I’m trying to use the API to add project members as an extension to our Ansible setup of environments but I keep getting a 405 Method not allowed regardless of using account API keys or environment API keys.
The curl command as generated from the API viewer:
curl -u "${CATTLE_ACCESS_KEY}:${CATTLE_SECRET_KEY}" \
-X POST \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-d '{"externalId":"lars-goranj", "externalIdType":"openldap_user", "role":"member"}' \
'https://<rancher master>/v2-beta/projects/<project id>/projectmembers'
Adding members in the UI to an environment works without problem so what might be the issue here?
EDIT: Rancher v1.4.1 is used.
I get the same error using 1.6.2. Would be great to know how to add members to a project.
Turns out I was using the incorrect URI for setting project members. Correct one is:
https://<rancher master>/v2-beta/projects/<project id>/?action=setmembers
with a payload like:
{
‘members’: [ {‘externalId’: ‘you ldap account name here’, ‘externalIdType’:‘openldap_user’, ‘role’: ‘member’} ]
}
One thing to bear in mind is that this will overwrite any existing users, so I first had to get the list of users using:
https://<rancher master>/v2-beta/projects/<project id>/projectmembers
Thanks, that works.
Do you know how to get the externalId when using LDAP where externalId is something like "“CN=Nice user,OU=Users,OU=UserAccounts,DC=example,DC=com”? It would be much easier to use field login instead of externalId but i’m getting HTTP 422 when using it.
Any help from Rancher supporters?
No, sorry I don’t.
In our case we have a similar setup but it doesn’t change so in my Ansible role I simply do this for the externalId:
‘uid={{ LDAP_USERNAME }},ou=people,dc=example,dc=com’