Create-user Python script
Overview
You can create SFTP users in the web admin portal. But if you need to create many users at once, it might be easier and less error-prone to script this process.
This article goes over how to create an SFTP user via a Python script.
Preparation steps
Before you begin, you will need to gather some information which you will need later.
Get the public IP address of your SFTP Gateway VM.
SSH into the VM, and retrieve the contents of the following file:
/opt/sftpgw/application.properties
You are specifically looking for these properties:
security.client.id
security.client.secret
The client id and secret will be used later to talk to the SFTP Gateway API.
Create the script
On your local workstation, create a new file named create-user.py.
Populate the file contents with the Python code found at the bottom of this article.
Update the values in the following code block:
client_id = "M1N9X5CG9DIKI5Z8" # security.client.id
client_secret = "PW829V3PNP98EROR" # security.client.secret
admin_username = "admin"
admin_password = "change-this-password-to-the-real-value"
api_url = "https://123.123.123.123/backend"
client_id: Set this to thesecurity.client.idfromapplication.propertiesclient_secret: Set this to thesecurity.client.secretfromapplication.propertiesadmin_username: This is the web admin username used to log into the web admin portaladmin_password: This is the web admin user's passwordapi_url: Replace the placeholder IP123.123.123.123with your real public IP
The Python script creates a single SFTP user. Replace the following lines with a real username and public key:
username = "robtest"
pub_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgrzgMlooYrCjGyBBSsHHAJwOzX9Rm8="
key_name = "rob-key-1"
Usage
When you have made all the appropriate changes to the Python script, you can run it:
python3 create-user.py
This should create a new SFTP user. This SFTP user should also have a public key.
Python script for creating an SFTP user
from urllib3.exceptions import InsecureRequestWarning
import requests
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)
# Function to log in and get access token
def get_access_token(api_url, client_id, client_secret, admin_username, admin_password):
url = f"{api_url}/login"
data = {
"grant_type": "password",
"username": admin_username,
"password": admin_password
}
response = requests.post(url, auth=(client_id, client_secret), data=data, verify=False)
response.raise_for_status()
return response.json()["access_token"]
# Function to create user
def create_user(access_token, api_url, user_data):
url = f"{api_url}/3.0.0/users"
headers = {
"Content-Type": "application/json",
"Authorization": f"Bearer {access_token}"
}
response = requests.post(url, headers=headers, json=user_data, verify=False)
response.raise_for_status()
return response.json()
# Function to create user with key
def create_user_with_key(username, pub_key, key_name, access_token, api_url):
user_data = {
"username": username,
"publicKeys": [
{
"name": key_name,
"value": pub_key
}
]
}
return create_user(access_token, api_url, user_data)
# Main function
def main():
# Configuration values (update these as required)
client_id = "M1N9X5CG9DIKI5Z8" # security.client.id
client_secret = "PW829V3PNP98EROR" # security.client.secret
admin_username = "admin"
admin_password = "change-this-password-to-the-real-value"
api_url = "https://123.123.123.123/backend"
# api_url = "http://127.0.0.1:8080"
# Authenticate and get access token
access_token = get_access_token(api_url, client_id, client_secret, admin_username, admin_password)
# print("access_token:: ", access_token)
username = "robtest"
pub_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgrzgMlooYrCjGyBBSsHHAJwOzX9Rm8="
key_name = "rob-key-1"
create_user_with_key(username, pub_key, key_name, access_token, api_url)
if __name__ == "__main__":
main()