FAQ
I wanted to retrieve the email/username of my existing users.

My first I thought:
vagrant@precise64:/vagrant$ cf users
Getting users... OK
:
   admin?: true


But wait, isn't the usernames missing before the colon?
vagrant@precise64:/vagrant$ cf users -t
..
REQUEST: GET http://127.0.0.1:8181/v2/users?inline-relations-depth=0

RESPONSE_BODY:
{
   "total_results": 2,
   "total_pages": 1,
   "prev_url": null,
   "next_url": null,
   "resources": [
     {
       "metadata": {
         "guid": "c3d487dd-7a3b-459e-abe3-879b85c16e71",
         "url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71",
         "created_at": "2013-07-05 14:46:01 +0000",
         "updated_at": null
       },
       "entity": {
         "admin": true,
         "active": true,
         "default_space_guid": null,
         "spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/spaces",
         "organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/organizations",
         "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_organizations",
         "billing_managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/billing_managed_organizations",
         "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_organizations",
         "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_spaces",
         "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_spaces"
       }
     }


Same with:
vagrant@precise64:/vagrant$ cf curl GET http://127.0.0.1:8181/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71
{
   "metadata": {
     "guid": "c3d487dd-7a3b-459e-abe3-879b85c16e71",
     "url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71",
     "created_at": "2013-07-05 14:46:01 +0000",
     "updated_at": null
   },
   "entity": {
     "admin": true,
     "active": true,
     "default_space_guid": null,
     "spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/spaces",
     "organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/organizations",
     "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_organizations",
     "billing_managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/billing_managed_organizations",
     "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_organizations",
     "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_spaces",
     "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_spaces"
   }
}

After digging around I found the cf-uaac gem.

Does it make any sense to add additional information to the CC response (at least username and email)?

thx
- Manuel

Search Discussions

  • Gaston Ramos at Jul 8, 2013 at 2:51 pm

    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/gramos/5949483


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-------------------------------------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux Counter user #450312
  • Shannon Coen at Jul 9, 2013 at 5:17 pm
    Cloud controller doesn't know anything about email addresses, only user
    guids. The UAA stores user email addresses. To see a list of user email
    addresses:

    $ gem install cf-uaac
    $ grep -A 1 admin: <manifest>
         admin:
           client_secret: xxxxxxxxxxxx
    $ uaac target uaa.<cf deploy domain>
    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
       "error": "access_denied",
       "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]:
      clients.read clients.write uaa.admin clients.secret *scim.read*

    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
       scope: uaa.none
       client_id: admin
       authorized_grant_types: client_credentials
       redirect_uri:
       authorities: clients.read clients.write scim.read uaa.admin clients.secret
       autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users --count 10 --attributes emails
       resources:
       -
         emails:
         -
           value: user1@example.com
       -
         emails:
         -
           value: user2@example.com
       -
         emails:
         -
           value: user3@example.com
       -
         emails:
         -
           value: user4@example.com
       -
         emails:
         -
           value: user5@example.com
       -
         emails:
         -
           value: user6@example.com
       -
         emails:
         -
           value: user7@example.com
       -
         emails:
         -
           value: user8@example.com
       -
         emails:
         -
           value: user9@example.com
       -
         emails:
         -
           value: user10@example.com
       schemas: urn:scim:schemas:core:1.0
       startindex: 1
       itemsperpage: 10
       totalresults: 50000


    On Monday, July 8, 2013 7:51:46 AM UTC-7, Gastón Ramos wrote:

    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/gramos/5949483


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-------------------------------------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux <http://gastonramos.com.ar/GNU/Linux> Counter user #450312
  • Manuel Garcia at Jul 10, 2013 at 3:00 am
    Thank you Shanon
    On Jul 9, 2013, at 2:17 PM, Shannon Coen wrote:

    Cloud controller doesn't know anything about email addresses, only user guids. The UAA stores user email addresses. To see a list of user email addresses:

