百度智能云

All Product Document

          Identity and Access Management

          User Management Interface

          Create User

          Interface description

          Create user

          Request structure

          POST /v1/user HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          name String RequestBody parameter User name Yes
          description String RequestBody parameter User description No

          Response header

          There are no other special headers except the public headers.

          Response parameter

          UserModel object

          Request example

            POST /v1/user HTTP/1.1
            Host: iam.bj.baidubce.com
            content-type: application/json
            Content-Length: 20
            Authorization: AuthorizationString
            
            {"name":"test-user"}

          Response example

          	HTTP/1.1 201 Created     
            Content-Type: application/json;charset=UTF-8     
            X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
            Server: BWS           
           {
               "id": "f4225c39ba2247b692eec7b461835aa1",
               "createTime": "2019-06-06T03:42:13Z",
               "name": "test-user"
           }

          Query User

          Interface description

          Query user

          Request structure

            GET /v1/user/{userName} HTTP/1.1
            Host: iam.bj.baidubce.com
            Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          UserModel object

          Request example

          GET /v1/user/test-user HTTP/1.1
          Host: iam.bj.baidubce.com
          content-type: application/json
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK     
           Content-Type: application/json;charset=UTF-8     
           X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
           Server: BWS     
                
           {
               "id": "f4225c39ba2247b692eec7b461835aa1",
               "createTime": "2019-06-06T03:42:13Z",
               "name": "test-user"
           }

          Update User

          Interface description

          Update user

          Request structure

           PUT /v1/user/{userName} HTTP/1.1
           Host: iam.bj.baidubce.com
           Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes
          name String RequestBody parameter Username updated No
          description String RequestBody parameter User description No

          Response header

          There are no other special headers except the public headers.

          Response parameter

          UserModel object.

          Request example

           PUT /v1/user/test-user HTTP/1.1
           Host: iam.bj.baidubce.com
           content-type: application/json
           Content-Length: 34
           Authorization: AuthorizationString
           
           {"description":"update user demo"}

          Response example

          HTTP/1.1 200 OK     
           Content-Type: application/json;charset=UTF-8     
           X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
           Server: BWS     
                
           {
               "id": "f4225c39ba2247b692eec7b461835aa1",
               "createTime": "2019-06-06T03:42:13Z",
               "name": "test-user"
           }

          Delete User

          Interface description

          Delete user

          Note: Before the IAM user is deleted, all the other objects associated with the IAM user need deleting, including: permission policy, user group, AccessKey.

          Request structure

          DELETE /v1/user/{userName} HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          None

          Request example

          DELETE /v1/user/test-user HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 204 No Content
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7
          Server: BWS

          Enumerate User

          Interface description

          Enumerate user

          Request structure

          GET /v1/user HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          None Response header

          There are no other special headers except the public headers.

          Response parameter

          Name Type Description
          users List<UserModel> List of user object

          Request example

          GET /v1/user HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK
          Content-Type: application/json;charset=UTF-8
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7
          Server: BWS
          
          {
              "users": [ 
                  {
                      "id": "f4225c39ba2247b692eec7b461835aa1",
                      "createTime": "2019-06-06T03:42:13Z",
                      "name": "test-user"
                  }
              ] 
          }

          Configure the Console Login of the User

          Interface description

          Configure the console login of the user, configure the login password, enable the login MFA, and configure the third-party account binding, etc.

          Request structure

          PUT /v1/user/{userName}/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes
          loginProfile LoginProfile RequestBody parameter Relevant configuration of console login Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          LoginProfile object.

          Request example

          PUT /v1/user/test-user/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          content-type: application/json
          Content-Length: 76
          Authorization: AuthorizationString
          
          {"password":"Pa$$word4Demo", "enabledLoginMfa":true, "loginMfaType":"PHONE",
          "thirdPartyType":"PASSPORT", "thirdPartyAccount":"test-passportAccount"}

          Response example

          HTTP/1.1 200 OK     
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     
          
          {
              "enabledLoginMfa": true,
              "loginMfaType": "PHONE",
              "thirdPartyType":"PASSPORT",
              "thirdPartyAccount":"test-passportAccount"
          }

          Query the Configuration of Console Login

          Interface description

          Query the console login configuration of the user.

