{
  "id": "users",
  "title": "Users requests",
  "url": "https://redis.io/docs/latest/operate/rs/7.8/references/rest-api/requests/users/",
  "summary": "User requests",
  "content": "\n| Method | Path | Description |\n|--------|------|-------------|\n| [GET](#get-all-users) | `/v1/users` | Get all users |\n| [GET](#get-user) | `/v1/users/{uid}` | Get a single user |\n| [PUT](#put-user) | `/v1/users/{uid}` | Update a user's configuration |\n| [POST](#post-user) | `/v1/users` | Create a new user |\n| [DELETE](#delete-user) | `/v1/users/{uid}` | Delete a user |\n\n## Get all users {#get-all-users}\n\n```sh\nGET /v1/users\n```\n\nGet a list of all users.\n\n### Permissions\n\n| Permission name | Roles |\n|-----------------|-------|\n| [view_all_users_info]() | admin\u003cbr /\u003euser_manager |\n\n### Request {#get-all-request}\n\n#### Example HTTP request\n\n```sh\nGET /v1/users\n```\n\n#### Headers\n\n| Key | Value | Description |\n|-----|-------|-------------|\n| Host | cnm.cluster.fqdn | Domain name |\n| Accept | application/json | Accepted media type |\n\n### Response {#get-all-response}\n\nReturns a JSON array of [user objects]().\n\n#### Example JSON body\n\n```json\n[\n    {\n        \"uid\": 1,\n        \"password_issue_date\": \"2017-03-02T09:43:34Z\",\n        \"email\": \"user@example.com\",\n        \"name\": \"John Doe\",\n        \"email_alerts\": true,\n        \"bdbs_email_alerts\": [\"1\",\"2\"],\n        \"role\": \"admin\",\n        \"auth_method\": \"regular\",\n        \"status\": \"active\"\n    },\n    {\n        \"uid\": 2,\n        \"password_issue_date\": \"2017-03-02T09:43:34Z\",\n        \"email\": \"user2@example.com\",\n        \"name\": \"Jane Poe\",\n        \"email_alerts\": true,\n        \"role\": \"db_viewer\",\n        \"auth_method\": \"regular\",\n        \"status\": \"active\"\n    }\n]\n```\n\n### Status codes {#get-all-status-codes}\n\n| Code | Description |\n|------|-------------|\n| [200 OK](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1) | No error |\n\n## Get user {#get-user}\n\n```sh\nGET /v1/users/{int: uid}\n```\n\nGet a single user's details.\n\n### Permissions\n\n| Permission name | Roles |\n|-----------------|-------|\n| [view_user_info]() | admin\u003cbr /\u003euser_manager |\n\n### Request {#get-request}\n\n#### Example HTTP request\n\n```sh\nGET /v1/users/1\n```\n\n#### Headers\n\n| Key | Value | Description |\n|-----|-------|-------------|\n| Host | cnm.cluster.fqdn | Domain name |\n| Accept | application/json | Accepted media type |\n\n#### URL parameters\n\n| Field | Type | Description |\n|-------|------|-------------|\n| uid | integer | The user's unique ID |\n\n### Response {#get-response}\n\nReturns a [user object]() that contains the details for the specified user ID.\n\n#### Example JSON body\n\n```json\n{\n    \"uid\": 1,\n    \"password_issue_date\": \"2017-03-07T15:11:08Z\",\n    \"role\": \"db_viewer\",\n    \"email_alerts\": true,\n    \"bdbs_email_alerts\": [\"1\",\"2\"],\n    \"email\": \"user@example.com\",\n    \"name\": \"John Doe\",\n    \"auth_method\": \"regular\",\n    \"status\": \"active\"\n}\n```\n\n### Status codes {#get-status-codes}\n\n| Code | Description |\n|------|-------------|\n| [200 OK](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1) | Success. |\n| [403 Forbidden](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.4) | Operation is forbidden. |\n| [404 Not Found](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5) | User does not exist. |\n\n## Update user {#put-user}\n\n```sh\nPUT /v1/users/{int: uid}\n```\n\nUpdate an existing user's configuration.\n\n### Permissions\n\n| Permission name | Roles |\n|-----------------|-------|\n| [update_user]() | admin\u003cbr /\u003euser_manager |\n\nAny user can change their own name, password, or alert preferences.