I am making a bot which syncs our SSO group information into Discourse when that information changes in our directory service. There is a granular API scope for user operations, but there doesn’t seem to be one for groups. Am I just overlooking it?
1 Like
If I understand correctly you want an API scope for adding and removing users to groups. There is one for adding users and removing users.
Sorry, let expand. I know about those API endpoints. What I want is to generate an API key that had the permissions to do those things (and nothing else).
1 Like
I do not see an API endpoint to do that in the docs.
The docs do not really cover the API scopes. You can find them when you create a new API key on your site, and choose Scope: Granular.
1 Like
Are you looking for something like “manage groups” (optional group id)?
This scope would allow you to add and remove users from a group
1 Like
Yeah, exactly. Basically, checkboxes corresponding to the API endpoints documented at https://docs.discourse.org/#tag/Groups
roughly analogous to
The thing you said — add and remove group members — is probably the most important. (I can possibly see some value in separating those, but I don’t think I care for our purposes.) That presumably would also include “List group members” for groups that might not be public.
The next-most important thing is Create / Delete / Update — I think for our initial use, though, we’ll rely on manually created groups (and ignore SSO groups which don’t have a Discourse equivalent).
Thank you!
3 Likes
Yeah… feels like we are describing 2 scopes here:
-
Manage groups (optional group id) - allows you to add / remove / set group owners / list
-
Administer groups - allows you to create/delete and manage groups.
We can certainly get this done some time in the next month, it is not too huge.
Adding an internal tag to track it. Sounds good?
4 Likes
Sounds perfect — thanks!
3 Likes
