Create a user

This operation creates a user, or clones an existing user's role assignments, in the account specified in your API client credentials. Optionally, sends a randomly generated one-time use password to the new user. If you send the email with the password directly to the user, the response for this operation doesn't include that password. If you don't send the password to the user through email, the password is included in the response.

Query Params
boolean
Defaults to true

Sends a one-time password to the new user, true by default.

string

For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.

Body Params
string
enum
required

Specifies the user's multi-factor authentication method, confirming their identity. Either TFA, MFA, or NONE, which offers no additional authentication.

Allowed:
string
length ≥ 1

The user's street address.

authGrants
array
required

The user's role assignments, per group. You need to assign at least one role to a user, with only one role allowed for the user per group. Account level roles are optional. Provide either this or the cloneFrom.

authGrants*
string
length ≥ 1

The user's city.

string
length ≥ 1

The username to clone a user's authGrants from. Provide either this or the authGrants.

string
length ≥ 1

User's contact type. To get the available values, run the View contact types operation.

string
required
length ≥ 1

User's country. To get the available values, run the View supported countries operation.

string
required

The user's email address. It needs to be a valid email address users can access, as they'll be sent a OTP to enter while logging in for the first time. To learn more, see Frequently asked questions.

string
required
length ≥ 1

The user's first name.

string
length ≥ 1

The user's position at the company.

string
required
length ≥ 1

The user's surname.

string
length ≥ 1

The user's mobile phone number in ITU-T E.164 format, that is, +country code-area code-subscriber number. For example, +3551234567891 or +441234567891. For Canadian and US phone numbers, you can provide them with a country code (for example, +11234567891) or without it as a ten-digit integer within a string (for example, 1234567891).

notifications
object

Specifies email notifications the user receives for products.

string
length ≥ 1

The user's mobile phone number in ITU-T E.164 format, that is, +country code-area code-subscriber number. For example, +3551234567891 or +441234567891. For Canadian and US phone numbers, you can provide them with a country code (for example, +11234567891) or without it as a ten-digit integer within a string (for example, 1234567891).

string
length ≥ 1

The user's language. To get the available values, run the View languages operation.

string

The user's alternate email address.

integer
≥ 0

The number of seconds it takes for the user's Control Center session to time out after no activity. To get the available values, run the View timeout policies operation. Make sure to select a value that's equal or smaller to the Max session timeout value, set for your account in the Identity and Access Management interface's Settings tab.

string
length ≥ 1

The user's state or province if user's country is USA or Canada. To get the available values, run the View states for a user profile operation.

string
length ≥ 1

The user's time zone. To get the available values, run the View time zones operation.

string
length ≥ 1

The user's five-digit postal code, represented as a string.

Response

Language
URL
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json