Create sub account
- Print
- PDF
Create sub account
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
Available in Classic and VPC
Create a sub account. Creating a sub account allows you to set permissions for each account, enabling you to operate the service safely and reliably.
Note
Up to 500 sub accounts can be created.
Request
This section describes the request format. The method and URI are as follows:
| Method | URI |
|---|---|
| POST | /api/v1/sub-accounts |
Request headers
For information about the headers common to all Sub Account APIs, see Sub Account request headers.
Request body
You can include the following data in the body of your request:
| Field | Type | Required | Description |
|---|---|---|---|
active | Boolean | Required | Sub account status
|
apiAllowSources | Array | Optional | List of sources accessible by sub account via API |
canAPIGatewayAccess | Boolean | Required | API Gateway accessibility of the sub account
|
canConsoleAccess | Boolean | Required | Whether the sub account can access the console
|
consolePermitIps | Array | Optional | List of IP ranges accessible to the console from the sub account |
email | String | Optional | Sub account user email address
|
isMfaMandatory | Boolean | Optional | Whether two-factor authentication is required for the sub account
|
loginId | String | Required | Sub account login ID
|
memo | String | Optional | Description of the sub account (byte)
|
name | String | Required | Sub account username
|
needPasswordGenerate | Boolean | Optional | Sub account login password creation method
|
needPasswordReset | Boolean | Required | Sub account login password reset notification
|
password | String | Conditional | Sub account login password
|
useApiAllowSource | Boolean | Optional | Whether the accessible source for the API by the sub account is restricted
|
useConsolePermitIp | Boolean | Optional | Whether the sub account's console access is restricted to a specific IP range
|
apiAllowSources
The following describes apiAllowSources.
| Field | Type | Required | Description |
|---|---|---|---|
type | String | Conditional | Access source type
|
source | String | Conditional | Access source information
|
Request example
The request example is as follows:
curl --location --request POST 'https://subaccount.apigw.ntruss.com/api/v1/sub-accounts' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json' \
--header 'Content-Type: application/json' \
--data '{
"active": true,
"apiAllowSources": [
{
"type": "IP",
"source": "***.***.***.***"
}
],
"canAPIGatewayAccess": true,
"canConsoleAccess": true,
"consolePermitIps": [
"***.***.***.***"
],
"email": "email@ncloud.com",
"isMfaMandatory": false,
"loginId": "testuser33",
"memo": "testuser account",
"name": "userts3",
"needPasswordGenerate": true,
"needPasswordReset": true,
"useApiAllowSource": true,
"useConsolePermitIp": true
}'
Response
This section describes the response format.
Response body
The response body includes the following data:
| Field | Type | Required | Description |
|---|---|---|---|
id | String | - | Sub account ID |
success | Boolean | - | API call success status
|
generatedPassword | String | - | Sub account password
|
Response status codes
For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.
Response example
The response example is as follows:
{
"id": "e60b75d0-****-****-****-***********",
"success": true,
"generatedPassword": "*****************"
}
Was this article helpful?