GuidesAPI ReferenceGitHub
Community ForumsTwitter

Invite users to the portal

The API enables you to invite users, via an SMS message or email, to log into the portal. This section shows how to invite a set of AD users by calling the /UserMgmt/InviteUsers function. You could use the same process to send an invite to Cloud Directory users, or LDAP users.

You need the name and UUID for each user to invite. Use a query such as the following on the DSUsers table to retrieve the AD users to invite.

  • To authenticate AD/LDAP users to Identity Platform requires a cloud connector to establish and maintain communication between Identity Platform and the AD or LDAP repository. This section assumes that you have a functioning cloud connector for your service. For more information, see "Install and configure a Centrify cloud connector".
/Redrock/Query
{
 "Script": "Select DisplayName, InternalName from DSUsers Where "ServiceInstance = 'acmeAD.com'  ORDER BY InternalName COLLATE NOCASE"
}

The query returns the name (DisplayName) and UUID (InternalName) for every user in the acmeAD.com Active Directory domain.

DSUsers query response 

"FullCount": 72,
"Results": [
  {
    "Entities": [
      {
        "Type": "DsUsers",
        "Key": "23a3d71e-ef74-1034-9268-cfacde932ec3",
        "IsForeignKey": false
      },
    ],
    "Row": {
      "DisplayName": "michael1",
      "InternalName": "23a3d71e-ef74-1034-9268-cfacde932ec3"
    }
  },
  {
    "Entities": [
      {
        "Type": "DsUsers",
        "Key": "37e02ca0-ef74-1034-9269-cfacde932ec3",
        "IsForeignKey": false
      },
   ],
    "Row": {
      "DisplayName": "michael2",
      "InternalName": "37e02ca0-ef74-1034-9269-cfacde932ec3"
    }
  },
 
  {
    "Entities": [
      {
        "Type": "DsUsers",
        "Key": "57234e80-ef74-1034-926a-cfacde932ec3",
        "IsForeignKey": false
      },
     ],
    "Row": {
      "DisplayName": "michael3",
      "InternalName": "57234e80-ef74-1034-926a-cfacde932ec3"
    }
  },
  {
    "Entities": [
      {
        "Type": "DsUsers",
        "Key": "76f995e8-ef74-1034-926b-cfacde932ec3",
        "IsForeignKey": false
      },
   ],
    "Row": {
      "DisplayName": "michael4",
      "InternalName": "76f995e8-ef74-1034-926b-cfacde932ec3"
    }
  },
...

Now invite the users retrieved from the query by passing the name and UUID retrieved from the query to /UserMgmt/InviteUsers:

  • If you were adding LDAP groups instead of users, you could send a group email by passing GroupInvite: true, but since you are not, set it to false.* 
/UserMgmt/InviteUsers
{
"Entities": [
 
 {'Type': 'User',
 'Name': 'michael1',
 'Guid': '23a3d71e-ef74-1034-9268-cfacde932ec3'
 },
 {
 'Type': 'User',
 'Name': 'michael2',
 'Guid': '37e02ca0-ef74-1034-9269-cfacde932ec3'
 },
 {
 'Type':'User',
 'Name':'michael3',
 'Guid': '57234e80-ef74-1034-926a-cfacde932ec3'
 },
 {
 'Type':'User',
 'Name':'michael4',
 'Guid': '76f995e8-ef74-1034-926b-cfacde932ec3'
 }
],
  "EmailInvite": true,
  "SmsInvite": false,
  "GroupInvite": false,
  "Role": "Invited Users"
}

The function sends an email message, with a login link, to each of the specified users. The server adds each user to the User Table . You can manage these users in the same way as Cloud users for example, by adding them to roles, retrieving information, resetting the password, etc.

Updated over 4 years ago