Create One MongoDB Cloud User | Andrea Test API documentation

Create One MongoDB Cloud User Deprecated

POST /api/atlas/v2/users

Creates one MongoDB Cloud user account. A MongoDB Cloud user account grants access to only the MongoDB Cloud application. To grant database access, create a database user. MongoDB Cloud sends an email to the users you specify, inviting them to join the project. Invited users don't have access to the project until they accept the invitation. Invitations expire after 30 days.

MongoDB Cloud limits MongoDB Cloud user membership to a maximum of 250 MongoDB Cloud users per team. MongoDB Cloud limits MongoDB Cloud user membership to 500 MongoDB Cloud users per project and 500 MongoDB Cloud users per organization, which includes the combined membership of all projects in the organization. MongoDB Cloud raises an error if an operation exceeds these limits. For example, if you have an organization with five projects, and each project has 100 MongoDB Cloud users, and each MongoDB Cloud user belongs to only one project, you can't add any MongoDB Cloud users to this organization without first removing existing MongoDB Cloud users from the organization.

To use this resource, the requesting Service Account or API Key can have any role.

Query parameters

envelope boolean

Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

Default value is false.
pretty boolean

Flag that indicates whether the response body should be in the prettyprint format.

Default value is false.

Prettyprint

application/vnd.atlas.2023-01-01+json

Body Required

MongoDB Cloud user account to create.

country string Required

Two alphabet characters that identifies MongoDB Cloud user's geographic location. This parameter uses the ISO 3166-1a2 code format.

Format should match the following pattern: ^([A-Z]{2})$.
firstName string Required

First or given name that belongs to the MongoDB Cloud user.
lastName string Required

Last name, family name, or surname that belongs to the MongoDB Cloud user.
mobileNumber string Required

Mobile phone number that belongs to the MongoDB Cloud user.

Format should match the following pattern: (?:(?:\\+?1\\s*(?:[.-]\\s*)?)?(?:(\\s*([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9])\\s*)|([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9]))\\s*(?:[.-]\\s*)?)([2-9]1[02-9]|[2-9][02-9]1|[2-9][02-9]{2})\\s*(?:[.-]\\s*)?([0-9]{4})$.
password string(password) Required

Password applied with the username to log in to MongoDB Cloud. MongoDB Cloud does not return this parameter except in response to creating a new MongoDB Cloud user. Only the MongoDB Cloud user can update their password after it has been set from the MongoDB Cloud console.

Minimum length is 8.
roles array[object]

List of objects that display the MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. A role can apply to one organization or one project but not both.

MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. Each role can apply to one organization or one project but not both.
Hide roles attributes Show roles attributes object
- groupId string
  
  Unique 24-hexadecimal digit string that identifies the project to which this role belongs. You can set a value for this parameter or orgId but not both in the same request.
  
  Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
- orgId string
  
  Unique 24-hexadecimal digit string that identifies the organization to which this role belongs. You can set a value for this parameter or groupId but not both in the same request.
  
  Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
- roleName string
  
  Human-readable label that identifies the collection of privileges that MongoDB Cloud grants a specific API key, MongoDB Cloud user, or MongoDB Cloud team. These roles include organization- and project-level roles.
  
  Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_GROUP_CREATOR, ORG_OWNER, GROUP_OWNER, GROUP_READ_ONLY, GROUP_DATA_ACCESS_ADMIN, GROUP_DATA_ACCESS_READ_ONLY, GROUP_DATA_ACCESS_READ_WRITE, GROUP_CLUSTER_MANAGER, GROUP_SEARCH_INDEX_EDITOR, GROUP_STREAM_PROCESSING_OWNER, GROUP_BACKUP_MANAGER, GROUP_OBSERVABILITY_VIEWER, or GROUP_DATABASE_ACCESS_ADMIN.
username string(email) Required

Email address that represents the username of the MongoDB Cloud user.

