Path error when trying to create (assign) permissions to a user via the management api

spopida · May 4, 2021, 3:20pm

Hi - I’m getting the following 400 error when attempting to assign permissions to a recently created user:

{
“statusCode”: 400,
“error”: “Bad Request”,
“message”: “Path validation error: ‘Object didn’t pass validation for format user-id-with-max-length: 60911603a5c3a9450ae5aea6’ on property id (ID of the user to assign permissions to).”,
“errorCode”: “invalid_uri”
}

The uri I am using is:

https://<my-tenant-domain/api/v2/users/60911603a5c3a9450ae5aea6/permissions

And the body of the POST is: {“permissions”:[“read:company_profile”]}

What’s going wrong here? I can’t see any documented limit on the user_id length. It’s easily confused with the username attribute, but that can’t be the issue - I am not using username, and the error is complaining about the URI path which contains the user_id, not the username

Thanks in advance

stephanie.chamblee · May 4, 2021, 4:08pm

Hi @spopida,

Welcome to the Community!

The user ID will follow the following pattern <connection name>|<user id in connection>

For example, a Google social connection user would look like this: google-oauth2|115088824167938831773

The pipe (|) will need to be URL encoded: %7C

The endpoint would be: https://YOUR_DOMAIN/api/v2/users/google-oauth2%7C115088824167938831773/permissions

Also, the body of the request should contain an array of objects like this:

{
  "permissions": [{
    "resource_server_identifier": "https://you-api-identifier/",
    "permission_name": "read:company_profile"
  }]
}

spopida · May 4, 2021, 6:50pm

Hi Stephanie - thanks so much for the prompt reply; really helpful. I got most of the way there after posting the question, but I don’t know how long it would have taken me to figure out the URL encoding. Out of interest, is this documented anywhere? I’m sure it must be, but I couldn’t see it in the API docs for this endpoint (e.g. it just says there needs to be an array of “object”). Anyway, thanks again.

stephanie.chamblee · May 4, 2021, 7:09pm

You’re welcome! Glad to hear it is helpful info.

There are a couple of places in the docs where the user ID format is documented (example), but I’m not sure if there is documentation for URL-encoding the user ID when calling the Management API.

Regarding the array of objects, I found the schema by calling the GET /api/v2/users/{id}/permissions endpoint to see what the array of objects should look like. I agree that it could be helpful to include the schema of the objects in the docs directly. I will pass on that feedback. Thank you!

spopida · May 4, 2021, 9:46pm

OK - well, many thanks again for the info - great support.

system · May 19, 2021, 9:47pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Help with api to api set role to user Help management-api , roles	4	652	November 1, 2023
Object didn't pass validation for format user-id: 5bcdd68e49b84629ca644761, "errorCode":"invalid_uri" Help	2	15314	November 21, 2018
What params are needed for management api call to add permissions to a user Help management-api , users	2	775	April 28, 2023
Creating a user via the management API returns a 404? Help	3	3585	December 16, 2021
HTTP 500 Creating Users Help management-api , users	0	531	October 26, 2023

Path error when trying to create (assign) permissions to a user via the management api

Related Topics