Create New User

Allows you to create a new user with detailed configurations including roles, devices, and permissions. Requires admin permissions to run this API.

Note: See Manage users and roles in AFA to better understand the request parameters.

Resource name: /api/v1/users

Request Method: POST

Request parameters:

Parameter	Type	Description
userName mandatory	string	Username for the new user
password mandatory	string	Temporary password for the user
adminPassword mandatory	string	Administrator (the user creating the new user) password
fullName mandatory	string	Full name of the user
email mandatory	string	Email address of the user
notes	string	Notes for the user
roles	array	Roles assigned to the user
authenticationType	string	Type of authentication (local, radius, ldap). Default: local.
administrator	string	Administrator permissions (yes or no)
landingPage	string	Default landing page. Valid values are: afa, aff, abf, automatic. Default: automatic.
fireflowAdmin	string	FireFlow admin privileges (yes or no)
enableAnalysisFromFile	string	Enable analysis from file (yes or no). Default: yes.
enableGlobalTrustTraffic	string	Enable global trust traffic (yes or no). Default: yes.
emailNotifications	object
risk	string	Receive risk notifications (yes or no). Default: no.
policy	string	Receive policy notifications (yes or no). Default: no.
groupReport	string	Receive group report notifications (yes or no)
allReports	string	Receive all reports (yes or no)
configurationChanges	string	Receive configuration change notifications (yes or no)
objectExpiration	string	Receive object expiration notifications (yes or no). Default: no.
errors	string	Receive error notifications (yes or no). Default: no.
customizations	string	Receive customizations notifications (yes or no). Default: no.
hideDetails	string	Hide details in notifications (yes or no). Default: no.
authorizedViewsAndActions	object	Authorized views and actions settings.
reportAll	string	Access to all reports (yes or no). Default: yes.
reportRisks	string	Access to risk reports (yes or no). Default: no.
reportChanges	string	Access to change reports (yes or no). Default: no.
reportOptimize	string	Access to optimization reports (yes or no). Default: no.
reportVpn	string	Access to VPN reports (yes or no). Default: no.
reportCompliance	string	Access to compliance reports (yes or no). Default: no.
reportBaseline	string	Access to baseline reports (yes or no). Default: no.
reportExplore	string	Access to explore reports (yes or no). Default: no.
reportConfig	string	Access to configuration and logs (yes or no). Default: no.
actionViews	string	Access to all home views (yes or no). Default: yes.
actionMap	string	Access to Map view (yes or no). Default: no.
actionMonitor	string	Access to changes view (yes or no). Default: no.
artPermission	string	Access to view and edit reporting tool dashboard (yes or no). Default: yes.
actionAll	string	Permissions to execute all actions (yes or no)
actionAnalyze	string	Analyze actions permissions (yes or no). Default: no.
actionQuery	string	Query actions permissions (yes or no). Default: no.
actionTrusted	string	Trusted actions permissions (yes or no). Default: no.
actionTopology	string	Topology actions permissions (yes or no). Default: no.
actionCompare	string	Compare actions permissions (yes or no). Default: no.
actionDelete	string	Delete actions permissions (yes or no)
actionDocumentation	string	Documentation actions permissions (yes or no). Default: no.
firewallProfile	string	Default permission profile
authorizedDevices mandatory	object	Authorized devices
id	string	Device ID
displayName	string	Display name of the device
profile	string	Authorization profile for the device. Valid values are: Standard, ReadOnly, None. Default: Standard.
notification	string	Receive notifications for this device (yes or no). Default: yes.

