Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can't create new user trough API without password #10717

Closed
gpredl opened this issue Aug 16, 2018 · 5 comments
Closed

Can't create new user trough API without password #10717

gpredl opened this issue Aug 16, 2018 · 5 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap enhancement feature: users and groups

Comments

@gpredl
Copy link

gpredl commented Aug 16, 2018
edited
Loading

Within NC control panel it's possible to configure 'Send email to new users'. If done so, one can leave password blank when creating new user. Email for activation and password setup will be send to new user.

We'd like to create new users trough the API, without providing password, but email instead.
This is not possible trough the API.

Steps to reproduce

  1. POST to /ocs/v1.php/cloud/users with parameters 'userid' and 'email'

Expected behaviour

In control panel we've set up: Send email to new users.
As mentioned in the docs it should be possible to dismiss 'password' and use 'email' instead.
Email should be send to news users to activate account and set password.

Actual behaviour

API responds with 101: Bad request

Server configuration

Nextcloud version 13
@nextcloud-bot
Copy link
Member

GitMate.io thinks possibly related issues are #3914 (Can't create a user from GUI with simple passwords), #10333 (Admin can not change user password), #2289 (Admin can't create new user), #4836 (logo alignment issue on new password for new user without password created), and #997 (password policy not applied when creating new user).

@leomelzer
Copy link

@gpredl This is now possible (v14) and landed in 41b690e

We discovered an issue with our custom password policy (32 characters) as the length and layout of the auto-generated password is currently hardcoded in the provisioning API.

Instead it should reuse the policy like in the sharing app:

server/apps/sharebymail/lib/ShareByMailProvider.php

Line 216 in 9b9d729

if (!empty($passwordPolicy)) {

Seems like this would require some more work (making this more general and then pulling it in for different apps).

@gpredl
Copy link
Author

gpredl commented Oct 19, 2018

Some idea about a workaround?
Or is there any way to send the 'Password lost token' to a user by calling the api or something else?

@skjnldsv skjnldsv added the 0. Needs triage Pending check for reproducibility or if it fits our roadmap label Aug 20, 2020
@szaimen
Copy link
Contributor

szaimen commented Jun 9, 2021

We don't support creating users without password.

@szaimen szaimen closed this as completed Jun 9, 2021
@DylannCordel
Copy link

DylannCordel commented Jun 9, 2021
edited
Loading

We don't support creating users without password.

Too bad. When authentication is provided by SSO, but users are created by API, we must create user with random password which is worst than creating an user with a blank password which not allow normal auth with it.

Furthermore, it's too bad the API can not reproduce the normal behavior of the web admin interface...

Could you please explain why you don't want to support it ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap enhancement feature: users and groups
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@leomelzer @DylannCordel @skjnldsv @nextcloud-bot @gpredl @szaimen