Skip to main content
POST
/
groups
/
{group_id}
/
users
/
{user_id}
cURL
curl --request POST \
  --url https://api.opal.dev/v1/groups/{group_id}/users/{user_id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "duration_minutes": 60,
  "access_level_remote_id": "arn:aws:iam::590304332660:role/AdministratorAccess"
}'
{
  "full_name": "Jake Barnes",
  "user_id": "29827fb8-f2dd-4e80-9576-28e31e9934ac",
  "group_id": "1b978423-db0a-4037-a4cf-f79c60cb67b3",
  "expiration_date": "2022-01-23T04:56:07.000Z",
  "email": "jake@company.dev"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

group_id
string<uuid>
required

The ID of the group.

user_id
string<uuid>
required

The ID of the user to add.

Query Parameters

duration_minutes
integer
deprecated

The duration for which the group can be accessed (in minutes). Use 0 to set to indefinite.

Required range: x <= 525960
access_level_remote_id
string
deprecated

The remote ID of the access level to grant to this user. If omitted, the default access level remote ID value (empty string) is used.

Body

application/json
duration_minutes
integer
required

The duration for which the group can be accessed (in minutes). Use 0 to set to indefinite.

Example:

60

access_level_remote_id
string

The remote ID of the access level to grant to this user. If omitted, the default access level remote ID value (empty string) is used.

Example:

"arn:aws:iam::590304332660:role/AdministratorAccess"

Response

200 - application/json

The GroupUser that was created.

Group Access User Object

Description

The GroupAccessUser object is used to represent a user with access to a group.

Usage Example

Fetch from the LIST GroupUsers endpoint.

group_id
string<uuid>
required

The ID of the group.

Example:

"1b978423-db0a-4037-a4cf-f79c60cb67b3"

group_name
string
required

The name of the group.

Example:

"API Group"

description
string
required

The description of the group.

Example:

"Group required to request API's"

user_id
string<uuid>
required

The ID of the user.

Example:

"29827fb8-f2dd-4e80-9576-28e31e9934ac"

full_name
string
required

The user's full name.

Example:

"Jake Barnes"

email
string
required

The user's email.

Example:

"jake@company.dev"

access_level
object

Access Level Object

Description

The GroupAccessLevel object is used to represent the level of access that a user has to a group or a group has to a group. The "default" access level is a GroupAccessLevel object whose fields are all empty strings.

Usage Example

View the GroupAccessLevel of a group/user or group/group pair to see the level of access granted to the group.

Example:
{
  "access_level_name": "Developer",
  "access_level_remote_id": 20
}
expiration_date
string<date-time> | null

The day and time the user's access will expire.

Example:

"2022-01-23T04:56:07.000Z"

propagation_status
object

The state of whether the push action was propagated to the remote system. If this is null, the access was synced from the remote system.