New user password reset via API

Jump to solution
BobZim
Community Novice
yesterday

When creating a user via the api (python) I'm using the following parameters:

user = {
        "user": {
            "name": f"{first_name} {last_name}",
            "short_name": first_name,
            "sortable_name": f"{last_name}, {first_name}",
            "personalEmail": personal_email,
        },
        "pseudonym": {
            "unique_id": unique_id,
            "password": password,
            "force_self_registration": True,
            "send_confirmation" = True
        },
        "communication_channel": {
            "type": "email",
            "address": personal_email,
        }
    }
 
The user receives the email with, what seems to be, a properly formatted registration URL which should take them to the password reset screen. Something like this: https://[schoolName].instructure.com/register/3EXAy9B3u8LyMDUCET6Y8fJWE
 
BUT when the user clicks the above URL, they are taken to our school's local Canvas login page with the username already filled in. The URL redirects to something like this: https://[schoolName].instructure.com/login/canvas?login_hint=bobby%40[schoolName].edu
 
At this point, the user's only option is to click "Forgot Password" and go through those steps...not ideal. 
 
Is there a setting in Canvas that's causing this or is there an issue with the account creation? Thanks for your input!
Labels (1)
Labels
0 Likes
2 Solutions

Jump to solution
chriscas
Community Coach
Community Coach
yesterday

Hi @BobZim,

We do all of our user creation via SIS, so I haven't used this particular API myself, but a couple things stick out in the Create a User API documentation.

  • You may need to set user[terms_of_use] to True, as the description says "

    Whether the user accepts the terms of use. Required if this is a self-registration and this canvas instance requires users to accept the terms (on by default). If this is true, it will mark the user as having accepted the terms of use"

  • If you want the user to create their own password, you probably shouldn't be setting a password via the API.  The doc says "User’s password. Cannot be set during self-registration."  Maybe setting the password here is messing up the self-registration process.

Let us know if either or both of these suggested changes get things working as desired.

-Chris

View solution in original post

0 Likes

Jump to solution
BobZim
Community Novice
In response to chriscas
Author
yesterday

I was setting the password to None (I didn't include that part of the code). Your response got me thinking that maybe I shouldn't be including the password pseudonym at all. Once I removed it, the URL in the email was redirected to the page where the user could set their password. Thank you!

View solution in original post