Providing direct access

The following operations show how you can provision a direct-access user with Hybrid Data Pipeline APIs.

Creating a user account

The following operation creates a user account in tenant 26 with role 86. The administrator must have the Administrator (12) permission, or the CreateUsers (13) permission and administrative access on the tenant.

Note: An administrator cannot create users that have tenant or elevated permissions unless the administrator also has those permissions.

{
"userName": "testuser",
"tenantId": 26,
"statusInfo": {
"status": 1,
"accountLocked": false
},
"passwordInfo": {
"password": "TempPassword",
"passwordStatus": 1,
"passwordExpiration": "2020-01-01 00:00:00"
},
"permissions": {
"roles": [
86
]
}
}

{
"id": 31,
"userName": "testuser",
"tenantId": 26,
"statusInfo": {
"status": 1,
"accountLocked": false
},
"passwordInfo": {
"password": "TempPassword",
"passwordStatus": 1,
"passwordExpiration": "2020-01-01 00:00:00"
},
"permissions": {
"roles": [
86
]
},
"authenticationInfo": {
"authUsers": [
{
"authUserName": "testuser",
"authServiceId": 1
}
]
}
}

Creating new role

The following operation creates a new role in tenant 26. The administrator must have the Administrator (12) permission; or the administrator must have the CreateRole (17) permission, any permissions specified in the new role, and administrative access on the tenant.

{
"name": "odata_ds_role",
"tenantId": 26,
"description": "This role allows users to create and work with OData data sources.",
"permissions": [
1,
2,
3,
4,
7,
8,
9,
10,
11
],
"users": []
}

{
"id": 94,
"name": "odata_ds_role",
"tenantId": 26,
"description": "This role allows users to create and work with OData data sources.",
"permissions": [
1,
2,
3,
4,
7,
8,
9,
10,
11
],
"users": []
}

Assigning new role

The following operation assigns the odata_ds_role to the testuser user account. The user account ID 31 is specified in the URL. The administrator must have the Administrator (12) permission; or the administrator must have the ModifyUsers (15) permission, any permissions specified in the new role, and administrative access on the tenant.

{
"userName": "testuser",
"tenantId": 26,
"statusInfo": {
"status": 1,
"accountLocked": false
},
"passwordInfo": {
"passwordStatus": 1,
"passwordExpiration": "2025-01-01 00:00:00"
},
"permissions": {
"roles": [
94
]
},
"authenticationInfo": {
"authUsers": [
{
"authUserName": "testuser",
"authServiceId": 1
}
]
}
}

Setting permissions on a user account

The following operation shows how permissions can be set explicitly on a user account. In this example, the administrator retains the odata_ds_role for the user, but adds the UseDataSourceWithJDBC (5) permission. The administrator must have the Administrator (12) permission; or the administrator must have the ModifyUsers (15) permission, any permissions specified in the new role, and administrative access on the tenant.

Resetting user account password

The following operation shows how to reset a user account password. Making this request changes the password and sets the passwordStatus to 2 (reset). The end user must change the password when he or she next logs in. Users can change their passwords either through the Web UI or through the User Details API. The administrator must have the Administrator (12) permission, or the ModifyUsers (15) permission and administrative access on the tenant.

Changing user account status

The following operation shows how to change user account status from active (1) to inactive (0). An inactive user cannot log in to the Web UI, use APIs, or establish JDBC, ODBC, or OData connections. The administrator must have the Administrator (12) permission, or the ModifyUsers (15) permission and administrative access on the tenant.

Deleting user account

The following operation shows how to delete a user account. The user account ID 31 is specified in the URL. The administrator must have the Administrator (12) permission, or the DeleteUsers (16) permission and administrative access on the tenant.