Adding Users
Last updated on 07 October, 2024You can use LogicMonitor REST API v3 to add users. You must authenticate yourself before making the API request.
URI: POST /setting/admins
Parameter | Type | Description |
lastName | String | The last name of the user. Example – "lastName": "Potter" |
note | String | Add a note about the user. Example – "note": "Harry Potter has super admin role." |
viewPermission | JSON Object | The Account tabs visible to the user. The View Permission area of a user’s configuration determines the visibility of pages to the user. If a page is not selected, the user will not be able access it regardless of the permission levels provided by the assigned roles. Generally, you may want to select all the pages and let the user’s assigned roles determine visibility and access, but there may be some circumstances in which the user needs to be definitively restricted from a particular page. Example – { "Resources" : true, "Websites" : true, "Reports" : true, "Dashboards" : true, "Alerts" : true, "Settings" : true, "Maps" : true, "Logs" : true, "Traces" : true } |
timezone | String | The timezone of the user. Example – "timezone": "America/Los Angeles" |
roles | JSON Object | (Mandatory) The roles assigned to the user. It includes the account privileges of the role. Privileges can be added to a role for each area of the account. The name, description, and group ID of the role, if two-factor authentication is required for this role, if the user is required to acknowledge the EULA, and so on is specified for the role. If a user is assigned multiple roles, the user’s privileges are a sum of the privileges of each of the assigned roles. For example, if one assigned role provides view only permission to all resources, but another assigned role provides manage permission to all resources, the user has both the view and manage permissions for all resources. If yet another assigned role provides view permission for all dashboards, but no permission for resources, the user still has manage permission for all resources and additionally has view permission for all dashboards. |
smsEmailFormat | String | Indicates the sms or fullText format. For SMS, 160 characters and for full text, all characters are allowed. Example – "smsEmailFormat": "sms" |
apionly | Boolean | Indicates if the user is a API only user. Example – "apionly": true API only users can only access LogicMonitor REST API. The only relevant fields to them are the Username, API Tokens, Roles, Status, and Notes. They do not have passwords or other user interface-specific fields, making them more secure as a dedicated user for an API-based integration. |
apiTokens | JSON Object | The API token of the user. The API token consists of
"apiTokens": [ { "note": "Harry Potter's API Token", "status": 2 } ], |
adminGroupIds | Integer | Group ID(s) of groups with admin. Multiple group IDs are separated by a comma. Example – "adminGroupIds": 1,2,3 |
password | String | (Mandatory) The password of the user. Example – "password": "hPo131" |
email | String | (Mandatory) The email address of the user. Example – "email": "[email protected]" |
contactMethod | String | The method to contact the user. The supported contact methods are email and smsemail . Example – "contactMethod": "email" |
smsEmail | String | The sms email address of the user. Example – "smsEmail": [email protected] |
twoFAEnabled | Boolean | Indicates if two factor authentication is enabled for the user. Example – "twoFAEnabled": true |
firstName | String | The first name of the user. Example – "firstName": "Harry" |
phone | String | The phone number of the user. Example – "phone": "9091929394" |
createdBy | String | Details of the user who created the user. It may be another user, SAML, or LogicMonitor. Example – "createdBy": "Chief Admin" |
forcePasswordChange | Boolean | Indicates if the user should be forced to change the password during the next login. Example – "forcePasswordChange": false |
acceptEULA | Boolean | Indicates if the user has to accept the End User License Agreement (EULA). Example – "acceptEULA": false |
username | String | (Mandatory) The username of the user. Example – "username": "Harry" |
status | String | The status of the user. The supported values are active and suspended . Example – "status": "active" |
The following Python script adds a user with administrator privileges to account api.logicmonitor.com
#!/bin/env python
import requests
import json
import hashlib
import base64
import time
import hmac
import getpass
#Account Info: LogicMonitor recommends to NEVER hardcode the credentials. Instead, retrieve the values from a secure storage.
#Note: The below is provided for illustration purposes only.
AccessId = getpass.getpass("Enter your AccessId: ")
AccessKey = getpass.getpass("Enter your AccessKey: ")
UserPassword = getpass.getpass("Enter password for user : ")
Company = 'apiAccount'
#Request Info
httpVerb ='POST'
resourcePath = '/setting/admins'
queryParams =''
data = '{"roles":[{"name":"administrator"}],"email":"[email protected]","username":"sara","password":"%s","smsEmail":"[email protected]"}'
#Construct URL
url = 'https://'+ Company +'.logicmonitor.com/santaba/rest' + resourcePath + queryParams
#Get current time in milliseconds
epoch = str(int(time.time() * 1000))
#Concatenate Request details
requestVars = httpVerb + epoch + data + resourcePath
#Construct signature
digest = hmac.new(
AccessKey.encode('utf-8'),
msg=requestVars.encode('utf-8'),
digestmod=hashlib.sha256).hexdigest()
signature = base64.b64encode(digest.encode('utf-8')).decode('utf-8')
#Construct headers
auth = 'LMv1 ' + AccessId + ':' + str(signature) + ':' + epoch
headers = {'Content-Type':'application/json','Authorization':auth,'X-Version':3}
#Make request
response = requests.post(url, data=data, headers=headers)
#Print status and body of response
print('Response Status:',response.status_code)
print('Response Body:',response.content)