NetApp · kcantrel · Jul 1, 2025 · Jul 1, 2025 · Jul 1, 2025 · Jul 1, 2025
@@ -1,9 +1,14 @@
 # Workload Factory API Samples
 
-This folder contains various bash shell scripts that demonstrate how to use the Workload Factory APIs to perform an action.
-They all depend on the [wf_utils](wf_utils) file that contains common functions used by all the scripts. One function
-in particular, `get_token()`, is used to get an authentication token from the BlueXP Workload Factory API. So, if you
-copy just some of the files from this repository, make sure to copy the `wf_utils` file as well.
+The idea behind this folder is to show examples of how to use the [BlueXP Workload Factory APIs](https://console.workloads.netapp.com/api-doc).
+Not every API is covered, but the ones required to get you started (get a refresh token, get the BlueXP accountID,
+get BlueXP credentials ID) are included. Once you have the informaiton provided from these APIs are ready to start
+calling the others. While these examples are implemented as bash shell scripts you should be able to translate them
+to the programming language that you prefer, such as Python, Go, or JavaScript.
+
+Note that all these scripts depend on the [wf_utils](wf_utils) file that contains common functions used by all the
+scripts. One function in particular, `get_token()`, is used to get an authentication token from the BlueXP Workload
+Factory API. So, if you copy just some of the files from this repository, make sure to copy the `wf_utils` file as well.
 
 ## Prerequisites
 To run these scripts, you need to have the following prerequisites:
@@ -17,7 +22,7 @@ command line options. For example, instead of using the `-t` option to pass the
 [BlueXP Refresh Token](https://docs.netapp.com/us-en/bluexp-automation/platform/create_user_token.html#1-generate-a-netapp-refresh-token),
 you can set the `REFRESH_TOKEN` environment variable.
 
-- All scripts use the `-h` option to display the help message, which includes the available options and their descriptions.
+- All scripts accept the `-h` option to display the help message, which includes the available options and their descriptions.
 
 Hopefully with these samples you'll be able to create your own scripts that use any the Workload Factory APIs.
 If you do create a new script, please consider contributing it back to this repository so that others can benefit from it.
@@ -26,6 +31,7 @@ If you do create a new script, please consider contributing it back to this repo
 | Script | Description |
 | --- | --- |
 | [list_bluexp_accts](list_bluexp_accts) | This list all the BlueXP accounts (a.k.a. organizations) that you have access to. |
+| [list_bluexp_members](list_bluexp_members) | This list all members of a provided BlueXP account. |
 | [list_credentials](list_credentials) | This lists all the Workload Factory credentials that you have access to. |
 | [list_filesystems](list_filesystems) | This lists all the FSx for ONTAP file systems that you have access to in the specified AWS region. |
 | [list_snapmirrors](list_snapmirrors) | This lists all the SnapMirror relationships that are associated with the specified file system. |

@@ -72,9 +72,9 @@ if [ -z "$token" ]; then
   exit 1
 fi
 
-run_curl GET "$token" https://api.bluexp.netapp.com/tenancy/account $tmpout $tmperr
-if jq -r '.[] | .accountName + " " + .accountPublicId' $tmpout > $tmperr; then
-  cat $tmperr | column -t -N Name,ID
+run_curl GET "$token" https://api.bluexp.netapp.com/v1/management/organizations $tmpout $tmperr
+if jq -r '.items[] | "\(.name) \(.legacyId) \(.id)"' $tmpout > $tmperr; then
+  cat $tmperr | column -t -N Name,ID,UUID
 else
   echo "Error: Failed to parse the response from the API." >&2
   exit 1

