POST /command/groups/create

Create a remote directory user group. Authentication is required.

Request format

When Forming RBAC API requests to this endpoint, the content type is application/json. The body must be a JSON object using the following keys:

• login: Defines the group for an external IdP, such as an LDAP login or a SAML identifier for the group.
• role_ids: An array of IDs defining the roles that you want to assign to users in this group. Roles grant permissions to group members.
• identity_provider_id: Specify the UUID of an identity provider to bind to the group.
• display_name: Optional. Specify a name for the group that is visible in the PE console. If this group originates from an LDAP group, this value is determined by the group's Display name setting in LDAP.

Request example:

curl -X POST "https://$(puppet config print server):4433/rbac-api/v1/command/groups/create" \
-H "X-Authentication:$(puppet-access show)" \
-H "Content-type: application/json" \
-d '{
     "login": "augmentators",
     "role_ids": [1,2,3],
     "display_name": "The Augmentators"
     "identity_provider_id": "0e1a11bd-658f...-732887"
    }'

Response format

If the group is created successfully, the endpoint returns 200 OK.

If you don't have permission to create groups, the response is 403 Not Permitted

Malformed requests return 400 Bad Request.

For other errors, refer to RBAC service errors .