This message was deleted.

yes

Is it possible to enable an external identity provider such as Azure AD using API? Activating this feature is not working when using the Helm Chart and setting an extraEnv environment variable for Rancher deployment.

Im Trying This

curl -u "token-xxxx:pw8txxxxxxxxxxxxxxxxxxxxxxxxxxg2x66fh" \
-X POST \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
'<https://1x.1xx.1xx.1xx/v3/users>'

HTTP/1.1 POST /v3/users
Host: 1x.1xx.1xx.1xx
Accept: application/json
Content-Type: application/json
Content-Length: 307

{
"annotations": {
"<http://lifecycle.cattle.io/create.mgmt-auth-users-controller|lifecycle.cattle.io/create.mgmt-auth-users-controller>": "true"
},
"description": "Test For Rancher Automation",
"enabled": true,
"labels": {
"<http://cattle.io/creator|cattle.io/creator>": "norman"
},
"mustChangePassword": true,
"name": "Rancher Test",
"password": "password123@3545%098g",
"principalIds": [ ],
"username": "ranchertester"
}

But Its Not Working. Getting This As An Error:

curl: (60) SSL certificate problem: self-signed certificate in certificate chain
More details here: <https://curl.se/docs/sslcerts.html>

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

Are you using the self-signed certificate ? Please make sure to add

-k

to the curl command

Using ALB. and Also Added -k And Tried. Still Same Issue

Here's another option that may be useful to you: you can create the user directly from the Rancher UI, and then inspect the web page to see the rights information that the user is using to make this request possible

Ok. Will Give It A Try