Kaseya Community

Create User via REST API

  • Has anyone created a user via the REST API?

    I'm trying inside a .NET application and in Postman and neither work. Oddly I'm getting two separate errors though.

    In the .NET application, I'm authenticated and pulling the ScopeId, RoleId, OrgId, and DepartmentId from the API. I also created the Scope I'm trying to use with the API.

    Here is the JSON I'm posting in both the .NET app and Postman as an image (for easy reading):

    Here is the JSON as text if you want to copy+paste for testing:

    {"UserId":0,"AdminName":"apitest@gmail.com","AdminPassword":"TestPassword321!","Admintype":1,"DisableUntil":"2020-03-24T18:31:37.132Z","CreationDate":"2020-03-24T18:31:37.132Z","AdminScopeIds":[96956151234244282241538123],"AdminRoleIds":[413878616],"FirstName":"API","LastName":"Test","DefaultStaffOrgId":11291751181884115251768129,"DefaultStaffDepartmentId":38481721651772362131918722,"Email":"apitest@gmail.com","Attributes":{}}

    In the .NET app I'm getting a 400 (Bad Request) with the Result field in the response JSON reading, "Error converting value \"UserId\" to type 'Kaseya.System.Contracts.Models.User'. Path '', line 1, position 8.".

    In Postman, which I'm less confident I have setup correctly since I created the scope with the .NET app, I'm getting the body reading, "ScopeId is not valid". Here is the Postman screenshot:

    Can anyone help? Anyone have experience creating a user from the API? Any tips or tricks I've missed? I tried to follow the swagger and documentation and both show my JSON formatted correctly. I know all my ID's are correct because I pulled them from the API. I'm on VSA version 9.4.0.24 if it makes a difference.

    Thanks in advance!

  • This doesn't work correctly, and we've asked engineering to look at it. The first issue was that the password logic was broken, and they fixed that a few months back, however, you will get invalid role or scope errors unless you make the user a member of both Role and Scope ID 2 (Master/System). Since there's no ability to remove role/scope membership by API, the call is pretty much unusable. Also - the password isn't clear text - I'm not sure if the documentation has been updated online yet.

    I'd open a ticket for this.

    Glenn

  • Our team will reach out to you.  Since version 9.4.0.24 (July 2017) there have been improvements and corrections on the various API methods.

  • My apologies. I'm on 9.5.0.24, just one patch behind current. I'm sure that will make a tremendous difference.

    Glenn, thanks for the info. I thought I was going crazy. I'll see what Oscar comes back with. I understand the reasons it historically isn't this way, but it would be nice if Kaseya used their own API to interact with the database like a modern 3-tier application. That ensures the API functionally does everything the web interface does and minimizes the bugs in the API.

  • Glen, I wanted to thank you again. I worked with support and can confirm Role and Scope ID only work with a value of 2. Less than ideal, but being on-prem I used the database directly update the Role and Scope. For future reference for anyone else these two tables are:

    Role: adminGroupAcl (requires a delete and insert)

    Scope: adminScopeAcl (can just an update)

    As far as password logic, plain-text worked for me, as of 9.5.0.24 anyway.

  • Thank you for working with Kaseya support.