory Access Protocol (LDAP) configuration.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/userSecurity/ldap/verify/{requestId}
Atlas CLI
atlas api getLdapConfigurationStatus --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetLdapConfigurationStatusApiParams{}
sdkResp, httpResp, err := client.LDAPConfigurationApi.
GetLdapConfigurationStatusWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/userSecurity/ldap/verify/{requestId}?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/userSecurity/ldap/verify/{requestId}?pretty=true"
Response examples (200)
{
"groupId": "32b6e34b3d91647abb20e7b8",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"request": {
"bindUsername": "CN=BindUser,CN=Users,DC=myldapserver,DC=mycompany,DC=com",
"caCertificate": "string",
"hostname": "string",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"port": 636
},
"requestId": "32b6e34b3d91647abb20e7b8",
"status": "FAIL",
"validations": [
{
"status": "FAIL",
"validationType": "AUTHENTICATE"
}
]
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Maintenance Windows
Returns, edits, and removes maintenance windows. The maintenance procedure that MongoDB Cloud performs requires at least one replica set election during the maintenance window per replica set. You can defer a scheduled maintenance event for a project up to two times. Deferred maintenance events occur during your preferred maintenance window exactly one week after the previously scheduled date and time.
Return All MongoDB Cloud Users in One Project
Returns details about the pending and active MongoDB Cloud users associated with the specified project. To use this resource, the requesting Service Account or API Key must have the Project Read Only role.
Note: This resource cannot be used to view details about users invited via the deprecated Invite One MongoDB Cloud User to Join One Project endpoint.
Note: To return both pending and active users, use v2-{2025-02-19} or later. If using a deprecated version, only active users will be returned. Deprecated versions: v2-{2023-01-01}
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response returns the total number of items (totalCount) in the response.
Default value is
true. -
Number of items that the response returns per page.
Minimum value is
1, maximum value is500. Default value is100. -
Number of the page that displays the current set of the total objects that the response returns.
Minimum value is
1. Default value is1. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint -
Flag that indicates whether the returned list should include users who belong to a team with a role in this project. You might not have assigned the individual users a role in this project. If
"flattenTeams" : false, this resource returns only users with a role in the project. If"flattenTeams" : true, this resource returns both users with roles in the project and users who belong to teams with roles in the project.Default value is
false. -
Flag that indicates whether the returned list should include users with implicit access to the project, the Organization Owner or Organization Read Only role. You might not have assigned the individual users a role in this project. If
"includeOrgUsers": false, this resource returns only users with a role in the project. If"includeOrgUsers": true, this resource returns both users with roles in the project and users who have implicit access to the project through their organization role.Default value is
false. -
Flag that indicates whether to filter the returned list by users organization membership status. If you exclude this parameter, this resource returns both pending and active users. Not supported in deprecated versions.
-
Email address to filter users by. Not supported in deprecated versions.
GET
/api/atlas/v2/groups/{groupId}/users
Atlas CLI
atlas api listProjectUsers --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListProjectUsersApiParams{}
sdkResp, httpResp, err := client.MongoDBCloudUsersApi.
ListProjectUsersWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/users?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/users?pretty=true"
Response examples (200)
{
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"results": [
{
"id": "32b6e34b3d91647abb20e7b8",
"orgMembershipStatus": "PENDING",
"roles": [
"GROUP_OWNER"
],
"username": "hello@example.com",
"invitationCreatedAt": "2025-05-04T09:42:00Z",
"invitationExpiresAt": "2025-05-04T09:42:00Z",
"inviterUsername": "hello@example.com"
}
],
"totalCount": 42
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return One MongoDB Cloud User in One Project
Returns information about the specified MongoDB Cloud user within the context of the specified project. To use this resource, the requesting Service Account or API Key must have the Project Read Only role.
Note: You can only use this resource to fetch information about MongoDB Cloud human users. To return information about an API Key, use the Return One Organization API Key endpoint.
