Create a user
This document is automatically generated based on https://github.com/authing/authing-docs-factory based on https://api-explorer.genauth.ai V3 API, and is consistent with API parameters and return results. If this document description is incorrect, please refer to V3 API.
To create a user, one of the email address, mobile phone number, and username must be included. The email address, mobile phone number, username, and externalId are unique in the user pool. This interface will create a user as an administrator, so there is no need to perform security checks such as mobile phone number verification code verification.
Method name
ManagementClient.createUser
Request parameters
| Name | Type | Required | Default value | Description | Sample value |
|---|---|---|---|---|---|
| status | string | No | Activated | Current status of the account | Activated |
| string | No | - | Email address, case insensitive | test@example.com | |
| phone | string | No | - | Phone number without area code. If it is a foreign phone number, please specify the area code in the phoneCountryCode parameter. | 188xxxx8888 |
| phoneCountryCode | string | No | - | Mobile phone area code. This field is optional for mainland China mobile phone numbers. The GenAuth SMS service does not yet support international mobile phone numbers. You need to configure the corresponding international SMS service in the GenAuth console. For a complete list of mobile phone area codes, please refer to https://en.wikipedia.org/wiki/List_of_country_calling_codes. | +86 |
| username | string | No | - | User name, unique in the user pool | bob |
| externalId | string | No | - | Third-party external ID | 10010 |
| name | string | No | - | User's real name, not unique | Zhang San |
| nickname | string | no | - | nickname | Zhang San |
| photo | string | no | - | avatar link | https://files.authing.co/authing-console/default-user-avatar.png |
| gender | string | no | U | gender | M |
| emailVerified | boolean | no | - | email verified | true |
| phoneVerified | boolean | no | - | phone number verified | true |
| birthdate | string | no | - | date of birth | 2022-06-03 |
| country | string | no | - | country | CN |
| province | string | no | - | province | BJ |
| city | string | no | - | city | BJ |
| address | string | no | - | address | |
| nickname | string | no | - | nickname | Zhang San |
| photo | string | no | - | avatar link | https://files.authing.co/authing-console/default-user-avatar.png |
| gender | string | no | U | gender | M |
| emailVerified | boolean | no | - | email verified | true |
| phoneVerified | boolean | no | - | phone number verified | true |
| birthdate | string | no | - | date of birth | 2022-06-03 |
| country | string | no | - | country | CN |
| province | string | no | - | province | BJ |
| city | string | no | - | city | BJ |
| address | string | no | - | address | |
| preferredUsername | string | no | - | Preferred Username | alice |
| website | string | no | - | User personal website | https://my-website.com |
| zoneinfo | string | no | - | User time zone information | GMT-08:00 |
| locale | string | no | - | Locale | af |
| formatted | string | no | - | Standard full address | 132, My Street, Kingston, New York 12401. |
| region | string | no | - | User location | Xinjiang Uyghur Autonomous Region |
| password | string | no | - | User password, in plain text by default. We use the HTTPS protocol to securely transmit passwords, which can ensure security to a certain extent. If you need a higher level of security, we also support RSA256 and SM2 encryption for passwords. For details, see the passwordEncryptType parameter. | passw0rd |
| salt | string | no | - | Salt to encrypt the user's password | dgisaeieruur |
| tenantIds | string[] | no | - | Tenant IDs | ["63f867961cxxxx41e7ccb582","63bea7828f4xxxxbfa80df93"] |
| otp | <a CreateUserOtpDto | no | - | OTP authenticator for the user | {"recoveryCode":"b471-8ec0-874a-087f-bccb-cd54","secret":"HZ2F6J3AGNAVSOTV"} |