\n\n### Request {#put-request}\n\n#### Example HTTP request\n\n```sh\nPUT /v1/users/1\n```\n\n#### Example JSON body\n\n```json\n{\n     \"email_alerts\": false,\n     \"role_uids\": [ 2, 4 ]\n}\n```\n\n#### Headers\n\n| Key | Value | Description |\n|-----|-------|-------------|\n| Host | cnm.cluster.fqdn | Domain name |\n| Accept | application/json | Accepted media type |\n\n#### Query parameters\n\n| Field   | Type | Description |\n|---------|------|---------------|\n| dry_run |  | Validate the updated [user object]() but don't apply the update. |\n\n#### URL parameters\n\n| Field | Type | Description |\n|-------|------|-------------|\n| uid | integer | The user's unique ID |\n\n\n#### Request body\n\nInclude a [user object]() with updated fields in the request body.\n\n### Response {#put-response}\n\nReturns the updated [user object]().\n\n#### Example JSON body\n\n```json\n{\n     \"uid\": 1,\n     \"password_issue_date\": \"2017-03-07T15:11:08Z\",\n     \"email\": \"user@example.com\",\n     \"name\": \"Jane Poe\",\n     \"email_alerts\": false,\n     \"role\": \"db_viewer\",\n     \"role_uids\": [ 2, 4 ],\n     \"auth_method\": \"regular\"\n}\n```\n\n\nFor [RBAC-enabled clusters](), the returned user details include `role_uids` instead of `role`.\n\n\n### Error codes {#put-error-codes}\n\nWhen errors are reported, the server may return a JSON object with    `error_code` and `message` field that provide additional information.    The following are possible `error_code` values:\n\n| Code | Description |\n|------|-------------|\n| password_not_complex | The given password is not complex enough (Only works when the password_complexity feature is enabled).|\n| new_password_same_as_current | The given new password is identical to the old password.|\n| email_already_exists | The given email is already taken.|\n| change_last_admin_role_not_allowed | At least one user with admin role should exist.|\n\n### Status codes {#put-status-codes}\n\n| Code | Description |\n|------|-------------|\n| [200 OK](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1) | Success, the user is updated. |\n| [400 Bad Request](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1) | Bad or missing configuration parameters. |\n| [404 Not Found](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5) | Attempting to change a non-existing user. |\n| [406 Not Acceptable](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.7) | The requested configuration is invalid. |\n\n## Create user {#post-user}\n\n```sh\nPOST /v1/users\n```\n\nCreate a new user.\n\n### Permissions\n\n| Permission name | Roles |\n|-----------------|-------|\n| [create_new_user]() | admin\u003cbr /\u003euser_manager |\n\n### Request {#post-request}\n\n#### Example HTTP request\n\n```sh\nPOST /v1/users\n```\n\n#### Headers\n\n| Key | Value | Description |\n|-----|-------|-------------|\n| Host | cnm.cluster.fqdn | Domain name |\n| Accept | application/json | Accepted media type |\n\n#### Query parameters\n\n| Field   | Type | Description |\n|---------|------|---------------|\n| dry_run |  | Validate the new [user object]() but don't apply the update. |\n\n#### Body\n\nInclude a single [user object]() in the request body. The user object must have an email, password, and role.\n\n\nFor [RBAC-enabled clusters](), use `role_uids` instead of `role` in the request body.\n\n\n`email_alerts` can be configured either as:\n\n- `true` - user will receive alerts for all databases configured in `bdbs_email_alerts`. The user will receive alerts for all databases by default if `bdbs_email_alerts` is not configured. `bdbs_email_alerts` can be a list of database UIDs or `[‘all’]` meaning all databases.\n\n- `false` - user will not receive alerts for any databases\n\n##### Example JSON body\n\n```json\n{\n     \"email\": \"newuser@example.com\",\n     \"password\": \"my-password\",\n     \"name\": \"Pat Doe\",\n     \"email_alerts\": true,\n     \"bdbs_email_alerts\": [\"1\",\"2\"],\n     \"role_uids\": [ 3, 4 ],\n     \"auth_method\": \"regular\"\n}\n```\n\n### Response {#post-response}\n\nReturns the newly created [user object]().