I am using Python3 Requests to talk to the 2.0 API in RT v5.0 to add assets. Mostly no problems but I seem to have come unstuck at adding new users. I thought I could POST a JSON structure:
<tokenText…> is my auth token from the system
and requests makes a good guess at the correct header - all the other posts work.
but all I get is a 400 status response and {“message”:“Could not create user”}
I just need the absolute basic user - like that created by the system for people submitting tickets.
Unfortunately the docs don’t give an example of creating a user in this way and I have searched all the usual places. The account with the token is able to create users via the console so I can’t see that it is a rights issue. All I can assume is that I am missing a crucial bit of information.
I’d be grateful if anyone could point me in the right direction.
Yes they do - thanks for the tip. The issue seems to be that including the token in the path also then includes it as a field in the MySQL insert - returning the error in the apache log:
Unknown column ‘token’ in ‘field list’
Which leads me to believe that I need to authenticate in a different way so that there is nothing untoward in the path. I have tried the header method - both in Python and trying the curl example given in the documentation. Neither works as I get 401 Unauthorized (having also tried resetting the token to make sure). Since the curl example fails as well I suspect the issue is to do with the system configuration somewhere - https redirects in Apache maybe.
Because the only way I can get authentication to work is by including the token in the path, the solution that seems to work - but it’s a hack - is to add to:
/opt/rt5/lib/RT/User.pm
delete $args{'token'};
just after: delete $args{'Disabled'};
This removes “token” from the list and allows the table insert to work as desired. Users can still be created with the console create - tests okay. The other place there could be an issue is the auto-creation of users when they submit tickets. I am not using a production system (no inbound email) so, until I get to the production stage, I won’t know if this is going to be an issue (I hope not).
Anyway, thanks for the tip. It pointed me in the right direction and allowed me to find a fix.
to the apache site config (sites-enabled/…) Restarted apache and now I can authorise using headers. The REST 2.0 docs probably need a bit of an update to mention this.
However, I should have read the manual more thoroughly.