1 person found this helpful
We've moved to Cloud since I posted this. Currently on 2016.3.10. I'm not sure if anything changed since then, or if I'm just getting smarter with age - but I was able to update an account's username with the REST api.
I did a GET on /people/username/kevintest
Then I changed the .jive.username field to 'brycetest'
Converted the whole object back to JSON
Did a PUT on the .resources.self.ref endpoint and sent the JSON body
Voilla! User updated:
As an aside relating to the issue I initially posted... We ended up sending the ObjectGUID from Active Directory as the Name ID in our SSO claim, this way if two users have the same email, the new user will not inherit the old account. We address these as one-off scenarios. Although I may have to update our script now that I know this
Hope that helps,
2 people found this helpful
Nice solution, Bryce. I've worked with SSO systems a lot and I can't stress enough to make sure the unique ID in an SSO system isn't just unique but immutable. We all know that nothing in IT is ever truly immutable, but you want to make sure the ID used will have as much longevity as possible. The objectGUID from AD is the perfect choice because it will last as long as the user is maintained in a given domain.
And Nik, I seem to recall the ability to update the username with the API came about in the past few years, but it wasn't always like that.