API ReferenceManagementUsers
POST
/v1/mgmt/user/create

Authorization

Descope Project ID and Management Key
AuthorizationBearer <token>

Project ID:Management Key as bearer token.

In: header

Request Body

application/json

loginId?string
email?string
phone?string
verifiedEmail?boolean
verifiedPhone?boolean
name?string
roleNames?array<string>
string
userTenants?array<managementv1.AssociatedTenant>
invite?boolean
test?boolean
Defaultfalse
customAttributes?object

Custom attributes as key-value pairs. Keys must be strings; values can be strings, numbers, booleans, or arrays.

Example{ "attribute-key": "attribute-value" }
picture?string
sendMail?boolean
sendSMS?boolean
additionalIdentifiers?array<string>
string
inviteUrl?string
password?string
hashedPassword?object
givenName?string
middleName?string
familyName?string
ssoAppIds?array<string>
string
templateOptions?object
status?string

Create a new user, using a valid management key.

This API endpoint will create a new user utilizing a valid management key.

This API endpoint allows you to configure all aspects of a user:

  • loginId
  • email
  • phone
  • verified settings (phone, email) - one must be set to true
  • displayName
  • roleNames
  • Tenant configurations - which tenantIds, which roleNames. The userTenants can include multiple items Ex:
"userTenants": [
{
  "tenantId": "T2IMjmRfYTQHlbaastz3im59ERS3",
  "roleNames": [
    "Test"
  ]
},
{
  "tenantId": "T2Igau6dX1R6SkomtFCdBLrc3r67",
  "roleNames": [
    "Test"
  ]
}

Additionally, you can create a user with multiple login IDs by passing an array of loginIds in string format within the additionalIdentifiers key.

Next Steps

Once the user is created, the user can then login utilizing any sign-in api supported. This will then switch the user from invited to active.

See also

curl -X POST "https://api.descope.com/v1/mgmt/user/create" \  -H "Content-Type: application/json" \  -d '{}'
{  "user": {    "loginIds": [      "string"    ],    "userId": "string",    "name": "string",    "email": "string",    "phone": "string",    "verifiedEmail": true,    "verifiedPhone": true,    "roleNames": [      "string"    ],    "userTenants": [      {        "tenantId": "string",        "roleNames": [          "string"        ],        "tenantName": "string",        "permissions": [          "string"        ]      }    ],    "status": "string",    "externalIds": [      "string"    ],    "picture": "string",    "test": false,    "customAttributes": {      "attribute-key": "attribute-value"    },    "createdTime": 0,    "TOTP": false,    "SAML": false,    "OAuth": {      "property1": false,      "property2": false    },    "webauthn": true,    "password": true,    "ssoAppIds": [      "string"    ],    "givenName": "string",    "middleName": "string",    "familyName": "string",    "editable": true,    "SCIM": true,    "push": true,    "permissions": [      "string"    ],    "OIDC": true,    "consentExpiration": 0  },  "created": true}
export interface Response {user?: {loginIds?: string[]userId?: stringname?: stringemail?: stringphone?: stringverifiedEmail?: booleanverifiedPhone?: booleanroleNames?: string[]userTenants?: UserTenants[]status?: stringexternalIds?: string[]picture?: stringtest?: boolean/** * Custom attributes as key-value pairs. Keys must be strings; values can be strings, numbers, booleans, or arrays. */customAttributes?: {[k: string]: string}createdTime?: numberTOTP?: booleanSAML?: booleanOAuth?: {[k: string]: boolean}webauthn?: booleanpassword?: booleanssoAppIds?: string[]givenName?: stringmiddleName?: stringfamilyName?: stringeditable?: booleanSCIM?: booleanpush?: booleanpermissions?: string[]OIDC?: booleanconsentExpiration?: number}created?: boolean}export interface UserTenants {tenantId?: stringroleNames?: string[]tenantName?: stringpermissions?: string[]}
Was this helpful?
SparklesAsk AI about this pageArrowRight

Get User's Login History POST

### Get an user's login history, using a valid management key. This API endpoint will loads the user's login history based on the user's userId. ### See also - See [Manage Users](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object.

Batch Create Users POST

### Batch Create Users, using a valid management key. This API endpoint will batch create new users utilizing a valid management key. This API endpoint allows you to configure all aspects of a user: - loginId - email - phone - verified settings (phone, email) - one must be set to true - displayName - roleNames - Tenant configurations - which tenantIds, which roleNames. The userTenants can include multiple items Ex: ``` "userTenants": [ { "tenantId": "T2IMjmRfYTQHlbaastz3im59ERS3", "roleNames": [ "Test" ] }, { "tenantId": "T2Igau6dX1R6SkomtFCdBLrc3r67", "roleNames": [ "Test" ] } ``` Additionally, you can create a user with multiple login IDs by passing an array of loginIds in string format within the `additionalIdentifiers` key. You can also decide whether to invite the users, configure the inviteUrl, and whether to send invites via email or SMS. When importing with hashed passwords, see [this guide](/migrate/custom#importing-passwords) for further detailed configuration of password hash formats. ### Next Steps Once the user is created, the user can then login utilizing any sign-in api supported. This will then switch the user from invited to active. ### See also - See [Manage User](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object.