Even UI is preventing the user to create User or Group, the user is able to create user or Group wiht invalid characters.
invalid characters are :
'/', '\\', ':', '|', '?', '*', '"', '<', '>'
The APIs are:
POST http://<host>:8080/artifactory/ui/groups Body: {"name":"group1:1"}
POST http://<host>:8080/artifactory/ui/users Body: {"profileUpdatable":true,"disableUIAccess":false,"internalPasswordDisabled":false,"name":"users1:1","email":"my@email.com","password":"123456","retypePassword":"123456","userGroups":[{"groupName":"readers","realm":"internal"}]}
PUT http://<host>:8080/artifactory/api/security/users/users1:1 Body: { "name": "users1:1", "email": "my@email.com", "admin": true, "password": "123456", "profileUpdatable": true, "internalPasswordDisabled": false, "groups": [ "readers" ], "lastLoggedInMillis": 0, "realm": "internal", "offlineMode": false, "disableUIAccess": false }
PUT http://<host>:8080/artifactory/api/security/groups/group:1 Body: { "name": "group:1" }