| departmentIds | string[] | No | - | List of department IDs to which the user belongs | ["624d930c3xxxx5c08dd4986e","624d93102xxxx012f33cd2fe"] |
| customData | object | No | - | Custom data. The key in the passed object must first be defined in the user pool for the relevant custom fields | {"school":"Peking University","age":22} |
| metadataSource | object | No | - | Data object data. The key in the passed object must first be defined in the user pool for the relevant custom fields | {"school":"Peking University","age":22} |
| identities | <a CreateIdentityDto[] | No | - | Third-party identity source (it is recommended to call the binding interface for binding) | [{"extIdpId":"6076bacxxxxxxxxd80d993b5","provider":"wechat","type":"openid","userIdInIdp":"oj7Nq05R-RRaqak0_YlMLnnIwsvg"}] |
| identityNumber | string | No | - | User ID number | 420421xxxxxxxx1234 |
| options | <a CreateUserOptionsDto | No | - | Optional parameters | {"autoGeneratePassword":true,"resetPasswordOnFirstLogin":true,"passwordEncryptType":"none"} |
Sample code
ts
import { ManagementClient, Models } from "authing-node-sdk";
// Initialize ManagementClient
const managementClient = new ManagementClient({
// Need to be replaced with your GenAuth Access Key ID
accessKeyId: "GEN_AUTH_ACCESS_KEY_ID",
// Need to be replaced with your GenAuth Access Key Secret
accessKeySecret: "GEN_AUTH_ACCESS_KEY_SECRET",
// If it is a private deployment customer, you need to set the GenAuth service domain name
// host: 'https://api.your-authing-service.com'
});
(async () => {
const result = await managementClient.createUser({
status: Models.CreateUserInfoDto.status.ACTIVATED,
// Replace mobile phone number, email address and other information
email: "test@example.com",
phone: "18812348888",
phoneCountryCode: "+86",
username: "bob",
externalId: "10010",
name: "xxxx",
nickname: "xxxx",
photo: "https://files.authing.co/authing-console/default-user-avatar.png",
gender: Models.CreateUserInfoDto.gender.M,
birthdate: "2022-06-03",
country: "CN",
province: "BJ",
city: "BJ",
address: "xxxxxxx",
streetAddress: "xxx street",
postalCode: "438100",
company: "steamory",
browser:
"Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0",
device: "iOS",
givenName: "xx",
familyName: "xx",
otp: {
secret: "HZ2F6J3AGNAVSOTV",
recoveryCode: "b471-8ec0-874a-087f-bccb-cd54",
},
customData: {
school: "xxx",
age: 22,
},
});
console.log(JSON.stringify(result, null, 2));
})();Request response
Type: UserSingleRespDto
| Name | Type | Description |
|---|---|---|
| statusCode | number | Business status code, which can be used to determine whether the operation is successful. 200 means success. |
| message | string | Description |
| apiCode | number | Segmented error code, which can be used to get the specific error type (successful request does not return). For a detailed list of error codes, see: API Code List |
| requestId | string | Request ID. Returned when the request fails. |
| data | <a UserDto | Response data |
Sample result:
json
{
"statusCode": 200,
"message": "Operation successful",
"requestId": "934108e5-9fbf-4d24-8da1-c330328abd6c",
"data": {
"userId": "6229ffaxxxxxxxxcade3e3d9",
"createdAt": "2022-07-03T03:20:30.000Z",
"updatedAt": "2022-07-03T03:20:30.000Z",
"status": "Activated",
"workStatus": "Active",
"externalId": "10010",
"email": "test@example.com",
"phone": "188xxxx8888",
"phoneCountryCode": "+86",
"username": "bob",
"name": "Zhang San",
"nickname": "xxxx",
"photo": "https://files.authing.co/authing-console/default-user-avatar.png",
"loginsCount": 3,
"lastLogin": "2022-07-03T03:20:30.000Z",
"lastIp": "127.0.0.1",
"gender": "M",
"emailVerified": true,
"phoneVerified": true,
"passwordLastSetAt": "2022-07-03T03:20:30.000Z",
"birthdate": "2022-06-03",
"country": "CN",
"province": "BJ",
"city": "BJ",
"address": "Beijing Chaoyang",
"streetAddress": "Beijing Chaoyang District xxx Street",
"postalCode": "438100",
"company": "steamory",
"browser": "Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0",
"device": "iOS",
"givenName": "xx",
"familyName": "xx",
