I think your best bet for now is to use the pivotal user. That’s what the
manage interface does under the covers.
Creating a user can be done by any authenticated user with CREATE on the
users container, but in practice it’s probably easiest to just POST to
/users as pivotal.
Orgs pretty much need pivotal; pivotal is the only thing given permissions
by default when an org is created, and so there’s not a simple workaround
to extend that. Specifically you will need pivotal user’s privilege level
to add the user to the org, and then again to add the user as an admin to
their newly created org.
The basic workflow to create an org would look like:
POST to /organizations to create org
you will need to capture the validator key returned here, or regenerate the
POST to /organizations/:orgname/users/:username to associate user (repeat
if necessary for multiple users)
PUT to /organizations/:orgname/groups/admins to set users in admins group
On Sat, Jan 31, 2015 at 8:27 AM, Greg Willis firstname.lastname@example.org wrote:
I have the need to automate the user and organization creation on Chef 12
because of the way we isolate products during development. Each developer
gets their own org for the stack they are working on in a CD style
pipeline. I switched to Chef 12 so I did not have to create a new Chef 11
server for each stack.
I want the build server to connect to the Chef API and create the orgs and
users, but I found out that only the pivotal user has access to do this.
Is there a command or way to add my automation user to the Chef server so
it has access to create users and organizations? I know I can just use the
pivotal key to sign the requests, but I was not sure if that is best way to
accomplish what I want. Ideally, I would like a role or set of permissions
that only allows user and organization creation, and user association to
Anyone like to share host hosted Chef does this when a new user signs up?
Mark Anderson - Community Engineering