Hello everyone! Is it possible to retrieve from this POST method; https://secure.gooddata.com/gdc/account/login if the user is admin of the workspaces they belong to or not? i cant seem to find that information from this call. Or is there another call to retrieve this information? Thank you in advance!

Hi @Nicole Lopez, you can not get information about whether user is admin or not from the call to /gdc/account/login. This endpoint only logs the user in (creates the session) but it is not tied to any particular workspace. From the official APIs you would need to call

GET /gdc/projects/PROJECT_ID/users/USER_PROFILE_ID/permissions

for a particular user and workspace and then in the response check the value of

associatedPermissions/permissions/canManageProject

If it is equal to “1” that means the particular user is administrator in that particular workspace. Technically, this call returns values of all the permissions of a particular user in that workspace, so you can also use that to check other things. But canManageProject is a permission which only admins have, so that should be safe to use. if you do not know the USER_PROFILE_ID, you can get it for currently logged-in user by calling

GET /gdc/account/profile/current

Thank you, i will look in to that! I do have another question regarding POST method; https://secure.gooddata.com/gdc/account/login. when i do this request in postman i get back all the right attributes but when i apply my POST method in code i get 403 (Forbidden). my code looks like this:

const loginToGD = async () => {

const url = ’https://brandranalytics-dev.on.gooddata.com/gdc/account/login'; fetch(url, { method: ‘POST’, mode: ‘no-cors’, headers: { ‘Accept’: ‘application/json’, ‘Content-Type’: ‘application/json’ }, body: JSON.stringify({ postUserLogin: { login:“nicole.lopez@hackberry.se”, password:“XXXXXX”, remember:1, }, }) }) .then(async response => { const data = await response.json(); console.log(‘URL Response: ’, data); }) .catch(error => { console.log(‘Response Error: ’, error); }) }

@Nicole Lopez, is this code supposed running in the browser or somewhere on the back-end? If it is supposed to run inside of the browser under the user who is currently logged-in to GoodData, you should not need to log-in. (Typically the user would be already logged in either by username and password or using the single-sign-on and will have a valid GoodData session and when using the GoodData SDK you will not need to handle the token renewal even). I am also not sure about the “no-cors” mode here. Based on this discussion in SO, it might be causing problems. If you need to set up CORS for your GoodData domain, here is how to do it.

@Michal Hauzírek this is supposed to run inside the browser. I want to login user via the api to later be able to show the right workspaces for the right user. Why i want to login with the API is to later be able to retrieve data from that specific user.

OK so for the CORS error, I would suggest to use the approach mentioned here. But for some technical reasons you will not be able to put there “https://localhost:3000”. You must use something like “https://mylocalapp.local:3000” And for the whole logging user via front-end code - I am not sure this is the best approach. if I am not mistaken, that would mean you would need to put each user’s password dynamically into the code which is sent to the browser. That might work for development, but probably not for a production use. I would suggest to use one of this ways: • do not use passwords at all and use one of the supported SSO methods (for the hosted GD either SAML 2.0 or PGP) and let GoodData assign the valid user session within the browser automatically based on the SSO calls • use the GoodData SDK to automatically detect if user is logged in to GoodData and if not, it redirects them to the standard GoodData login page and then redirects back to your app with a valid session • build your own login page and ask user to enter their credentials and pass them to GoodData

Ok, thank you! I looked at the documentation and i dont understand how to white-label a domain. and will that affect us in any other way later on? and we are trying to implement the last alternative; build your own login page and ask user to enter their credentials and pass them to GoodData. We are trying to login the user with our own custom login and passing hteir cridential with this POST method. is there another way/post method to pass the users cridentials to good data?

To white-label your domain, you can follow this document (basically you contact GoodData support and provide them with the required resources - the domain name and alternatively the certificate). Note that if you have the FREE tier, the white-labeling might be an add-on. Regarding the login page, that might be a bit out of my knowledge, but I hope maybe @Jiri Zajic or @Dan Homola will be able to help you with that.

@Michal Hauzírek Thank you, i will contact them and ask some further questions.

Hi @Nicole Lopez replying here so others can chime in. Let me understand the usecase a bit more: you want to automatically log in a user using username/password? Where do those values come from? Or is this only for local development only? If so, you could use the FixedLoginAndPasswordAuthProvider to “hard-code” the credentials for local development, similar to how we use it in our playground app: https://github.com/gooddata/gooddata-ui-sdk/blob/master/examples/playground/src/App.tsx#L13-L23 Does this help or am I completely off? 🙂

@Jiri Zajic yes, I want to login the user using the api so that i can retrieve information from the user later on. Is there a function that lets me retrieve information from the user without using an API call? 👀

@Nicole Lopez - just to be on the same page, can you please help us understand what you are trying to achieve? • is this login meant for the end user using a browser? • do you want to log-in the user to be able to check which workspace he has access to • and then based on if he has access (and maybe also if he is admin as in your original question) do you want to display some dashboard or some custom visualization for them? Or is there some other scenario you want to achieve? Thank you.

