Create-daml-app, locally, user not found

Questions
1

Using create-daml-app, sdk 2.2.0
daml new create-daml-app --template create-daml-app

I’m running into the error USER_NOT_FOUND, previously we were able to just input into the login textbox any username, and that string would become the party ID. Now, I cannot do that it seems.

From Setup.daml it seems that we now have to pre-define the users, is that correct?

setup = do
  public <- createPublic
  let aliases = ["Alice", "Bob", "Charlie", "Ron"]
  forA_ aliases $ \alias -> createTestUser $ TestUser alias public

Locally, will I always need to predefine some users? I won’t be able to make up some random name on the fly and use the app?

2

Yes, users (and parties) have to be allocated upfront. The implicit party allocation feature that existed in SDK < 2.0 has been removed.

1 Like
3

@cocreature
I’d like to clarify whether the necessity to allocate parties and users upfront applies to create-daml-app example or to any Daml app compiled with Daml 2.x. My understanding is that for Daml 2.x application it’s perfectly possible to implement client side workflow, where we create users and parties on the fly. I.e. when a user types in the username in the login screen, we check if the user exists, and if not, we allocate a new party and create a new user with the userId that the user typed into the login screen. This workflow could be implemented using HTTP JSON API or perhaps even using the @daml/ledger Typescript library. Please correct me if I’m wrong.

4

The ledger-side requirement is the same everywhere: A party needs to be allocated before it is used. Now how you allocate it doesn’t matter as long as it happens before, can be via a Daml script, json api, ….

However, the specific flow you are proposing doesn’t really work: Allocating a party requires admin rights. So if you try to implement your workflow you need to give any user that tries to login admin rights so they can potentially create the party. That’s not really an option in practice.

There is a variant of this that you can make secure: On login, you talk to an IAM. That IAM can have admin rights. Either it hands you a token directly for your user, or if not it checks whatever conditions it needs before creating a party & user and then hands you back a token for that. Clearly more complex to setup though than the create-daml-app model where you just make up the tokens on the fly in your frontend during development.

5

Thank you very much @cocreature. This is very good to know.