Getting Internal Server Error when updating "Employee/User" via api

  • 1
  • Problem
  • Updated 1 week ago
Let me describe the goal here as it might help with the problems I think I'm seeing.  My company is using a product from Sailpoint call Identity IQ.  This is a Identity management tool that allows us to manage user access to multiple systems throughout the company.  This tool is able to utilize the REST protocol for user management with the remote system.  So before we configure Identity IQ's connection to the Sharefile API, we like to test the commands via a tool like Postman or RESTClient for Firefox.

In this case, I am using RESTClient plug-in for all commands.  Following the API Documentation, I have validated the following:
1). GET Employees
2). Details about each Employee
3). Create New Employee
4). Add Roles to an Employee
5). Overwrite new set of Roles to an Employee
6). Delete an Employee without re-assigning Items or Groups

The previous list is all fine, but what I'm having issues with are the following:

1). Removing a specific Role - I believe I have form the body correctly
Command:
curl -X POST -k -H 'Authorization: Bearer <Token>' -H 'Content-Type: application/json' -i 'https://<compnay>.sf-api.com/sf/v3/users(Id)/RemoveRoles' --data '{
"Roles":[{
"CanManageUsers",
}],
}'


Reponse:
  1. Status Code: 500 Internal Server Error
  2. Cache-Control: no-cache
  3. Content-Language: en
  4. Content-Length: 103
  5. Content-Type: application/json; charset=utf-8
  6. Date: Tue, 11 Sep 2018 15:57:01 GMT
  7. Expires: -1
  8. Pragma: no-cache
  9. Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
  10. X-Content-Type-Options: nosniff
  11. X-Frame-Options: DENY
  12. X-Robots-Tag: noindex
  13. X-SF-Server: api_new_ssl_v3/i-03c43d27dad940101_us-east-1c
  14. X-SFAPI-RequestID: 636722638215439870
  15. X-XSS-Protection: 1; mode=block

2). Disabling an Employee - Reponse returned is the Employee details but IsDisabled is still set as false.
Command:
curl -X PATCH -k -H 'Authorization: Bearer <Token>' -H 'Content-Type: application/json' -i 'https://<company>.sharefile.com/sf/v3/users(Id)/' --data '{
"IsDisabled": true,
}'

Reponse:
Status Code: 200 OK
  1. Cache-Control: no-cache
  2. Content-Encoding: gzip
  3. Content-Language: en
  4. Content-Length: 536
  5. Content-Type: application/json; charset=utf-8
  6. Date: Tue, 11 Sep 2018 16:01:03 GMT
  7. Expires: -1
  8. Pragma: no-cache
  9. Strict-Transport-Security: max-age=16000000; includeSubDomains; preload;
  10. Vary: Accept-Encoding
  11. X-Content-Type-Options: nosniff
  12. X-Frame-Options: DENY
  13. X-Robots-Tag: noindex
  14. X-SF-Server: api_new_ssl_v3/i-093a372b0ff116b7d_us-east-1b
  15. X-SFAPI-RequestID: 636722640640046147
  16. X-XSS-Protection: 1; mode=block


From what I understand with the documentation and found within the support site, I believe the body's are in the proper form.  I have replaced the token and domain to make the command easier to read.

Thanks,

David





Photo of David Quick

David Quick

  • 3 Posts
  • 0 Reply Likes

Posted 2 weeks ago

  • 1
Photo of Kevin Kraemer

Kevin Kraemer, Employee

  • 4 Posts
  • 0 Reply Likes
Hi David.

I checked the request json that is expected by these two endpoints and the samples you gave just need some minor corrections. see below.


1. Removing a specific Role
This method doesn't require the "Roles" object, as is required for the Add Roles and Set Roles endpoints. I could see how this was a little confusing since the methods are so similar. Just need to enter the list of roles within square brackets by itself.
curl -X POST -k -H 'Authorization: Bearer <Token>' -H 'Content-Type: application/json' -i 'https://<compnay>.sf-api.com/sf...' --data '["CanManageUsers"]'

2. Disabling an Employee 
The IsDisabled flag is under the Security object so just just need to add IsDisabled under that.
curl -X PATCH -k -H 'Authorization: Bearer <Token>' -H 'Content-Type: application/json' -i 'https://<company>.sharefile.com...' --data '{"Security": {"IsDisabled": true}}'


Here is a link to the API documentation for the user entity for reference: http://api.sharefile.com/rest/docs/resource.aspx?name=Users

Give it a try a let me know if you have any more issues.

Thanks.
Kevin.





Photo of David Quick

David Quick

  • 3 Posts
  • 0 Reply Likes
Hi Kevin,
Those examples were exactly what I needed. Thanks!
Another quick question, when I try to get groups for an Employee, I get a 403 Forbidden.  The account that I'm using has full access.
Here is the command i'm running.
curl -X GET -k -H 'Authorization: Bearer <Token>' -H 'Content-Type: application/json' -i 'https://<company>.sf-api.com/sf...'

Thanks again,

David

Photo of Kevin Kraemer

Kevin Kraemer, Employee

  • 4 Posts
  • 0 Reply Likes
hi David.

The curl command is cut off so can't see it all. can you repost?

thanks.
Kevin.
Photo of David Quick

David Quick

  • 3 Posts
  • 0 Reply Likes
curl -X GET -k -H 'Authorization: Bearer ' -H 'Content-Type: application/json' -i 'https://.sf-api.com/sf/v3/users(Id)/G...'
Photo of Kevin Kraemer

Kevin Kraemer, Employee

  • 4 Posts
  • 0 Reply Likes
ok. thanks.  I will look into this and let you know what I find
Photo of Kevin Kraemer

Kevin Kraemer, Employee

  • 4 Posts
  • 0 Reply Likes
Hi David.

I looked at this and that API call currently just supports the current user (bearer token credential), so the credentials need to match the (id) in the url.  I talked to the business team and they will discuss possibly adding admin user support to this API call as a feature request.

Thanks.
Kevin.