API Reference/Management/Users
POST
/v1/mgmt/user/create

Authorization

AuthorizationRequiredBearer <token>

< Project ID >:< Management Key > as bearer

In: header

Request Body

application/jsonRequired
loginIdstring
emailstring
phonestring
verifiedEmailboolean
verifiedPhoneboolean
namestring
roleNamesarray<string>
userTenantsarray<object>
inviteboolean
testboolean
Default: false
customAttributesobject

custom attributes of users

picturestring
sendMailboolean
sendSMSboolean
additionalIdentifiersarray<string>
inviteUrlstring
passwordstring
hashedPasswordobject
givenNamestring
middleNamestring
familyNamestring
ssoAppIdsarray<string>
templateOptionsobject
curl -X POST "https://api.descope.com/v1/mgmt/user/create" \
  -H "Authorization: Bearer <token>" \
  -H "Content-Type: application/json" \
  -d '{
    "loginId": "string",
    "email": "string",
    "phone": "string",
    "verifiedEmail": true,
    "verifiedPhone": true,
    "name": "string",
    "roleNames": [
      "string"
    ],
    "userTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ]
      }
    ],
    "invite": true,
    "test": false,
    "customAttributes": {},
    "picture": "string",
    "sendMail": true,
    "sendSMS": true,
    "additionalIdentifiers": [
      "string"
    ],
    "inviteUrl": "string",
    "password": "string",
    "hashedPassword": {
      "bcrypt": {
        "hash": "string"
      },
      "django": {
        "hash": "string"
      },
      "firebase": {
        "hash": "string",
        "salt": "string",
        "saltSeparator": "string",
        "signerKey": "string",
        "memory": 0,
        "rounds": 0
      },
      "pbkdf2": {
        "hash": "string",
        "salt": "string",
        "iterations": 0,
        "type": "string"
      },
      "phpass": {
        "hash": "string",
        "salt": "string",
        "iterations": 0,
        "type": "string"
      },
      "md5": {
        "hash": "string"
      },
      "bach": {
        "hash": "string",
        "key": "string"
      },
      "argon2": {
        "hash": "string",
        "salt": "string",
        "iterations": 0,
        "memory": 0,
        "threads": 0
      },
      "sha": {
        "hash": "string",
        "type": "string"
      }
    },
    "givenName": "string",
    "middleName": "string",
    "familyName": "string",
    "ssoAppIds": [
      "string"
    ],
    "templateOptions": {
      "property1": "string",
      "property2": "string"
    }
  }'

OK

{
  "user": {
    "loginIds": [
      "string"
    ],
    "userId": "string",
    "name": "string",
    "email": "string",
    "phone": "string",
    "verifiedEmail": true,
    "verifiedPhone": true,
    "roleNames": [
      "string"
    ],
    "userTenants": [
      {
        "tenantId": "string",
        "roleNames": [
          "string"
        ],
        "tenantName": "string"
      }
    ],
    "status": "string",
    "externalIds": [
      "string"
    ],
    "picture": "string",
    "test": false,
    "customAttributes": {},
    "createdTime": 0,
    "TOTP": false,
    "SAML": false,
    "OAuth": {
      "property1": false,
      "property2": false
    },
    "webauthn": true,
    "password": true,
    "ssoAppIds": [
      "string"
    ],
    "givenName": "string",
    "middleName": "string",
    "familyName": "string",
    "editable": true,
    "SCIM": true
  }
}

Was this helpful?

Get User's Login History POST

### Get an user's login history, using a valid management key. This API endpoint will loads the user's login history based on the user's userId. ### See also - See [Manage Users](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object. ### Endpoint Authentication Use authorization bearer header with the following format: `Authorization: Bearer <ProjectId:ManagementKey>`

Batch Create Users POST

### Batch Create Users, using a valid management key. This API endpoint will batch create new users utilizing a valid management key. This API endpoint allows you to configure all aspects of a user: - loginId - email - phone - verified settings (phone, email) - one must be set to true - displayName - roleNames - Tenant configurations - which tenantIds, which roleNames. The userTenants can include multiple items Ex: ``` "userTenants": [ { "tenantId": "T2IMjmRfYTQHlbaastz3im59ERS3", "roleNames": [ "Test" ] }, { "tenantId": "T2Igau6dX1R6SkomtFCdBLrc3r67", "roleNames": [ "Test" ] } ``` Additionally, you can create a user with multiple login IDs by passing an array of loginIds in string format within the `additionalIdentifiers` key. You can also decide whether to invite the users, configure the inviteUrl, and whether to send invites via email or SMS. When importing with hashed passwords, see [this guide](/migrate/custom#importing-passwords) for further detailed configuration of password hash formats. ### Next Steps Once the user is created, the user can then login utilizing any sign-in api supported. This will then switch the user from invited to active. ### See also - See [Manage User](/manage/users) for further details on managing users. - See [The User Object](/api/overview#the-user-object) for further details on the user object. ### Endpoint Authentication Use authorization bearer header with the following format: `Authorization: Bearer <ProjectId:ManagementKey>`