Creates a user in CDP.




Creates a user in CDP.


--identity-provider-user-id <value>
--email <value>
[--saml-provider-name <value>]
[--groups <value>]
[--first-name <value>]
[--last-name <value>]
[--cli-input-json <value>]


--identity-provider-user-id (string)

The identity provider user id for the user. This ID must match the NameId attribute value that will be passed for the user in the SAML response using the associated SAML provider.

--email (string)

The email address for the user. Used for display purposes only.

--saml-provider-name (string)

The name or CRN of the SAML provider the user will use for login.

--groups (array)

The list of groups the user belongs to. The groups will be created if they do not exist. There are certain restrictions on the group name. Refer to the How To > User Management section in the Management Console documentation for the details.


"string" "string" ...

--first-name (string)

The user first name.

--last-name (string)

The user last name.

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.


user -> (object)

Information about a Cloudera CDP user.

userId -> (string)

The stable, unique identifier of the user.

crn -> (string)

The CRN of the user.

email -> (string)

The user’s email address.

firstName -> (string)

The user’s first name.

lastName -> (string)

The user’s last name.

creationDate -> (datetime)

The date when this user record was created.

accountAdmin -> (boolean)

Whether the user is an administrator of their CDP account.

identityProviderCrn -> (string)

The identity provider that the user belongs to. It can be “Cloudera-Default”, “Cloudera-Administration”, or a customer defined IdP.

lastInteractiveLogin -> (datetime)

The date of the user’s last interactive login.

workloadUsername -> (string)

The username used in all the workload clusters of the user.

azureCloudIdentities -> (array)

The list of Azure cloud identities assigned to the user.

item -> (object)

An Azure cloud identity.

objectId -> (string)

The Azure object ID (OID).

environmentCrn -> (string)

The CRN of the environment this Azure cloud identity is associated with. If omitted, this cloud identity is associated with all Azure environments.

workloadPasswordDetails -> (object)

Information about the workload password for a user or machine user.

isPasswordSet -> (boolean)

Whether a workload password is set.

passwordExpirationDate -> (datetime)

The date at which the workload password will expire.

passwordMinLifetimeDate -> (datetime)

The minimum lifetime date of the workload password. A new password can’t be set until this date.

Form Factors

public, private