When I use graph API withinh POSTMAN in order to add a guest user to a group I process as follow :
Add the /invitations endpoint to add my user ( I do not use email invitation)
Then I can see from my AD users that it has been added properly
Next I user the /groups/{Group ID}/members/$ref to add the created users in step 1
Then I can see from my AD that users has been added to group right a way
Then this exact steps, I add it in a script that is executed at a dedicated time as follow: 1. use the /invitations endpoint to add my user and Send an invitation by email 2. The return userID by first call is then used to add right away the user to the group by using the /groups/{Group ID}/members/$ref endpoint with body set as
{ "#odata.id": "https://graph.microsoft.com/v1.0/directoryObjects/{userID}" }
Then response to add user to group is successfull
Then what is strange is that when I check in my AD , I can see the user which has been created BUT I do not see that user as a member of the group it has been added. It is not displayed while no error was return during the API call
Does it means it takes some time to get it visible ? Does it means that user need to validate the invitation before it is added to the group ?
Thanks for your help
regards
That was my mistake,
I get a scrip flag error which prevent the api to complete
Related
I have a Non-Salesforce Auth System which holds usernames and passwords for a few thousand users. I am willing to migrate these users to Salesforce and give access to these users to my Experience Cloud site. I am developing an apex REST Resource which will take username and password as arguments and create a user with that username and password with a community profile. I am planning to call this API from my Non-Salesforce system and migrate all these users. I am using Site.createExternalUser method in this API. I am getting the exception
Site.ExternalUserCreateException: [That operation is only allowed from within an active site.]
The reason I am using Site.createExternalUser is because I don't want to send the welcome email/reset password email to my users since they already have signed up successfully long ago.
I am open to any alternatives for achiving this.
Below is my code:
#RestResource(urlMapping='/createUser/*')
global with sharing class createUserRestResource {
#HttpPost
global static String doPost(){
Contact con=new Contact();
con.Firstname="First";
con.LastName= "Last";
con.Email="first.last#example.com";
con.AccountId='/Add an account Id here./';
insert con;
usr.Username= "usernameFromRequest#example.com";
usr.Alias= "alias123";
usr.Email= "first.last#example.com";
usr.FirstName= "First";
usr.IsActive= true;
usr.LastName= "Last";
usr.ProfileId='/Community User Profile Id/';
usr.EmailEncodingKey= 'ISO-8859-1';
usr.TimeZoneSidKey= 'America/Los_Angeles';
usr.LocaleSidKey= 'en_US';
usr.LanguageLocaleKey= 'en_US';
usr.ContactId = con.Id;
String userId = Site.createExternalUser(usr, con.AccountId, 'Password#1234', false);
return userId;
}
}
You can suppress sending emails out in whole org (Setup -> Deliverability) or in the Community config there will be way to not send welcome emails (your community -> Workspaces -> Administration -> Emails).
Without running on actual Site I don't think you can pull it off in one go. In theory it's simple, insert contact, then insert user. In practice depends which fields you set on the user. If it's Partner community you might be setting UserRoleId too and that's forbidden. See MIXED DML error. In Customer community you might be safe... until you decide to assign them some permission sets too.
You might need 2 separate endpoints, 1 to create contact, 1 to make user out of it. Or save the contact and then offload user creation to #future/Queueable/something else like that.
I have successfully created a new user in Azure AD following Create User reference.
Now I want to update that very same user following Update User reference. To keep things simple This is the JSon content I'm sending:
{
"userType": "T"
}
The documentation tells me to send a PATCH request, but I always receive an HTTP Error 400 (Bad request). If I try sending a POST request I receive an HTTP Error 405 (Method not allowed).
The destination URL is https://graph.microsoft.com/v1.0/users/user-id.
The user-id is the one returned with the user details.
What am I missing?
Update 1
Those are the permissions set to the application:
This is exactly how you update user (PATCH).
