API endpoint /users

[mjstealey]

/users

Endpoints

• [x] /users paginated - optional parameters: search=string
• [x] /users/{int:pk} - optional request body data = {"display_name": "string"}
• [x] /users/{int:pk}/credentials
• [x] /users/{int:pk}/tokens - optional parameters: refresh=true, generate=true

Functions

• [x] paginated list of users
• [x] paginated list of users with search - by display_name, email - as active user
• [x] retrieve user detail - by user_id - as self
• [x] update user detail - display_name - as self
• [x] list credentials - by user as self
• [x] retrieve user tokens - by user as self
• [x] refresh the access token - by user_id - as self
• [x] generate new token pair - by user_id - as self
• [x] create user - not implemented (performed via workflow)
• [x] delete user - not implemented (set is_active to False from the admin panel)

Fields

--- /users
display_name:           - string
email:                  - string
user_id:                - int
username:               - string
--- /users/{int:pk}
aerpaw_roles:           - array of string
display_name:           - string
email:                  - string
is_active:              - boolean
oidc_claim:             - string
user_id:                - int
username:               - string
--- /users/{int:pk}/credentials
name:                   - string
public_key_credential:  - string
public_key_id:          - int
--- /users/{int:pk}/tokens
access_token:           - string
refresh_token:          - string

Notes

Roles:

• experimenter
• pi
• operator
  • strictly operational (view access to all)
  • change status of experiments but otherwise cannot alter experiments
  • should not be able to alter project membership
• site_admin

[sschaud2]

@mjstealey Hi Michael, I'm trying to refresh the token and using the API mentioned on API Endpoint page ("http://aerpaw-dev.renci.org:8000/api/users/$userID/token/refresh") We are seeing the following response from this API. Can you please check the response?

[mjstealey]

Can you please check the response?

Add a trailing slash to the API_URL, e.g. http://aerpaw-dev.renci.org:8000/api/token/refresh/

• This endpoint came with the plugin being used by OAuth and doesn't respect the trailing slash settings that have been applied to the rest of the endpoints for whatever reason...
• See example code: https://github.com/AERPAW-Platform-Control/aerpaw-portal/blob/main/examples/code/users.py#L90-L103
• I'll eventually rewrite this as a new implementation, but for now use the trailing slash

[sschaud2]

Hi, I used a trailing slash too. But it gives me the same error. Following is my command: curl -X "POST" -H "Authorization: Bearer ${token}" -H "Content-Type: application/json" -d "${updatedtoken}" "http://aerpaw-dev.renci.org:8000/api/users/$userID/token/refresh/"

[sschaud2]

[mjstealey]

I used a trailing slash too. But it gives me the same error.

Sorry, use http://aerpaw-dev.renci.org:8000/api/token/refresh/, without the /users/{int:pk} part

• a later version will be tucked under the /users endpoint, but for now it's under the /token endpoint and figures out who you are by the Bearer token in the header

[sschaud2]

It worked! Thanks

[mjstealey]

It worked! Thanks

Glad to hear it NOTE: The newly issued ACCESS_TOKEN is only seen by the receiver and is not currently stored to the User's profile - this will be taken care of when I migrate the refresh call to be under the /users endpoint (again, sorry about the confusion here)

[sschaud2]

No problem and thanks for mentioning it.