Users

Create a Posit Connect user from LDAP or OAuth2

The following snippets search for a user in LDAP or OAuth2 and then create a Posit Connect account for that user.

Workflow

There are three steps:

  1. Search for the user via the GET /v1/users/remote endpoint.
  2. Note the temp_ticket for the desired user account.
  3. Use the PUT /v1/users endpoint with the temp_ticket to create a corresponding account on Connect.

Search for a user

Search for the user via the GET /v1/users/remote endpoint:

library(httr)

# The CONNECT_SERVER URL must have a trailing slash.
connectServer <- Sys.getenv("CONNECT_SERVER")
connectAPIKey <- Sys.getenv("CONNECT_API_KEY")

# set the search parameter
prefix <- "julie"

# make the query request
response <- GET(
  paste0(connectServer, "__api__/v1/users/remote"),
  add_headers(Authorization = paste("Key", connectAPIKey)),
  query = list(prefix = prefix)
)

results <- content(response)$results

# print the results of the API call
formatGuid <- function(guid) {
  if (is.null(guid)) {
    "NULL"
  } else {
    guid
  }
}

cat(sprintf("FIRST\tLAST\tUSERNAME\tGUID\n"))
for (user in results) {
  cat(
    sprintf("%s\t%s\t%s\t\t%s\n",
      user$first_name,
      user$last_name,
      user$username,
      formatGuid(user$guid)
    )
  )
}

The output looks like the following:

FIRST   LAST    USERNAME    GUID
Julie   Goolly  julie1      15f5f51d-08ff-4e5b-beba-4ccf24e248dd
Julie   Jolly   julie2      NULL

Let’s break this down:

  • In this particular case, there are two users matching the search for the prefix julie:
    • julie1
    • julie2
  • The user julie1 has a GUID value, which means that this user already has a Connect account.
  • The user julie2 does not have a GUID value, which means that this user does not have a Connect account.

Additionally, included in the API response for each user is a temp_ticket value that can be used to give the user a Connect account. In the example above, the second user, julie2, needs an account, so you need that user’s temp_ticket:

tempTicket <- results[[2]]$temp_ticket

You can use this tempTicket value in the next section to create the account.

Create a Posit Connect user account

Using the tempTicket value from the previous section, you can give the user a Connect account with a PUT /v1/users request:

library(httr)

# The CONNECT_SERVER URL must have a trailing slash.
connectServer <- Sys.getenv("CONNECT_SERVER")
connectAPIKey <- Sys.getenv("CONNECT_API_KEY")

# The 'tempTicket' value comes from an earlier /users/remote search.

response <- PUT(
  paste0(connectServer, "__api__/v1/users"),
  add_headers(Authorization = paste("Key", connectAPIKey)),
  body = list(temp_ticket = tempTicket),
  encode = "json"
)

print(content(response))

When the call succeeds, the response contains a non-NULL GUID value, which is a unique identifier for the user account.

If the user already exists in Connect, the response will contain an error:

$error
[1] "The requested username is already in use."