Channels
#prefect-community
Title
m
Matt Delacour
08/04/2022, 2:25 PMWhy can't I create users with the GraphQL API?
Even though my account is an admin one ... đ¤
What kind of permissions do I need?
đ 1
It's funny that "Admin" cannot create users đ¤
Kinda no one can create users ....
z
Zach Angell
08/04/2022, 7:34 PM
Indeed kinda no one can create users! Any user creation via that GraphQL API call is restricted to Prefect Admins.
All other user creation first requires going through our authentication. When signing up, users must first create an account using SSO or email. Once authentication passes, the user is created automatically by Prefect on their first âloginâ event.
Improving the user provisioning experience is on the 2.0 roadmap, would love any feedback you have!
Loosely related - as a tenant admin you can create âservice accountsâ via the graphql api, including assigning them roles and creating api keys for them. It sounds like youâre focused on adding actual humans though đ
m
Matt Delacour
08/04/2022, 8:17 PMOk this is interesting ...
I am trying to ask users to add their email in a
config.ymlđ 1
If I ask a user to create their account using Google SSO, Can I invite them to your workspaces programatically ?
Or we cannot because this is also considered as "creating a user" ?
z
Zach Angell
08/04/2022, 8:50 PM
Inviting users can be done via our api with the
create_membership_invitationemailrolerole_idm
Matt Delacour
08/04/2022, 9:18 PMperfect , thank you
And once they accept the invitation, they will show up with the following GraphQL query I guess ?!
Copy code
query {
user_view_same_tenant(where:{account_type: {_eq: "USER"}}) {
id
email
username
}
}z
Zach Angell
08/05/2022, 1:26 AM
exactly!
3 Views