Create User Import External Password
POST {{apiPath}}/environments/{{envID}}/usersFor user import operations in which the imported user’s password remains on the external directory (and is not imported into PingOne), the import action uses the password.external.gateway configuration to designate that the user’s authoritative password is managed by an external service.
|
For passwords with |
The POST {{apiPath}}/environments/{{envID}}/users operation imports a new user resource to the specified environment. This operation uses the application/vnd.pingidentity.user.import+json custom content type in the request header.
New users must be assigned to a population resource identified by its ID, and the request must set a value for the username attribute. The username attribute must be unique to an environment (spanning populations). Access to populations is determined by roles. It’s possible that username conflicts may arise, if you or your worker application attempt to create a user that exists in a population to which you have no access.
The password property sets the attributes needed to specify an external directory as the password manager. For this use case, the password property configures the following sub-properties:
Prerequisites
-
Refer to Users and User Operations for important overview information.
-
Create a population to get a
popID. Refer to Create Population. Run Read All Populations to find an existing population. -
Create an LDAP gateway to get a
gatewayID. Refer to Create LDAP Gateway. Run Read All Gateways to find an existing gateway. -
Create an LDAP gateway to get a
userTypeID. Refer to Create LDAP Gateway.
Request Model
| Property | Type | Required? |
|---|---|---|
|
Object |
Required |
|
Object |
Required |
|
UUID |
Required |
|
String |
Optional |
|
Reference |
Required |
|
UUID |
Required |
|
Object |
Required |
For more information about gateways LDAP data model and gateway user types, refer to Gateway Management.
Example Request
-
cURL
-
C#
-
Go
-
HTTP
-
Java
-
jQuery
-
NodeJS
-
Python
-
PHP
-
Ruby
-
Swift
curl --location --globoff '{{apiPath}}/environments/{{envID}}/users' \
--header 'Content-Type: application/vnd.pingidentity.user.import+json' \
--header 'Authorization: Bearer {{accessToken}}' \
--data '{
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password" : {
"external" : {
"gateway" : {
"id" : "{{gatewayID}}",
"userType": {
"id" : "{{userTypeID}}"
},
"correlationAttributes" : {
"uid" : "{{username}}"
}
}
}
}
}'var options = new RestClientOptions("{{apiPath}}/environments/{{envID}}/users")
{
MaxTimeout = -1,
};
var client = new RestClient(options);
var request = new RestRequest("", Method.Post);
request.AddHeader("Content-Type", "application/vnd.pingidentity.user.import+json");
request.AddHeader("Authorization", "Bearer {{accessToken}}");
var body = @"{" + "\n" +
@" ""population"": {" + "\n" +
@" ""id"": ""{{popID}}""" + "\n" +
@" }," + "\n" +
@" ""username"": ""myRemoteUser-1""," + "\n" +
@" ""password"" : {" + "\n" +
@" ""external"" : {" + "\n" +
@" ""gateway"" : {" + "\n" +
@" ""id"" : ""{{gatewayID}}""," + "\n" +
@" ""userType"": {" + "\n" +
@" ""id"" : ""{{userTypeID}}""" + "\n" +
@" }," + "\n" +
@" ""correlationAttributes"" : {" + "\n" +
@" ""uid"" : ""{{username}}""" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@" }" + "\n" +
@"}";
request.AddStringBody(body, DataFormat.Json);
RestResponse response = await client.ExecuteAsync(request);
Console.WriteLine(response.Content);package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "{{apiPath}}/environments/{{envID}}/users"
method := "POST"
payload := strings.NewReader(`{
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password" : {
"external" : {
"gateway" : {
"id" : "{{gatewayID}}",
"userType": {
"id" : "{{userTypeID}}"
},
"correlationAttributes" : {
"uid" : "{{username}}"
}
}
}
}
}`)
client := &http.Client {
}
req, err := http.NewRequest(method, url, payload)
if err != nil {
fmt.Println(err)
return
}
req.Header.Add("Content-Type", "application/vnd.pingidentity.user.import+json")
req.Header.Add("Authorization", "Bearer {{accessToken}}")
res, err := client.Do(req)
if err != nil {
fmt.Println(err)
return
}
defer res.Body.Close()
body, err := io.ReadAll(res.Body)
if err != nil {
fmt.Println(err)
return
}
fmt.Println(string(body))
}POST /environments/{{envID}}/users HTTP/1.1
Host: {{apiPath}}
Content-Type: application/vnd.pingidentity.user.import+json
Authorization: Bearer {{accessToken}}
{
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password" : {
"external" : {
"gateway" : {
"id" : "{{gatewayID}}",
"userType": {
"id" : "{{userTypeID}}"
},
"correlationAttributes" : {
"uid" : "{{username}}"
}
}
}
}
}OkHttpClient client = new OkHttpClient().newBuilder()
.build();
MediaType mediaType = MediaType.parse("application/vnd.pingidentity.user.import+json");
