Create/Import User (Human)
Create/import a new user with the type human. The newly created user will get an initialization email if either the email address is not marked as verified or no password is set. If a password is set the user will not be requested to set a new one on the first login.
Header Parameters
- x-zitadel-orgid string
The default is always the organization of the requesting user. If you like to add users to another organization include the header. Make sure the user has permission in the requested organization.
- application/json
- application/grpc
- application/grpc-web+proto
Request Body required
- userName string required
profile object required
Profile includes the basic information of a user, like first name, last name, etc.
firstName string requiredPossible values:
non-empty
and<= 200 characters
lastName string requiredPossible values:
non-empty
and<= 200 characters
nickName stringPossible values:
<= 200 characters
displayName stringPossible values:
<= 200 characters
preferredLanguage stringPossible values:
<= 10 characters
gender stringPossible values: [
GENDER_UNSPECIFIED
,GENDER_FEMALE
,GENDER_MALE
,GENDER_DIVERSE
]Default value:
GENDER_UNSPECIFIED
email object required
email string requiredObject that contains the email address and a verified flag.
isEmailVerified booleanIf email verified is set to true, the email will be added as verified and the user doesn't have to verify.
phone object
Object that contains the number and a verified flag
phone stringPossible values:
non-empty
and<= 50 characters
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
isPhoneVerified boolean- password string
hashedPassword object
Use this to import hashed passwords from another system.
value stringalgorithm string- passwordChangeRequired boolean
If this is set to true, the user has to change the password on the next login.
- requestPasswordlessRegistration boolean
If this is set to true, you will get a link for the passwordless/passkey registration in the response.
- otpCode string
idps object[]
To link your user directly with an external identity provider (Identity brokering)
Array [configId stringPossible values:
non-empty
and<= 200 characters
The internal ID of the identity provider configured in ZITADEL.
externalUserId stringPossible values:
non-empty
and<= 200 characters
The id of the user in the external identity provider
displayName stringPossible values:
<= 200 characters
A display name ZITADEL can show on the linked provider.
]
Request Body required
- userName string required
profile object required
Profile includes the basic information of a user, like first name, last name, etc.
firstName string requiredPossible values:
non-empty
and<= 200 characters
lastName string requiredPossible values:
non-empty
and<= 200 characters
nickName stringPossible values:
<= 200 characters
displayName stringPossible values:
<= 200 characters
preferredLanguage stringPossible values:
<= 10 characters
gender stringPossible values: [
GENDER_UNSPECIFIED
,GENDER_FEMALE
,GENDER_MALE
,GENDER_DIVERSE
]Default value:
GENDER_UNSPECIFIED
email object required
email string requiredObject that contains the email address and a verified flag.
isEmailVerified booleanIf email verified is set to true, the email will be added as verified and the user doesn't have to verify.
phone object
Object that contains the number and a verified flag
phone stringPossible values:
non-empty
and<= 50 characters
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
isPhoneVerified boolean- password string
hashedPassword object
Use this to import hashed passwords from another system.
value stringalgorithm string- passwordChangeRequired boolean
If this is set to true, the user has to change the password on the next login.
- requestPasswordlessRegistration boolean
If this is set to true, you will get a link for the passwordless/passkey registration in the response.
- otpCode string
idps object[]
To link your user directly with an external identity provider (Identity brokering)
Array [configId stringPossible values:
non-empty
and<= 200 characters
The internal ID of the identity provider configured in ZITADEL.
externalUserId stringPossible values:
non-empty
and<= 200 characters
The id of the user in the external identity provider
displayName stringPossible values:
<= 200 characters
A display name ZITADEL can show on the linked provider.
]
Request Body required
- userName string required
profile object required
Profile includes the basic information of a user, like first name, last name, etc.
firstName string requiredPossible values:
non-empty
and<= 200 characters
lastName string requiredPossible values:
non-empty
and<= 200 characters
nickName stringPossible values:
<= 200 characters
displayName stringPossible values:
<= 200 characters
preferredLanguage stringPossible values:
<= 10 characters
gender stringPossible values: [
GENDER_UNSPECIFIED
,GENDER_FEMALE
,GENDER_MALE
,GENDER_DIVERSE
]Default value:
GENDER_UNSPECIFIED
email object required
email string requiredObject that contains the email address and a verified flag.
isEmailVerified booleanIf email verified is set to true, the email will be added as verified and the user doesn't have to verify.
phone object
Object that contains the number and a verified flag
phone stringPossible values:
non-empty
and<= 50 characters
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
isPhoneVerified boolean- password string
hashedPassword object
Use this to import hashed passwords from another system.
value stringalgorithm string- passwordChangeRequired boolean
If this is set to true, the user has to change the password on the next login.
- requestPasswordlessRegistration boolean
If this is set to true, you will get a link for the passwordless/passkey registration in the response.
- otpCode string
idps object[]
To link your user directly with an external identity provider (Identity brokering)
Array [configId stringPossible values:
non-empty
and<= 200 characters
The internal ID of the identity provider configured in ZITADEL.
externalUserId stringPossible values:
non-empty
and<= 200 characters
The id of the user in the external identity provider
displayName stringPossible values:
<= 200 characters
A display name ZITADEL can show on the linked provider.
]
- 200
- default
A successful response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- userId string
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs topasswordlessRegistration object
link stringlifetime deprecated: use expiration insteadexpiration string
{
"userId": "string",
"details": {
"sequence": "2",
"creationDate": "2023-05-02",
"changeDate": "2023-05-02",
"resourceOwner": "69629023906488334"
},
"passwordlessRegistration": {
"link": "string",
"lifetime": "string",
"expiration": "string"
}
}
- Schema
- Example (from schema)
Schema
- userId string
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs topasswordlessRegistration object
link stringlifetime deprecated: use expiration insteadexpiration string
{
"userId": "string",
"details": {
"sequence": "2",
"creationDate": "2023-05-02",
"changeDate": "2023-05-02",
"resourceOwner": "69629023906488334"
},
"passwordlessRegistration": {
"link": "string",
"lifetime": "string",
"expiration": "string"
}
}
- Schema
- Example (from schema)
Schema
- userId string
details object
sequence uint64on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
creationDate date-timeon read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
changeDate date-timeon read: the timestamp of the last event reduced by the projection
on manipulation: the
resourceOwner resource_owner is the organization an object belongs topasswordlessRegistration object
link stringlifetime deprecated: use expiration insteadexpiration string
{
"userId": "string",
"details": {
"sequence": "2",
"creationDate": "2023-05-02",
"changeDate": "2023-05-02",
"resourceOwner": "69629023906488334"
},
"passwordlessRegistration": {
"link": "string",
"lifetime": "string",
"expiration": "string"
}
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
- code int32
- message string
details object[]
Array [@type string]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}