Sync Gate way User Creation

Mobile Sync Gateway
1

Hi Team, We are doing a POC on the Sync DB integration with Okta authedication. Now, we have a API which associate the Users and channels via the admin(_users ) rest API. when we hit the _users api which a JSON data it is able to create the record but it requires a password field in the JSON. is there a way we can create users with out password field?
Also, in case we go with Okta, let’s say we don’t want to create users this way how is the users will be added into sync gateway? please provide if any example if you have

For Ex: _user( This fails because it requires a password field, even we empty “password” field it throws error
{
“name”: “12345”,
“admin_channels”: [
“District.003115”,
“Promotion.Route.97544_157_1”,
“Route.97544_157_1”
]
}

2

Is there a way user channel mapping without password field using rest api?

3
  1. Which version of Sync Gateway are you using?
  2. Do you have a copy of the error message you’re seeing?

You should be able to send the request over the admin port without a password field to just update the user’s channels.

$ curl -X PUT http://localhost:4985/db1/_user/demouser -d '{"admin_channels":["foo"]}'
$ curl -X GET http://localhost:4985/db1/_user/demouser
{"name":"demouser","admin_channels":["foo"],"all_channels":["!","foo"]}
4

Hi,
We are using sync gateway version 2.7.1- and we are using admin port to do it.

Here is my error:
{
“error”: “Bad Request”,
“reason”: "Empty passwords are not allowed "
}
Request: it is a post method not put method.(assumption is user is not already there in the sync gateway)
{
“name”: “54321”,
“admin_channels”: [
“District003115”,
“District003116”,
“Promotion.Route97545_157”,
“Route97545_157”
]
}

5

Oh I see - I thought you were updating an already existing user.

If you’re using an OIDC provider to ingerate Okta, there’s a way to create users automatically using the: register:true OIDC config option.

https://docs.couchbase.com/sync-gateway/current/config-properties.html#databases-foo_db-oidc-providers-foo_provider-register

There IS a config option to allow empty passwords when creating users via the REST API, but this is not recommended, as it allows users to create sessions without any authentication.
Your best bet would be to just generate a random password.