\n\n#### Example JSON body\n\n```json\n{\n     \"uid\": 1,\n     \"password_issue_date\": \"2017-03-07T15:11:08Z\",\n     \"email\": \"newuser@example.com\",\n     \"name\": \"Pat Doe\",\n     \"email_alerts\": true,\n     \"bdbs_email_alerts\": [\"1\",\"2\"],\n     \"role\": \"db_viewer\",\n     \"role_uids\": [ 3, 4 ],\n     \"auth_method\": \"regular\"\n}\n```\n\n### Error codes {#post-error-codes}\n\nWhen errors are reported, the server may return a JSON object with `error_code` and `message` field that provide additional information.\n\nThe following are possible `error_code` values:\n\n| Code | Description |\n|------|-------------|\n| password_not_complex | The given password is not complex enough (Only works when the password_complexity feature is enabled).|\n| email_already_exists | The given email is already taken.|\n| name_already_exists | The given name is already taken.|\n\n### Status codes {#post-status-codes}\n\n| Code | Description |\n|------|-------------|\n| [200 OK](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1) | Success, user is created. |\n| [400 Bad Request](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1) | Bad or missing configuration parameters. |\n| [409 Conflict](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.10) | User with the same email already exists. |\n\n### Examples\n\n#### cURL\n\n```sh\n$ curl -k -X POST -u '[username]:[password]' \\\n       -H 'Content-Type: application/json' \\\n       -d '{ \"email\": \"newuser@example.com\", \\\n           \"password\": \"my-password\", \\\n           \"name\": \"Pat Doe\", \\\n           \"email_alerts\": true, \\\n           \"bdbs_email_alerts\": [\"1\",\"2\"], \\\n           \"role_uids\": [ 3, 4 ], \\\n           \"auth_method\": \"regular\" }' \\\n       'https://[host][:port]/v1/users'\n```\n\n#### Python\n\n```python\nimport requests\nimport json\n\nurl = \"https://[host][:port]/v1/users\"\nauth = (\"[username]\", \"[password]\")\n\npayload = json.dumps({\n  \"email\": \"newuser@example.com\",\n  \"password\": \"my-password\",\n  \"name\": \"Pat Doe\",\n  \"email_alerts\": True,\n  \"bdbs_email_alerts\": [\n    \"1\",\n    \"2\"\n  ],\n  \"role_uids\": [\n    3,\n    4\n  ],\n  \"auth_method\": \"regular\"\n})\n\nheaders = {\n  'Content-Type': 'application/json'\n}\n\nresponse = requests.request(\"POST\", url, auth=auth, headers=headers, data=payload, verify=False)\n\nprint(response.text)\n```\n\n## Delete user {#delete-user}\n\n```sh\nDELETE /v1/users/{int: uid}\n```\n\nDelete a user.\n\n### Permissions\n\n| Permission name | Roles |\n|-----------------|-------|\n| [delete_user]() | admin\u003cbr /\u003euser_manager |\n\n### Request {#delete-request}\n\n#### Example HTTP request\n\n```sh\nDELETE /v1/users/1\n```\n\n#### Headers\n\n| Key | Value | Description |\n|-----|-------|-------------|\n| Host | cnm.cluster.fqdn | Domain name |\n| Accept | application/json | Accepted media type |\n\n#### URL parameters\n\n| Field | Type | Description |\n|-------|------|-------------|\n| uid | integer | The user's unique ID |\n\n### Response {#delete-response}\n\nReturns a status code to indicate the success or failure of the user deletion.\n\n### Status codes {#delete-status-codes}\n\n| Code | Description |\n|------|-------------|\n| [200 OK](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1) | Success, the user is deleted. |\n| [406 Not Acceptable](http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.7) | The request is not acceptable. |\n",
  "tags": ["docs","operate","rs"],
  "last_updated": "2026-04-01T08:10:08-05:00",
  "children": [{"id":"authorize","summary":"Users authorization requests","title":"Authorize user requests","url":"https://redis.io/docs/latest/operate/rs/7.8/references/rest-api/requests/users/authorize/"},{"id":"password","summary":"User password requests","title":"User password requests","url":"https://redis.io/docs/latest/operate/rs/7.8/references/rest-api/requests/users/password/"},{"id":"refresh_jwt","summary":"Refresh JW token requests","title":"Refresh JWT requests","url":"https://redis.io/docs/latest/operate/rs/7.8/references/rest-api/requests/users/refresh_jwt/"}]
}