    $ gem install cf-uaac
    $ grep -A 1 admin: <manifest>
    admin:
    client_secret: xxxxxxxxxxxx
    $ uaac target uaa.<cf deploy domain>
    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
    "error": "access_denied",
    "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]: clients.read clients.write uaa.admin clients.secret scim.read
    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
    scope: uaa.none
    client_id: admin
    authorized_grant_types: client_credentials
    redirect_uri:
    authorities: clients.read clients.write scim.read uaa.admin clients.secret
    autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users --count 10 --attributes emails
    resources:
    -
    emails:
    -
    value: user1@example.com
    -
    emails:
    -
    value: user2@example.com
    -
    emails:
    -
    value: user3@example.com
    -
    emails:
    -
    value: user4@example.com
    -
    emails:
    -
    value: user5@example.com
    -
    emails:
    -
    value: user6@example.com
    -
    emails:
    -
    value: user7@example.com
    -
    emails:
    -
    value: user8@example.com
    -
    emails:
    -
    value: user9@example.com
    -
    emails:
    -
    value: user10@example.com
    schemas: urn:scim:schemas:core:1.0
    startindex: 1
    itemsperpage: 10
    totalresults: 50000



    On Monday, July 8, 2013 7:51:46 AM UTC-7, Gastón Ramos wrote:
    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/gramos/5949483


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-------------------------------------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux Counter user #450312
  • Nicolás Oga at Jul 15, 2013 at 2:27 pm
    I logged in as specified in the cf-uaac git readme:

    $ uaac target http://api.run.pivotal.io/
    $ uaac token get
    $ uaac token decode

    But almost all actions return
    error response:
    {
       "error": "insufficient_scope",
       "error_description": "Insufficient scope for this resource",
       "scope": "clients.read"
    }

    El martes, 9 de julio de 2013 14:17:30 UTC-3, Shannon Coen escribió:
    Cloud controller doesn't know anything about email addresses, only user
    guids. The UAA stores user email addresses. To see a list of user email
    addresses:

    $ gem install cf-uaac
    $ grep -A 1 admin: <manifest>
    admin:
    client_secret: xxxxxxxxxxxx
    $ uaac target uaa.<cf deploy domain>
    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
    "error": "access_denied",
    "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]:
    clients.read clients.write uaa.admin clients.secret *scim.read*

    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
    scope: uaa.none
    client_id: admin
    authorized_grant_types: client_credentials
    redirect_uri:
    authorities: clients.read clients.write scim.read uaa.admin
    clients.secret
    autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users --count 10 --attributes emails
    resources:
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: us...@example.com <javascript:>
    -
    emails:
    -
    value: use...@example.com <javascript:>
    schemas: urn:scim:schemas:core:1.0
    startindex: 1
    itemsperpage: 10
    totalresults: 50000


    On Monday, July 8, 2013 7:51:46 AM UTC-7, Gastón Ramos wrote:

    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/gramos/5949483


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-------------------------------------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux <http://gastonramos.com.ar/GNU/Linux> Counter user #450312
  • James Bayer at Jul 15, 2013 at 3:17 pm
    I believe you need the admin client token. Shannon also showed how to get
    the correct list of scopes. Have you tried this?

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
       "error": "access_denied",
       "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]:
      clients.read clients.write uaa.admin clients.secret *scim.read*

    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
       scope: uaa.none
       client_id: admin
       authorized_grant_types: client_credentials
       redirect_uri:
       authorities: clients.read clients.write scim.read uaa.admin clients.secret
       autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx

    On Mon, Jul 15, 2013 at 7:27 AM, Nicolás Oga wrote:

    I logged in as specified in the cf-uaac git readme:

    $ uaac target http://api.run.pivotal.io/
    $ uaac token get
    $ uaac token decode

    But almost all actions return
    error response:
    {
    "error": "insufficient_scope",
    "error_description": "Insufficient scope for this resource",
    "scope": "clients.read"
    }

    El martes, 9 de julio de 2013 14:17:30 UTC-3, Shannon Coen escribió:
    Cloud controller doesn't know anything about email addresses, only user
    guids. The UAA stores user email addresses. To see a list of user email
    addresses:

