Use > JMX Reference > Developer Reference Methods > How to Create an Integration User

How to Create an Integration User

You can create a dedicated user for integrations between other products and UCMDB. This user enables a product that uses the UCMDB client SDK to be authenticated in the server SDK and execute the APIs. Applications written with this API set must log on with integration user credentials.

Caution It is also possible to connect with a regular UCMDB user (for instance, admin). However, this option is not recommended. To connect with a UCMDB user, you must grant the user API authentication permission.

To create an integration user:

  1. Launch the Web browser and enter the server address, as follows:

    https://localhost:8443/jmx-console

    You may have to log in with a user name and password (the default user name is sysadmin).

  2. Under UCMDB, click service=UCMDB Authorization Services.

  3. Locate the createUser operation. This method accepts the following parameters:

    • customerId. The customer ID.

    • username. The integration user's name.

    • userDisplayName. The integration user's display name.

    • userLoginName. The integration user's login name.

    • password. The integration user's password.

      The default password policy requires the password to include at least one of each of the four following types of characters:

      • Uppercase alphabetic characters
      • Lowercase alphabetic characters
      • Numeric characters
      • Symbol characters :/._+-[]

      It also requires the password to adhere to the minimum length, which is set by the Password minimum length infrastructure setting.

  4. Click Invoke.

  5. In a single-tenant environment, locate the setRolesForUser method and enter the following parameters:

    • userName. The integration user's name.

    • roles. SuperAdmin.

    Click Invoke.

  6. Locate the setUserServerAdministratorValue method and enter the following parameters:

    • customerID. The customer ID.
    • userLoginName. The integration user's login name.
    • serverAdministratorValue. Select True.

    Click Invoke.

  7. In a multi-tenant environment, locate the grantRolesToUserForAllTenants method and enter the following parameters to assign the role in connection with all tenants:

    • userName. The integration user's name.

    • roles. SuperAdmin.

    Click Invoke.

    Alternatively, to assign the role in connection with specific tenants, invoke the grantRolesToUserForTenants method, using the same userName and roles parameter values. For the tenantNames parameter, enter the required tenants.

  8. Either create more users, or close the JMX console.

  9. Log on to UCMDB as an administrator.

  10. From the Administration tab, run Package Manager.

  11. Click the Create custom package icon.

  12. Enter a name for the new package, and click Next.

  13. In the Resource Selection tab, under Settings, click Users.

  14. Select a user or users that you created using the JMX console.

  15. Click Next and then Finish. Your new package appears in the Package Name list in Package Manager.

  16. Deploy the package to the users who will run the API applications.

    For details, see the section How to Deploy a Package.

  17. Note The integration user is per customer. To create a stronger integration user for cross-customer usage, use a systemUser with the isSuperIntegrationUser flag set to true. Use the systemUser methods (removeUser, resetPassword, UserAuthenticate, and so on).

    There are two out-of-the-box system users. You need provide passwords for them during installation. However, you may change their passwords after installation using the resetPassword method.

    • sysadmin/<password>

    • UISysadmin/<password> (this user is also the SuperIntegrationUser).

      If you change the UISysadmin password using resetPassword, you must do the following:

      1. In the JMX Console, locate the UCMDB-UI:name=UCMDB Integration service.

      2. Run setCMDBSuperIntegrationUser with the user name and new password of the integration user.

      3. Restart the UCMDB server for the change to take effect.