Request example:

Copy

{
  "userName": "newuser",
  "password": "1234567",
  "adminPassword": "string",
  "fullName": "new User",
  "email": "[email protected]",
  "notes": "example note",
  "roles": [
      "role1",
      "role2",
      "role3"
   ],
  "authenticationType": "local",
  "administrator": "no",
  "landingPage": "afa",
  "fireflowAdmin": "no",
  "enableAnalysisFromFile": "no",
  "enableGlobalTrustTraffic": "no",
  "emailNotifications": {
    "risk": "no",
    "policy": "no",
    "groupReport": "no",
    "allReports": "yes",
    "configurationChanges": "yes",
    "objectExpiration": "no",
    "errors": "no",
    "customizations": "no",
    "hideDetails": "no"
  },
  "authorizedViewsAndActions": {
    "reportAll": "yes",
    "reportRisks": "no",
    "reportChanges": "no",
    "reportOptimize": "no",
    "reportVpn": "no",
    "reportCompliance": "no",
    "reportBaseline": "no",
    "reportExplore": "no",
    "reportConfig": "no",
    "actionViews": "yes",
    "actionMap": "no",
    "actionMonitor": "no",
    "artPermission": "yes",
    "actionAll": "yes",
    "actionAnalyze": "no",
    "actionQuery": "no",
    "actionTrusted": "no",
    "actionTopology": "no",
    "actionCompare": "no",
    "actionDelete": "no",
    "actionDocumentation": "no"
  },
  "firewallProfile": "Standard",
  "authorizedDevices": [
    {
      "id": "device123",
      "displayName": "device123",
      "profile": "Standard",
      "notification": "yes"
    }
  ]
}

cUrl Example:

Copy

curl -X 'POST' \
  'https://<localhost>/afa/api/v1/users' \
  -H 'accept: application/json' \
  -H 'Content-Type: application/json' \
  -d '{
  "userName": "newuser",
  "password": "1234567",
  "adminPassword": "string",
  "fullName": "new User",
  "email": "[email protected]",
  "notes": "example note",
  "roles": [],
  "authenticationType": "local",
  "administrator": "no",
  "landingPage": "afa",
  "fireflowAdmin": "no",
  "enableAnalysisFromFile": "no",
  "enableGlobalTrustTraffic": "no",
  "emailNotifications": {
    "risk": "no",
    "policy": "no",
    "groupReport": "no",
    "allReports": "yes",
    "configurationChanges": "yes",
    "objectExpiration": "no",
    "errors": "no",
    "customizations": "no",
    "hideDetails": "no"
  },
  "authorizedViewsAndActions": {
    "reportAll": "yes",
    "reportRisks": "no",
    "reportChanges": "no",
    "reportOptimize": "no",
    "reportVpn": "no",
    "reportCompliance": "no",
    "reportBaseline": "no",
    "reportExplore": "no",
    "reportConfig": "no",
    "actionViews": "yes",
    "actionMap": "no",
    "actionMonitor": "no",
    "artPermission": "yes",
    "actionAll": "yes",
    "actionAnalyze": "no",
    "actionQuery": "no",
    "actionTrusted": "no",
    "actionTopology": "no",
    "actionCompare": "no",
    "actionDelete": "no",
    "actionDocumentation": "no"
  },
  "firewallProfile": "Standard",
  "authorizedDevices": [
    {
      "id": "device123",
      "displayName": "device123",
      "profile": "Standard",
      "notification": "yes"
    }
  ]
}'
Request URL

Status codes:

Code	Description
200	OK
400	Bad Request
401	Unauthorized
403	Forbidden
500	Internal Server Error

Response parameters:

Parameter	Type	Description
successUsers	array of object	List of users successfully processed.
username	string	Username of the successfully processed user.
email	string	Email address of the successfully processed user.
status	string	Overall result status of the request (e.g., "OK").
errorDetails	object	Details of any errors encountered.
description	string	Detailed message describing the error.
error	string	Error type or code.
fieldErrors	array	List of specific field validation errors.
error	string	Specific error message related to the field.
field	string	The field that caused the error.

Response example success 200:

Copy{
  "successUsers": [
    {
      "username": "newuser",
      "email": "[email protected]"
    }
  ],
  "status": "OK"
}

Response example failure 400:

Copy

{
  "failedUsers": [
    {
      "username": "string",
      "email": "string"
    }
  ],
  "errorDetails": {
    "username": "string"
  },
  "status": "BAD_REQUEST"
}

Create New User

Sorry about that

Great!