The Users API can be used to provision and manage Hybrid Data Pipeline user accounts. Administrators can also use the Users API to set permissions on user accounts, assign roles to user accounts, and configure authentication for user accounts.

When working with Hybrid Data Pipeline user accounts, it is important to note that two types of authentication services are supported. First, an end user may use the default internal authentication service. In this case, the end user authenticates directly with Hybrid Data Pipeline by passing the username and password associated with a user account. Alternatively, a Hybrid Data Pipeline user account can be associated with an external authentication service. In this case, multiple end users can be associated with a single Hybrid Data Pipeline user account through the external authentication service. These end users inherit the permissions attached to the Hybrid Data Pipeline user account. (See Authentication and Authentication API for details.)

Any user with the Administrator (12) permission is in effect a system administrator and has permission to perform any operation available in Hybrid Data Pipeline. They are in effect a super user. It is strongly recommended that these accounts be secured. Other administrator accounts should be created with only the permissions they need. System administrators can create, view, modify, and delete user accounts in all tenants across the system. In contrast, administrator users who do not have the Administrator permission must be granted permissions for specific operations and administrative access to the tenant which they are administering.

Note: Users in the default system tenant can be promoted to administer multiple tenants across the system. However, users in non-system tenants can only be promoted to administer users within their own tenant. They cannot administer users in other tenants.

The following table summarizes Users API operations.

Operation Request URL
Retrieve a list of user accounts GET https://<myserver>:<port>/api/admin/users
Create a user account POST https://<myserver>:<port>/api/admin/users
Reset user account passwords PUT https://<myserver>:<port>/api/admin/users/expirepassword
Retrieve information on a user account GET https://<myserver>:<port>/api/admin/users/{id}
Update information on a user account PUT https://<myserver>:<port>/api/admin/users/{id}
Delete a user account DELETE https://<myserver>:<port>/api/admin/users/{id}
Retrieve status information on a user account GET https://<myserver>:<port>/api/admin/users/{id}/statusinfo
Update status information on a user account PUT https://<myserver>:<port>/api/admin/users/{id}/statusinfo
Retrieve password information on a user account GET https://<myserver>:<port>/api/admin/users/{id}/passwordinfo
Update password information on a user account PUT https://<myserver>:<port>/api/admin/users/{id}/passwordinfo
Reset the password of a user account PUT https://<myserver>:<port>/api/admin/users/{id}/resetpassword
Retrieve permissions on a user account GET https://<myserver>:<port>/api/admin/users/{id}/permissions
Update permissions on a user account PUT https://<myserver>:<port>/api/admin/users/{id}/permissions
Get authentication information on a user account GET https://<myserver>:<port>/api/admin/users/{id}/authinfo
Update authentication information on a user account PUT https://<myserver>:<port>/api/admin/users/{id}/authinfo
Retrieve information on an authentication user GET https://<myserver>:<port>/api/admin/users/authUserName/{auth_user_name}
Retrieve a list of data sources for a user account GET https://<myserver>:<port>/api/admin/users/{userid}/datasources
Retrieve the list of tenants the user account administers GET https://<myserver>:<port>/api/admin/users/{id}/tenantsadministered
Update the list of tenants the user account administers PUT https://<myserver>:<port>/api/admin/users/{id}/tenantsadministered