"middleName": "James",
"profile": "alice",
"preferredUsername": "alice",
"website": "https://my-website.com",
"zoneinfo": "GMT-08:00",
"locale": "af",
"formatted": "132, My Street, Kingston, New York 12401.",
"region": "Xinjiang Uyghur Autonomous Region",
"userSourceType": "register",
"passwordSecurityLevel": 1,
"departmentIds": "[\"624d930c3xxxx5c08dd4986e\",\"624d93102xxxx012f33cd2fe\"]",
"identities": {
"identityId": "62299d8b866d2dab79a89dc4",
"extIdpId": "6076bacxxxxxxxxd80d993b5",
"provider": "wechat",
"type": "openid",
"userIdInIdp": "oj7Nq05R-RRaqak0_YlMLnnIwsvg",
"accessToken": "57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx",
"refreshToken": "57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx",
"originConnIds": "[\"605492ac41xxxxe0362f0707\"]"
},
"identityNumber": "420421xxxxxxxx1234",
"customData": {
"school": "Peking University",
"age": 22
},
"statusChangedAt": "2022-07-03T03:20:30.000Z"
}
}Data structure
CreateUserOtpDto
| Name | Type | Is it required? | Description | Sample value |
|---|---|---|---|---|
| secret | string | yes | OTP key | HZ2F6J3AGNAVSOTV |
| recoveryCode | string | no | OTP Recovery Code | b471-8ec0-874a-087f-bccb-cd54 |
CreateIdentityDto
| Name | Type | Is it required? | Description | Sample value |
|---|---|---|---|---|
| extIdpId | string | yes | Identity source connection ID | 6076bacxxxxxxxxd80d993b5 |
| provider | string | yes | External identity source type: - wechat: WeChat- qq: QQ- wechatwork: WeChat for Enterprise- dingtalk: DingTalk- weibo: Weibo- github: GitHub- alipay: Alipay- baidu: Baidu- lark: Feishu- welink: Welink- yidun: NetEase Yidun- qingcloud: Qingyun- google: Google- gitlab: GitLab- gitee: Gitee- twitter: Twitter- facebook: Facebook- slack: Slack- linkedin: Linkedin- instagram: Instagram- oidc: OIDC-type enterprise identity source- oauth2: OAuth2-type enterprise identity source- saml: SAML-type enterprise identity source- ldap: LDAP-type enterprise identity source- ad: AD Type enterprise identity source- cas: CAS type enterprise identity source- azure-ad: Azure AD type enterprise identity source | oidc |
| type | string | yes | Identity type, such as unionid, openid, primary | openid |
| userIdInIdp | string | yes | ID in the external identity source | oj7Nq05R-RRaqak0_YlMLnnIwsvg |
| userInfoInIdp | object | yes | User identity information in idp | |
| accessToken | string | No | Access Token in the external identity source (this parameter is returned only when the user actively obtains it, and the management interface will not return it). | 57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx |
| refreshToken | string | No | Refresh Token in the external identity source (this parameter is returned only when the user actively obtains it, and the management interface will not return it). | 57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx |
| originConnIds | array | yes | List of identity origin connection IDs from which the identity comes | ["605492ac41xxxxe0362f0707"] |
CreateUserOptionsDto
| name | type | Is it required | Description | Sample value |
|---|---|---|---|---|
| keepPassword | boolean | no | This parameter is usually set when migrating old user data to GenAuth. When this switch is turned on, the password field will be written directly to the GenAuth database, and GenAuth will not encrypt this field again. If your password is not stored in plain text, you should keep it turned on and write a password function calculation. | |
| autoGeneratePassword | boolean | No | Whether to automatically generate a password | |
| resetPasswordOnFirstLogin | boolean | no | Whether to force users to reset their passwords the first time | |
| departmentIdType | string | no | The type of the parent department ID used in this call | department_id |
| sendNotification | no | Options for sending email and phone number when resetting passwords Nested type: <a SendCreateAccountNotificationDto. | {"sendEmailNotification":true,"sendPhoneNotification":true} | |
