TFD
ThoughtSpot For Developers3mo ago
Delvin

Chaim Platonov - Hey,I'm writing code to sync ...

Hey, I'm writing code to sync the users of our system with ThoughtSpot. To create users in the TS I use the just-in-time provisioning But when I try to set account_status to INACTIVE using update user API I get Unable to update user state to INACTIVE from PENDING. Please activate the user to continue. Get current user info returns account_status: 'ACTIVE'.
Solution:
@Chaim Platonov if the user is not activated use reset password api to reset it's password. Post which it will be in active state and then you will be able to use the update api.
Jump to solution
20 Replies
Aditya
Aditya3mo ago
@pallav PTAL
shikharTS
shikharTS3mo ago
Are you trying to make account status INACTIVE for the current user? You are checking the account status for current user using Get current user info api call you mentioned..
Delvin
DelvinOP3mo ago
I'm using user with ADMINISTRATION privilege to update another user to INACTIVE and getting the error I mentioned. I'm checking the status with the token of the user I'm trying to update.
Satyam Saxena
Satyam Saxena3mo ago
@Chaim Platonov did you try activating the said user using tenant admin
Delvin
DelvinOP3mo ago
How?
Satyam Saxena
Satyam Saxena3mo ago
the log says the user you are trying to change the state of isn't activated yet
Delvin
DelvinOP3mo ago
How to activate it? The activate user API needs auth_token that as admin I don't have.
Satyam Saxena
Satyam Saxena3mo ago
you can generate the token using the admin user credentials from Get Full Access Token API.
Delvin
DelvinOP3mo ago
I'll try. 
    const adminClient = initThoughtSpotAdminClient();

    const token = await adminClient.getFullAccessToken({
      auto_create: true,
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username: `chaim-test`,
      display_name: 'chaim',
    });

    await adminClient.activateUser({
      user_identifier: token.valid_for_user_id,
      auth_token: token.token,
      password: 'password'
    });
    const adminClient = initThoughtSpotAdminClient();

    const token = await adminClient.getFullAccessToken({
      auto_create: true,
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username: `chaim-test`,
      display_name: 'chaim',
    });

    await adminClient.activateUser({
      user_identifier: token.valid_for_user_id,
      auth_token: token.token,
      password: 'password'
    });
getting Unable to authenticate current user with given token 
    const client = new ThoughtSpotRestApi(
      createBearerAuthenticationConfig(thoughtSpotBaseUrl(), {
        auto_create: true,
        secret_key: thoughtSpotSecretKey(),
        org_id: thoughtSpotOrganizationId(),
        username,
        display_name: username,
        email: '...'
      })
    );

    const token = await client.getFullAccessToken({
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username
    });

    await client.activateUser({
      user_identifier: username,
      auth_token: token.token,
      password: 'password'
    });
    const client = new ThoughtSpotRestApi(
      createBearerAuthenticationConfig(thoughtSpotBaseUrl(), {
        auto_create: true,
        secret_key: thoughtSpotSecretKey(),
        org_id: thoughtSpotOrganizationId(),
        username,
        display_name: username,
        email: '...'
      })
    );

    const token = await client.getFullAccessToken({
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username
    });

    await client.activateUser({
      user_identifier: username,
      auth_token: token.token,
      password: 'password'
    });
getting Either your username or password is incorrect. Your account may lock out after multiple successive incorrect attempts
shikharTS
shikharTS3mo ago
Is chaim-test tenant-admin? You need to call this activate user api with tenant admin token
Delvin
DelvinOP3mo ago
    const adminToken = await adminClient.getFullAccessToken({
      auto_create: false,
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username: thoughtSpotAdminUsername()
    });

    await adminClient.activateUser({
      user_identifier: 'user_id',
      auth_token: adminToken.token,
      password: 'password'
    });
    const adminToken = await adminClient.getFullAccessToken({
      auto_create: false,
      secret_key: thoughtSpotSecretKey(),
      org_id: thoughtSpotOrganizationId(),
      username: thoughtSpotAdminUsername()
    });

    await adminClient.activateUser({
      user_identifier: 'user_id',
      auth_token: adminToken.token,
      password: 'password'
    });
like this? Getting Unable to fetch user authentication information from authToken
shikharTS
shikharTS3mo ago
Can you remove the org_id: thoughtSpotOrganizationId(), while getting full access token. Looks like it needs to run as tenant admin to run this API Actually it seems you cannot activate a user from pending state. This API might work only for deactivated users. It needs to be activated first. Will confirm this internally @Satyam Saxena this seems broken can you also check?
Delvin
DelvinOP3mo ago
We need to create a thoughtspot user without requiring any actions from our customers, but IIUC the only way to activate is using an activation email.
shikharTS
shikharTS3mo ago
Lets wait for @Satyam Saxena to reply on this thread, but in case you do not receive a reply, I would recommend to create a support ticket so that the relevant team can take this up In TS UI I see the user as active as well. But for some reason the update user API shows user as PENDING activation @Tarphon can you use the /api/rest/2.0/users/deactivate API to deactivate the user. Seems some bug with update user API
Solution
Satyam Saxena
Satyam Saxena3mo ago
@Chaim Platonov if the user is not activated use reset password api to reset it's password. Post which it will be in active state and then you will be able to use the update api.
shikharTS
shikharTS3mo ago
@Satyam Saxena the TS UI shows user is activated..
Satyam Saxena
Satyam Saxena3mo ago
Yes, after changing state the ui/api response might show the older state that's because user sync happens only after one of the tenant admin(s) login. In that scenario the state will get updated only once the tenant admin logs in.
Delvin
DelvinOP3mo ago
After reset password I can update the account status. Thanks. Side question: what's the difference between INACTIVE and SUSPENDED (both are shown in the UI as suspended)?
TomerLand
TomerLand2mo ago
Is there an answer to the last question?
shikharTS
shikharTS2mo ago
I am not sure what's the difference between INACTIVE and SUSPENDED? Would be good to ask in the in-app chat support

Did you find this page helpful?