Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum

    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    Solved Create User via API without Invite

    Support
    3
    10
    810
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • timmmmyboy
      timmmmyboy last edited by

      I'm looking at generating user accounts externally through the API. It looks like even though you can prevent the invite from being sent, the user does eventually have to go to the invite URL and enter a password, is that right? I'm hoping to not have to expose the user to the Cloudron admin interface and rather have them interact directly with the external application. Could I POST data to the invite page directly to complete the creation of the user account?

      1 Reply Last reply Reply Quote 0
      • girish
        girish Staff last edited by

        @timmmmyboy I think it's a bit tricky to POST to that invite page because it's an oauth route and depends on sessions. Would it help if we enhanced the current user creation API to take in a password as well?

        timmmmyboy 1 Reply Last reply Reply Quote 0
        • timmmmyboy
          timmmmyboy @girish last edited by

          @girish Taking a password via the API to bypass the verification process would work perfectly.

          1 Reply Last reply Reply Quote 0
          • girish
            girish Staff last edited by

            @timmmmyboy I have added the API, will be part of the next release (sometime next week). If you want to try it out on your Cloudron, you need to apply just the two liner to your Cloudron /home/yellowtent/box/src/routes/user.js and then sudo systemctl restart box:

            https://git.cloudron.io/cloudron/box/commit/7549b3e837c441e2fd8bc2afa142db327c7ad181#934e382c74ab750a4f5bf63011fc52b1cd205ac6

            timmmmyboy 1 Reply Last reply Reply Quote 0
            • timmmmyboy
              timmmmyboy @girish last edited by

              @girish Awesome, works perfectly! Thanks for the super fast turnaround!

              1 Reply Last reply Reply Quote 0
              • S
                stoccafisso last edited by stoccafisso

                Where do the user change their profile/password etc, if they whish/need to?

                timmmmyboy 1 Reply Last reply Reply Quote 0
                • timmmmyboy
                  timmmmyboy @stoccafisso last edited by

                  @stoccafisso That's a good point. It looks like we'd need to add 'password' as an option to the Update user call as well

                  1 Reply Last reply Reply Quote 0
                  • girish
                    girish Staff last edited by

                    Users change their own passwords using the profile api. Currently, there is no way for an admin to set an arbitrary password for an existing user. Instead an admin can 'reset' it using re-invite api.

                    1 Reply Last reply Reply Quote 0
                    • timmmmyboy
                      timmmmyboy last edited by

                      Standard users can't generate a token to make that API call though, right?

                      1 Reply Last reply Reply Quote 0
                      • girish
                        girish Staff last edited by

                        Normal users can create tokens but they don't have access to any call other than the /api/v1/profile/* routes. Internally, each token has a list of "scopes" (oauth scopes) which indicate what API can be allowed. For normal users, this scope is only the profile scope. For admin users, it includes all the other API calls.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Powered by NodeBB