API update user

[Damien]

Hi everybody,
I can't find how I can update policies by admin API key and request. Server always respond with an 400 error.
But I read the doc and I cannot find it out.
Here simple python code that fails :

import requests

ADMIN_API_KEY = 'myadminapikey'
JELLYFIN_SERVER_URL = 'myjellyfinserverurl'
JELLYFIN_USER_ID = 'ajellyfinuserid'

headers = {
    "Authorization": f'MediaBrowser Token="{ADMIN_API_KEY}"',
    "Content-Type": "application/json"
}

data = {
    'EnableAllChannels': False,
    'EnableAllFolders': False,
    'EnableContentDownloading': False,
    'EnableLiveTvAccess': False,
    'EnableLiveTvManagement': False,
    'EnableSharedDeviceControl': False,
    'SyncPlayAccess': None,
}
   
response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}/Policy', headers=headers, json=data)
print(response.status_code)

Thank you for your help !

Best regards

Damien    

[qwerty12]

PHP Code:

import requests

ADMIN_API_KEY = 'myadminapikey'
JELLYFIN_SERVER_URL = 'http://127.0.0.1:8096'
JELLYFIN_USER_ID = 'a2b6823293f24f0d9620cc7336971e96'

data = {
    'EnableAllChannels': False,
    'EnableAllFolders': False,
    'EnableContentDownloading': False,
    'EnableLiveTvAccess': False,
    'EnableLiveTvManagement': False,
    'EnableSharedDeviceControl': False,
    'SyncPlayAccess': 'None',
}

response = requests.get(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}', headers={
    'Authorization': f'MediaBrowser Token="{ADMIN_API_KEY}"',
    'Accept': 'application/json',
})
response.raise_for_status()
data = {**response.json()['Policy'], **data}
if 'AuthenticationProviderId' not in data:
    data['AuthenticationProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultAuthenticationProvider'
if 'PasswordResetProviderId' not in data:
    data['PasswordResetProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultPasswordResetProvider'

response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}/Policy', headers={
    'Authorization': f'MediaBrowser Token="{ADMIN_API_KEY}"'
}, json=data)
response.raise_for_status() 


P.S. If the automation is what I suspect it's for, then https://github.com/jellyfin/jellyfin/issues/5415 is a worthwhile read.

[Damien]

Thank you very much for your answer ! But it does not work.

Here new code including your solution :

import requests

API_KEY = ''
JELLYFIN_SERVER_URL = ''
JELLYFIN_USER_ID = ""
JELLYFIN_ADMIN_ID = ""
ADMIN_USERNAME = ""
ADMIN_PW = ""

def qwerty12_fix() :

data = {
'EnableAllChannels': False,
'EnableAllFolders': False,
'EnableContentDownloading': False,
'EnableLiveTvAccess': False,
'EnableLiveTvManagement': False,
'EnableSharedDeviceControl': False,
'SyncPlayAccess': 'None',
}

response = requests.get(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}', headers={
'Authorization': f'MediaBrowser Token="{API_KEY}"',
'Accept': 'application/json',
})
response.raise_for_status()
data = {**response.json()['Policy'], **data}
if 'AuthenticationProviderId' not in data:
data['AuthenticationProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultAuthenticationProvider'
if 'PasswordResetProviderId' not in data:
data['PasswordResetProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultPasswordResetProvider'

response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}/Policy', headers={
'Authorization': f'MediaBrowser Token="{API_KEY}"'
}, json=data)
response.raise_for_status()
headers = {
"Authorization": f'MediaBrowser Token="{API_KEY}"',
"Content-Type": "application/json"
}

def my_fix() :

headers = {
"Authorization": f'MediaBrowser Token="{API_KEY}"',
"Content-Type": "application/json"
}

data = {
"Username" : ADMIN_USERNAME,
"Pw" : ADMIN_PW
}

response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/AuthenticateByName', headers=headers, json=data)
TOKEN = response.json().get("AccessToken")