RequestBody body = RequestBody.create(mediaType, "{\n \"population\": {\n \"id\": \"{{popID}}\"\n },\n \"username\": \"myRemoteUser-1\",\n \"password\" : {\n \"external\" : {\n \"gateway\" : {\n \"id\" : \"{{gatewayID}}\",\n \"userType\": {\n \"id\" : \"{{userTypeID}}\"\n },\n \"correlationAttributes\" : {\n \"uid\" : \"{{username}}\"\n }\n }\n }\n }\n}");
Request request = new Request.Builder()
.url("{{apiPath}}/environments/{{envID}}/users")
.method("POST", body)
.addHeader("Content-Type", "application/vnd.pingidentity.user.import+json")
.addHeader("Authorization", "Bearer {{accessToken}}")
.build();
Response response = client.newCall(request).execute();var settings = {
"url": "{{apiPath}}/environments/{{envID}}/users",
"method": "POST",
"timeout": 0,
"headers": {
"Content-Type": "application/vnd.pingidentity.user.import+json",
"Authorization": "Bearer {{accessToken}}"
},
"data": JSON.stringify({
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password": {
"external": {
"gateway": {
"id": "{{gatewayID}}",
"userType": {
"id": "{{userTypeID}}"
},
"correlationAttributes": {
"uid": "{{username}}"
}
}
}
}
}),
};
$.ajax(settings).done(function (response) {
console.log(response);
});var request = require('request');
var options = {
'method': 'POST',
'url': '{{apiPath}}/environments/{{envID}}/users',
'headers': {
'Content-Type': 'application/vnd.pingidentity.user.import+json',
'Authorization': 'Bearer {{accessToken}}'
},
body: JSON.stringify({
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password": {
"external": {
"gateway": {
"id": "{{gatewayID}}",
"userType": {
"id": "{{userTypeID}}"
},
"correlationAttributes": {
"uid": "{{username}}"
}
}
}
}
})
};
request(options, function (error, response) {
if (error) throw new Error(error);
console.log(response.body);
});import requests
import json
url = "{{apiPath}}/environments/{{envID}}/users"
payload = json.dumps({
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password": {
"external": {
"gateway": {
"id": "{{gatewayID}}",
"userType": {
"id": "{{userTypeID}}"
},
"correlationAttributes": {
"uid": "{{username}}"
}
}
}
}
})
headers = {
'Content-Type': 'application/vnd.pingidentity.user.import+json',
'Authorization': 'Bearer {{accessToken}}'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)<?php
require_once 'HTTP/Request2.php';
$request = new HTTP_Request2();
$request->setUrl('{{apiPath}}/environments/{{envID}}/users');
$request->setMethod(HTTP_Request2::METHOD_POST);
$request->setConfig(array(
'follow_redirects' => TRUE
));
$request->setHeader(array(
'Content-Type' => 'application/vnd.pingidentity.user.import+json',
'Authorization' => 'Bearer {{accessToken}}'
));
$request->setBody('{\n "population": {\n "id": "{{popID}}"\n },\n "username": "myRemoteUser-1",\n "password" : {\n "external" : {\n "gateway" : {\n "id" : "{{gatewayID}}",\n "userType": {\n "id" : "{{userTypeID}}"\n },\n "correlationAttributes" : {\n "uid" : "{{username}}"\n }\n }\n }\n }\n}');
try {
$response = $request->send();
if ($response->getStatus() == 200) {
echo $response->getBody();
}
else {
echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' .
$response->getReasonPhrase();
}
}
catch(HTTP_Request2_Exception $e) {
echo 'Error: ' . $e->getMessage();
}require "uri"
require "json"
require "net/http"
url = URI("{{apiPath}}/environments/{{envID}}/users")
http = Net::HTTP.new(url.host, url.port);
request = Net::HTTP::Post.new(url)
request["Content-Type"] = "application/vnd.pingidentity.user.import+json"
request["Authorization"] = "Bearer {{accessToken}}"
request.body = JSON.dump({
"population": {
"id": "{{popID}}"
},
"username": "myRemoteUser-1",
"password": {
"external": {
"gateway": {
"id": "{{gatewayID}}",
"userType": {
"id": "{{userTypeID}}"
},
"correlationAttributes": {
"uid": "{{username}}"
}
}
}
}
})
response = http.request(request)
puts response.read_bodylet parameters = "{\n \"population\": {\n \"id\": \"{{popID}}\"\n },\n \"username\": \"myRemoteUser-1\",\n \"password\" : {\n \"external\" : {\n \"gateway\" : {\n \"id\" : \"{{gatewayID}}\",\n \"userType\": {\n \"id\" : \"{{userTypeID}}\"\n },\n \"correlationAttributes\" : {\n \"uid\" : \"{{username}}\"\n }\n }\n }\n }\n}"
let postData = parameters.data(using: .utf8)
var request = URLRequest(url: URL(string: "{{apiPath}}/environments/{{envID}}/users")!,timeoutInterval: Double.infinity)
request.addValue("application/vnd.pingidentity.user.import+json", forHTTPHeaderField: "Content-Type")
request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization")
request.httpMethod = "POST"
request.httpBody = postData
let task = URLSession.shared.dataTask(with: request) { data, response, error in
guard let data = data else {
print(String(describing: error))
return
}
print(String(data: data, encoding: .utf8)!)
}
task.resume()