@@ -0,0 +1,116 @@
+#!/bin/bash
+#
+# This script is used to list all the BlueXP members that are
+# associated with the BlueXP account.
+#
+# It is dependent on the 'wf_utils' file that is included in this repo. That
+# file contains the 'get_token' function that is used to obtain a valid
+# access token that is needed to run the Workload Factory APIs. The file needs
+# to either be in the command search path or in the current directory.
+################################################################################
+
+################################################################################
+# Display usage information then exits the script.
+################################################################################
+usage () {
+  cat >&2 <<EOF
+This script is used to list all the BlueXP members that are
+associated with the BlueXP account.
+
+Usage is: $(basename $0) -t refresh_token  -u bluexp_account_uuid
+
+Where: refresh_token    - Is a refresh token used to obtain an access token needed
+                          to run the Workload Factory APIs. You can obtain a refresh
+                          token by going to https://services.cloud.netapp.com/refresh-token
+       bluexp_account_uuid - The BlueXP account UUID to list the members for. You can
+                             find all the accounts you have access to by running the
+                             "list_bluexp_accts" script.
+       -h                - Displays this help message.
+
+Note, instead of passing parameters on the command line, you can set the
+following environment variables instead:
+
+    export REFRESH_TOKEN=<refresh_token>
+    export BLUEXP_ACCOUNT_UUID=<bluexp_account_uuid>
+EOF
+  exit 1
+}
+
+tmpout=/tmp/list_accounts-out.$$
+tmperr=/tmp/list_accounts-err.$$
+trap 'rm -f $tmpout $tmperr' exit
+
+while getopts ht:u: opt; do
+  case $opt in
+    t) REFRESH_TOKEN="$OPTARG" ;;
+    u) BLUEXP_ACCOUNT_UUID="$OPTARG" ;;
+    *) usage ;;
+  esac
+done
+#
+# Source the wf_utils file.
+wf_utils=$(command -v wf_utils)
+if [ -z "$wf_utils" ]; then
+  if [ ! -x "./wf_utils" ]; then
+    cat <<EOF >&2
+Error: The 'wf_utils' script was not found in the current directory or in the command search path.
+It is required to run this script. You can download it from:
+https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples
+EOF
+    exit 1
+  else
+    wf_utils=./wf_utils
+  fi
+fi
+. "$wf_utils"
+#
+# Check that all the parameters are set.
+if [ -z "$REFRESH_TOKEN" ]; then
+  cat >&2 <<EOF
+Error: A BlueXP refresh tokon is required to run this script.
+Can you be obtain from this web page:
+
+    https://services.cloud.netapp.com/refresh-token
+
+EOF
+  usage
+fi
+
+if [ -z "$BLUEXP_ACCOUNT_UUID" ]; then
+  cat >&2 <<EOF
+Error: A BlueXP account UUID is required to run this script.
+You can see the list of accounts you have access to by running the "list_bluexp_accts" script
+found in this GitHub repository: https://github.com/NetApp/FSx-ONTAP-samples-scripts/tree/main/Management-Utilities/Workload-Factory-API-Samples
+
+EOF
+  usage
+fi
+#
+# Check that the required commands are available.
+for cmd in jq curl; do
+  if ! command -v $cmd &> /dev/null; then
+    echo "Error: The required command '$cmd' was not found. Please install it." >&2
+    exit 1
+  fi
+done
+
+token=$(get_token)
+if [ -z "$token" ]; then
+  echo "Error: Failed to obtain an access token. Exiting." >&2
+  exit 1
+fi
+
+run_curl GET "$token" "https://api.bluexp.netapp.com/v1/management/organizations/$BLUEXP_ACCOUNT_UUID/users?limit=1000&filter=userType%20ne%20%27agent%27" $tmpout $tmperr "" "application/vnd.netapp.bxp.users.extended+json"
+count=$(jq -r '.count' $tmpout 2> /dev/null)
+if [[ "$count" == 0 ]]; then
+  echo "No members found for the specified BlueXP account UUID: $BLUEXP_ACCOUNT_UUID." >&2
+  echo "Did you provide the UUID or the iD? This script needs the UUID." >&2
+  exit 0
+fi 
+
+if jq -r '.items[] | .name + "," + if(.userType == "user") then .userType + "," + .id else .userType + "," + .auth0Id end + "," + .email' $tmpout > $tmperr; then
+  cat $tmperr | sort -f | column -s, -t -N Name,Type,ID,Email
+else
+  echo "Error: Failed to parse the response from the API." >&2
+  exit 1
+fi
@@ -63,7 +63,7 @@ filter="filter=$(urlencode "type eq 'AWS_ASSUME_ROLE'")"
 while getopts "ht:a:o" opt; do
   case $opt in
     t) REFRESH_TOKEN="$OPTARG" ;;
-    a) BLUEXP_ACCOUNT="$OPTARG" ;;
+    a) BLUEXP_ACCOUNT_ID="$OPTARG" ;;
     o) filter="";; # No filter, list all credentials.
     *) usage ;;
   esac

@@ -46,7 +46,7 @@ get_token() {
 
   createToken=false
   if [ -r $tokenFile ]; then
-    let diff="$(date +%s) - $(date -r wf_utils +%s)"
+    let diff="$(date +%s) - $(date -r $tokenFile +%s)"
     if [ $diff -gt $token_valid ]; then
       createToken=true
     fi
@@ -94,27 +94,31 @@ run_curl () {
   output="$4"
   errorOutput="$5"
   data="$6"
+  accept="$7"
   if [[ -z "$method" || -z "$token" || -z "$url" || -z "$output" || -z "$errorOutput" ]]; then
     echo "Error: Missing required parameters for run_curl function." >&2
     exit 1
   fi
+  if [ -z "$accept" ]; then
+    accept="application/json, text/plain, */*"
+  fi
   case "$method" in
     GET|get)
       curl -sw "%{stderr}%{http_code},%{errormsg}" "$url" \
-         -H "Accept:application/json, text/plain, */*" \
+         -H "Accept: $accept" \
          -H "Authorization: Bearer $token" > $output 2> $errorOutput
       exitCode=$?
       ;;
     POST|post)
       curl -X POST -sw "%{stderr}%{http_code},%{errormsg}" "$url" \
-         -H "Accept:application/json, text/plain, */*" \
+         -H "Accept: $accept" \
          -H "Content-Type:application/json" \
          -H "Authorization: Bearer $token" --data "$data" > $output 2> $errorOutput
       exitCode=$?
       ;;
     DELETE|delete)
       curl -X DELETE -sw "%{stderr}%{http_code},%{errormsg}" "$url" \
-         -H "Accept:application/json, text/plain, */*" \
+         -H "Accept: $accept" \
          -H "Authorization: Bearer $token" > $output 2> $errorOutput
       exitCode=$?
       ;;