/
Creating an SSO User via Webservice

Creating an SSO User via Webservice

Owned by Raymond Cascella (DLC) (Unlicensed)
Last updated: Feb 25, 2025 by Daniel Asare
2 min read

Following steps to be followed for creating SSO user via Webservice

Step1:

We need to Create a User first

Endpoint - user.json
Method - POST

The below payload will create a user with the roles “course author” (105847459) and “reviewer” (175031666), by sending the corresponding role IDs (rid) as an array of values.

{ "name": "newuser_username", "mail": "newuser@dlc-solutions.com", "status": 1, "roles": [ { "id": 105847459 }, { "id": 175031666 }] }

If the user is created successfully, the following response will be received:

{"uri":"http://your-domain.com/user/123","id":"123","resource":"user"}

Step 2:

Create a User Profile

Note:- A profile to an account requires the user id (uid) to be assigned to the user field in the profile data. In the previous creation request the uid value returned is 123 (Passing "user": 123)

Endpoint - profile2.json
Method - POST

{ "user": 123, "label": "Profile", "type": "profile", "field_first_name": "John", "field_middle_name": "Middle", "field_last_name": "Smith", "field_profile_location": { "street": "123 S Broad Street", "additional": "Suite 2260", "city": "Philadelphia", "province": "PA", "postal_code": "19109", "country": "us" } }

A successful profile creation request returns the following:

{"uri":"http://your-domain.com/profile2/72","id":"72","resource":"profile2"}

Related document - Creating a user via web service

Step 3:

There is an additional step to connect an account to an SSO service.

Before calling the below Endpoint we need to verify if the is user already mapped or not using:

http://your-domain.com/authmap.json?uid=123 [We are passing the user id which was created, if it returns empty list we call Endpoint]

Endpoint - authmap.json
Method - POST

The required values for creating the mapping for connecting the account to SSO, are the EthosCE user ID (UID), the external identity provider's user ID (authname), and the authentication service name. The authentication service name may vary per customer and can be provided by a Product Specialist. In the example below, customers using SAML SSO, have a value of simplesamlphp_auth.

{ "uid" => 123, "authname" => "ethosce_authname", "module" => "simplesamlphp_auth" }

123 --> This is the user id returned when user was created
ethosce_authname --> SSO USER NAME we want to MAP
modulename will be simplesamlphp_auth for all entries

Eg. if the SSO username is TU06503

{ "uid" => 123, "authname" => "TU06503", "module" => "simplesamlphp_auth" }

A successful return will provide an array detailing the new authmap record information

{"uri":"http://www.domain.com/authmap/1","id":"1","resource":"authmap"}

For the above response, below are details of each attribute:
id: The authentication ID key tracked by the database.
uri: The unique URI used to view or update the resource
resource: The entity type created

 

Related content