Creating a User Using a Remote Authentication Provider (LDAP)

Problem

You want to create a user and your Posit Connect server is configured with LDAP authentication.

Solution

Python

Obtain a temporary ticket using the remote users API and then create the user.

from posit import connect

USERNAME = "francism"

client = connect.Client()
response = client.get("v1/users/remote", params={"prefix": USERNAME})
results = response.json()['results']

The results object contains a single entry with the username francism. Notice that the guid field is empty, which means that the user has not been created on Connect.

>>> import polars as pl
>>> pl.DataFrame(results)
shape: (1, 12)
┌───────────────┬──────────┬────────────┬───────────┬───┬───────────┬────────┬──────┬──────────────┐
│ email         ┆ username ┆ first_name ┆ last_name ┆ … ┆ confirmed ┆ locked ┆ guid ┆ temp_ticket  │
│ ---           ┆ ---      ┆ ---        ┆ ---       ┆   ┆ ---       ┆ ---    ┆ ---  ┆ ---          │
│ str           ┆ str      ┆ str        ┆ str       ┆   ┆ bool      ┆ bool   ┆ null ┆ str          │
╞═══════════════╪══════════╪════════════╪═══════════╪═══╪═══════════╪════════╪══════╪══════════════╡
│ FrancisM@posit┆ francism ┆ Myra       ┆ Francis   ┆ … ┆ true      ┆ false  ┆ null ┆ QNb7ST5XTnQ9 │
│ -9.com        ┆          ┆            ┆           ┆   ┆           ┆        ┆      ┆ /nX2pIy9xRNB │
│               ┆          ┆            ┆           ┆   ┆           ┆        ┆      ┆ LeKafO…      │
└───────────────┴──────────┴────────────┴───────────┴───┴───────────┴────────┴──────┴──────────────┘

The field temp_ticket can be used in a subsequent request to create an account on Connect.

ticket = results[0]['temp_ticket']
response = client.put("v1/users", json={"temp_ticket": ticket})
user = response.json()

>>> pl.DataFrame(user)
shape: (1, 11)
┌────────────┬──────────┬────────────┬───────────┬───┬────────────┬───────────┬────────┬───────────┐
│ email      ┆ username ┆ first_name ┆ last_name ┆ … ┆ active_tim ┆ confirmed ┆ locked ┆ guid      │
│ ---        ┆ ---      ┆ ---        ┆ ---       ┆   ┆ e          ┆ ---       ┆ ---    ┆ ---       │
│ str        ┆ str      ┆ str        ┆ str       ┆   ┆ ---        ┆ bool      ┆ bool   ┆ str       │
│            ┆          ┆            ┆           ┆   ┆ null       ┆           ┆        ┆           │
╞════════════╪══════════╪════════════╪═══════════╪═══╪════════════╪═══════════╪════════╪═══════════╡
│ FrancisM@p ┆ francism ┆ Myra       ┆ Francis   ┆ … ┆ null       ┆ true      ┆ false  ┆ deb96ce5- │
│ osit-9.com ┆          ┆            ┆           ┆   ┆            ┆           ┆        ┆ e865-4fce │
│            ┆          ┆            ┆           ┆   ┆            ┆           ┆        ┆ -8b46-999 │
│            ┆          ┆            ┆           ┆   ┆            ┆           ┆        ┆ be9…      │
└────────────┴──────────┴────────────┴───────────┴───┴────────────┴───────────┴────────┴───────────┘

Full example

from posit import connect

USERNAME = "francism"

client = connect.Client()

response = client.get("v1/users/remote", params={"prefix": USERNAME})
ticket = response.json()['results'][0]['temp_ticket']
response = client.put("v1/users", json={"temp_ticket": ticket})
user = response.json()

R

Call the users_create_remote function to create a user.

library(connectapi)

USERNAME = "francism"

client <- connect()
users <- users_create_remote(client, prefix = USERNAME)

When the call succeeds, the response contains a non-NULL guid value, which is a unique identifier for the user’s account on Connect.

> users
# A tibble: 1 × 11
  email                username first_name last_name user_role created_time        updated_time        active_time confirmed locked guid
  <chr>                <chr>    <chr>      <chr>     <chr>     <dttm>              <dttm>              <dttm>      <lgl>     <lgl>  <chr>
1 FrancisM@posit-9.c… francism Myra       Francis   viewer    2024-06-07 19:35:30 2024-06-07 19:35:30 NA          TRUE      FALSE  deb96ce5-e86…