1. Operations
  2. appliance
  3. local accounts

appliance local accounts: create

Create a new local user account. This operation was added in vSphere API 6.7

Request:

HTTP request

POST https://{server}/rest/appliance/local-accounts/{username}

Path Parameters

Name Type Description
Required
username string User login name.

Request Body Structure:

{
    "config"{
        "days_after_password_expiration"1,
        "email""string",
        "enabled"true,
        "full_name""string",
        "inactive_after_password_expiration"true,
        "max_days_between_password_change"1,
        "min_days_between_password_change"1,
        "old_password""secret string",
        "password""secret string",
        "password_expires"true,
        "password_expires_at""2015-01-01T22:13:05.651Z",
        "roles"[
            "obj-103",
            "obj-103"
        ],
        "warn_days_before_password_expiration"1
    }
}

Request Body Parameters:

Name Type Description
bold = required
config config User configuration.
config.password secret Password. This attribute was added in vSphere API 6.7
config.old_password secret Old password of the user (required in case of the password change, not required if superAdmin user changes the password of the other user). This attribute was added in vSphere API 6.7

Optional. If unset, user may not have password set.
config.full_name string Full name of the user. This attribute was added in vSphere API 6.7

Optional. If unset, user will have no fullname.
config.email string Email address of the local account. This attribute was added in vSphere API 6.7

Optional. If unset, user will have no email.
config.roles string[] User roles. This attribute was added in vSphere API 6.7

When clients pass a value of this structure as a parameter, the field must contain identifiers for the resource type: com.vmware.appliance.roles. When operations return a value of this structure as a result, the field will contain identifiers for the resource type: com.vmware.appliance.roles.
config.enabled boolean Flag indicating if the account is enabled. This attribute was added in vSphere API 6.7

Optional. If unset, defaults to True.

config.password_expires boolean Flag indicating if the account password expires. This attribute was added in vSphere API 6.7

Optional. If unset, defaults to True.
config.password_expires_at date_time Date when the account's password will expire. This attribute was added in vSphere API 6.7

Optional. If unset, will be taken from system defaults (see local-accounts/policy).
config.inactive_after_password_expiration boolean Flag indicating if the account will be locked after password expiration. This attribute was added in vSphere API 6.7

Optional. If unset, defaults to True.
config.days_after_password_expiration long Number of days after password expiration before the account will be locked. This attribute was added in vSphere API 6.7

Optional. If unset, will be taken from system defaults (see local-accounts/policy).
config.min_days_between_password_change long Minimum number of days between password change. This attribute was added in vSphere API 6.7

Optional. If unset, will be taken from system defaults (see local-accounts/policy).
config.max_days_between_password_change long Maximum number of days between password change. This attribute was added in vSphere API 6.7

Optional. If unset, will be taken from system defaults (see local-accounts/policy).
config.warn_days_before_password_expiration long Number of days of warning before password expires. This attribute was added in vSphere API 6.7

Optional. If unset, will be taken from system defaults (see local-accounts/policy).

Response:

HTTP Status Code: 200

None

Errors:

HTTP Status Code Type Description
400 already_exists If an account already exists
400 invalid_argument If a username is invalid (username is validated against [a-zA-Z0-9][a-zA-Z0-9\-\.@]*[a-zA-Z0-9] pattern)
500 error Generic error