We have Discourse forum app that is connected to our app via SSO. User avatars are updated right through it. But our photos are moderated, so we need to clear user avatars on Discourse app side.
Can it be done somehow by REST API or by SSO mechanism enhancements? I cannot find this information in docs.
You should be able to call the sync_sso route to re-sync the user avatar, but you can also make a PUT request to http://localhost:3000/u/<username>/preferences/avatar/pick with an empty upload_id
to delete the users current avatar and assign them a letter avatar.
Here is some ruby code you can use that uses the discourse_api gem so that you can use it as a reference. The sync_sso endpoint is a bit different than other endpoints because you need to send it a signed payload.
Do I get it right, that we can send POST /admin/users/sync_sso?api_key=...&api_username=...&sso=...&sig=... ?
Are ‘sso’ and ‘sig’ parameters similar to the same of SSO authorization flow?
I tried to perform request as explained above POST /admin/users/sync_sso?api_key=...&api_username=...&sso=...&sig=... and it responded 200 with my user, but user avatar was not updated without any log events. What am I doing wrong?
You should include the api_key and api_username in the http header because using them in the query parameters is deprecated.
I think there must be some protection in the code that prevents accidentally deleting an avatar if the field is left off or is empty. You will most likely need to provide a url to a default avatar to replace the existing avatar.
I replaced API credentials with headers.
SSO synchronization didn’t update user avatar with provided one. Although Sidekiq job in that call was completed and there was no error or warning logs.