headers = {
"Authorization": f'MediaBrowser Token="{TOKEN}"',
"Content-Type": "application/json"
}

data = {
"Policy" :
{
'EnableAllChannels': False,
'EnableAllFolders': False,
'EnableContentDownloading': False,
'EnableLiveTvAccess': False,
'EnableLiveTvManagement': False,
'EnableSharedDeviceControl': False,
'SyncPlayAccess': None
}
}

response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}', headers=headers, json=data)
print(response.status_code)
print(response.text)
print(response.reason)


so qwerty_12() raises 400 error
and my_fix() raises also 400 error

Still lost !

[qwerty12]

Sorry, I don't have any more ideas. What I posted does work for me locally - I try and copy the web client by getting the existing Policy values too - but the first account I tried with didn't have AuthenticationProviderId and PasswordResetProviderId set, which is needed to call /Policy from what I could tell. It's possible I've missed out more required values. Try running your script again while looking at the Jellyfin server logs - you might spot the exception the server is throwing up.

[Damien]

Thanks for your response. Jellyfin logs said ; "System.ArgumentNullException: Value cannot be null. (Parameter 'passwordResetProviderId')"

[qwerty12]

Right, so data is missing PasswordResetProviderId (and probably AuthenticationProviderId). You can extend

PHP Code:

if 'AuthenticationProviderId' not in data:
    data['AuthenticationProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultAuthenticationProvider'
if 'PasswordResetProviderId' not in data:
    data['PasswordResetProviderId'] = 'Jellyfin.Server.Implementations.Users.DefaultPasswordResetProvider' 


by checking for other "false" values too, like seeing if data['AuthenticationProviderId'] etc. is None, if it's an empty string once stripped and so on.

... or just unconditionally set them in data, which might be the easiest thing to do, but probably not the cleanest:

PHP Code:

data = {
    'EnableAllChannels': False,
    'EnableAllFolders': False,
    'EnableContentDownloading': False,
    'EnableLiveTvAccess': False,
    'EnableLiveTvManagement': False,
    'EnableSharedDeviceControl': False,
    'SyncPlayAccess': 'None',
    'AuthenticationProviderId': 'Jellyfin.Server.Implementations.Users.DefaultAuthenticationProvider',
    'PasswordResetProviderId': 'Jellyfin.Server.Implementations.Users.DefaultPasswordResetProvider',
} 


[Damien]

Thanks but even if I set them unconditionally as you mentionned above, it remains 400 error with log message : "System.ArgumentNullException: Value cannot be null. (Parameter 'passwordResetProviderId')". Weird

[tmsrxzar]

are you hitting a case sensitivity issue?

"PasswordResetProviderId" is not "passwordResetProviderId"

[Damien]

None of these two are working however

[tmsrxzar]

started looking into this, not sure where you are reading documentation but i logged it in my browser's dev panel

the jellyfin web sends different parameters, specifically the headers and the auth to be more specific


edit

this code works for me

Code:

import requests

ADMIN_API_KEY = '...'
JELLYFIN_SERVER_URL = '...'
JELLYFIN_USER_ID = '...'

headers = {
    "X-Emby-Authorization": f'MediaBrowser Token="{ADMIN_API_KEY}"',
    "Content-Type": "application/json"
}

data = {"EnableContentDownloading":False,
        "AuthenticationProviderId":"Jellyfin.Server.Implementations.Users.DefaultAuthenticationProvider",
        "PasswordResetProviderId":"Jellyfin.Server.Implementations.Users.DefaultPasswordResetProvider"}

response = requests.post(f'{JELLYFIN_SERVER_URL}/Users/{JELLYFIN_USER_ID}/Policy', headers=headers, json=data)
print(response.status_code)

where ADMIN_API_KEY is an api key generated from the dashboard -> api keys
SERVER_URL is my server
JELLYFIN_USER_ID is the user id in the address bar when viewing a user (not a username)