I'm working on automating user access granting and revocation via email or API requests. Currently, I can add users using sudo resutil newuser, but it defaults users to the 'master' role, and I can't set different roles during creation. Does anyone know how to assign specific roles at user creation with resutil, or an alternative method to dynamically set user permissions during automation? Any guidance or best practices would be really appreciated.

Hi Lucas,

You can set a role at creation using the -role parameter.

Command line utility to create a new user in an organization in Resilient Systems
Usage: newuser [options]
  Options:
    -help, --help
      Print the Create User help
    -createorg
      Should the organization be created if it does not exist
      Default: false
    -createrole
      Should the role be created if it does not exist
      Default: false
  * -email
      Email of the user
    -first
      First name of the user
      Default: Resilient
    -incseqcodeprefix
      The Prefix for the Incident Sequence Code. Customization valid only for Child and Standard organizations. Maximum of 10 characters allowed.
    -incseqcodestartindex
      The Starting Index for the Incident Sequence Code. This is only set on organization creation and can not be set thereafter. Customization only valid for Child and Standard organizations.
    -last
      Last name of the user
      Default: Sysadmin
  * -org
      Name of the organization to add the user to
    -orglocale
      The locale of the new organization. It determines the language of
      default playbook items. The supported locale values are "en" for
      English, "ja" for Japanese, "zh_TW" for Traditional Chinese, "zh" for
      Simplified Chinese, "it" for Italian, "fr" for French, "de" for German,
      "es" for Spanish, "pt_BR" for Brazil Portuguese, "ru" for Russian and
      "ko" for Korean. The default value is "en"
    -role
      Name of the role to assign to user (default role: Master Administrator)
    -sysadmin
      Assign System Settings permission to the user
      Default: false

I'm working on automating user access granting and revocation via email or API requests. Currently, I can add users using sudo resutil newuser, but it defaults users to the 'master' role, and I can't set different roles during creation. Does anyone know how to assign specific roles at user creation with resutil, or an alternative method to dynamically set user permissions during automation? Any guidance or best practices would be really appreciated.