Solved

Creating users using GoodData Identity Provider

  • 19 July 2023
  • 3 replies
  • 47 views

Dear Community,

we are temporarily using GoodData Identity Provider. I want to ask you, how I can create regular users in our organization?

I can add new users via "Invite", but these users are administrators.

I need to add a regular user for our customer. I tried GoodData API (POST /api/v1/entities/users), but I do not know "authenticationId", which is crucial to login to GoodData, I guess.

Many thanks in advance.

Tomas Hoch

icon

Best answer by Boris 19 July 2023, 08:51

View original

3 replies

Userlevel 2

Hi Tomas,

You are correct, you need to know the authenticationId (or OIDC sub claim) to add the user directly through API.

I am afraid that’s the limitation of using GoodData auth0 as your OIDC provider. At this moment it’s only possible to create new users in our Identity provider by inviting them and this will automatically assigns them with an admin role.

The possibility to workaround this is to invite the user and then immediately change their role through API (however I understand it’s not the best solution).

The GoodData auth0 was build mostly for evaluation and development purposes. It’s possible that the invite feature will get some upgrade in the future to be more fit for the production, but as far as I know it’s not planned for the immediate future.

 

 

Hi Boris,

Thank you for your reply.

Your workaround led me to the idea that I could create user via “invite” functionality with some internal company email and then change user email, user groups, etc via PUT /api/v1/entities/users/{id} endpoint. That would work for us since it will not send any invitation and we would have enough time to do proper user settings.

However, it seems that even though I changed the email via API, these changes have not been applied to GoodData auth0, and the original email used within “invite” still works.

Is the workaround changing user email via API feasible and it only takes some time to apply changes in GoodData auth0? Or it is not possible to change the user email via GoodData API?

Thank you for helping me find the best workaround for us.

Userlevel 2

Hi Tomas,

Yes, I am afraid that it’s not possible to change user settings in auth0 by making changes in GoodData. In fact the email is not stored in GoodData just the user ID (which can be basically in any format but it’s still just an ID on GoodData side) and the only connection with auth0 is the authenticationId (which you won’t be able to obtain before actually inviting the user).

So the only way (apart from your own OIDC IdP) is the way I proposed.

Reply