Note: This resource does not return information about pending users invited via the deprecated Invite One MongoDB Cloud User to Join One Project endpoint.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 24-hexadecimal digit string that identifies the pending or active user in the project. If you need to lookup a user's userId or verify a user's status in the organization, use the Return All MongoDB Cloud Users in One Project resource and filter by username.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/groups/{groupId}/users/{userId}
Atlas CLI
atlas api getProjectUser --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.GetProjectUserApiParams{}
sdkResp, httpResp, err := client.MongoDBCloudUsersApi.
GetProjectUserWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/users/{userId}?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/users/{userId}?pretty=true"
Response examples (200)
Grouppendinguserresponse
{
"id": "32b6e34b3d91647abb20e7b8",
"orgMembershipStatus": "PENDING",
"roles": [
"GROUP_OWNER"
],
"username": "hello@example.com",
"invitationCreatedAt": "2025-05-04T09:42:00Z",
"invitationExpiresAt": "2025-05-04T09:42:00Z",
"inviterUsername": "hello@example.com"
}{
"id": "32b6e34b3d91647abb20e7b8",
"orgMembershipStatus": "PENDING",
"roles": [
"GROUP_OWNER"
],
"username": "hello@example.com",
"country": "US",
"createdAt": "2025-05-04T09:42:00Z",
"firstName": "John",
"lastAuth": "2025-05-04T09:42:00Z",
"lastName": "Doe",
"mobileNumber": "string"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}
Update One Organization Invitation by Invitation ID
Deprecated
Updates the details of one pending invitation to the specified organization. To specify which invitation, provide the unique identification string for that invitation. Use the Return All Organization Invitations endpoint to retrieve IDs for all pending organization invitations. To use this resource, the requesting Service Account or API Key must have the Organization Owner role.
Note: Invitation management APIs are deprecated. Use Update One MongoDB Cloud User in One Organization to update a pending user.
Path parameters
-
Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 24-hexadecimal digit string that identifies the invitation.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Updates the details of one pending invitation to the specified organization.
-
List of projects that the user will be added to when they accept their invitation to the organization.
-
One or more organization level roles to assign to the MongoDB Cloud user.
Values are
ORG_OWNER,ORG_MEMBER,ORG_GROUP_CREATOR,ORG_BILLING_ADMIN,ORG_BILLING_READ_ONLY, orORG_READ_ONLY. -
List of teams to which you want to invite the desired MongoDB Cloud user.
PATCH
/api/atlas/v2/orgs/{orgId}/invites/{invitationId}
Atlas CLI
atlas api updateOrganizationInvitationById --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.UpdateOrganizationInvitationByIdApiParams{}
sdkResp, httpResp, err := client.OrganizationsApi.
UpdateOrganizationInvitationByIdWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/invites/{invitationId}" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X PATCH "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/invites/{invitationId}" \
-d '{ <Payload> }'
Request examples
{
"groupRoleAssignments": [
{
"groupId": "32b6e34b3d91647abb20e7b8",
"roles": [
"GROUP_BACKUP_MANAGER"
]
}
],
"roles": [
"ORG_OWNER"
],
"teamIds": [
"string"
]
}
Response examples (200)
{
"createdAt": "2025-05-04T09:42:00Z",
"expiresAt": "2025-05-04T09:42:00Z",
"groupRoleAssignments": [
{
"groupId": "32b6e34b3d91647abb20e7b8",
"groupRole": "GROUP_BACKUP_MANAGER"
}
],
"id": "32b6e34b3d91647abb20e7b8",
"inviterUsername": "hello@example.com",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"orgId": "32b6e34b3d91647abb20e7b8",
"orgName": "string",
"roles": [
"ORG_OWNER"
],
"teamIds": [
"string"
],
"username": "hello@example.com"
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Create and Assign One Organization API Key to One Project
Creates and assigns the specified organization API key to the specified project. Users with the Project Owner role in the project associated with the API key can use the organization API key to access the resources. To use this resource, the requesting Service Account or API Key must have the Project Owner role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.
NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Organization API key to be created and assigned to the specified project.
-
Purpose or explanation provided when someone created this project API key.
Minimum length is
1, maximum length is250. -
List of roles to grant this API key. If you provide this list, provide a minimum of one role and ensure each role applies to this project.
At least
1element. Values areORG_MEMBER,ORG_READ_ONLY,ORG_BILLING_ADMIN,ORG_BILLING_READ_ONLY,ORG_GROUP_CREATOR,ORG_OWNER,GROUP_OWNER,GROUP_READ_ONLY,GROUP_DATA_ACCESS_ADMIN,GROUP_DATA_ACCESS_READ_ONLY,GROUP_DATA_ACCESS_READ_WRITE,GROUP_CLUSTER_MANAGER,GROUP_SEARCH_INDEX_EDITOR,GROUP_STREAM_PROCESSING_OWNER,GROUP_BACKUP_MANAGER,GROUP_OBSERVABILITY_VIEWER, orGROUP_DATABASE_ACCESS_ADMIN.
POST
/api/atlas/v2/groups/{groupId}/apiKeys
Atlas CLI
atlas api createProjectApiKey --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreateProjectApiKeyApiParams{}
sdkResp, httpResp, err := client.ProgrammaticAPIKeysApi.
CreateProjectApiKeyWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/apiKeys" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/groups/{groupId}/apiKeys" \
-d '{ <Payload> }'
Request examples
{
"desc": "string",
"roles": [
"ORG_MEMBER"
]
}
Response examples (200)
{
"desc": "string",
"id": "32b6e34b3d91647abb20e7b8",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"privateKey": "55c3bbb6-b4bb-0be1-e66d20841f3e",
"publicKey": "zmmrboas",
"roles": [
{
"groupId": "32b6e34b3d91647abb20e7b8",
"orgId": "32b6e34b3d91647abb20e7b8",
"roleName": "ORG_MEMBER"
}
]
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Return All Access List Entries for One Organization API Key
Returns all access list entries that you configured for the specified organization API key. To use this resource, the requesting Service Account or API Key must have the Organization Member role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 24-hexadecimal digit string that identifies this organization API key for which you want to return access list entries.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response returns the total number of items (totalCount) in the response.
Default value is
true. -
Number of items that the response returns per page.
Minimum value is
1, maximum value is500. Default value is100. -
Number of the page that displays the current set of the total objects that the response returns.
Minimum value is
1. Default value is1. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
GET
/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList
Atlas CLI
atlas api listApiKeyAccessListsEntries --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.ListApiKeyAccessListsEntriesApiParams{}
sdkResp, httpResp, err := client.ProgrammaticAPIKeysApi.
ListApiKeyAccessListsEntriesWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList?pretty=true"curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
-X GET "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList?pretty=true"
Response examples (200)
{
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"results": [
{
"cidrBlock": "203.0.113.0/24",
"count": 42,
"created": "2025-05-04T09:42:00Z",
"ipAddress": "203.0.113.10",
"lastUsed": "2025-05-04T09:42:00Z",
"lastUsedAddress": "203.0.113.10",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
]
}
],
"totalCount": 42
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}Create One Access List Entry for One Organization API Key
Creates the access list entries for the specified organization API key. Resources require all API requests originate from IP addresses on the API access list. To use this resource, the requesting Service Account or API Key must have the Read Write role.
Path parameters
-
Unique 24-hexadecimal digit string that identifies the organization that contains your projects. Use the /orgs endpoint to retrieve all organizations to which the authenticated user has access.
Format should match the following pattern:
^([a-f0-9]{24})$. -
Unique 24-hexadecimal digit string that identifies this organization API key for which you want to create a new access list entry.
Format should match the following pattern:
^([a-f0-9]{24})$.
