Home > Software engineering >  LastPass Enterprise API New User Request
LastPass Enterprise API New User Request

Time:06-24

I am trying to use the LastPass Enterprise API to automate the creation of new users in our system using Powershell. I cannot seem to get the call to the API correct in my code. I am almost certain it has something to do with the "data" object. This is the batch object I am passing through the body.

$lastPassObject = @{
      cid = "G1TUROWN";
      provhash = "N0TM!NE";
      cmd = "batchadd";
      data = @(
        {          
          username = $email;
          fullname = $firstName   " "   $lastName;
          password = "Toys4Trucks22!";
          password_reset_required = "true";
        } 
      )
  }

Here is my API call

Invoke-RestMethod -Uri "https://lastpass.com/enterpriseapi.php" -Method Post -Body $lastPassObject -ContentType "application/json"

Followed by the Error I am receiving

Error Message

Reference to the API: https://support.lastpass.com/help/add-new-users-via-lastpass-api

CodePudding user response:

You need to convert your body to json before sending it. Also, you put your Data section in a scriptblock within an array. This need to be a hashtable, not a scriptblock.

$lastPassObject = @{
      cid = "G1TUROWN";
      provhash = "N0TM!NE";
      cmd = "batchadd";
      data = @(
# This need to be an hashtable. You were missing the @
        @{          
          username = $email;
          fullname = $firstName   " "   $lastName;
          password = "Toys4Trucks22!";
          password_reset_required = $true;
        } 
      )
  }

$Body = $lastPassObject | ConvertTo-Json
Invoke-RestMethod -Uri "https://lastpass.com/enterpriseapi.php" -Method Post -Body $Body -ContentType "application/json"

If you still have issues after that, make sure to check what the actual json look like (after ConvertTo-Json) so you know exactly what you are sending and can spot more easily discrepancies. For instance, when I first did it, I immediately saw that the data section was all wrong, formatting wise and spotted the missing @ because of that.

Also, still by looking at the converted json and the example from their doc, you can see that password_reset_required is a boolean. I changed your "true" to $true so that the correlating json would be what was expected.

  • Related