| passwordEncryptType | string | no | Password encryption type, supports encryption using RSA256 and the national encryption SM2 algorithm. The default is none, which means no encryption. - none: Do not encrypt the password and use plain text for transmission. - rsa: Use the RSA256 algorithm to encrypt the password. You need to use the RSA public key of the GenAuth service for encryption. Please read the Introduction section to learn how to obtain the RSA256 public key of the GenAuth service. - sm2: Use the National Secret SM2 Algorithm to encrypt the password. You need to use the SM2 public key of the GenAuth service for encryption. Please read the Introduction section to learn how to obtain the SM2 public key of the GenAuth service. | sm2 |
SendCreateAccountNotificationDto
| Name | Type | Required | Description | Sample value |
|---|---|---|---|---|
| sendEmailNotification | boolean | No | Whether to send email notification after account creation | |
| sendPhoneNotification | boolean | No | Whether to send SMS notification after account creation | |
| appId | string | No | When sending login address, the specified application id will send the login address of this application to the user's email or mobile phone number. The default is the login address of the user pool application panel. | appid1 |
UserDto
| Name | Type | Required | Description | Sample value |
|---|---|---|---|---|
| userId | string | Yes | The unique identifier of the user, which can be user ID, user name, email address, mobile phone number, externalId, or ID in the external identity source. For details, see the description of the userIdType field. The default is user id. | 6229ffaxxxxxxxxcade3e3d9 |
| createdAt | string | Yes | creation time | 2022-07-03T03:20:30.000Z |
| updatedAt | string | yes | update time | 2022-07-03T03:20:30.000Z |
| status | string | yes | current status of the account: - Activated: normal status - Suspended: deactivated - Deactivated: disabled - Resigned: resigned - Archived: archived | Suspended |
| workStatus | string | yes | current work status of the account | Closed |
| externalId | string | no | third-party external ID | 10010 |
| string | no | email address, case insensitive | test@example.com | |
| phone | string | no | mobile number without area code. If the phone number is from abroad, specify the area code in the phoneCountryCode parameter. | 188xxxx8888 |
| phoneCountryCode | string | No | Area code of the phone number. This parameter is optional for phone numbers in mainland China. The GenAuth SMS service does not yet support international phone numbers. You need to configure the corresponding international SMS service in the GenAuth console. For a complete list of area codes, see https://en.wikipedia.org/wiki/List_of_country_calling_codes. | +86 |
| username | string | No | Username, unique in the user pool | bob |
| name | string | No | User's real name, not unique | Zhang San |
| nickname | string | No | Nickname | Zhang San |
| photo | string | No | Avatar URL | https://files.authing.co/authing-console/default-user-avatar.png |
| loginsCount | number | No | Total number of historical logins | 3 |
| lastLogin | string | No | Last login time | 2022-07-03T03:20:30.000Z |
| lastIp | string | No | Last login IP | 127.0.0.1 |
| gender | string | Yes | Gender: - M: Male, male- F: Female, female- U: Unknown, unknown | M |
| emailVerified | boolean | Yes | Is the email verified? | true |
| phoneVerified | boolean | Yes | Is the phone number verified? | true |
| passwordLastSetAt | string | No | The time when the user last changed his password | 2022-07-03T03:20:30.000Z |
| birthdate | string | No | Date of birth | 2022-06-03 |
| country | string | No | Country | CN |
| province | string | No | Province | BJ |
| city | string | No | City | BJ |
| address | string | no | Address | Beijing Chaoyang |
| streetAddress | string | no | Street address | Beijing Chaoyang District xxx Street |
| postalCode | string | no | Postal code | 438100 |
| company | string | no | Company | steamory |
