Using the API to create a user on an SSO only system

Alexander_Wright · June 22, 2016, 12:51pm

Is it possible to create users via the API with disable local login and SSO enabled?

I’m getting error 500 in response to my API REST calls. other functions work fine.

fefrei · June 22, 2016, 3:28pm

No, SSO disables user creation.

Why do you want to create the users? With SSO, they will be created automatically when they try to log in.

Alexander_Wright · June 22, 2016, 3:42pm

I’m migrating a bunch of users who currently use yahoo email groups to message.

I’ve lists of their email addresses and want to add them to a set of Discourse groups. Obviously, I can’t till they log in.

So far I’ve had people complaining that they can’t see their private category when they register, as they are not a member of the group yet. If I could create them as users and assign them to the relevant groups first, it would make it a lot easier!

codinghorror · June 22, 2016, 10:14pm

These should be staged users, as that’s the purpose of staging a user – participation in prior emails that may or may not turn into a web login.

Alexander_Wright · June 23, 2016, 6:56am

Ahh. How do I do that?

codinghorror · June 23, 2016, 6:58am

Let’s ask @zogstrip!

Alexander_Wright · June 23, 2016, 7:01am

I have the same use case as this topic: Adding new users vs inviting them

zogstrip · June 23, 2016, 10:29am

Creating staged users using the API is now possible

https://github.com/discourse/discourse/commit/5bfc9cf69ede127460bc14d1c7f109841d4e8dee

https://github.com/discourse/discourse_api/commit/8cfff42d2853c54b7140b2a1fab211ef9cbcbf3b

Alexander_Wright · June 23, 2016, 11:14am

Thank you!

So I would call create user with name, email, password, username, active = false, staged = true?

zogstrip · June 23, 2016, 12:42pm

That’s right

Alexander_Wright · July 3, 2016, 12:09pm

Right, this is working on a development site that does not have SSO switched on, but fails as soon as it is.
Should I be trying to do this a different way? Via a plugin, maybe?

Rana_Muhammad_Ahsan · April 12, 2017, 10:25am

@Alexander_Wright how did you solve this problem ?

DylannCordel · August 24, 2018, 3:38pm

Hi !

@zogstrip Seems we still can’t create new users via API (Forbidden is returned) with those settings:

SSO activated
allow new registrations: enabled (to be able to create account via API)
invite only: enabled (to disable the “register” button on the forum)
enable local logins: disabled (to only login via the SSO)

But if “enable local logins” is enabled, then it’s possible to create a new user via the API.

@Rana_Muhammad_Ahsan to temporary solve this problem, I send a PUT request to enable “local logins” setting, then a POST to create the user, then a new PUT request to disable “local logins” setting. Pretty much ugly but working

simon · August 24, 2018, 4:09pm

When SSO is enabled you can create users through the API with the sync_sso route. See Sync SSO user data with the sync_sso route for details about how to do it.

DylannCordel · August 24, 2018, 4:56pm

@simon awsome ! Thanks a lot.

Topic		Replies	Views
Create new SSO users without sending welcome emails Support	8	1657	September 20, 2018
New users via API if allow new unchecked Dev	6	1800	December 1, 2017
Create SSO Users, Adding To Group, Subscribing to Category via API SSO	5	2776	August 4, 2017
Creating Discourse accounts via SSO without visiting the forum URL? SSO	1	2027	February 13, 2020
How can I create a staged user via the API? Dev rest-api	4	839	December 2, 2020

Using the API to create a user on an SSO only system

Related topics