Andrea Test

Update Organization API Key Roles for One Project

PATCH /api/atlas/v2/groups/{groupId}/apiKeys/{apiUserId}
Service accounts Digest auth

Updates the roles of the organization API key that you specify for the project that you specify. You must specify at least one valid role for the project. The application removes any roles that you do not include in this request if they were previously set in the organization API key that you specify for the project.

Path parameters

  • groupId string Required

    Unique 24-hexadecimal digit string that identifies your project. Use the /groups endpoint to retrieve all projects to which the authenticated user has access.

    NOTE: Groups and projects are synonymous terms. Your group id is the same as your project id. For existing groups, your group/project id remains the same. The resource and corresponding endpoints use the term groups.

    Format should match the following pattern: ^([a-f0-9]{24})$.

  • apiUserId string Required

    Unique 24-hexadecimal digit string that identifies this organization API key that you want to unassign from one project.

    Format should match the following pattern: ^([a-f0-9]{24})$.

Query parameters

  • pageNum integer

    Number of the page that displays the current set of the total objects that the response returns.

    Minimum value is 1. Default value is 1.

  • itemsPerPage integer

    Number of items that the response returns per page.

    Minimum value is 1, maximum value is 500. Default value is 100.

  • includeCount boolean

    Flag that indicates whether the response returns the total number of items (totalCount) in the response.

    Default value is true.

  • pretty boolean

    Flag that indicates whether the response body should be in the prettyprint format.

    Default value is false.

    Prettyprint
  • envelope boolean

    Flag that indicates whether Application wraps the response in an envelope JSON object. Some API clients cannot access the HTTP response headers or status code. To remediate this, set envelope=true in the query. Endpoints that return a list of results use the results object as an envelope. Application adds the status parameter to the response body.

    Default value is false.

application/vnd.atlas.2023-01-01+json

Body Required

Organization API Key to be updated. This request requires a minimum of one of the two body parameters.

  • desc string

    Purpose or explanation provided when someone creates this project API key.

    Minimum length is 1, maximum length is 250.

  • roles array[string]

    List of roles to grant this API key. If you provide this list, provide a minimum of one role and ensure each role applies to this project.

    Values are GROUP_BACKUP_MANAGER, GROUP_CLUSTER_MANAGER, GROUP_DATA_ACCESS_ADMIN, GROUP_DATA_ACCESS_READ_ONLY, GROUP_DATA_ACCESS_READ_WRITE, GROUP_DATABASE_ACCESS_ADMIN, GROUP_OBSERVABILITY_VIEWER, GROUP_OWNER, GROUP_READ_ONLY, GROUP_SEARCH_INDEX_EDITOR, or GROUP_STREAM_PROCESSING_OWNER.

Responses

  • 200 application/vnd.atlas.2023-01-01+json

    OK

    Hide response attributes Show response attributes object
    • desc string

      Purpose or explanation provided when someone created this organization API key.

      Minimum length is 1, maximum length is 250.

    • id string

      Unique 24-hexadecimal digit string that identifies this organization API key assigned to this project.

      Format should match the following pattern: ^([a-f0-9]{24})$.

    • links array[object]

      List of one or more Uniform Resource Locators (URLs) that point to API sub-resources, related API resources, or both. RFC 5988 outlines these relationships.

      Web Linking Specification (RFC 5988)
      Hide links attributes Show links attributes object
      • href string

        Uniform Resource Locator (URL) that points another API resource to which this response has some relationship. This URL often begins with https://cloud.mongodb.com/api/atlas.

      • rel string

        Uniform Resource Locator (URL) that defines the semantic relationship between this resource and another API resource. This URL often begins with https://cloud.mongodb.com/api/atlas.

    • privateKey string

      Redacted private key returned for this organization API key. This key displays unredacted when first created.

    • publicKey string

      Public API key value set for the specified organization API key.

      Minimum length is 8, maximum length is 8.

    • roles array[object]

      List that contains the roles that the API key needs to have. All roles you provide must be valid for the specified project or organization. Each request must include a minimum of one valid role. The resource returns all project and organization roles assigned to the API key.

      MongoDB Cloud user's roles and the corresponding organization or project to which that role applies. Each role can apply to one organization or one project but not both.

      Hide roles attributes Show roles attributes object
      • groupId string

        Unique 24-hexadecimal digit string that identifies the project to which this role belongs. You can set a value for this parameter or orgId but not both in the same request.

        Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.

      • orgId string

        Unique 24-hexadecimal digit string that identifies the organization to which this role belongs. You can set a value for this parameter or groupId but not both in the same request.

        Minimum length is 24, maximum length is 24. Format should match the following pattern: ^([a-f0-9]{24})$.

      • roleName string

        Human-readable label that identifies the collection of privileges that MongoDB Cloud grants a specific API key, MongoDB Cloud user, or MongoDB Cloud team. These roles include organization- and project-level roles.

        Values are ORG_MEMBER, ORG_READ_ONLY, ORG_BILLING_ADMIN, ORG_BILLING_READ_ONLY, ORG_GROUP_CREATOR, ORG_OWNER, GROUP_OWNER, GROUP_READ_ONLY, GROUP_DATA_ACCESS_ADMIN, GROUP_DATA_ACCESS_READ_ONLY, GROUP_DATA_ACCESS_READ_WRITE, GROUP_CLUSTER_MANAGER, GROUP_SEARCH_INDEX_EDITOR, GROUP_STREAM_PROCESSING_OWNER, GROUP_BACKUP_MANAGER, GROUP_OBSERVABILITY_VIEWER, or GROUP_DATABASE_ACCESS_ADMIN.
  • 400 application/json

    Bad Request.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 401 application/json

    Unauthorized.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 403 application/json

    Forbidden.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 404 application/json

    Not Found.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
  • 500 application/json

    Internal Server Error.

    Hide response attributes Show response attributes object
    • badRequestDetail object

      Bad request detail.

      Hide badRequestDetail attribute Show badRequestDetail attribute object
      • fields array[object]

        Describes all violations in a client request.

        Hide fields attributes Show fields attributes object
        • description string Required

          A description of why the request element is bad.

        • field string Required

          A path that leads to a field in the request body.

    • detail string

      Describes the specific conditions or reasons that cause each type of error.

    • error integer(int32) Required

      HTTP status code returned with this error.

      External documentation
    • errorCode string Required

      Application error code returned with this error.

    • parameters array[object]

      Parameters used to give more information about the error.

    • reason string

      Application error message returned with this error.
PATCH /api/atlas/v2/groups/{groupId}/apiKeys/{apiUserId} 
curl \
 --request PATCH 'https://cloud.mongodb.com/api/atlas/v2/groups/32b6e34b3d91647abb20e7b8/apiKeys/{apiUserId}' \
 --header "Authorization: Bearer $ACCESS_TOKEN" \
 --header "Content-Type: application/vnd.atlas.2023-01-01+json"
Request examples 
{
  "desc": "string",
  "roles": [
    "GROUP_BACKUP_MANAGER"
  ]
}
Response examples (200) 
{
  "desc": "string",
  "id": "32b6e34b3d91647abb20e7b8",
  "links": [
    {
      "href": "https://cloud.mongodb.com/api/atlas",
      "rel": "self"
    }
  ],
  "privateKey": "55c3bbb6-b4bb-0be1-e66d20841f3e",
  "publicKey": "zmmrboas",
  "roles": [
    {
      "groupId": "32b6e34b3d91647abb20e7b8",
      "orgId": "32b6e34b3d91647abb20e7b8",
      "roleName": "ORG_MEMBER"
    }
  ]
}
Response examples (400) 
{
  "error": 400,
  "detail": "(This is just an example, the exception may not be related to this endpoint) No provider AWS exists.",
  "reason": "Bad Request",
  "errorCode": "VALIDATION_ERROR"
}
Response examples (401) 
{
  "error": 401,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Unauthorized",
  "errorCode": "NOT_ORG_GROUP_CREATOR"
}
Response examples (403) 
{
  "error": 403,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Forbidden",
  "errorCode": "CANNOT_CHANGE_GROUP_NAME"
}
Response examples (404) 
{
  "error": 404,
  "detail": "(This is just an example, the exception may not be related to this endpoint) Cannot find resource AWS",
  "reason": "Not Found",
  "errorCode": "RESOURCE_NOT_FOUND"
}
Response examples (500) 
{
  "error": 500,
  "detail": "(This is just an example, the exception may not be related to this endpoint)",
  "reason": "Internal Server Error",
  "errorCode": "UNEXPECTED_ERROR"
}