Problem with Python + API_KEY + Add user to group

Okay. Okay. Thank you.
But how do I write a request?
Where do I enter the group and user IDs?
Could you give an example of how to use it?
If possible, it is desirable to use python =)

I tried to write from the link as an example, but the script refuses to work. API toke took from https://id.atlassian.com/manage/api-tokens

Ah, sorry I missed that part of the question. Two more changes should get you going. 

First, it has to be a POST request instead of GET. Rule of thumb here is: GET request will always just get some information, POST requests change things.

Second, the group name has to be part of the URL. The documentation says so, but the examples do not really show this. 

My Python is a bit rusty, but the following should get you going, just replace YOUR_AUTH, YOUR_GROUP and ACCOUNT_ID:

import requests
import json

url = "https://innovecs.atlassian.net/rest/api/2/group/user?groupname=YOUR_GROUP"

headers = {
   "Accept": "application/json",
   "Content-Type": "application/json",
   "Authorization" : "Basic YOUR_AUTH"
}

payload = json.dumps( {
  "accountId": "ACCOUNT_ID"
} )

response = requests.request(
   "POST",
   url,
   data=payload,
   headers=headers
)

print(json.dumps(json.loads(response.text), sort_keys=True, indent=4, separators=(",", ": ")))

I'm trying to follow your recommendation by filling out
YOUR_GROUP = confluence-users (default group)
YOUR_AUTH = "Basic <API Token>
ACCOUNT_ID = respectively

Now the page returns me an error (401)

Please, I need your help :)

Could it be a wrong request to url?
I'm trying to change it to groupid/group_id, but it gives the same 401 :(

<title>Unauthorized (401)</title>

I noticed if you remove the "Authorization" line: "Basic <Api Key>" That error 401 changes to:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?><status><status-code>401</status-code><message>Client must be authenticated to access this resource.</message></status>

Hi Konstantin,

did you base64-encode your e-mail:API-token pair? Simply copying the token into place should fail.

Alternatively you could try by adding your e-mail and API-token directly to the URL, although that always seemed messy to me. Anyway, that would look like this:

url = "https://YOUREMAIL:API-TOKEN@innovecs.atlassian.net/rest/api/2/group/user?groupname=YOUR_GROUP"

headers = {
   "Accept": "application/json",
   "Content-Type": "application/json"
}

OMG, it was all about the encoding. I wasn't doing the right thing and I misread the instructions you sent me. I encoded the e-mail separately, and I needed the whole line of e-mail:API-token.
I apologize for my stupidity. I'm just learning :)
Thank you. Everything works. After all, the code looks like this:

import requests
import json

url = "https://innovecs.atlassian.net/rest/api/2/group/user?groupname=<GroupeName>"

headers = {
   "Accept": "application/json",
   "Content-Type": "application/json",
   "Authorization": "Basic <e-mail:API-token in Base-64 encoding>"
}

payload = json.dumps( {
  "accountId": "<userId>"
} )

response = requests.request(
   "POST",
   url,
   data=payload,
   headers=headers
)

print(response.text)

I have one more request for you.
Can I add a user by e-mail or by their name instead of their ID?

Happy to hear that it's working for you now!

If I remember correctly, you can either use the accountId or the username. However, the preferred way is the accountId, because of privacy concerns, see also here: https://developer.atlassian.com/cloud/jira/platform/deprecation-notice-user-privacy-api-migration-guide/

Yeah, I understand that this is a moment of safety.
The thing is that we have a script to create an account, and the only parameter I can extract is Login or email.
And here we come across the pitfalls again.

payload = json.dumps( {
  "emailAddress": "<userEmail>" # Or "username": "<login>"
} )

shows:

{
"errorMessages": [
"Specified user does not exist or you do not have required permissions"
],
"errors": {}
}

I can extract userid from the GET request.
But the request gives out a lot of other information. And I haven't yet figured out how to extract only userId from it and write it into a variable for further use.

Only way I could think of is first retrieving the accountId for each user using the '/rest/api/3/user' resource and then using that accountId to add the user to the group.

That's an extra step for each user, but I do not think there is a way around this.