POST /staged_config/access/users

Create a staged user.

Create a staged user. The staged configuration are not active until a deploy is performed. Must have ADMIN or ADMINMANAGER capability to call this endpoint. Users or authorized services without the ADMINMANAGER capability can only create staged users with a user role that does not contain the ADMIN capability. Users or authorized services with the ADMINMANAGER capability can create staged users with any user role.

Table 1. POST /staged_config/access/users resource details
MIME Type

application/json

Table 2. POST /staged_config/access/users request parameter details
Parameter Type Optionality Data Type MIME Type Description

fields

header

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.
Table 3. POST /staged_config/access/users request body details
Parameter Data Type MIME Type Description Sample

body

Object

application/json
Only the username, user_role_id, security_profile_id, tenant_id, description, email, locale_id, enable_popup_notifications, allow_system_authentication_fallback, inactivity_timeout and password fields can be set when creating a staged user. All other fields are ignored.
  • username - String - The username of the staged user.
  • email - String - The email of the staged user.
  • description - String - The description of the staged user. Cannot contain more than 2048 characters.
  • user_role_id - Long - The ID of the staged user role assigned to this staged user. User roles are accessible through the /api/staged_config/access/user_roles APIs.
  • security_profile_id - Long - The ID of the security profile assigned to this staged user. Security profiles are accessible through the /api/staged_config/access/security_profiles APIs.
  • locale_id - String - The locale of the staged user. If this locale is set, this locale is always used for requests as the created user. If this locale is not set, the locale provided in each HTTP request is used for requests as the created user. If this locale is not set and no locale is in the request, QRadar falls back to the en_US locale for requests as the created user. The list of valid locales are accessible through the /system/information/locales API.
  • enable_popup_notifications - Boolean - Indicates if popup system notifications are enabled for this user.
  • password - String - The system password for the new staged user. Required if QRadar is configured using system authentication, or allow_system_authentication_fallback is true. Do not set otherwise. If set, it must pass the password policy.
  • tenant_id - Long - The ID of the tenant assigned to this staged user. Tenants are accessible through the /config/access/tenant_management/tenants APIs.
  • allow_system_authentication_fallback - Boolean - Allow system authentication fallback for this user when external authentication is configured. Has no effect if system authentication is configured.
  • inactivity_timeout - Long - The inactivity timeout (in milliseconds), truncated to minutes. Set to 0 if a user should not be logged out after being inactive.

{ "allow_system_authentication_fallback": true, "description": "String", "email": "String", "enable_popup_notifications": true, "id": 42, "inactivity_timeout": 42, "locale_id": "String", "old_password": "String", "password": "String", "password_creation_time": 42, "security_profile_id": 42, "tenant_id": 42, "user_role_id": 42, "username": "String" }
Table 4. POST /staged_config/access/users response codes
HTTP Response Code Unique Code Description

201

The staged user was created.

403

38302004

null

409

38302002

username already in use as a username on another user or as an authorized service name.

409

38302025

Cannot set allow_system_authentication_fallback to true when system authentication fallback is globally disabled.

422

38302021

user_role_id field cannot be set to null.

422

38302022

security_profile_id field cannot be null.

422

38302020

username must not be null.

422

38302001

username must be between 1 and 60 characters inclusive in length.

422

38302023

username must not begin or end with spaces, must not contain non-space whitespace characters, or contain any of the following characters: ' " / \

422

38302003

No user role found for the provided user_role_id.

422

38302005

No tenant found for the provided tenant_id.

422

38302006

tenant_id must be null when creating a staged user with a user role that contains the ADMIN capability.

422

38302007

No security profile found for the provided security_profile_id.

422

38302024

security_profile_id must be set to the "Admin" security profile when creating a staged user with the ADMIN capability.

422

38302008

Security profile must contain at least one domain that isn't deleted when staged user is assigned a tenant_id.

422

38302009

Security profile must only contain domains with the same tenant_id as the tenant_id assigned the staged user when staged user is assigned a tenant_id.

422

38302011

description field cannot contain more than 2048 characters.

422

38302012

email field cannot be set to null.

422

38302013

email field cannot contain more than 255 characters.

422

38302014

email field must contain exactly one @ symbol, with at least one character before and after the @ symbol, and no whitespace characters.

422

38302015

locale_id is not a valid locale.

422

38302016

Required to provide password when system authentication is configured.

422

38302017

Required to provide password when allow_system_authentication_fallback is true.

422

38302018

password field cannot be set when allow_system_authentication_fallback is false and system authentication is not configured.

422

38302019

password does not adhere to the password policy.

Response Description

201 response with the new staged user structure. Location header set to the URL of the new staged user.
  • id - Long - The ID of the user. The ID of the staged user and the ID of the same deployed user are the same. This field is read only.
  • username - String - The username of the user. This field is read only.
  • email - String - The email of the user.
  • description - String - The description of the user. This field is only modifiable in the staged configuration.
  • user_role_id - Long - The user_role_id of the user. This field is only modifiable in the staged configuration. Access staged user roles using /api/staged_config/user_roles API, and deployed user roles under /api/confg/user_roles API.
  • security_profile_id - Long - The security_profile_id of the user. This field is only modifiable in the staged configuration. Access staged security profiles using /api/staged_config/security_profiles API, and deployed user roles under /api/config/security_profiles API.
  • locale_id - String - The locale_id of the user. Access locales using /system/information/locales API.
  • enable_popup_notifications - Boolean - Indicates if popup system notifications are enabled for this user.
  • old_password - String - This field will always be null when returned in a response. Required to be set to the current password when a user is changing their own system password.
  • password - String - This field will always be null when returned in a response. Set to the new password when a user is changing their own system password.
  • password_creation_time - Long - The time in milliseconds since epoch when the current password was created. Combined with the password_expiry_interval from the /system/authorization/password_policies API to calculate when the password expires.
  • tenant_id - Long - The tenant_id of the current user. This field is only modifiable in the staged configuration. Access tenants using /config/access/tenant_management/tenants API.
  • allow_system_authentication_fallback - Boolean - Allow system authentication fallback for this user when external authentication is configured. Has no effect if system authentication is configured.
  • inactivity_timeout - Long - The inactivity timeout (in milliseconds), truncated to minutes. Set to 0 if a user should not be logged out after being inactive.

Response Sample


{
    "allow_system_authentication_fallback": true,
    "description": "String",
    "email": "String",
    "enable_popup_notifications": true,
    "id": 42,
    "inactivity_timeout": 42,
    "locale_id": "String",
    "old_password": "String",
    "password": "String",
    "password_creation_time": 42,
    "security_profile_id": 42,
    "tenant_id": 42,
    "user_role_id": 42,
    "username": "String"
}