API - update an authenticated user #7679
Comments
|
No, there is no API for updating users info (email, etc.) via API. Typically users update their own info (via the GUI) but it sounds like you'd like an API for a superuser to update user info via API. |
|
That's correct - We upload the user data ourselves to assign the users to specific dataverses via groups. The users do not self-register. Their shibboleth attributes do not allow assingment to a specific dataverse... which is why we upload their data and maintain their data via uploads... Hope this clarifies why we are looking for such an API. |
|
Ok, but since you mentioned Shibboleth you should be aware that on login, user info (email, name, etc.) is updated for Shibboleth users. Here's how we express this at https://guides.dataverse.org/en/5.3/user/account.html#edit-account
That is to say, it's doesn't make much sense for you to edit user info for a Shibboleth user (using a new superuser API) who then logs in and has that user info overwritten with values that may be different (Phil vs. Philip for example). |
|
Agreed - |
|
For Shib users, "affiliation" comes from the name of their institution ("Harvard University" or whatever) in the "DiscoFeed". Please see https://demo.dataverse.org/Shibboleth.sso/DiscoFeed for what I'm talking about. Also, I'm confused. There is no API for creating Shibboleth users. I assume you mean the code that results in a Shibboleth user being created. No, it's not possible to change the affiliation for a Shibboleth user. Like name and email, these attributes are overwritten on every login. I will say that we design the Shib experience first and when in came time to design OAuth support we changed our minds and decided to let users update their name, email, affiliation, etc. If you'd like Shibboleth users to be able to do this (perhaps it would be configurable), please open an issue. |
|
Hi @pdurbin, Thanks for following up on this. There is an API for creating authenticated users (POST http://$SERVER/api/admin/authenticatedUsers). The affiliation resolves to 'default' in our situation - so I'm not sure which Shibboleth attribute we are missing here. Moreover, what we really would like to accomplish is that their username (which is the university staff Id) is somehow entered into their created dataset's metadata. As far as I can tell, the depositor contains the last+first name, not any other user information (username & affiliation). First and last name are not sufficient when trying to identify the owner of the dataset (for statistical purpose later). Even more, it would be a nice feature if adding additional authors from the institution could be done by selecting them from the user list - that would -in our ideal scenario- bring their names, username and affiliation into the dataset's metadata. Another approach would be to have an authority database for our users (univeristy staff) or being able to link to (multiple external) authoritiy databases... Anyhow, I hope it's more clear to you what we are trying to accomplish. br, |
Woof, you're right and I was the one who added it! That was back in b622694. I wonder if I added it for testing but I'm glad you're finding it useful!
Have you looked at :ShibAffiliationAttribute as a possible solution? I haven't played with it myself but it was added in pull request #6729 and the idea is that you can get the attribute from a specific Shibboleth attribute such as "ou" (organizational unit).
This only happens for ORCID users. If an ORCID user creates a dataset, their ORCID ID is autopopulated in the "author identifier" field. We don't do this for any other author identifiers. If you're pretty sure you want this, please create a separate issue for it.
Yes, I agree. There might be an existing issue for this but I don't remember. Either way, a separate issue would be great.
This reminds me of controlled vocabulary discussions that are ongoing. There's a meeting on Thursday if you're interested: #7072 (comment) |
|
@veustp just checking in. Any interest in making a pull request? |
|
@pdurbin, I'm not longer working with DataVerse. So, no thanks. |
feature request:
currently on version 4.20 of Dataverse
Authenticated (shibboleth) users are uploaded from the central personnel system.
Creation via API is no problem (POST http://$SERVER/api/admin/authenticatedUsers).
However, users sometimes change their preferred emailaddres (a first- and last name change is far less prevalent).
We would need to be able to update the email address via an API call.
Is there a PUT version of the ../admin/authenticatedUsers API?
br,
Pieter
The text was updated successfully, but these errors were encountered: