Is there an API scope which covers operations relating to groups?

I am making a bot which syncs our SSO group information into Discourse when that information changes in our directory service. There is a granular API scope for user operations, but there doesn’t seem to be one for groups. Am I just overlooking it?

1 Like

If I understand correctly you want an API scope for adding and removing users to groups. There is one for adding users and removing users.

Sorry, let expand. I know about those API endpoints. What I want is to generate an API key that had the permissions to do those things (and nothing else).

1 Like

I do not see an API endpoint to do that in the docs.

The docs do not really cover the API scopes. You can find them when you create a new API key on your site, and choose Scope: Granular.

1 Like

Are you looking for something like “manage groups” (optional group id)?

This scope would allow you to add and remove users from a group

1 Like

Yeah, exactly. Basically, checkboxes corresponding to the API endpoints documented at https://docs.discourse.org/#tag/Groups
image

roughly analogous to

The thing you said — add and remove group members — is probably the most important. (I can possibly see some value in separating those, but I don’t think I care for our purposes.) That presumably would also include “List group members” for groups that might not be public.

The next-most important thing is Create / Delete / Update — I think for our initial use, though, we’ll rely on manually created groups (and ignore SSO groups which don’t have a Discourse equivalent).

Thank you!

3 Likes

Yeah… feels like we are describing 2 scopes here:

  1. Manage groups (optional group id) - allows you to add / remove / set group owners / list

  2. Administer groups - allows you to create/delete and manage groups.

We can certainly get this done some time in the next month, it is not too huge.

Adding an internal tag to track it. Sounds good?

4 Likes

Sounds perfect — thanks!

3 Likes

The API scopes have been added for managing and administering groups:

I believe I already followed up elsewhere, but just closing the loop on this topic.

3 Likes