Documentation Index
Fetch the complete documentation index at: https://mintlify.com/ansible/awx/llms.txt
Use this file to discover all available pages before exploring further.
Overview
Users are individual accounts in AWX. They can be members of organizations and teams, and can be granted various roles and permissions.
Endpoints
| Method | Endpoint | Description |
|---|
| GET | /api/v2/users/ | List users |
| POST | /api/v2/users/ | Create user |
| GET | /api/v2/users/{id}/ | Retrieve user |
| PATCH | /api/v2/users/{id}/ | Update user |
| DELETE | /api/v2/users/{id}/ | Delete user |
| GET | /api/v2/me/ | Get current user |
List Users
curl -X GET \
https://awx.example.com/api/v2/users/ \
-H "Authorization: Bearer YOUR_TOKEN"
Create User
curl -X POST \
https://awx.example.com/api/v2/users/ \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "jdoe",
"first_name": "John",
"last_name": "Doe",
"email": "jdoe@example.com",
"password": "SecurePassword123!",
"is_superuser": false,
"is_system_auditor": false
}'
Unique username for the user
User password (required for new users)
Grant superuser privileges
Grant system auditor role (read-only access to everything)
Password Requirements
Passwords are validated based on AWX settings:
LOCAL_PASSWORD_MIN_LENGTH - Minimum password lengthLOCAL_PASSWORD_MIN_DIGITS - Minimum number of digitsLOCAL_PASSWORD_MIN_UPPER - Minimum uppercase charactersLOCAL_PASSWORD_MIN_SPECIAL - Minimum special characters
Additional Django password validators may apply.
Retrieve User
curl -X GET \
https://awx.example.com/api/v2/users/5/ \
-H "Authorization: Bearer YOUR_TOKEN"
Response Schema
Whether user has superuser privileges
Whether user has system auditor role
Always returns "encrypted" for security Last login timestamp (read-only)
Account creation timestamp
Last modification timestamp
Links to related resources:
teams - Teams the user belongs toorganizations - Organizations the user is a member ofadmin_of_organizations - Organizations where user is adminprojects - Projects user has access tocredentials - User’s credentialsroles - Roles assigned to the useractivity_stream - User’s activity logaccess_list - Access list
Update User
curl -X PATCH \
https://awx.example.com/api/v2/users/5/ \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"email": "newemail@example.com",
"first_name": "Jane"
}'
Change Password
curl -X PATCH \
https://awx.example.com/api/v2/users/5/ \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"password": "NewSecurePassword456!"
}'
Users can change their own password. Superusers can change any user’s password.
Delete User
curl -X DELETE \
https://awx.example.com/api/v2/users/5/ \
-H "Authorization: Bearer YOUR_TOKEN"
Current User
Get information about the authenticated user:
curl -X GET \
https://awx.example.com/api/v2/me/ \
-H "Authorization: Bearer YOUR_TOKEN"
User Teams
curl -X GET \
https://awx.example.com/api/v2/users/5/teams/ \
-H "Authorization: Bearer YOUR_TOKEN"
User Organizations
curl -X GET \
https://awx.example.com/api/v2/users/5/organizations/ \
-H "Authorization: Bearer YOUR_TOKEN"
Admin of Organizations
curl -X GET \
https://awx.example.com/api/v2/users/5/admin_of_organizations/ \
-H "Authorization: Bearer YOUR_TOKEN"
User Projects
curl -X GET \
https://awx.example.com/api/v2/users/5/projects/ \
-H "Authorization: Bearer YOUR_TOKEN"
User Credentials
curl -X GET \
https://awx.example.com/api/v2/users/5/credentials/ \
-H "Authorization: Bearer YOUR_TOKEN"
User Roles
curl -X GET \
https://awx.example.com/api/v2/users/5/roles/ \
-H "Authorization: Bearer YOUR_TOKEN"
Activity Stream
curl -X GET \
https://awx.example.com/api/v2/users/5/activity_stream/ \
-H "Authorization: Bearer YOUR_TOKEN"
Access List
curl -X GET \
https://awx.example.com/api/v2/users/5/access_list/ \
-H "Authorization: Bearer YOUR_TOKEN"
Personal Access Tokens
Create Personal Token
curl -X POST \
https://awx.example.com/api/v2/users/5/personal_tokens/ \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"description": "API access token",
"scope": "write"
}'
Token scope: read or write
OAuth application ID (null for personal tokens)
List Personal Tokens
curl -X GET \
https://awx.example.com/api/v2/users/5/personal_tokens/ \
-H "Authorization: Bearer YOUR_TOKEN"
Revoke Personal Token
curl -X DELETE \
https://awx.example.com/api/v2/users/5/personal_tokens/123/ \
-H "Authorization: Bearer YOUR_TOKEN"
Filtering
# By username
?username=admin
# By email
?email__icontains=example.com
# Superusers only
?is_superuser=true
# System auditors
?is_system_auditor=true
# Search
?search=john
Ordering
# By username
?order_by=username
# By last login
?order_by=-last_login
# By creation date
?order_by=-created
User Types
Normal Users
Standard users with permissions based on assigned roles.
Superusers
Users with is_superuser=true have full access to all resources and can:
- Create/modify/delete any resource
- Grant any permission
- Access admin interface
System Auditors
Users with is_system_auditor=true have read-only access to all resources.
Complete Example
import requests
import json
base_url = "https://awx.example.com/api/v2"
token = "YOUR_TOKEN"
headers = {
"Authorization": f"Bearer {token}",
"Content-Type": "application/json"
}
# Create user
user_data = {
"username": "automation_user",
"first_name": "Automation",
"last_name": "User",
"email": "automation@example.com",
"password": "SecurePassword123!",
"is_superuser": False
}
response = requests.post(
f"{base_url}/users/",
headers=headers,
data=json.dumps(user_data)
)
if response.status_code == 201:
user = response.json()
user_id = user['id']
print(f"Created user {user_id}")
# Create access token for user
token_data = {
"description": "API Access",
"scope": "write"
}
token_response = requests.post(
f"{base_url}/users/{user_id}/personal_tokens/",
headers=headers,
data=json.dumps(token_data)
)
if token_response.status_code == 201:
token_info = token_response.json()
print(f"Token: {token_info['token']}")
else:
print(f"Error: {response.status_code}")
print(response.json())