    $ gem install cf-uaac
    $ grep -A 1 admin: <manifest>
    admin:
    client_secret: xxxxxxxxxxxx
    $ uaac target uaa.<cf deploy domain>
    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
    "error": "access_denied",
    "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]:
    clients.read clients.write uaa.admin clients.secret *scim.read*

    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
    scope: uaa.none
    client_id: admin
    authorized_grant_types: client_credentials
    redirect_uri:
    authorities: clients.read clients.write scim.read uaa.admin
    clients.secret
    autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users --count 10 --attributes emails
    resources:
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: use...@example.com
    schemas: urn:scim:schemas:core:1.0
    startindex: 1
    itemsperpage: 10
    totalresults: 50000


    On Monday, July 8, 2013 7:51:46 AM UTC-7, Gastón Ramos wrote:

    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/**gramos/5949483<https://gist.github.com/gramos/5949483>


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-----------------------------**--------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux <http://gastonramos.com.ar/GNU/Linux> Counter user #450312

    --
    Thank you,

    James Bayer
  • Shannon Coen at Jul 15, 2013 at 3:18 pm
    Be sure you Re getting the admin client token, and updating the admin client with the scopes you need for whatever actions you want to do. Then get an updated token before actually performing those actions.

    On Jul 15, 2013, at 7:27 AM, Nicolás Oga wrote:

    I logged in as specified in the cf-uaac git readme:
    $ uaac target http://api.run.pivotal.io/
    $ uaac token get
    $ uaac token decode
    But almost all actions return
    error response:
    {
       "error": "insufficient_scope",
       "error_description": "Insufficient scope for this resource",
       "scope": "clients.read"
    }

    El martes, 9 de julio de 2013 14:17:30 UTC-3, Shannon Coen escribió:
    Cloud controller doesn't know anything about email addresses, only user guids. The UAA stores user email addresses. To see a list of user email addresses:

    $ gem install cf-uaac
    $ grep -A 1 admin: <manifest>
    admin:
    client_secret: xxxxxxxxxxxx
    $ uaac target uaa.<cf deploy domain>
    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users

    error response:
    {
    "error": "access_denied",
    "error_description": "Access is denied"
    }

    You need scim.read in authorities to query this resource.

    $ uaac client update admin -i
    scope (list) [uaa.none]:
    authorized grant types (list) [client_credentials]:
    authorities (list) [clients.read clients.write uaa.admin clients.secret]: clients.read clients.write uaa.admin clients.secret scim.read
    access token validity (seconds):
    refresh token validity (seconds):
    redirect uri (list):
    autoapprove (list):
    scope: uaa.none
    client_id: admin
    authorized_grant_types: client_credentials
    redirect_uri:
    authorities: clients.read clients.write scim.read uaa.admin clients.secret
    autoapprove:

    After changing the client config, you need to get a new token.

    $ uaac token client get admin -s xxxxxxxxxxx
    $ uaac users --count 10 --attributes emails
    resources:
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: us...@example.com
    -
    emails:
    -
    value: use...@example.com
    schemas: urn:scim:schemas:core:1.0
    startindex: 1
    itemsperpage: 10
    totalresults: 50000


    On Monday, July 8, 2013 7:51:46 AM UTC-7, Gastón Ramos wrote:

    El Fri, 05 de Jul de 2013, a las 04:39:27PM -0300, Manuel Garcia dijo:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    vagrant@precise64:/vagrant$ cf users
    Getting users... OK
    Hi, when I try it against https://api.run.pivotal.io

    I get a Not Athorized error:

    https://gist.github.com/gramos/5949483


    --
    “Any fool can write code that a computer can understand. Good
    programmers write code that humans can understand. ” - Martin Fowler


    +-------------------------------------+
    Gastón Ramos
    http://gastonramos.com.ar/
    GNU/Linux Counter user #450312
  • Nicolás Oga at Jul 15, 2013 at 4:02 pm
    I'm testing against a free trial account on uaa.run.pivotal.io, so my
    problem may be that I don't have the access to the client secret.

