On this page:

Besides using TWAdmin for administrative tasks, you can also use the Command Line Interface (CLI) to create and manage users, roles, and permissions. All of the CLI supported in TWCloud are properly defined on this page. You can also find them via Swagger where you can find the description of the command-line, and issue it easily. We recommend you use CLI via Swagger UI because when you execute the command via Swagger, it also shows you the correct curl command. This link https://osmc.nomagic.com/#/Administrator takes you to the TWCloud CLI documentation in Swagger.

Assign a project role to a particular user

Sending POST to /osmc/workspaces/{workspaceId}/resources/{resouceId}/roles/{roleId}/users  assigns a project role to a specified user.


HTTP request header
Content-Type: text/plain


HTTP request body
user1,user2

HTTP Status

201 with empty body.


List all permissions

The /osmc/admin/permissions lists all permissions in the server.

HTTP request header
Content-Type: application/json; charset=UTF-8

HTTP request body
[{
    "operationAssignableAccessScope": "GLOBAL_ONLY",
    "protectedType": "com.nomagic.esi.resource",
    "name": "com.nomagic.esi.resource_list.all.resources",
    "operationName": "list.all.resources",
    "ID": "d91a7ba9-a017-44ac-9ff8-4b35635cb7b9",
    "operationDisplayName": "List All Projects",
    "protectedTypeDisplayName": "Project"
}, {
    "operationAssignableAccessScope": "GLOBAL_OR_OBJECT",
    "protectedType": "com.nomagic.esi.resource",
    "name": "com.nomagic.esi.resource_read.resource",
    "operationName": "read.resource",
    "ID": "9649cb30-6933-49f1-b309-7aade63340cc",
    "operationDisplayName": "Read Projects",
    "protectedTypeDisplayName": "Project"
}, {
    "operationAssignableAccessScope": "GLOBAL_ONLY",
    "protectedType": "com.nomagic.esi.server",
    "name": "com.nomagic.esi.server_manage.user.permissions",
    "operationName": "manage.user.permissions",
    "ID": "8d7423b8-4e8c-4d32-8d3c-783504bef044",
    "operationDisplayName": "Manage User Permissions",
    "protectedTypeDisplayName": "Server"
}]


Create a role

Sending POST to /osmc/admin/roles creates a row in the server.

HTTP request header
Content-Type: application/json


HTTP request body
{
    "permissions": ["9649cb30-6933-49f1-b309-7aade63340cc"],
    "name": "new role name",
    "description": "new row description",
}


HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
{
    "permissions": [{
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_edit.resource",
        "operationName": "edit.resource",
        "ID": "0b972f77-368c-4511-9285-0069a1a8bf07",
        "operationDisplayName": "Edit Projects",
        "protectedTypeDisplayName": "Project"
    }],
    "name": "Project Contributor",
    "description": "Project-specific role. Users who are assigned to this role can modify content of selected project.",
    "ID": "417494bc-d0e8-449a-a8ac-5476dc2e6537"
}


Edit a role

Sending PATCH to /osmc/admin/roles/{roleId} edits a row in the server. For the format of the request and the response, see Create a role.


Delete a role

DELETE to /osmc/admin/roles/{roleId} deletes a row in the server.

Create a user

Sending POST to /osmc/admin/users creates a new user. The user must not be an LDAP user.

HTTP request header
Content-Type: application/json


HTTP request body (note that the otherAttributes map must not contain realmid key)
{
    "userName": "test2",
	"password": "a passward",
    "otherAttributes": {
        "mobile": "456",
        "name": "a full name",
        "department": "department",
        "email": "user1@notset.com"
    },
    "enabled": true
}


HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
{
    "userName": "test2",
    "otherAttributes": {
        "mobile": "456",
        "name": "a full name",
        "department": "department",
        "email": "user1@notset.com"
    },
    "enabled": true
}


Edit a user

Sending PATCH to /osmc/admin/users/{username} edits a user. 

HTTP request header
Content-Type: application/json


The key userName is ignored. By default, new otherAttributes are merged into the server. If the value of a key in otherAttributes is empty, the key will be removed from the server.

HTTP request body
{
    "userName": "test2",
	"password": "a passward",
    "otherAttributes": {
        "mobile": "456",
        "name": "a full name",
        "department": "department",
        "email": "user1@notset.com"
    },
    "enabled": true
}


HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
{
    "userName": "test2",
    "otherAttributes": {
        "mobile": "456",
        "name": "a full name",
        "department": "department",
        "email": "user1@notset.com"
    },
    "enabled": true
}


List all LDAP configurations

The /osmc/admin/ldaps returns a JSON array containing all LDAP configurations in the server.

HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
[{
    "environment": {
        "authentype": "simple",
        "searchbase": "ou=Users,dc=nomagicasia,dc=com",
        "authen_dntype": "template",
        "anoymousbind": "false",
        "ldap_realm_name": "ldap0",
        "java.naming.factory.initial": "com.sun.jndi.ldap.LdapCtxFactory",
        "java.naming.security.protocol": "none",
        "userDNTemplate": "uid={0},ou=Users,dc=nomagicasia,dc=com",
        "com.sun.jndi.ldap.read.timeout": "500",
        "java.naming.provider.url": "ldap://ldap.th.nomagic.com:389",
        "weight": "1073741823",
        "enabled": "true"
    },
    "protocol": "ldap",
    "port": "389",
    "IP": "ldap.th.nomagic.com",
    "ID": "36f8b736-f51c-43a2-a9a6-63905419838a",
    "authen": "simple",
    "userName": "cn=admin,dc=nomagicasia,dc=com",
    "url": "ldap://ldap.th.nomagic.com:389"
}]


Import a user from LDAP

Sending POST to /osmc/admin/ldaps/{ldapId}/import{username} imports an LDAP user into Teamwork Cloud.

HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
{
    "userName": "test2",
    "password": "a passward",
    "otherAttributes": {
        "mobile": "456",
        "realmid": "36f8b736-f56c-43a2-a9a6-54128919838a",
        "name": "a full name",
        "department": "department",
        "email": "user1@notset.com"
    },
    "enabled": true
}


Search a user in an LDAP server

Sending GET to /osmc/admin/ldaps/{ldapId}/search?<query string> searches users from a specified LDAP server.

HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
[{
    "mobile": "0123456789",
    "fullName": "Bat",
    "department": "production",
    "userName": "bat",
    "email": "bat@nma.com",
    "userDN": "uid=bat,ou=Users,dc=nomagicasia,dc=com"
}, {
    "mobile": "",
    "fullName": "abc",
    "department": "",
    "userName": "abc",
    "email": "",
    "userDN": "uid=abc,ou=Users,dc=nomagicasia,dc=com"
}, {
    "mobile": "",
    "fullName": "aaaa",
    "department": "",
    "userName": "aaa",
    "email": "",
    "userDN": "uid=aaa,ou=Users,dc=nomagicasia,dc=com"
}]


List all users

The /osmc/admin/users returns a JSON array containing usernames in the server.

HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
["admin", "observer1", "user1", "user2", "worker1"]


Get user information

The /osmc/admin/users/{username} returns a JSON object containing information of a specified user.

HTTP response header
Content-Type: application/json; charset=UTF-8


HTTP response body
{
    "roleAssignments": [{
        "roleID": "3e4696d5-1937-4741-aacb-062378e0cda2",
        "protectedObjects": [{
            "protectedType": "com.nomagic.esi.resource",
            "ID": "cda926be-58c7-4d3f-acb2-e9cdb57d8aaf"
        }],
        "ID": "3871e058-65e6-40d9-bd23-f80bdc074394"
    }, {
        "roleID": "417494bc-d0e8-449a-a8ac-5476dc2e6537",
        "protectedObjects": [{
            "protectedType": "com.nomagic.esi.resource",
            "ID": "cda926be-58c7-4d3f-acb2-e9cdb57d8aaf"
        }],
        "ID": "54b8ef7f-f60c-410f-8a09-93a15c51bbaa"
    }, {
        "roleID": "a020ca32-22a2-4c90-8513-f6b9c4ea8513",
        "protectedObjects": [{
            "protectedType": "com.nomagic.esi.resource",
            "ID": "cda926be-58c7-4d3f-acb2-e9cdb57d8aaf"
        }],
        "ID": "51ae2287-405e-42a6-807f-ca5e6f2a41d0"
    }, {
        "roleID": "e3cf7416-9cf3-42ff-84e6-e9d4283dfd18",
        "protectedObjects": [{
            "protectedType": "com.nomagic.esi.resource",
            "ID": "cda926be-58c7-4d3f-acb2-e9cdb57d8aaf"
        }],
        "ID": "a147bf72-1a51-49f5-baf9-ac3f2b6faf50"
    }],
    "userName": "user1",
    "otherAttributes": {
        "realmid": "",
        "mobile": "",
        "name": "",
        "department": "",
        "email": ""
    },
    "enabled": true
}


LIst all roles

The /osmc/admin/roles lists all rows in the server.

