You can use following endpoint :
Url for the current user:
This will return the names of the security Group the user is member of...
Ah nice, is the @me portion of the call laid out somewhere in the documentation? I was unaware that was a possibility.
Also, do you know if non admins can make this call successfully? I was reading somewhere in the docs that certain calls only admins have access to.
Do you know if there are similar functionalities for osapi? We have two instance, one is a legacy one still on Jive 6 that uses osapi. Haven't been able to find a straight forward way to access the security groups besides calling all security groups, find the one I need, and then cross referencing the people in that group.
I'm getting a 401 Unauthorized when I make the call. Are there caveats to making calls this way? When I use Postman, I'm able to make the call. I assumed because I was making a call to the instance when I am in the instance (in an add on) that I would not need any authorizations in my GET request. When using osapi, I do not need to provide anything.
OSAPI is running in browser context and you already have an authentication context. OSAPI uses the cookies applied to the current user session.
When running via postman, you have to use OAuth2 to do authenticated calls.
Steps in a nutshell :
- Create a OAuth2 addon and install it in Jive as Jive Admin
- Use the generated clientid and secret in postman (Grant type = client credentials) to generate a new oauth2 access token
- Use the new oauth2 access token as http header in your requests to Jive
A helpful link is Auth 2.0—Creating a Client and Managing Access
I hope, this helps.
But we do have a Hosted version (Jive 6) that does not have Add-Ons and so we are relying on OSAPI to make calls within our instance. Is there a similar authentication method for Hosted as with an Add-On method that can be used to access the API?
Def most of the calls we are making in our Cloud and Hosted instances are within our add-ons (or html widgets) so I imagine OSAPI would still be the way to go if inside our instances when attempting to get the security groups of a person?
There are scripts we run successfully within our apps to get people (using osapi.core.people.get) and then add external props to them for simple checks in our apps. This is done mainly in our Cloud version.
When attempting to get an individual's security groups (in both Cloud and Hosted instances), I found I had to go the route of osapi.core.securityGroups.getMembers() and pass in the security group ID and then just return every member in that security group, build an array, and then check if the current user is in that array to then display certain UI elements. Obviously this is not optimal. I'd love to just be able to go directly to the person's security group list (which your '/people/@me/securityGroups' does when I test it on Postman because of my session cookies). However, when I add the call to my application and put it on my instance, I get a 401 (which is weird since I am making the call within the instance). OSAPI seems to be the best bet for doing this in order to stay in line with what the legacy code follows. But I am not sure there is an OSAPI method for targeting a person's security groups directly within an Add On.