Responses

200 application/vnd.atlas.2023-01-01+json

OK
Hide response attributes Show response attributes object
- country string Required
  
  Two alphabet characters that identifies MongoDB Cloud user's geographic location. This parameter uses the ISO 3166-1a2 code format.
  
  Format should match the following pattern: ^([A-Z]{2})$.
- createdAt string(date-time)
  
  Date and time when the current account is created. This value is in the ISO 8601 timestamp format in UTC.
- emailAddress string(email) Required Deprecated
  
  Email address that belongs to the MongoDB Cloud user.
- firstName string Required
  
  First or given name that belongs to the MongoDB Cloud user.
- id string
  
  Unique 24-hexadecimal digit string that identifies the MongoDB Cloud user.
  
  Format should match the following pattern: ^([a-f0-9]{24})$.
- lastAuth string(date-time)
  
  Date and time when the current account last authenticated. This value is in the ISO 8601 timestamp format in UTC.
- lastName string Required
  
  Last name, family name, or surname that belongs to the MongoDB Cloud user.
- links array[object]
  
  List of one or more Uniform Resource Locators (URLs) that point to API sub-resources, related API resources, or both. RFC 5988 outlines these relationships.
  
  Web Linking Specification (RFC 5988)
  
  Hide links attributes Show links attributes object
  
  href string
  
  Uniform Resource Locator (URL) that points another API resource to which this response has some relationship. This URL often begins with https://cloud.mongodb.com/api/atlas.
  
  rel string
  
  Uniform Resource Locator (URL) that defines the semantic relationship between this resource and another API resource. This URL often begins with https://cloud.mongodb.com/api/atlas.
- mobileNumber string Required
  
  Mobile phone number that belongs to the MongoDB Cloud user.
  
  Format should match the following pattern: (?:(?:\\+?1\\s*(?:[.-]\\s*)?)?(?:(\\s*([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9])\\s*)|([2-9]1[02-9]|[2-9][02-8]1|[2-9][02-8][02-9]))\\s*(?:[.-]\\s*)?)([2-9]1[02-9]|[2-9][02-9]1|[2-9][02-9]{2})\\s*(?:[.-]\\s*)?([0-9]{4})$.
- password string(password) Required
  
  Password applied with the username to log in to MongoDB Cloud. MongoDB Cloud does not return this parameter except in response to creating a new MongoDB Cloud user. Only the MongoDB Cloud user can update their password after it has been set from the MongoDB Cloud console.
  
  Minimum length is 8.
- roles array[object]
  
  List of objects that display the MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. A role can apply to one organization or one project but not both.
  
  MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. Each role can apply to one organization or one project but not both.
  
  Hide roles attributes Show roles attributes object
  
  groupId string
  
  Unique 24-hexadecimal digit string that identifies the project to which this role belongs. You can set a value for this parameter or orgId but not both in the same request.
  
  Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
  
  orgId string
  
  Unique 24-hexadecimal digit string that identifies the organization to which this role belongs. You can set a value for this parameter or groupId but not both in the same request.
  
  Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.
  
  roleName string
  
  Human-readable label that identifies the collection of privileges that MongoDB Cloud grants a specific API key, MongoDB Cloud user, or MongoDB Cloud team. These roles include organization- and project-level roles.
  
  Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_GROUP_CREATOR, ORG_OWNER, GROUP_OWNER, GROUP_READ_ONLY, GROUP_DATA_ACCESS_ADMIN, GROUP_DATA_ACCESS_READ_ONLY, GROUP_DATA_ACCESS_READ_WRITE, GROUP_CLUSTER_MANAGER, GROUP_SEARCH_INDEX_EDITOR, GROUP_STREAM_PROCESSING_OWNER, GROUP_BACKUP_MANAGER, GROUP_OBSERVABILITY_VIEWER, or GROUP_DATABASE_ACCESS_ADMIN.
- teamIds array[string]
  
  List of unique 24-hexadecimal digit strings that identifies the teams to which this MongoDB Cloud user belongs.
  