Query parameters
-
Flag that indicates whether Application wraps the response in an
envelopeJSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.Default value is
false. -
Flag that indicates whether the response returns the total number of items (totalCount) in the response.
Default value is
true. -
Number of items that the response returns per page.
Minimum value is
1, maximum value is500. Default value is100. -
Number of the page that displays the current set of the total objects that the response returns.
Minimum value is
1. Default value is1. -
Flag that indicates whether the response body should be in the prettyprint format.
Default value is
false.Prettyprint
Body
Required
Access list entries to be created for the specified organization API key.
-
Range of network addresses that you want to add to the access list for the API key. This parameter requires the range to be expressed in classless inter-domain routing (CIDR) notation of Internet Protocol version 4 or version 6 addresses. You can set a value for this parameter or ipAddress but not both in the same request.
Format should match the following pattern:
^((([0-9]{1,3}\.){3}[0-9]{1,3})|(:{0,2}([0-9a-f]{1,4}:){0,7}[0-9a-f]{1,4}[:]{0,2}))((%2[fF]|/)[0-9]{1,3})+$. -
Network address that you want to add to the access list for the API key. This parameter requires the address to be expressed as one Internet Protocol version 4 or version 6 address. You can set a value for this parameter or cidrBlock but not both in the same request.
Format should match the following pattern:
^((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)(\.(?!$)|$)){4}|([0-9a-f]{1,4}:){7}[0-9a-f]{1,4}$.
POST
/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList
Atlas CLI
atlas api createApiKeyAccessList --helpimport (
"os"
"context"
"log"
sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)
func main() {
ctx := context.Background()
clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")
client, err := sdk.NewClient(
sdk.UseOAuthAuth(clientID, clientSecret),
sdk.UseBaseURL(url))
if err != nil {
log.Fatalf("Error: %v", err)
}
params = &sdk.CreateApiKeyAccessListApiParams{}
sdkResp, httpResp, err := client.ProgrammaticAPIKeysApi.
CreateApiKeyAccessListWithParams(ctx, params).
Execute()
}curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList" \
-d '{ <Payload> }'curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
--digest \
--header "Accept: application/vnd.atlas.2025-03-12+json" \
--header "Content-Type: application/json" \
-X POST "https://cloud.mongodb.com/api/atlas/v2/orgs/{orgId}/apiKeys/{apiUserId}/accessList" \
-d '{ <Payload> }'
Request examples
[
{
"cidrBlock": "203.0.113.0/24",
"ipAddress": "203.0.113.10"
}
]
Response examples (200)
{
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
],
"results": [
{
"cidrBlock": "203.0.113.0/24",
"count": 42,
"created": "2025-05-04T09:42:00Z",
"ipAddress": "203.0.113.10",
"lastUsed": "2025-05-04T09:42:00Z",
"lastUsedAddress": "203.0.113.10",
"links": [
{
"href": "https://cloud.mongodb.com/api/atlas",
"rel": "self"
}
]
}
],
"totalCount": 42
}
Response examples (400)
{
"error": 400,
"detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
"reason": "Bad Request",
"errorCode": "VALIDATION_ERROR"
}
Response examples (401)
{
"error": 401,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Unauthorized",
"errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403)
{
"error": 403,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Forbidden",
"errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404)
{
"error": 404,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
"reason": "Not Found",
"errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (409)
{
"error": 409,
"detail": "(This is just an example, the exception may not be related to this endpoint) Cannot delete organization link while there is active migration in following project ids: 60c4fd418ebe251047c50554",
"reason": "Conflict",
"errorCode": "CANNOT_DELETE_ORG_ACTIVE_LIVE_MIGRATION_ATLAS_ORG_LINK"
}
Response examples (500)
{
"error": 500,
"detail": "(This is just an example, the exception may not be related to this endpoint)",
"reason": "Internal Server Error",
"errorCode": "UNEXPECTED_ERROR"
}