User Management

Overview

A user may gain access to Workbench by visiting any Workbench URL. If they do not have a valid session, this will then redirect them to GitHub to ask them to login/signup and connect their GitHub account to Workbench.

By default a new user will have no orgs that they can access, they have to be permissioned into them.

Currently app.import.io API keys will work, and grant the SUPER_ADMIN system role if the user has a SUPPORT or ADMIN role. These API keys will be deprecated shortly after workbench API keys are made available. If a user then logs in with a GitHub account where a verified GitHub email address matches the app.import.io verified email address, the accounts will be merged.
There will be UI coming to supplement the API access, as well as Workbench API key management.

Getting your user information

A user can get their user information from the /api/whoami or /api/orgs/:id/whoami APIs. The latter API will also supply their roles in the context of the specified organization.

Organization Access Control

There are currently two organization roles: ADMIN and MEMBER. An ADMIN can add and remove users to the organization, and change their roles.

To be added to an org you will need to supply your user ID to your org administrator.

Adding a user

You can add a user by calling the API using your app.import.io API key, for example:

echo '{"userId":"d23454f3-6c98-44af-a301-f8d4288ebbe3", "roles":["ADMIN"]}' | \
http POST https://workbench.import.io/api/orgs/$ORG_ID/orgusers Authorization:\ Bearer\ $API_KEY

Listing the user that are members of an org

You can paginate through this by supplying the cursor back, as per the API docs.
http POST https://workbench.import.io/api/orgs/$ORG_ID/users Authorization:\ Bearer\ $API_KEY

Removing a user

Delete the user by specifying the id of the OrgUser link, not the user ID.
http DELETE https://workbench.import.io/api/orgs/$ORG_ID/orgusers/$ORGUSER_ID Authorization:\ Bearer\ $API_KEY