  Format of each should match the following pattern: ^([a-f0-9]{24})$.
- username string(email) Required
  
  Email address that represents the username of the MongoDB Cloud user.
401 application/json

Unauthorized.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
403 application/json

Forbidden.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
404 application/json

Not Found.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.
500 application/json

Internal Server Error.
Hide response attributes Show response attributes object
- badRequestDetail object
  
  Bad request detail.
  
  Hide badRequestDetail attribute Show badRequestDetail attribute object
  
  fields array[object]
  
  Describes all violations in a client request.
  
  Hide fields attributes Show fields attributes object
  
  description string Required
  
  A description of why the request element is bad.
  
  field string Required
  
  A path that leads to a field in the request body.
- detail string
  
  Describes the specific conditions or reasons that cause each type of error.
- error integer(int32) Required
  
  HTTP status code returned with this error.
  
  External documentation
- errorCode string Required
  
  Application error code returned with this error.
- parameters array[object]
  
  Parameters used to give more information about the error.
- reason string
  
  Application error message returned with this error.

POST /api/atlas/v2/users

atlas api createUser --help

import (
	"os"
	"context"
	"log"
	sdk "go.mongodb.org/atlas-sdk/v20250312001/admin"
)

func main() {
	ctx := context.Background()
	clientID := os.Getenv("MONGODB_ATLAS_CLIENT_ID")
	clientSecret := os.Getenv("MONGODB_ATLAS_CLIENT_SECRET")

	client, err := sdk.NewClient(
		sdk.UseOAuthAuth(clientID, clientSecret),
		sdk.UseBaseURL(url))

	if err != nil {
		log.Fatalf("Error: %v", err)
	}

	params = &sdk.CreateUserApiParams{}
	sdkResp, httpResp, err := client.MongoDBCloudUsersApi.
		CreateUserWithParams(ctx, params).
		Execute()
}

curl --header "Authorization: Bearer ${ACCESS_TOKEN}" \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/users" \
  -d '{ <Payload> }'

curl --user "${PUBLIC_KEY}:${PRIVATE_KEY}" \
  --digest \
  --header "Accept: application/vnd.atlas.2025-03-12+json" \
  --header "Content-Type: application/json" \
  -X POST "https://cloud.mongodb.com/api/atlas/v2/users" \
  -d '{ <Payload> }'

Request examples

{
  "country": "string",
  "firstName": "string",
  "lastName": "string",
  "mobileNumber": "string",
  "password": "string",
  "roles": [
    {
      "groupId": "32b6e34b3d91647abb20e7b8",
      "orgId": "32b6e34b3d91647abb20e7b8",
      "roleName": "ORG_MEMBER"
    }
  ],
  "username": "hello@example.com"
}

Response examples (200)

{
  "country": "string",
  "createdAt": "2025-05-04T09:42:00Z",
  "emailAddress": "hello@example.com",
  "firstName": "string",
  "id": "32b6e34b3d91647abb20e7b8",
  "lastAuth": "2025-05-04T09:42:00Z",
  "lastName": "string",
  "links": [
    {
      "href": "https://cloud.mongodb.com/api/atlas",
      "rel": "self"
    }
  ],
  "mobileNumber": "string",
  "password": "string",
  "roles": [
    {
      "groupId": "32b6e34b3d91647abb20e7b8",
      "orgId": "32b6e34b3d91647abb20e7b8",
      "roleName": "ORG_MEMBER"
    }
  ],
  "teamIds": [
    "32b6e34b3d91647abb20e7b8"
  ],
  "username": "hello@example.com"
}

Response examples (401)

{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}

Response examples (403)

{
  "error": 403,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Forbidden",
  "errorCode": "CANNOT_CHANGE_GROUP_NAME"
}

Response examples (404)

{
  "error": 404,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "reason": "Not Found",
  "errorCode": "RESOURCE_NOT_FOUND"
}

Response examples (500)

{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}