POST /groups (deprecated)
Create a new remote directory user group. Authentication is required.
This endpoint is deprecated. Instead, use POST /command/groups/create.
Request format
When Forming RBAC API requests to this endpoint, the content type
is application/json. The body must be a JSON object
using the following keys:
login: The name to assign to the group.role_ids: An array of role IDs defining the roles that you want to assign to users in this group. An empty array might be valid, but users can't do anything in PE if they are not assigned to any roles.
The endpoint accepts a JSON body containing these keys:
| Key | Definition |
|---|---|
login
|
Required. Defines the group for an external IdP. This could be an LDAP login or a SAML identifier for the group. |
role_ids
|
Required. An array of role IDs defining the roles that you want to assign to users in this group. An empty array might be valid, but users can't do anything in PE if they are not assigned to any roles. |
display_name
|
Optional. Specify a name for the group as you want it to appear in the PE console. If the group you're creating originates from an LDAP group, the LDAP group's Display name setting overrides this parameter. |
identity_provider_id
|
Optional. Specify the UUID of an identity provider (SAML or LDAP) to bind to the group. |
validate
|
Optional. A Boolean specifying whether you want to
validate if the group exists on the LDAP server prior to
creating it. The default is true. Set this to false if you don't want to validate the group's
existence in LDAP. |
For example:
curl -X POST "https://$(puppet config print server):4433/rbac-api/v2/groups" \
-H "X-Authentication:$(puppet-access show)" \
-H "Content-type: application/json" \
-d '{
"login": "augmentators",
"role_ids": [1,2,3],
"display_name": "The Augmentators"
"idnetity_provider_id": "0e1a11bd-658f...-732887"
}'
Response format
If the new remote group is created successfully, the endpoint returns 303 See Other with a location header pointing to the new resource.
Error response
Returns 409 Conflict if the new group conflicts with an existing group.
For other errors, refer to RBAC service errors .
