Active Directory users are created in Smart Engineering Manager Web API. For the purpose of site management, a user must belong to a group that has Site Administrator privileges.
-
When you create a user that is required to perform site management activities in the Desktop (legacy) software, you must assign appropriate privileges by running a request to update the site roles. For details, see Refresh users.
-
To facilitate rapid onboarding, a user named Default User is created under a system group named 'Everyone' on running the Smart Engineering Manager Web API post-installation configuration script.
Get groups
Use the GET method to retrieve groups with the following input:
-
Service Root URI: https://<Server Name>/<IIS Application Name>/sem/v4
-
Resource path: /Groups
The result includes the Groups' Ids, which are required when creating a new user.
Create a user
Use the POST method to create a user with the following input:
-
Service Root URI: https://<Server Name>/<IIS Application Name>/sem/v4
-
Resource path: /Users
-
The 'Subject' parameter corresponds to the authentication tool's login Username and must be defined uniquely for each user because an encoded value of this parameter is used in API requests to specify a single user (for details, see Run requests for a specific user).
-
The 'Subject' parameter for users defined in the Server API must have the same value as the 'Subject' parameter for users defined in the Client Backend to ensure that the access rights for all Smart Engineering Manager activities are applied correctly for each user.
-
For Okta authentication, the 'Subject' parameter must match the value defined in Okta. It is usually assigned the same value as the user's e-mail, although the two values need not be identical.
Sample URI for creating a user
POST
https://WebApiServer1.APIServerDomain.com/webapi5.0.1/sem/v4/Users
Sample JSON request
{
"Name": "AD User A",
"Email": "semadmin@MyDomain.com",
"Subject": "semadmin",
"Groups": [
"1be7f17e-6b60-4e14-94af-e38241efbfe0",
"33c627a4-292b-456b-a0b9-db7e2d517c9d",
"c98699da-67fb-4c2c-8d48-1cd0162cacaf"]
}
If you do not assign any groups when creating a user, the user is assigned by default to a system group named 'Everyone'.
Create a user for a single group
Use the POST method to create a user with the following input:
-
Service Root URI: https://<Server Name>/<IIS Application Name>/sem/v4
-
Resource path: /Groups('GroupId')/Users
Sample URI for creating a user
POST
https://WebApiServer1.APIServerDomain.com/webapi5.0.1/sem/v4/Groups('1be7f17e-6b60-4e14-94af-e38241efbfe0')Users
Sample JSON request
{
"Name": "AD User B",
"Email": "semadmin@MyDomain.com",
"Subject": "semadmin"
}