@Michal Hauzírek 1. The login is meant for a user using a browser. 2. I want to be able login the user to be able to retrieve any usr data. 3. I want to be able to use each users data to display the right dashboards. When trying to retrieve this information with the API i get a CORS error. The CORS documentation i received from you guys does not work for me. I tried using this PUT method; https://secure.gooddata.com/gdc/domains/{domain_name}/securitySettings/allowedOrigins/add with this body; { “allowedOrigins”: { “items”: [ “https://localhost:3000” ] } } The error i get is this; { “error”: { “errorClass”: “BadRequestHttpException”, “trace”: “”, “message”: “Trying to insert malformed origin”, “component”: “Webapp”, “errorId”: “6ec068ed-cc65-4621-aa0b-da0d2cbd166a”, “errorCode”: “gdc.http.client.status.400", “parameters”: [] } } I cant wrap my head around what i am doing wrong. I want to be able to Login a user in GoodData using this api: https://brandranalytics-dev.on.gooddata.com/gdc/account/login.

I see, thank you @Nicole Lopez @Jiri Zajic, @Dan Homola I believe in this case it should not be needed to pass any username+password for production use, right? But either use SSO to establish the session or let the user log-in with username and password as I was mentioning in this post, am I correct? Do we have any examples of code how to do the standard authentication?

Hi, yes that seems correct, here is the latest version of the CORS article. As for examples of how to do the standard login with username/password, we do this in the default create-gooddata-react-application, the relevant parts of the code are as follows: • the login form • the login function that is used by the login form • the backend instance specification that is used by the login function After you perform the login, you will be able to use the

backend

object to communicate with the platform, see its API reference for more information on what the provided functions are. Hope this helps

@Dan Homola Thank you! I can use the functions in this link; https://sdk.gooddata.com/gooddata-ui-apidocs/docs/sdk-backend-spi.ianalyticalbackend.html. By calling the backend and then calling the function like so:

export const GDAuthContextPrvider: FC = (props) => {

//const [isUserSignedIn, setIsUserSignedIn] = useState(false); const backend = createBackend(); const fetchTest = async () => { console.log(‘IS the user authenticated? : ’, await backend.isAuthenticated()); console.log(‘ORGANISATIONS: ’, await backend.organizations()); console.log(‘Current User: ’, await backend.currentUser()); console.log(‘WORKSPACES: ’, await backend.workspaces()); }

I’m glad there is progress 🙂 the functions only provide you more functions, they are used for categorization of sorts. so to get current orgnaization and a list of workspaces for example, you need to do something like

// the organizations API is simpler, it has just one method that gives you the current organization
const currentOrganization = await backend.organizations().getCurrentOrganization();
// the workspaces API is paginated so to get all the workspaces in an array, we must do it in two steps
const firstPageOfWorkspaces = await backend.workspaces().forCurrentUser().query();
const allPagesOfWorkspaces = await firstPageOfWorkspaces.all();

Does that make sense? Your IDE should be of assistance suggesting available members of the different parts of the API.

@Dan Homola Some bits make more sence now, thank you! My question is how do i know that a function belongs to another function when i want to get the info from a sertain function? for example: await backend.organizations().getCurrentOrganization() how am i supposed to know that in order for me to call .getCurrentOrganization() i need to call organizations() first?

The rationale behind the API design is that it should allow for easy discoverability in the IDE. SO when you type

backend.

your IDE should automatically suggest what is next. So when playing with the API, try to put a full-stop after everything and see if your IDE offers some more items. As for your second question, the Bear part is correct, you are running your application against the GoodData platform which we codename bear in our developer facing libraries (more on that in our docs). But the objects you should be getting should be simpler, are you really calling the proper functions as per my previous example?

@Dan Homola Thank You! this was really helpful for me! i am going to try and see if my IDE gives me any suggestions, it didint when i tried it before but i’m going to give it another try, thank you! ⭐ And i copied the code that you sent me so i called the functions exactly like you showed but i still got the Bear part. Maybe im missing something else? My last question is, can i get whether a user is admin or not in any of these functions? I cant seem to find a function that gives me that type of information, is there such a function?

I am glad it helped, try experimenting a bit with what your IDE shows, there should also be contextul help shown there 🙂 as for the admin, this is unfortunately not supported right now, the next best thing would be to check for a particular permission that would indicate the user is likely an admin. There is an API you can use like

const permissions = await backend.workspace("WORKSPACE").permissions().getPermissionsForCurrentUser();
const isAdmin = !!permissions.canManageProject; // or some other permission applicable to your use case

Thank you @Dan Homola ⭐ I will try this in my web-app! This was really helpful!

No problem 🙂

Hello @Dan Homola is there a method to reset a users password? If the user has forgotten their password or if they have trie to log in to many times is there a method to reset password? simple smile