POST /v2/databases/{database_cluster_uuid}/users

To add a new database user, send a POST request to /v2/databases/$DATABASE_ID/users with the desired username.

Note: User management is not supported for Redis or Valkey clusters.

When adding a user to a MySQL cluster, additional options can be configured in the mysql_settings object.

When adding a user to a Kafka cluster, additional options can be configured in the settings object.

When adding a user to a MongoDB cluster, additional options can be configured in the settings.mongo_user_settings object.

The response will be a JSON object with a key called user. The value of this will be an object that contains the standard attributes associated with a database user including its randomly generated password.

Servers

https://api.digitalocean.com

Path parameters

Name	Type	Required	Description
`database_cluster_uuid`	String	Yes	A unique identifier for a database cluster.

Request headers

Name	Type	Required	Description
`Content-Type`	String	Yes	The media type of the request body. Default value: "application/json"

Request body fields

Name	Type	Required	Description
`readonly`	Boolean	No	(To be deprecated: use settings.mongo_user_settings.role instead for access controls to MongoDB databases). For MongoDB clusters, set to `true` to create a read-only user. This option is not currently supported for other database engines.
`name`	String	Yes	The name of a database user.
`mysql_settings`	Object	No
`mysql_settings.auth_plugin`	String	Yes	A string specifying the authentication method to be used for connections to the MySQL user account. The valid values are `mysql_native_password` or `caching_sha2_password`. If excluded when creating a new user, the default for the version of MySQL in use will be used. As of MySQL 8.0, the default is `caching_sha2_password`. Possible values: `"caching_sha2_password"` `"mysql_native_password"`
`password`	String	No	A randomly generated password for the database user.
`access_key`	String	No	Access key for TLS client authentication. (Kafka only)
`settings`	Object	No
`settings.mongo_user_settings`	Object	No	MongoDB-specific settings for the user. This option is not currently supported for other database engines.
`settings.mongo_user_settings.databases[]`	Array	No	A list of databases to which the user should have access. When the database is set to `admin`, the user will have access to all databases based on the user's role i.e. a user with the role `readOnly` assigned to the `admin` database will have read access to all databases.
`settings.mongo_user_settings.role`	String	No	The role to assign to the user with each role mapping to a MongoDB built-in role. `readOnly` maps to a read role. `readWrite` maps to a readWrite role. `dbAdmin` maps to a dbAdmin role. Possible values: `"readOnly"` `"readWrite"` `"dbAdmin"`
`settings.pg_allow_replication`	Boolean	No	For Postgres clusters, set to `true` for a user with replication rights. This option is not currently supported for other database engines.
`settings.opensearch_acl[]`	Array	No	ACLs (Access Control Lists) specifying permissions on index within a OpenSearch cluster.
`settings.opensearch_acl[].permission`	String	No	Permission set applied to the ACL. 'read' allows user to read from the index. 'write' allows for user to write to the index. 'readwrite' allows for both 'read' and 'write' permission. 'deny'(default) restricts user from performing any operation over an index. 'admin' allows for 'readwrite' as well as any operations to administer the index. Possible values: `"read"` `"deny"` `"readwrite"` `"write"` `"admin"`
`settings.opensearch_acl[].index`	String	No	A regex for matching the indexes that this ACL should apply to.
`settings.acl[]`	Array	No	ACLs (Access Control Lists) specifying permissions on topics within a Kafka cluster.
`settings.acl[].id`	String	No	An identifier for the ACL. Will be computed after the ACL is created/updated.
`settings.acl[].permission`	String	Yes	Permission set applied to the ACL. 'consume' allows for messages to be consumed from the topic. 'produce' allows for messages to be published to the topic. 'produceconsume' allows for both 'consume' and 'produce' permission. 'admin' allows for 'produceconsume' as well as any operations to administer the topic (delete, update). Possible values: `"produce"` `"consume"` `"admin"` `"produceconsume"`
`settings.acl[].topic`	String	Yes	A regex for matching the topic(s) that this ACL should apply to.
`access_cert`	String	No	Access certificate for TLS client authentication. (Kafka only)
`role`	String	No	A string representing the database user's role. The value will be either "primary" or "normal". Possible values: `"normal"` `"primary"`

How to start integrating

Add HTTP Task to your workflow definition.
Search for the API you want to integrate with and click on the name.
- This loads the API reference documentation and prepares the Http request settings.
Click Test request to test run your request to the API and see the API's response.