PKI Add User REST API - dogtagpki/pki GitHub Wiki
-
Path:
/<subsystem>/rest/admin/users -
Method:
POST -
Authentication: Client certificate
-
Parameters: None
-
Content: None
-
Success code:
200
CA Example
$ curl \
-k \
-X POST \
-H "Content-Type:application/json" \
-H "Accept: application/json" \
-d '{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","phone":"1234567890","state":"1","password":"barbarbar"}' \
--user caadmin:Secret.123 \
-s https://localhost.localdomain:8443/ca/rest/admin/users | python -m json.tool
{
"UserID": "testuser",
"FullName": "Test User",
"Email": "[email protected]",
"phone": "1234567890",
"state": "1",
"link": {
"href": "https://localhost.localdomain:8443/ca/rest/admin/users/testuser",
"rel": "self"
}
}
Run a second time and the server rejects the duplicate request:
$ curl \
-k \
-X POST \
-H "Content-Type:application/json" \
-H "Accept: application/json" \
-d '{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","phone":"1234567890","state":"1","password":"barbarbar"}' \
--user caadmin:Secret.123 \
-s https://localhost.localdomain:8443/ca/rest/admin/users | python -m json.tool
{
"Attributes": {
"Attribute": []
},
"ClassName": "com.netscape.certsrv.base.ConflictingOperationException",
"Code": 409,
"Message": "Entry already exists."
}
KRA Example
$ curl \
-k \
-X POST \
-H "Content-Type:application/json" \
-H "Accept: application/json" \
-d '{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","password":"12345","phone":"1234567890","state":"1","password":"barbarbar"}' \
--user kraadmin:Secret.123 \
-s https://localhost.localdomain:8443/kra/rest/admin/users
{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/kra/rest/admin/users/testuser","rel":"self"}}
OCSP Example
$ curl \
-k \
-X POST \
-H "Content-Type:application/json" \
-H "Accept: application/json" \
-d '{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","password":"12345","phone":"1234567890","state":"1","password":"barbarbar"}' \
--user ocspadmin:Secret.123 \
-s https://localhost.localdomain:8443/ocsp/rest/admin/users
{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/ocsp/rest/admin/users/testuser","rel":"self"}}
TKS Example
$ curl \
-k \
-X POST \
-H "Content-Type:application/json" \
-H "Accept: application/json" \
-d '{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","password":"12345","phone":"1234567890","state":"1","password":"barbarbar"}' \
--user tksadmin:Secret.123 \
-s https://localhost.localdomain:8443/tks/rest/admin/users
{"UserID":"testuser","FullName":"Test User","Email":"[email protected]","phone":"1234567890","state":"1","link":{"href":"https://localhost.localdomain:8443/tks/rest/admin/users/testuser","rel":"self"}}
The TPS subsystem has a different add user process documented here.