    $ uaac token get admin

    Password: *********


    CF::UAA::BadResponse: status 401


    attempt to get token failed
    $ uaac token client get admin
    Client secret: ??????????

    I remember seeing in the docs that the secret rests in conf some file in
    the server, so I guess only way to get it is asking for it or having a
    local CF setup?

    Thanks for the answers
    El viernes, 5 de julio de 2013 16:39:27 UTC-3, manuel...@altoros.com
    escribió:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    *vagrant@precise64:/vagrant$ cf users*
    Getting users... OK
    :
    admin?: true


    But wait, isn't the usernames missing before the colon?
    *vagrant@precise64:/vagrant$ cf users -t*
    ..
    REQUEST: GET http://127.0.0.1:8181/v2/users?inline-relations-depth=0

    RESPONSE_BODY:
    {
    "total_results": 2,
    "total_pages": 1,
    "prev_url": null,
    "next_url": null,
    "resources": [
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/spaces",
    "organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/organizations",
    "managed_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_organizations",
    "billing_managed_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/billing_managed_organizations",
    "audited_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_organizations",
    "managed_spaces_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_spaces",
    "audited_spaces_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_spaces"
    }
    }


    Same with:
    vagrant@precise64:/vagrant$ *cf curl GET
    http://127.0.0.1:8181/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71*
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url": "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/spaces",
    "organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/organizations",
    "managed_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_organizations",
    "billing_managed_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/billing_managed_organizations",
    "audited_organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_organizations",
    "managed_spaces_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/managed_spaces",
    "audited_spaces_url":
    "/v2/users/c3d487dd-7a3b-459e-abe3-879b85c16e71/audited_spaces"
    }
    }

    After digging around I found the cf-uaac gem.

    Does it make any sense to add additional information to the CC response
    (at least username and email)?

    thx
    - Manuel
  • Shannon Coen at Jul 16, 2013 at 5:16 pm
    These instructions are for those who have their own CF installs. We
    wouldn't give out our secret for our prod instance. If you want to see a
    list of users for your org on run.pivotal.io, look at the web console. This
    feature hasn't been implemented in the CLI yet.

    Best,

    Shannon Coen
    Product Manager, Cloud Foundry
    Pivotal, Inc.
    mobile: 415.640.0272
    skype: shannoncoen

    On Mon, Jul 15, 2013 at 9:02 AM, Nicolás Oga wrote:

    I'm testing against a free trial account on uaa.run.pivotal.io, so my
    problem may be that I don't have the access to the client secret.

    $ uaac token get admin

    Password: *********


    CF::UAA::BadResponse: status 401


    attempt to get token failed
    $ uaac token client get admin
    Client secret: ??????????

    I remember seeing in the docs that the secret rests in conf some file in
    the server, so I guess only way to get it is asking for it or having a
    local CF setup?

    Thanks for the answers
    El viernes, 5 de julio de 2013 16:39:27 UTC-3, manuel...@altoros.comescribió:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    *vagrant@precise64:/vagrant$ cf users*
    Getting users... OK
    :
    admin?: true


    But wait, isn't the usernames missing before the colon?
    *vagrant@precise64:/vagrant$ cf users -t*
    ..
    REQUEST: GET http://127.0.0.1:8181/v2/**users?inline-relations-depth=0<http://127.0.0.1:8181/v2/users?inline-relations-depth=0>

    RESPONSE_BODY:
    {
    "total_results": 2,
    "total_pages": 1,
    "prev_url": null,
    "next_url": null,
    "resources": [
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-**879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/spaces",
    "organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/**organizations",
    "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**organizations",
    "billing_managed_**organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71/billing_**
    managed_organizations",
    "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**organizations",
    "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**spaces",
    "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**spaces"
    }
    }


    Same with:
    vagrant@precise64:/vagrant$ *cf curl GET http://127.0.0.1:8181/v2/
    users/c3d487dd-7a3b-459e-abe3-879b85c16e71*
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-**879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/spaces",
    "organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/**organizations",
    "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**organizations",
    "billing_managed_**organizations_url": "/v2/users/c3d487dd-7a3b-459e-
    **abe3-879b85c16e71/billing_**managed_organizations",
    "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**organizations",
    "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**spaces",
    "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**spaces"
    }
    }

    After digging around I found the cf-uaac gem.

