Help Center/ Workspace/ API Reference/ Workspace APIs/ Desktop Pools/ Authorized Users and User Groups of the Desktop Pool
Updated on 2026-02-10 GMT+08:00
View PDF
Share

Authorized Users and User Groups of the Desktop Pool

Function

Query users and user groups authorized by a desktop pool.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

  • If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
  • If you are using identity policy-based authorization, the following identity policy-based permissions are required.

    Action

    Access Level

    Resource Type (*: required)

    Condition Key

    Alias

    Dependencies

    workspace:desktopPools:authorizeUsers

    Write

    desktopPool *

    -

    -

    ims:images:list

    user

    -

    userGroup

    -

URI

POST /v2/{project_id}/desktop-pools/{pool_id}/users

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID.

pool_id

Yes

String

Specifies the desktop pool ID.

Request Parameters

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

objects

No

Array of AuthorizedObjects objects

Indicates the user or user group to be authorized.

action

Yes

String

Action. Options: ADD (adding an authorized user or user group), REMOVE (removing an authorized user or user group), and CHANGE_PRIVILEGE (modifying the permission group of an authorized user or user group).
Table 3 AuthorizedObjects

Parameter

Mandatory

Type

Description

object_type

Yes

String

Enumeration of bound object types.

  • USER: user

  • USER_GROUP: user group

object_id

Yes

String

User ID or user group ID.

object_name

Yes

String

Username or user group name.

domain

No

String

Domain name of the user/user group.

user_group

Yes

String

Specifies the user permission group to which the desktop user belongs.

  • sudo: Linux administrator group.

  • default: Default Linux user group.

  • administrators: Windows administrator group. Administrators have full access to the desktop and can make any required changes except for forbidden operations.

  • users: Standard Windows user group. Standard users can use most software programs and change system settings that do not affect other users.

created_at

No

String

Creation time.

Response Parameters

Status code: 204

Normal, no response body.

Status code: 400

Table 4 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 401

Table 5 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 403

Table 6 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 404

Table 7 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 409

Table 8 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Status code: 500

Table 9 Response body parameters

Parameter

Type

Description

error_code

String

Error code, which is returned upon failure.

error_msg

String

Error message.

error_detail

String

Error details.

encoded_authorization_message

String

Encrypted detailed reason for rejection. You can call the API decode-authorization-message of STS to decrypt the reason.

Example Requests

POST /v2/0bec5db98280d2d02fd6c00c2de791ce/desktops-pools/a130ab3a-72bf-4b71-baa9-af4987c8e338/users

{
  "objects" : [ {
    "object_type" : "string",
    "object_id" : "string",
    "object_name" : "string",
    "user_group" : "string",
    "created_at" : "string"
  } ],
  "action" : "string"
}

Example Responses

None

Status Codes

Status Code

Description

204

Normal, no response body.

400

The request cannot be understood by the server due to malformed syntax.

401

Authentication failed.

403

No operation permissions.

404

No resources found.

409

Operation conflict.

500

An internal service error occurred. For details about the error code, see the error code description.

Error Codes

See Error Codes.

Parent topic: Desktop Pools