HTTP response header
Content-Type: application/json; charset=UTF-8
HTTP response body
[{
    "permissions": [{
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_create.resource",
        "operationName": "create.resource",
        "ID": "930c939c-6ec4-4c90-9458-92eefc73b11b",
        "operationDisplayName": "Create Project",
        "protectedTypeDisplayName": "Project"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_categorize.resources",
        "operationName": "categorize.resources",
        "ID": "9a223c45-71eb-4e45-b374-a8dd319afcea",
        "operationDisplayName": "Categorize Projects",
        "protectedTypeDisplayName": "Project"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_list.all.resources",
        "operationName": "list.all.resources",
        "ID": "d91a7ba9-a017-44ac-9ff8-4b35635cb7b9",
        "operationDisplayName": "List All Projects",
        "protectedTypeDisplayName": "Project"
    }],
    "name": "Project Creator",
    "description": "Global or category-specific role. Users who are assigned to this role can add projects to the server including the ability to categorize them: create new categories or manage existing ones.",
    "ID": "15c045d8-44e1-4e14-8175-b209b6ae70a4"
}, {
    "permissions": [{
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_edit.resource",
        "operationName": "edit.resource",
        "ID": "0b972f77-368c-4511-9285-0069a1a8bf07",
        "operationDisplayName": "Edit Projects",
        "protectedTypeDisplayName": "Project"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_read.resource",
        "operationName": "read.resource",
        "ID": "9649cb30-6933-49f1-b309-7aade63340cc",
        "operationDisplayName": "Read Projects",
        "protectedTypeDisplayName": "Project"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.resource",
        "name": "com.nomagic.esi.resource_edit.resource.properties",
        "operationName": "edit.resource.properties",
        "ID": "a93ff74f-baae-4aea-8f79-1a9d423f35fa",
        "operationDisplayName": "Edit Project Properties",
        "protectedTypeDisplayName": "Project"
    }],
    "name": "Project Contributor",
    "description": "Project-specific role. Users who are assigned to this role can modify content of selected project.",
    "ID": "417494bc-d0e8-449a-a8ac-5476dc2e6537"
}, {
    "permissions": [{
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.server",
        "name": "com.nomagic.esi.server_list.all.users",
        "operationName": "list.all.users",
        "ID": "34e47503-ad58-401b-a3d9-fdb0e00ea651",
        "operationDisplayName": "List All Users",
        "protectedTypeDisplayName": "Server"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.server",
        "name": "com.nomagic.esi.server_remove.user",
        "operationName": "remove.user",
        "ID": "3f7a74c4-9a95-40a6-837a-2aaf7f5f91ef",
        "operationDisplayName": "Remove User",
        "protectedTypeDisplayName": "Server"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.server",
        "name": "com.nomagic.esi.server_create.user",
        "operationName": "create.user",
        "ID": "d616eb9e-d1d4-4f2d-ad24-3cfb6e57d08e",
        "operationDisplayName": "Create User",
        "protectedTypeDisplayName": "Server"
    }, {
        "operationAssignableAccessScope": {},
        "protectedType": "com.nomagic.esi.server",
        "name": "com.nomagic.esi.server_edit.user.properties",
        "operationName": "edit.user.properties",
        "ID": "d81818d4-0d98-4464-b05c-e54e4af82877",
        "operationDisplayName": "Edit User Properties",
        "protectedTypeDisplayName": "Server"
    }],
    "name": "User Manager",
    "description": "Global role. Users who are assigned to this role can create and manage users in a server.",
    "ID": "1b3a3af6-887f-4891-a3df-b0e7b9141ff2"
}]


List users assigned to a particular role

The _/osmc/admin/roles/{roleId}/users lists users assigned to a particular role.

HTTP response header
Content-Type: application/json; charset=UTF-8
HTTP response body
["admin","observer1"]


Unassign a role from a particular user

Sending HTTP DELETE to /admin/roles/{roleId}/users/{username} unassigns a particular role from a specified user.


HTTP Response

204 with empty body.


Unassign a project role from a particular user

Sending DELETE to _/osmc/workspaces/\{workspaceId\}/resources/\{resourceId\}/roles/\{roleId\}/users/\{username\}_ unassigns a project role from a particular user.

HTTP Status

204 with empty body.


Assign a role to a particular user

Sending POST to /osmc/admin/roles/{roleId}/users assigns a role to a user.

HTTP request header
Content-Type: text/plain
HTTP request body
user1,user2


HTTP Status

201 with empty body