However the userType property cannot be T, from the docs you refer:
That property can only have one of the two distinct values: Member or Guest.
Of course, the user-id in path should the id property as returned by the get users operation.
I am pretty sure that if you use a normal REST client will be able to see the whole error message, which will be more meaningful.
If you still have issue - paste the exact error message.
I'm currently working on revising the registration procedure of our recruitment ATS, made with AngularJS and Meteor, and I need to verify the new user's email during the registration procedure.
The logic would go as followed:
1- User fills in a form on the 'get-started' page and when clicking on 'sumbit', the ATS sends a verification email(I'll be using 'sendVerificationEmail' from Meteor)
2- After the user clicks on the link from the email, they'll get redirected to the 'register' page where additional information is required and the registration procedure is concluded.
As mentioned above, I'm planning to use 'sendVerificationEmail' to verify the user but I also want to use it to send back the userID.
From what I read on the Meteor API, I can pass extra data to the token with 'extraTokenData'
Accounts.sendVerificationEmail(userId, [email], [extraTokenData])
Now how do I declare the 'extraTokenData' object?
Could I do it like this: Accounts.sendVerificationEmail(userId, "", { _id: userId })
And how do I retrieve the 'userId' with 'Accounts.onEmailVerificationLink'?
your help will be greatly appreciated.
The email and the extra tokens are optionals, but if you want to send them send it as a string.
If you want to send the extra token but no emails you can try using Accounts.sendVerificationEmail(userId, undefined, "extra token") or if it doesn't work you can request the user's deatil user Meteor.user(). then call user.emails[0].address.
To retrieve information you have to get user by token and all data are there on user document under services.password.reset field. Look here how Accounts.generateResetToken is implemented https://github.com/meteor/meteor/blob/1e7e56eec8414093cd0c1c70750b894069fc972a/packages/accounts-password/password_server.js#L609.
Often, users associates multiple email addresses with the same account. But question is, is there any way to know using which email user has logged in into the system?
Note : We are strictly using email for log in and not username.
Mongodb users emails array structure:
"emails" : [
{
"address" : "xyz#abc.com",
"verified" : true
},
{
"address" : "prq#abc.com",
"verified" : true
},
{
"address" : "jkl#abc.com",
"verified" : true
}
],
Problem statement -
One need to order X item, while putting order in system we need email address of logged in user to save in this particular order. So that one can receive notifications related to this particular order.
If we save email address of logged in user to custom database field while logging in it may work but issue is if another user owning same account logs in then second users email will be updated to database and his/her email will get save in order placed by user 1.
Thanks in advance.
The best way to achieve this is to store the last email used for each user while logging in in a custom field in the user model.
Using the Account.onLogin hook on the server side or your custom login form you can have the user's last email used. Then you should save this email address for each user in a custom field such as user.lastEmail.
If you do so and need then the lastEmail on the user side, do not forget to publish the custom field to your client such as described in the documentation.
I want to create the contact & user related to account by importing csv file.After creating user, generated username & password should be send to the respective user's email address.
I am planning to use Vf page for accepting the csv file & the Contact & User API for adding contacts & Users. But I am not sure regarding the email notification to user through API.
So can anyone please provide me the best solution for this?
You'll need to use Database.insert() flavor instead of straightforward insert users;
Check out the DML options help topic, especially the "emailHeader" property
Something like this should do the trick:
List<User> users = new List<User>(); // fill in with data from your CSV
Database.DMLOptions dlo = new Database.DMLOptions();
dlo.EmailHeader.triggerUserEmail = true;
database.insert(users, dlo);
Be aware though that you can't insert an inactive user. You can deactivate them straight after the insert but then they can't login so you'll probably want to suppress the sending of email, not enforce it. Make sure you have sufficient amount of licenses before you start!
Last but not least - you can cheat by setting the same password for them with System.setPassword('user id', 'new password') :) It's not recommended to expose this functionality to your end users though, can process only 1 user at a time and wastes 1 DML statement...