Method not allowed when registering project members using API

I’m trying to use the API to add project members as an extension to our Ansible setup of environments but I keep getting a 405 Method not allowed regardless of using account API keys or environment API keys.

The curl command as generated from the API viewer:

curl -u "${CATTLE_ACCESS_KEY}:${CATTLE_SECRET_KEY}" \
-X POST \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{"externalId":"lars-goranj", "externalIdType":"openldap_user", "role":"member"}' \
'https://<rancher master>/v2-beta/projects/<project id>/projectmembers'

Adding members in the UI to an environment works without problem so what might be the issue here?

EDIT: Rancher v1.4.1 is used.

I get the same error using 1.6.2. Would be great to know how to add members to a project.

Turns out I was using the incorrect URI for setting project members. Correct one is:
https://<rancher master>/v2-beta/projects/<project id>/?action=setmembers
with a payload like:
{
‘members’: [ {‘externalId’: ‘you ldap account name here’, ‘externalIdType’:‘openldap_user’, ‘role’: ‘member’} ]
}

One thing to bear in mind is that this will overwrite any existing users, so I first had to get the list of users using:
https://<rancher master>/v2-beta/projects/<project id>/projectmembers

Thanks, that works.

Do you know how to get the externalId when using LDAP where externalId is something like "“CN=Nice user,OU=Users,OU=UserAccounts,DC=example,DC=com”? It would be much easier to use field login instead of externalId but i’m getting HTTP 422 when using it.

Any help from Rancher supporters?

No, sorry I don’t.
In our case we have a similar setup but it doesn’t change so in my Ansible role I simply do this for the externalId:
‘uid={{ LDAP_USERNAME }},ou=people,dc=example,dc=com’

I got an answer from Rancher. See How to get right value for externalId when using LDAP - #2 by vincent.