| browser | string | no | Last login browser UA | Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0 |
| device | string | no | Last login device | iOS |
| givenName | string | no | First name | Three |
| familyName | string | No | Last Name | Zhang |
| middleName | string | No | Middle Name | James |
| profile | string | No | Preferred Username | alice |
| preferredUsername | string | No | Preferred Username | alice |
| website | string | No | User personal webpage | https://my-website.com |
| zoneinfo | string | No | User time zone information | GMT-08:00 |
| locale | string | No | Locale | af |
| formatted | string | No | Standard full address | 132, My Street, Kingston, New York 12401. |
| region | string | No | User's region | Xinjiang Uyghur Autonomous Region |
| userSourceType | string | Yes | Source type: - excel: Imported via excel- register: User self-registration- adminCreated: Manual creation by the administrator backend (including creating users using the management API)- syncTask: Synchronization task of the synchronization center | excel |
| userSourceId | string | No | Application ID or synchronization task ID | |
| lastLoginApp | string | No | Application ID of the user's last login | |
| mainDepartmentId | string | No | User's main department ID | |
| lastMfaTime | string | No | The time when the user last performed MFA authentication | |
| passwordSecurityLevel | number | No | User password security strength level | 1 |
| resetPasswordOnNextLogin | boolean | No | Require password reset on next login | |
| registerSource | array | No | Registration method | |
| departmentIds | array | No | List of department IDs to which the user belongs | ["624d930c3xxxx5c08dd4986e","624d93102xxxx012f33cd2fe"] |
| identities | array | No | External identity source Nested type: <a IdentityDto. | |
| identityNumber | string | No | User ID number | 420421xxxxxxxx1234 |
| customData | object | No | User's extended field data | {"school":"Peking University","age":22} |
| postIdList | array | No | User's associated department ID | |
| statusChangedAt | string | No | User status last modified time | 2022-07-03T03:20:30.000Z |
| tenantId | string | No | User tenant ID |
IdentityDto
| Name | Type | Is it required | Description | Sample value |
|---|---|---|---|---|
| identityId | string | yes | Identity source ID | 62299d8b866d2dab79a89dc4 |
| extIdpId | string | yes | Identity source connection ID | 6076bacxxxxxxxxd80d993b5 |
| provider | string | yes | External identity source type: - wechat: WeChat- qq: QQ- wechatwork: WeChat Work- dingtalk: DingTalk- weibo: Weibo- github: GitHub- alipay: Alipay- baidu: Baidu- lark: Feishu- welink: Welink- yidun: NetEase Yidun- qingcloud: Qingyun- google: Google- gitlab: GitLab- gitee: Gitee- twitter: Twitter- facebook: Facebook- slack: Slack- linkedin: Linkedin- instagram: Instagram- oidc: OIDC-type enterprise identity source- oauth2: OAuth2-type enterprise identity source- saml: SAML-type enterprise identity source- ldap: LDAP-type enterprise identity source- ad: AD-type enterprise identity source- cas: CAS-type enterprise identity source- azure-ad: Azure AD-type enterprise identity source | oidc |
| type | string | Yes | Identity type, such as unionid, openid, primary | openid |
| userIdInIdp | string | Yes | ID in the external identity source | oj7Nq05R-RRaqak0_YlMLnnIwsvg |
| userInfoInIdp | object | Yes | User's identity information in idp | |
| accessToken | string | no | Access Token in the external identity source (this parameter is returned only when the user actively obtains it, and it is not returned by the management interface). | 57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx |
| refreshToken | string | no | Refresh Token in the external identity source (this parameter is returned only when the user actively obtains it, and it is not returned by the management interface). | 57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx |
| originConnIds | array | yes | Identity source connection ID list from which the identity comes | ["605492ac41xxxxe0362f0707"] |