          Request structure

          GET /v1/user/{userName}/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          LoginProfile object.

          Request example

          GET /v1/user/test-user/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK     
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     
          
          {
              "enabledLoginMfa": true,
              "loginMfaType": "PHONE",
              "thirdPartyType":"PASSPORT",
              "thirdPartyAccount":"test-passportAccount"
          }

          Disable the Console Login Configuration

          Interface description

          To disable the console login configuration is to disable the console login of the user.

          Request structure

          DELETE /v1/user/{userName}/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          None

          Request example

          DELETE /v1/user/test-user/loginProfile HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     

          Create the User's AccessKey

          Interface description

          Create a group of AccessKey for the user.

          Request structure

          POST /v1/user/{userName}/accesskey HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          AccessKey object

          Request example

          POST /v1/user/test-user/accesskey HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 201 Created
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     
          
          {
              "secret": "0f005450fd4e4b329050edc5955da477",
              "id": "e767c68b72194dba9ed71883c7b284b3",
              "createTime": "2019-06-06T07:33:51Z"
          }

          Disable the User's AccessKey

          Interface description

          Set the group of Accesskey specified by the user to the disabled state.

          Request structure

          PUT /user/{userName}/accesskey/{accessKeyId}?disable HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes
          accessKeyId String URL parameter Access key ID Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          AccessKey object

          Request example

          PUT /v1/user/test-user/accesskey/e767c68b72194dba9ed71883c7b284b3?disable HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS
          {
              "enabled": false,
              "id": "e767c68b72194dba9ed71883c7b284b3",
              "createTime": "2019-06-06T07:33:51Z"
          }

          Enable the User's AccessKey

          Interface description

          Resume the group of Accesskey access key specified by the user to the enabled state.

          Request structure

          PUT /user/{userName}/accesskey/{accessKeyId}?enable HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes
          accessKeyId String URL parameter Access key ID Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          AccessKey object

          Request example

          PUT /v1/user/test-user/accesskey/e767c68b72194dba9ed71883c7b284b3?enable HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS
          {
              "enabled": true,
              "id": "e767c68b72194dba9ed71883c7b284b3",
              "createTime": "2019-06-06T07:33:51Z"
          }

          Delete the user's AccessKey

          Interface description

          Delete a group of AccessKey specified by the user

          Request structure

          DELETE /user/{userName}/accesskey/{accessKeyId} HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes
          accessKeyId String URL parameter Access key ID Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          None

          Request example

          DELETE /v1/user/test-user/accesskey/e767c68b72194dba9ed71883c7b284b3 HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 204 No Content
          Content-Type: application/json;charset=UTF-8     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     

          Enumerate the User's AccessKey

          Interface description

          Enumerate all the AccessKeys of the user.

          Request structure

          GET /v1/user/{userName}/accesskey HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: authorization string

          Request header

          There are no other special headers except the public headers.

          Request parameter

          Name Type Location Description Required or not
          userName String URL parameter User name Yes

          Response header

          There are no other special headers except the public headers.

          Response parameter

          Name Type Description
          accessKeys List<AccessKey> List of user's access key

          Request example

          GET /v1/user/test-user/accesskey HTTP/1.1
          Host: iam.bj.baidubce.com
          Authorization: AuthorizationString

          Response example

          HTTP/1.1 200 OK     
          X-Bce-Request-Id: 8d51a788-e79d-4ced-a9e0-0662ec85b7f7     
          Server: BWS     
          
          {
              "accessKeys": [
                  {
                      "secret": "9894ce9b212447a495b63abdc2697fe3",
                      "id": "e0eedb7fc40c45a597c4c80516a918bd",
                      "createTime": "2019-06-06T07:37:21Z",
                      "lastUsedTime": "2021-10-14T07:37:21Z",
                      "enabled": true,
                      "description": "test"
                  }
              ] 
          }
          Previous
          Error Code
          Next
          Group Management Interface