    Does it make any sense to add additional information to the CC response
    (at least username and email)?

    thx
    - Manuel
  • Nicolás Oga at Jul 16, 2013 at 6:39 pm
    I see, I'll try later with a local cf setup.


    2013/7/15 Shannon Coen <scoen@gopivotal.com>
    These instructions are for those who have their own CF installs. We
    wouldn't give out our secret for our prod instance. If you want to see a
    list of users for your org on run.pivotal.io, look at the web console.
    This feature hasn't been implemented in the CLI yet.

    Best,

    Shannon Coen
    Product Manager, Cloud Foundry
    Pivotal, Inc.
    mobile: 415.640.0272
    skype: shannoncoen

    On Mon, Jul 15, 2013 at 9:02 AM, Nicolás Oga wrote:

    I'm testing against a free trial account on uaa.run.pivotal.io, so my
    problem may be that I don't have the access to the client secret.

    $ uaac token get admin

    Password: *********


    CF::UAA::BadResponse: status 401


    attempt to get token failed
    $ uaac token client get admin
    Client secret: ??????????

    I remember seeing in the docs that the secret rests in conf some file in
    the server, so I guess only way to get it is asking for it or having a
    local CF setup?

    Thanks for the answers
    El viernes, 5 de julio de 2013 16:39:27 UTC-3, manuel...@altoros.comescribió:
    I wanted to retrieve the email/username of my existing users.

    My first I thought:
    *vagrant@precise64:/vagrant$ cf users*
    Getting users... OK
    :
    admin?: true


    But wait, isn't the usernames missing before the colon?
    *vagrant@precise64:/vagrant$ cf users -t*
    ..
    REQUEST: GET http://127.0.0.1:8181/v2/**users?inline-relations-depth=0<http://127.0.0.1:8181/v2/users?inline-relations-depth=0>

    RESPONSE_BODY:
    {
    "total_results": 2,
    "total_pages": 1,
    "prev_url": null,
    "next_url": null,
    "resources": [
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-**879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/spaces",
    "organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/**organizations",
    "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**organizations",
    "billing_managed_**organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71/billing_**
    managed_organizations",
    "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**organizations",
    "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**spaces",
    "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**spaces"
    }
    }


    Same with:
    vagrant@precise64:/vagrant$ *cf curl GET http://127.0.0.1:8181/v2/
    users/c3d487dd-7a3b-459e-abe3-879b85c16e71*
    {
    "metadata": {
    "guid": "c3d487dd-7a3b-459e-abe3-**879b85c16e71",
    "url": "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71",
    "created_at": "2013-07-05 14:46:01 +0000",
    "updated_at": null
    },
    "entity": {
    "admin": true,
    "active": true,
    "default_space_guid": null,
    "spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/spaces",
    "organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/**organizations",
    "managed_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**organizations",
    "billing_managed_**organizations_url":
    "/v2/users/c3d487dd-7a3b-459e-**abe3-879b85c16e71/billing_**
    managed_organizations",
    "audited_organizations_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**organizations",
    "managed_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/managed_**spaces",
    "audited_spaces_url": "/v2/users/c3d487dd-7a3b-459e-**
    abe3-879b85c16e71/audited_**spaces"
    }
    }

    After digging around I found the cf-uaac gem.

    Does it make any sense to add additional information to the CC response
    (at least username and email)?

    thx
    - Manuel

    --
    --------------------------------------------------------------------------------------------
    Nicolas Oga. Desarrollador de software, rubyista!
    GitHub <http://nicooga.github.com>
    LinkedIn <http://ar.linkedin.com/in/nicolasoga>
    Stackoverflow

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupvcap-dev @
postedJul 5, '13 at 7:39p
activeJul 16, '13 at 6:39p
posts10
users5

People

Translate

site design / logo © 2017 Grokbase