How to create users while registering with different roles via API?


Hi everyone,

I am trying to call the API and create users. I have created two roles Role 1 and Role 2. For some users I want to assign Role 1 and for some users Role 2. The use case is something like my application will have vendors and customers. From the vendor app the default role for user registration should be role 1 and for customer app it should be role 2. I tried different methods mentioned in the forum but nothing works.

I tried the script on Post process, tried sending a post request to /user/register?role_id=2 and other stuff too but nothing seem to be working. I tried this post as well

Can someone give me a link or tell me the procedure on creating users with different roles using API?



Hello, @ramnew2006
Users will be registered by an Admin? Or will register themselves from another app?

best regards,


Hi @juniorconte users have to register by themselves not by an admin.

Let’s say there are two mobile apps for my company where the customers register themselves and raise certain requests. There is another mobile app which the vendors use to accept the requests raised by customers. So when the user gets registered from customer app they should be assigned customer role where as it will be vendor role for the other mobile app. Hope this makes sense.


Hi, @ramnew2006

I understand your scenario.
I follow a path that should have worked, I think may be a bug, @drewpearce could confirm this.

1 - I created an event script

var lodash = require("lodash.min.js");

var role1Id = 2;
var role2Id = 3;

var appVendorId = 2;
var appCustomerId = 3;

if (!!event.request.payload.type && !!platform.session.user) {
  var userObject = platform.api.get('system/user/''?related=user_to_app_to_role_by_user_id');

  lodash._.each(userObject.user_to_app_to_role_by_user_id, function(userApp) {
    switch (event.request.payload.type) {
      case 'customer':
        if (userApp.app_id === appCustomerId) {
          userApp.role_id = role1Id;
      case 'vendor':
        if (userApp.app_id === appVendorId) {
          userApp.role_id = role2Id;

  platform.api.patch('system/user/''?related=user_to_app_to_role_by_user_id', userObject);

2 - In addition to the standard body of the user registration request, I added the ‘type’ attribute to JSON

  "email": "string",
  "first_name": "string",
  "last_name": "string",
  "display_name": "string",
  "new_password": "string",
  "type": "string"

3 - To be available section during script execution, the query string passed login = true


4 - I configured a role to access via SCRIPT to the system / user with GET and PATCH. And it was here that something went wrong.

Follows the settings made:

If it is not a bug, I have no other idea how to do :pensive:


I am not sure whether platform.session.user will be available for the first time registration? Correct me if i am wrong because I tried to get the user id using platform.api.get(“user/session”).user_id but it says “There is no valid session token”

One curious thing I have noticed is a POST request made directly to “system/user” with “user_to_app_to_role_by_user_id” : { “app_id”: 1, “role_id”: 1} in the user details payload is working perfectly fine and the user is being created with exact assignment of roles.

This whole system/user and user/register is quite confusing to me and I am not sure which one to use.


I think there is a session, as in the request, the user/73 “as the error log that have attached” was created in the registration request.

I think the problem is to allow the user to request this system / user via the API. He could to set permissions that should not have access. The user / register prevents it.


I have setup a role as you have mentioned and assigned it to Open registration default role. Also created an app with this default role. Now, I have made the following API call.

                    dataType: 'json',
                    contentType: 'application/json; charset=utf-8',
                    url: ""+ '/api/v2/user/register?login=true',
                    data: JSON.stringify({
                        "email": "",
                        "new_password": "password",
                    success:function (response) {
                    error:function (response) {
                        return false;

I have also tried printing the event.response and also the Patch event result. The response says platform.session.user is null. I am not sure why but in my case platform.session.user is returning null instead of the id of the user.


There is something strange about the Even putting something simple like: = ‘bar’; foo does not return to the request.

Making a var_dump (event.response.content); foo value appears on the console “tail -f …/apps/dreamfacotry/htdocs/storage/logs/dreamfacotry.log” . The same thing happens if I do a var_dump (platform.session.user)

I will investigate further, and any news notice here. If I get to conclusion which is really a bug, I will open an issue in Git Hub.

My DreamFactory Version: 2.1.0


Sure thanks.

BTW My dreamfactory version is 2.0.4


Apparently it’s a bug and is already registered:


I am not sure about changes to event.response not sticking. I was able to set event.response.resp_check = true; statement and when I return the event.response resp_check was there intact in the response printed in console.

The problem I have is about the platform.session.user and the patch event. For me platform.session.user returns null and not working because I have setup a check inside the if loop if(!!platform.session.user) which is not going through whereas the above resp_check is set outside the loop and this is being set successfully.

So, event there is a bug with platform.session.user being null while the time of registering in the POST process script.


Did you find any solution for this bug? I’also have been implemented it in my script tab. Actually i think that trouble arises while we calling this platform.api.get('system/user/''?related=user_to_app_to_role_by_user_id');
api it’s really not get the userObject in case of failure it returns undefined value. I have tested these api calls via post man it’s working.


Did you find the solution for this context?


I guess @drewpearce @benbusse needs to step in and give us an update on this :stuck_out_tongue:


@drewpearce Can you say the trouble(error) of @juniorconte solution of this post.
If you say the suggestions(any other solutions for role assignment via api) then it’l be useful us as go through DSP faster in our development.



@juniorconte When changing the content of the response you will need to set event.response.content_changed = true before it will get copied back to the main process stream. This was to prevent copying content unnecessarily when handling events. See if that helps this scenario. We have someone looking into the big picture question right now.


Hi @leehicks, I did some testing

setting event.response.content_changed = true on post_proccess script, the change was included in the request’s response. = "bar";
event.response.content_changed = true;

foo is exposed to client/req.

I wonder if the idea of spending login = true for user / register, should create a valid session during post_proccess the user request / register. That still does not fuincionou correctly, apparently the role is not applied correctly.

best regards,


Hello everyone,
I’m sorry, there were some errors in my previous script.

the correct is:

var lodash = require("lodash.min.js");

var role1Id = 5;
var role2Id = 6;

var appVendorId = 5;
var appCustomerId = 6;

if (!!event.request.payload.type && !!platform.session.user) {
  var userObject = platform.api.get('system/user/''?related=user_to_app_to_role_by_user_id');
  lodash._.each(userObject.content.user_to_app_to_role_by_user_id, function(userApp) {
    switch (event.request.payload.type) {
      case 'customer':
        if (userApp.app_id === appCustomerId) {
          userApp.role_id = role1Id;
      case 'vendor':
        if (userApp.app_id === appVendorId) {
          userApp.role_id = role2Id;

  var req = platform.api.patch('system/user/''?related=user_to_app_to_role_by_user_id', userObject.content);

And I create role named “public”, and assigned role on service User > open registration role, And assigned public role on default role App.

On public role, Assign access to:

service: system
component: user/*
access: GET, PATCH
requestor: SCRIPT

Thats, it. Works fine. :wink:


Still doesn’t work for me :frowning:

Both event.response.content_changed and the patch event are not working still! :sob:


Ok, we have to check all the settings, but we know that is not a platform BUG.
Here a few hours, I will prepare a material comprising all config points in detail.

Assigning role after oauth 1st sign-in