API to block/unblock users

Palmmypoko · April 3, 2020, 5:03am

I want to block/unblock users by using API.

I following this article Users API | GitLab.

I already get blocked user’s id by this API

http://xxxxxxxxxxxxxx/api/v4/users/?username=xxxxxx

Postman_2020-04-03_11-55-53

But when i use API to unblock user by that user id.

http://xxxxxxxxxxxxxx/api/v4/users/1402/unblock

It returned ‘404 Not Found’.

Postman2_2020-04-03_11-56-26

What does it means? And How to resolve it?

In articles explain only ‘404 User Not Found’

My gitlab is 12.6.3
Gitlab API v4

rev · April 3, 2020, 8:27am

Note that the /unblock endpoint requires a POST.
If you do a GET on /unblock (e.g. by using your webbrowser to go to http://xxxxxxxxxxxxxx/api/v4/users/1402/unblock) you’ll get a 404.

Palmmypoko · April 3, 2020, 8:57am

Thank you for your reply.

I already used POST . And also tried PUT but still not work.
Postman-

rev · April 3, 2020, 11:40am

Can you check the HTTP code in the response header?
This API returns true or false, and it looks like that’s not recognized by the calling app, and thus translated into a 404.

Palmmypoko · April 7, 2020, 3:57am

Hello rev,

Could you help suggest, How to check the HTTP code in the response header?

Did you mean this? (I’m using Postman)

rev · April 13, 2020, 6:09pm

The HTTP response code is shown as Status, which is indeed a 404.

Here’s an idea:
I see that you do the API calls at an http:// address.
Is your server actually at an https:// address?
If it is, any call at http:// will get redirected by Nginx to https://.
That works fine for any GET API calls like /api/v4/users.
However, when you do a POST call, Nginx redirects it to https:// but will then issue a GET call.
As there is no GET /users/<id>/unblock endpoint, you’ll get a 404.

Tools like Postman are handy, but can hide important information, or do things automatically behind the scenes.
Using cURL with -v instead can be useful in cases like this.

Palmmypoko · April 15, 2020, 3:22am

Thank you Rev.

I submitted this question to gitlab support too and It already resolved.
Sorry for duplicate question.

Thank you for you support.

opouwels · October 16, 2020, 12:11am

Hi Palmmypoko,
Can you share your solution in this topic?
I have the same problem with unclovken users through API
Regards
Oscar
–> edit found the cause, I used PUT and had to use POST, works fine now

Manjga · May 10, 2021, 8:37am

Hi there,

I have the same issue. Maybe someone could share a solution?
@Palmmypoko

raja4dev · December 14, 2023, 7:26am

Below cURL command is used to block a user in GitLab using the GitLab API.
Here’s a summary of the command:

curl --location --request POST 'https://<GitLab DNS/IP>/api/v4/users/<userid>/block' \
--header 'Authorization: Bearer <TOKEN>'```

* Replace <GitLab DNS/IP> with the actual DNS or IP address of your GitLab instance.

* Replace <userid> where you wanted to block

* Replace <TOKEN> with a valid authentication token.


This command sends a POST request to the specified endpoint (/api/v4/users/<userid>/block) to block the user with ID. The authorization is handled through a Bearer token provided in the request header.