When creating new users through the Automic REST API using the {client}/system/users endpoint, the user objects are created in a Locked state by default, even if they are intended to be active.

REST API version 24.4 and higher

The Automic REST API requires explicit activation flags and authentication details in the initial POST request to override the default locked status. If these attributes are missing from the user_attributes section, the system secures the new object by locking it.

To create a user that is both Active and Unlocked in a single API call, you must include the is_active attribute set to 1 along with a valid authentication method (either a local password or the LDAP flag).

Configuration Steps

Modify your JSON request payload to include the following in the user_attributes section:

For Standard (Local) Users

This command will make changes to your system. Review it carefully before running.

"user_attributes": 
     {  "is_active": 1,
       "usr_pw": "YourSecurePassword"
     }

For LDAP Users

This command will make changes to your system. Review it carefully before running.

"user_attributes": 
     {  "is_active": 1,  
     "is_ldap_user": "1"
     }

Example Full Payload

Review this command before running it.

{  "user": 
     {    "metadata": 
          {      "version": "24.1.0"    },
          "general_attributes": 
               {      "type": "USER",
                     "name": "DEPARTMENT/USER_ID", 
                     "minimum_ae_version": "11.2"    
               },    "user_attributes": 
               {      "is_active": 1,
                      "usr_pw": "TemporaryPassword123"   
               }  
          }
}

Note: If the is_active flag is set to 1 but no password or LDAP flag is provided, the user may still be created as locked for security reasons.

Additional Information

• Endpoint: POST {ae_url}/ae/api/v1/{client}/system/users