This section explains how to create a group (which can contain multiple users and is useful for role management) and then check that it was created properly.
Note: A domain can contain multiple groups, but a group cannot belong to another group.
Note: It is necessary to use a global token when executing this API.
-
Set the environment variables below as follows:
$ TEMP_GROUP_NAME=<newGroupName>
$ DOMAIN_ID=<domainName>
$ DESCRIPTION=<groupDesc>
-
Execute the following API:
$ curl -X POST -Ss $IDENTITY/v3/groups \
-H "X-Auth-Token:$OS_AUTH_TOKEN" -H "Content-Type:application/json" \
-d '{"group": {"description": "'$DESCRIPTION'",
"domain_id": "'$DOMAIN_ID'", "name": "'$TEMP_GROUP_NAME'"}}' | \
jq .
The following response is output:
{
"group": {
"domain_id": "<domainNameThatGroupBelongsTo>",
"description": "<groupDesc>",
"id": "<newGroupId>",
"links": {
"self": "http://identity.cloud.global.fujitsu.com/v3/groups/<newGroupId>"
},
"name": "<newGroupName>"
}
}
-
List the groups to confirm that it has been created. Only groups of the same domain can be retrieved.
$ curl -X GET -Ss $IDENTITY/v3/groups?domain_id=$DOMAIN_ID \
-H "X-Auth-Token:$OS_AUTH_TOKEN" -H "Content-Type:application/json" \
| jq .
If a list including the group names you specified, like the following, is returned, that means the creation of the group was successful.
{
"links": {
"self": "http://identity.cloud.global.fujitsu.com/v3/groups",
"previous": null,
"next": null
},
"groups": [
...
{
"domain_id": "<domainId>",
"description": "<groupDesc>",
"id": "<groupId>",
"links": {
"self": "http://identity.cloud.global.fujitsu.com/v3/groups/<groupId>"
},
"name": "<groupName>"
},
...
]
}