This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Is it possible to programmatically create user accounts for developers on the Apigee Edge portal?

Posted on 06-18-2015 09:28 AM
Not applicable
Reply posted on --/--/---- --:-- AM

We already have an application where our users purchase other products. We want to be able to sell them API access from within the application. The sale and billing will be handled by this application but it's not connected to API usage. If they purchase the subscription they can use the API. We'd like to create accounts for the developers to sign up in to the developer portal and/or Apigee automatically so they can go in and access their oauth information etc. (the other option is to just show it in our app where they buy it but we'd still like to save them a step of having to register more than once). Is this something that's doable?

Solved Solved
1 8 1,697
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

Hi @Lucian Hontau ,

Yes, there is a way to programmatically create developer accounts in the developer portal.

The Apigee Edge developer portal is built on Drupal, which is an open-source CMS framework. There are many many add-ons for drupal, packaged as "modules", which are contributed by the community. a pair of these modules allows you to expose Drupal capabilities via REST services; they are: Services, and REST Server. This means you could do the basic Create, read, Update, Delete operations on any entity managed by Drupal, including users, blog posts, forum topics, taxonomy terms, and so on.

The standard release of the Apigee Edge developer portal includes the modules necessary to do this, but by default these modules are not configured . (And sometimes they are not even enabled ). They're in the box, just not properly "turned on" if you know what I mean.

Here's how to turn them on. It takes about 3 minutes.

  1. Login to the dev portal as administrator
  2. click the modules menu item on the top horizontal navbar
  3. When the modules list page appears, type "services" in the filter box
  4. You should see a list of modules, at least one of which is called "Services". Insure that module is turned on. If it is on (green/grey), no problem. If it is not on, click the button to turn it on.
  5. back to the filter box, type "rest"
  6. in the list you should see a service called "REST Server". Again, make sure it is on.
  7. If you have changed anything you need to click "Save configuration" from this page. This button will appear in the lower left hand side of the page. You may have to scroll down to see it.
  8. After saving, again in the top navbar, click Structure, then Services.
  9. On the services page, click the "+Add" button
  10. Specify "rest" for the "machine readable name" Select REST as the Server Specify "rest" for the "Path to endpoint" tick the box for "Session Authentication" Click "Save"
  11. At that point the page will refresh and you will see an entry labeled "rest" in the list of services. On the right-hand-side, click the link that says "edit resources".
  12. on the resulting page, tick the boxes for node, system, taxonomy_term, taxonomy_vocabulary, and user. Actually you just asked for a programmatic way to create users, and the "user" resource is the only one you would need. But these other resources are also good to expose via REST.
  13. click "Save"
  14. Done

You can now invoke REST APIs on Drupal that will create users, create / update posts, etc.

The next thing you will ask is, "OK, now that there is a REST endpoint enabled for Drupal, what's the REST API call to make, to create a user?" This means we can now return to your original question!

The answer to that is a bit longer. The reason is that there are some pre-requisites for authentication. But the good news is that I have explained all of this in a set of blog posts elsewhere - start HERE.

The short summary is: Your app must login, then use the Cookie and CSRF token in the login response in subsequent API calls.

Login: 

curl -i -X POST -H content-type:application/json \
    -H Accept:application/json \
    http://example.com/rest/user/login \
    -d '{ 
     "username" : "YOURUSERNAME",
     "password" : "YOURPASSWORD"
    }'

The response is like this: 

{
  "sessid": "ShBy6ue5TTabcdefg",
  "session_name": "SESS02caabc123",
  "token": "w98sdb9udjiskdjs",
  "user": { .... }
}

Subsequent calls must pass wither the Cookie header, or the Cookie header as well as the X-CSRF-Token header. The former if it is a query, the latter if it is an write (create, update, or delete).

The X-CSRF-Token header must take the value that is provided for the "token" property. The cookie must take a value like "{session_name}={sessid}". In this case you would need:

Cookie:SESS02caabc123=ShBy6ue5TTabcdefg
X-CSRF-Token:w98sdb9udjiskdjs

Finally, to create a user: 

curl -i -X POST \
    -H Cookie:SESS02caabc123=ShBy6ue5TTabcdefg \
    -H X-CSRF-Token:w98sdb9udjiskdjs \
    -H accept:application/json \
    -H content-type:application/json \
    http://example.com/rest/user -d '{
      "name" : "TestUser1",
      "mail" : "Dchiesa+Testuser1@apigee.com",
      "pass": "secret123",
      "timezone": "America/Los_Angeles", 
      "field_first_name": {
          "und": [{ "value": "Dino"}]
      },
      "field_last_name": {
          "und": [{ "value": "Chiesa"}]
      }
   }'

Get more details at the linked blog posts.

View solution in original post

Jump to Solution
8 REPLIES 8

Posted on --/--/---- --:-- AM
sarthak
New Member
Reply posted on --/--/---- --:-- AM

Hi @Lucian Hontau Yes this can be done. All the functions in Apigee are exposed as Rest APIs including the lifecycle managemnet of developers and apps.

You can find detailed documentation about the developers apis here and for apps here.

Thanks

Sarthak

Jump to Solution

Posted on --/--/---- --:-- AM
DChiesa
Staff
In response to sarthak
Reply posted on --/--/---- --:-- AM

@sarthak, I think @Lucian Hontau may be asking about creating accounts in the developer portal.

Creating a developer in the management layer is good, but it does not result in a new developer account in the developer portal. But, there is a way to do it! (See my answer)

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
hyong_kim
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

@Dino, how is the developer in developer portal and in management layer different? Management API defines a developer to be "Developers implement client/consumer apps and must be registered with an organization on Apigee Edge." I think this is the kind of developer who would sign up herself through developer portal?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
DChiesa
Staff
In response to hyong_kim
Reply posted on --/--/---- --:-- AM

Correct @Hyong Kim

A developer who registers in the Edge developer portal, is also automatically registered in the Edge meta-database, and there will be a developer entity there. But drupal manages the users in the drupal site independently of the Edge metabase. So there are two distinct databases that are kept in sync, if people create new developers in the developer portal.

Clear?

Jump to Solution

Posted on --/--/---- --:-- AM
hyong_kim
New Member
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Ah, I see. Thank you for your quick response and detailed explanation! I didn't realize Drupal managed its own set of users. So, if we created our portal from scratch without using the Drupal, it would be fine to only use the management API without going through Drupal.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
anilsr
Staff
In response to hyong_kim
Reply posted on --/--/---- --:-- AM

@Hyong Kim ,

Welcome to Apigee Community 🙂

Yes, That's correct. It's completely fine to create your own portal using Management APIs only. I have done same some time back creating a portal using Node.JS, Express, Angular without any database at portal side as a pet project spending a week or so. You can play with same here. Click Login, Create Apps, Access Keys , Edit, Delete Apps etc.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
DChiesa
Staff
Reply posted on --/--/---- --:-- AM

Hi @Lucian Hontau ,

Yes, there is a way to programmatically create developer accounts in the developer portal.

The Apigee Edge developer portal is built on Drupal, which is an open-source CMS framework. There are many many add-ons for drupal, packaged as "modules", which are contributed by the community. a pair of these modules allows you to expose Drupal capabilities via REST services; they are: Services, and REST Server. This means you could do the basic Create, read, Update, Delete operations on any entity managed by Drupal, including users, blog posts, forum topics, taxonomy terms, and so on.

The standard release of the Apigee Edge developer portal includes the modules necessary to do this, but by default these modules are not configured . (And sometimes they are not even enabled ). They're in the box, just not properly "turned on" if you know what I mean.

Here's how to turn them on. It takes about 3 minutes.

  1. Login to the dev portal as administrator
  2. click the modules menu item on the top horizontal navbar
  3. When the modules list page appears, type "services" in the filter box
  4. You should see a list of modules, at least one of which is called "Services". Insure that module is turned on. If it is on (green/grey), no problem. If it is not on, click the button to turn it on.
  5. back to the filter box, type "rest"
  6. in the list you should see a service called "REST Server". Again, make sure it is on.
  7. If you have changed anything you need to click "Save configuration" from this page. This button will appear in the lower left hand side of the page. You may have to scroll down to see it.
  8. After saving, again in the top navbar, click Structure, then Services.
  9. On the services page, click the "+Add" button
  10. Specify "rest" for the "machine readable name" Select REST as the Server Specify "rest" for the "Path to endpoint" tick the box for "Session Authentication" Click "Save"
  11. At that point the page will refresh and you will see an entry labeled "rest" in the list of services. On the right-hand-side, click the link that says "edit resources".
  12. on the resulting page, tick the boxes for node, system, taxonomy_term, taxonomy_vocabulary, and user. Actually you just asked for a programmatic way to create users, and the "user" resource is the only one you would need. But these other resources are also good to expose via REST.
  13. click "Save"
  14. Done

You can now invoke REST APIs on Drupal that will create users, create / update posts, etc.

The next thing you will ask is, "OK, now that there is a REST endpoint enabled for Drupal, what's the REST API call to make, to create a user?" This means we can now return to your original question!

The answer to that is a bit longer. The reason is that there are some pre-requisites for authentication. But the good news is that I have explained all of this in a set of blog posts elsewhere - start HERE.

The short summary is: Your app must login, then use the Cookie and CSRF token in the login response in subsequent API calls.

Login: 

curl -i -X POST -H content-type:application/json \
    -H Accept:application/json \
    http://example.com/rest/user/login \
    -d '{ 
     "username" : "YOURUSERNAME",
     "password" : "YOURPASSWORD"
    }'

The response is like this: 

{
  "sessid": "ShBy6ue5TTabcdefg",
  "session_name": "SESS02caabc123",
  "token": "w98sdb9udjiskdjs",
  "user": { .... }
}

Subsequent calls must pass wither the Cookie header, or the Cookie header as well as the X-CSRF-Token header. The former if it is a query, the latter if it is an write (create, update, or delete).

The X-CSRF-Token header must take the value that is provided for the "token" property. The cookie must take a value like "{session_name}={sessid}". In this case you would need:

Cookie:SESS02caabc123=ShBy6ue5TTabcdefg
X-CSRF-Token:w98sdb9udjiskdjs

Finally, to create a user: 

curl -i -X POST \
    -H Cookie:SESS02caabc123=ShBy6ue5TTabcdefg \
    -H X-CSRF-Token:w98sdb9udjiskdjs \
    -H accept:application/json \
    -H content-type:application/json \
    http://example.com/rest/user -d '{
      "name" : "TestUser1",
      "mail" : "Dchiesa+Testuser1@apigee.com",
      "pass": "secret123",
      "timezone": "America/Los_Angeles", 
      "field_first_name": {
          "und": [{ "value": "Dino"}]
      },
      "field_last_name": {
          "und": [{ "value": "Chiesa"}]
      }
   }'

Get more details at the linked blog posts.

Jump to Solution

Posted on --/--/---- --:-- AM
gnanasekaran
Staff
In response to DChiesa
Reply posted on --/--/---- --:-- AM

Very helpful!, Thanks Dino!

Jump to Solution
0 Likes