System Administration > Configuration > Fabric > Nodes > User Management > Users

Associated URIs:

API Description	API Path
List node users Returns the list of users configured to log in to the NSX appliance.	GET /api/v1/transport-nodes/{transport-node-id}/node/users GET /api/v1/transport-nodes/{transport-node-id}/node/users?internal=true GET /api/v1/cluster/{cluster-node-id}/node/users GET /api/v1/cluster/{cluster-node-id}/node/users?internal=true GET /api/v1/node/users GET /api/v1/node/users?internal=true
Create node users Create new user account to log in to the NSX web-based user interface or access API. `username` is required field in case of creating new user, further following usernames - `root, admin, audit` are reserved and can not be used to create new user account unless for local audit user. In case of local audit account when username not specified in request by default account will be created with `audit` username, although administrators are allowed to use any other non-duplicate usernames during creation.	POST /api/v1/cluster/{cluster-node-id}/node/users?action=create_user POST /api/v1/cluster/{cluster-node-id}/node/users?action=create_audit_user POST /api/v1/node/users?action=create_user POST /api/v1/node/users?action=create_audit_user
Reset a user's own password. Requires current password Enables a user to reset their own password.	POST /api/v1/cluster/{cluster-node-id}/node/users?action=reset_own_password POST /api/v1/node/users?action=reset_own_password
Delete node user Delete specified user who is configured to log in to the NSX appliance. Whereas local users root and administrator are not allowed to be deleted, but local user audit is deletable on-demand. Caution, users deleted from following node types cannot be recovered, kindly plan the removal of user accounts accordingly. Autonomous Edge Cloud Service Manager Edge Public Cloud Gateway	DELETE /api/v1/transport-nodes/{transport-node-id}/node/users/{userid} DELETE /api/v1/cluster/{cluster-node-id}/node/users/{userid} DELETE /api/v1/node/users/{userid}
Read node user Returns information about a specified user who is configured to log in to the NSX appliance. The valid user IDs are: 0, 10000, 10002 or other users managed by administrators.	GET /api/v1/transport-nodes/{transport-node-id}/node/users/{userid} GET /api/v1/cluster/{cluster-node-id}/node/users/{userid} GET /api/v1/node/users/{userid}
Activate a user account with a password Activates the account for this user. When an account is successfully activated, the "status" field in the response is "ACTIVE". This API is not supported for userid 0 and userid 10000.	POST /api/v1/cluster/{cluster-node-id}/node/users/{userid}?action=activate POST /api/v1/node/users/{userid}?action=activate
Reset a user's password without requiring their current password Unlike the PUT version of this call (PUT /node/users/<userid>), this API does not require that the current password for the user be provided. The account of the target user must be "ACTIVE" for the call to succeed. This API is not supported for userid 0 and userid 10000.	POST /api/v1/cluster/{cluster-node-id}/node/users/{userid}?action=reset_password POST /api/v1/node/users/{userid}?action=reset_password
Deactivate a user account Deactivates the account for this user. Deactivating an account is permanent, unlike an account that is temporarily locked because of too many password failures. A deactivated account has to be explicitly activated. When an account is successfully deactivated, the "status" field in the response is "NOT_ACTIVATED". This API is not supported for userid 0 and userid 10000.	POST /api/v1/cluster/{cluster-node-id}/node/users/{userid}?action=deactivate POST /api/v1/node/users/{userid}?action=deactivate
Update node user Updates attributes of an existing NSX appliance user. This method cannot be used to add a new user. Modifiable attributes include the username, full name of the user, and password. If you specify a password in a PUT request, it is not returned in the response. Nor is it returned in a GET request. The specified password does not meet the following (default) complexity requirements: - minimum 12 characters in length - minimum 128 characters in length - minimum 1 uppercase character - minimum 1 lowercase character - minimum 1 numeric character - minimum 1 special character - minimum 5 unique characters - default password complexity rules as enforced by the Linux PAM module the configured password complexity may vary as per defined Authentication and Password policies, which shall be available at: [GET]: /api/v1/node/aaa/auth-policy The valid user IDs are: 0, 10000, 10002 or other users managed by administrators. Note that invoking this API does not update any user-related properties of existing objects in the system and does not modify the username field in existing audit log entries.	PUT /api/v1/transport-nodes/{transport-node-id}/node/users/{userid} PUT /api/v1/cluster/{cluster-node-id}/node/users/{userid} PUT /api/v1/node/users/{userid}
List SSH keys from authorized_keys file for node user Returns a list of all SSH keys from authorized_keys file for node user	GET /api/v1/transport-nodes/{transport-node-id}/node/users/{userid}/ssh-keys GET /api/v1/cluster/{cluster-node-id}/node/users/{userid}/ssh-keys GET /api/v1/node/users/{userid}/ssh-keys
Remove SSH public key from authorized_keys file for node user	POST /api/v1/transport-nodes/{transport-node-id}/node/users/{userid}/ssh-keys?action=remove_ssh_key POST /api/v1/cluster/{cluster-node-id}/node/users/{userid}/ssh-keys?action=remove_ssh_key POST /api/v1/node/users/{userid}/ssh-keys?action=remove_ssh_key
Add SSH public key to authorized_keys file for node user	POST /api/v1/transport-nodes/{transport-node-id}/node/users/{userid}/ssh-keys?action=add_ssh_key POST /api/v1/cluster/{cluster-node-id}/node/users/{userid}/ssh-keys?action=add_ssh_key POST /api/v1/node/users/{userid}/ssh-keys?action=add_ssh_key