Uploaded image for project: 'Crowd Data Center'
  1. Crowd Data Center
  2. CWD-5792

REST API ability to change e-mails

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • REST
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Hi:

      Our customer tena-sda.org upgraded to Crowd 4.4.1 and noticed the ability to change the user e-mail address has been removed from the REST API due to security reasons. The customer would like to see it back if possible, having an option on Crowd to disable/enable the feature as they were using the Crowd REST API on a dedicated web server for user management, and removing that ability from the REST API had a huge impact to their day to day management as they will now be forced to do it using the Crowd UI which they don't want.

            [CWD-5792] REST API ability to change e-mails

            Nobuyuki Mukai made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 994447 ]

            Prasad added a comment -

            16e3e9eaf982 find rest calls details below

            REST End Point: /rest/usermanagement/1/user?username=xxxxx
             

            {     
   "name": "xxxxx",
   "first-name": "aaa",
   "last-name": "bbb",
   "display-name": "ccc" 
}

             

            Prasad added a comment - 16e3e9eaf982 find rest calls details below REST End Point: /rest/usermanagement/1/user?username=xxxxx   {      "name" : "xxxxx" , "first-name" : "aaa" ,    "last-name" : "bbb" ,    "display-name" : "ccc"   }  

            Sebastian Pöschl added a comment -

            Hi 5ca6434febe4, can you post the JSON you are sending to the Crowd API endpoint?

             

            Best regards

            Sebastian

            Sebastian Pöschl added a comment - Hi 5ca6434febe4 , can you post the JSON you are sending to the Crowd API endpoint?   Best regards Sebastian

            Prasad added a comment -

             -Dcrowd.email.change.by.external.apps=true  not worked  for us and we are using crowd Version: 5.3.1

            Prasad added a comment -  -Dcrowd.email.change.by.external.apps=true  not worked  for us and we are using crowd Version: 5.3.1

            Prasad added a comment -

            Crowd version: 5.3.1, I am trying to update user details except email but still getting below error, what kind of design is this??
             

            {     "reason": "APPLICATION_PERMISSION_DENIED",      
      "message": "External applications are not allowed to change user emails"
 }

             

            Prasad added a comment - Crowd version: 5.3.1, I am trying to update user details except email but still getting below error, what kind of design is this??   {      "reason" : "APPLICATION_PERMISSION_DENIED" ,      "message" : "External applications are not allowed to change user emails" }  

            Evgenii added a comment - - edited

            For me  -Dcrowd.email.change.by.external.apps=true has not worked (crowd Version: 5.0.1)

            Evgenii added a comment - - edited For me  -Dcrowd.email.change.by.external.apps=true has not worked (crowd Version: 5.0.1)

            Evgenii added a comment - - edited

            The same error occurs when trying to activate/deactivate user, e.g. using the sample curl as described here https://confluence.atlassian.com/crowdkb/how-to-deactivate-activate-a-user-through-api-814197032.html gives error 403 {"reason":"APPLICATION_PERMISSION_DENIED","message":"External applications are not allowed to change user emails"}

            Why it gives error on changing email, if the parameters have only name and active:
             
            '{"name":"testuser", "active":"false"}'?

            That is blocker for my API scripts for bulk-update users (crowd Version: 5.0.1)

            Evgenii added a comment - - edited The same error occurs when trying to activate/deactivate user, e.g. using the sample curl as described here https://confluence.atlassian.com/crowdkb/how-to-deactivate-activate-a-user-through-api-814197032.html gives error 403 {"reason":"APPLICATION_PERMISSION_DENIED","message":"External applications are not allowed to change user emails"} Why it gives error on changing email, if the parameters have only name and active:   '{"name":"testuser", "active":"false"}' ? That is blocker for my API scripts for bulk-update users (crowd Version: 5.0.1)
            Claire Upham made changes -
            Remote Link New: This issue links to "Page (Confluence)" [ 777974 ]

            Nicolas Cordier added a comment -

            I confirm that setting up JVM parameter -Dcrowd.email.change.by.external.apps=true is a working solution (Crowd DC 5.1.2).

            Nicolas Cordier added a comment - I confirm that setting up JVM parameter -Dcrowd.email.change.by.external.apps=true is a working solution (Crowd DC 5.1.2).

            James Hunt added a comment -

            This is a blocker for enabling Cloud Migrations, where we need to bulk/programmatically change the email addresses for users.

            James Hunt added a comment - This is a blocker for enabling Cloud Migrations, where we need to bulk/programmatically change the email addresses for users.

              Unassigned Unassigned
              b5631d04c5ac Nilton G. Junior
              Votes:
              34 Vote for this issue
              Watchers:
              25 Start watching this issue

                Created:
                Updated: