- Development Integration
- /
- SDK
- /
- Python
- /
Management Module
- /
User Management
- /
- Create User
¶ Create a user
Update time: 2025-07-23 07:34:21
This document is automatically generated based on https://github.com/authing/authing-docs-factory based on https://api-explorer.genauth.ai V3 API, and is consistent with API parameters and return results. If this document description is incorrect, please refer to V3 API.
To create a user, one of the email address, mobile phone number, and username must be included. The email address, mobile phone number, username, and externalId are unique in the user pool. This interface will create a user as an administrator, so there is no need to perform security checks such as mobile phone number verification code verification.
¶ Method name
ManagementClient.create_user
¶ Request parameters
| Name | Type | Is it required? | Default value | Description | Sample value |
|---|---|---|---|---|---|
| status | string | no | Activated | Current status of the account | Activated |
| string | no | - | Email address, case insensitive | test@example.com | |
| phone | string | no | - | Phone number without area code. If it is a foreign phone number, please specify the area code in the phoneCountryCode parameter. | 188xxxx8888 |
| phoneCountryCode | string | no | - | Phone area code. It is optional for mainland China phone numbers. The GenAuth SMS service does not currently support international phone numbers. You need to configure the corresponding international SMS service in the GenAuth console. For a complete list of phone area codes, please refer to https://en.wikipedia.org/wiki/List_of_country_calling_codes. | +86 |
| username | string | No | - | Username, unique in the user pool | bob |
| externalId | string | No | - | Third-party external ID | 10010 |
| name | string | No | - | User's real name, not unique | Zhang San |
| nickname | string | no | - | nickname | Zhang San |
| photo | string | no | - | avatar link | https://files.authing.co/authing-console/default-user-avatar.png |
| gender | string | no | U | gender | M |
| emailVerified | boolean | no | - | email verified | true |
| phoneVerified | boolean | no | - | phone number verified | true |
| birthdate | string | no | - | date of birth | 2022-06-03 |
| country | string | no | - | country | CN |
| province | string | no | - | province | BJ |
| city | string | no | - | City | BJ |
| address | string | no | - | Address | xxxxx |
| streetAddress | string | no | - | Street Address | xxxxx |
| postalCode | string | no | - | Postal Code | 438100 |
| company | string | no | - | Company | steamory |
| browser | string | no | - | Last login browser UA | Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0 |
| device | string | no | - | Last login device | iOS |
| givenName | string | no | - | first name | s |
| familyName | string | no | - | last name | xx |
| middleName | string | no | - | Middle name | James |
| profile | string | no | - | Preferred Username | alice |
| preferredUsername | string | no | - | Preferred Username | alice |
| website | string | no | - | User personal website | https://my-website.com |
| zoneinfo | string | no | - | User time zone information | GMT-08:00 |
| locale | string | no | - | Locale | af |
| formatted | string | no | - | Standard full address | 132, My Street, Kingston, New York 12401. |
| region | string | no | - | User location | Xinjiang Uyghur Autonomous Region |
| password | string | no | - | User password, in plain text by default. We use the HTTPS protocol to securely transmit passwords, which can ensure security to a certain extent. If you need a higher level of security, we also support RSA256 and SM2 encryption for passwords. See the passwordEncryptType parameter for details. | passw0rd |
| salt | string | no | - | Salt to encrypt the user's password | dgisaeieruur |
| tenantIds | string[] | no | - | Tenant IDs | ["63f867961cxxxx41e7ccb582","63bea7828f4xxxxbfa80df93"] |
| otp | CreateUserOtpDto | no | - | OTP authenticator for the user | {"recoveryCode":"b471-8ec0-874a-087f-bccb-cd54","secret":"HZ2F6J3AGNAVSOTV"} |
| departmentIds | string[] | no | - | List of department IDs to which the user belongs | ["624d930c3xxxx5c08dd4986e","624d93102xxxx012f33cd2fe"] |
| customData | object | No | - | Custom data. The key in the passed object must first define the relevant custom fields in the user pool | {"school":"xxxxx","age":22} |
| metadataSource | object | No | - | Data object data. The key in the passed object must first define the relevant custom fields in the user pool | {"school":"xxxxx","age":22} |
| identities | CreateIdentityDto[] | No | - | Third-party identity source (it is recommended to call the binding interface for binding) | [{"extIdpId":"6076bacxxxxxxxxd80d993b5","provider":"wechat","type":"openid","userIdInIdp":"oj7Nq05R-RRaqak0_YlMLnnIwsvg"}] |
| identityNumber | string | No | - | User ID number | 420421xxxxxxxx1234 |
| options | CreateUserOptionsDto | No | - | Optional parameters | {"autoGeneratePassword":true,"resetPasswordOnFirstLogin":true,"passwordEncryptType":"none"} |
¶ Request Response
Type: UserSingleRespDto
| Name | Type | Description |
|---|---|---|
| statusCode | number | Business status code, which can be used to determine whether the operation is successful. 200 means success. |
| message | string | Description |
| apiCode | number | Segmented error code, which can be used to get the specific error type (no return for successful requests). For a detailed list of error codes, please see: API Code List (opens new window) |
| requestId | string | Request ID. Returned when the request fails. |
| data | UserDto | Response data |
Example results:
{
"statusCode": 200,
"message": "Success",
"requestId": "934108e5-9fbf-4d24-8da1-c330328abd6c",
"data": {
"userId": "6229ffaxxxxxxxxcade3e3d9",
"createdAt": "2022-07-03T03:20:30.000Z",
"updatedAt": "2022-07-03T03:20:30.000Z",
"status": "Activated",
"workStatus": "Active",
"externalId": "10010",
"email": "test@example.com",
"phone": "188xxxx8888",
"phoneCountryCode": "+86",
"username": "bob",
"name": "xxx",
"nickname": "xxx",
"photo": "https://files.authing.co/authing-console/default-user-avatar.png",
"loginsCount": 3,
"lastLogin": "2022-07-03T03:20:30.000Z",
"lastIp": "127.0.0.1",
"gender": "M",
"emailVerified": true,
"phoneVerified": true,
"passwordLastSetAt": "2022-07-03T03:20:30.000Z",
"birthdate": "2022-06-03",
"country": "CN",
"province": "BJ",
"city": "BJ",
"address": "xxxxx",
"streetAddress": "xxxxx",
"postalCode": "438100",
"company": "steamory",
"browser": "Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0",
"device": "iOS",
"givenName": "xx",
"familyName": "xxx",
"middleName": "James",
"profile": "alice",
"preferredUsername": "alice",
"website": "https://my-website.com",
"zoneinfo": "GMT-08:00",
"locale": "af",
"formatted": "132, My Street, Kingston, New York 12401.",
"region": "Xinjiang Uyghur Autonomous Region",
"userSourceType": "register",
"passwordSecurityLevel": 1,
"departmentIds": "[\"624d930c3xxxx5c08dd4986e\",\"624d93102xxxx012f33cd2fe\"]",
"identities": {
"identityId": "62299d8b866d2dab79a89dc4",
"extIdpId": "6076bacxxxxxxxxd80d993b5",
"provider": "wechat",
"type": "openid",
"userIdInIdp": "oj7Nq05R-RRaqak0_YlMLnnIwsvg",
"accessToken": "57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx",
"refreshToken": "57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx",
"originConnIds": "[\"605492ac41xxxxe0362f0707\"]"
},
"identityNumber": "420421xxxxxxxx1234",
"customData": {
"school": "xxxxx",
"age": 22
},
"statusChangedAt": "2022-07-03T03:20:30.000Z"
}
}
¶ Data Structure
¶ CreateUserOtpDto
| Name | Type | Is it required? | Description | Sample value |
|---|---|---|---|---|
| secret | string | Yes | OTP key | HZ2F6J3AGNAVSOTV |
| recoveryCode | string | No | OTP Recovery Code | b471-8ec0-874a-087f-bccb-cd54 |
¶ CreateIdentityDto
| Name | Type | Is it required? | Description | Sample value |
|---|---|---|---|---|
| extIdpId | string | yes | Identity source connection ID | 6076bacxxxxxxxxd80d993b5 |
| provider | string | yes | External identity source type: - wechat: WeChat- qq: QQ- wechatwork: WeChat for Business- dingtalk: DingTalk- weibo: Weibo- github: GitHub- alipay: Alipay- baidu: Baidu- lark: Feishu- welink: Welink- yidun: NetEase Yidun- qingcloud: Qingyun- google: Google- gitlab: GitLab- gitee: Gitee- twitter: Twitter- facebook: Facebook- slack: Slack- linkedin: Linkedin- instagram: Instagram- oidc: OIDC-based enterprise identity source- oauth2: OAuth2-based enterprise identity source- saml: SAML-based enterprise identity source- ldap: LDAP-based enterprise identity source- ad: AD-based enterprise identity source- cas: CAS-based enterprise identity source- azure-ad: Azure AD-based enterprise identity source | oidc |
| type | string | yes | Identity type, such as unionid, openid, primary | openid |
| userIdInIdp | string | yes | ID in the external identity source | oj7Nq05R-RRaqak0_YlMLnnIwsvg |
| userInfoInIdp | object | yes | User's identity information in idp | |
| accessToken | string | no | Access Token in the external identity source (this parameter is returned only when the user actively obtains it, and it is not returned by the management interface). | 57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx |
| refreshToken | string | no | Refresh Token in the external identity source (this parameter is returned only when the user actively obtains it, and it is not returned by the management interface). | 57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx |
| originConnIds | array | yes | Identity source connection ID list from which the identity comes | ["605492ac41xxxxe0362f0707"] |
¶ CreateUserOptionsDto
| Name | Type | Is this field required? | Description | Sample value |
|---|---|---|---|---|
| keepPassword | boolean | no | This parameter is usually set when migrating old user data to GenAuth. When this switch is turned on, the password field will be written directly to the GenAuth database, and GenAuth will not encrypt this field again. If your password is not stored in plain text, you should keep it turned on and write a password calculation function. | |
| autoGeneratePassword | boolean | no | Whether to automatically generate a password | |
| resetPasswordOnFirstLogin | boolean | no | Whether to force users to reset their passwords the first time | |
| departmentIdType | string | no | The type of the parent department ID used in this call | department_id |
| sendNotification | no | Options for sending email and mobile phone number when resetting passwords Nested type: SendCreateAccountNotificationDto. | {"sendEmailNotification":true,"sendPhoneNotification":true} | |
| passwordEncryptType | string | No | Password encryption type, supports RSA256 and SM2 algorithms. The default is none, no encryption.- none: Do not encrypt the password, use plain text for transmission.- rsa: Use RSA256 algorithm to encrypt the password, you need to use the RSA public key of the GenAuth service for encryption, please read the Introduction section to learn how to obtain the RSA256 public key of the GenAuth service.- sm2: Use SM2 algorithm (opens new window) to encrypt the password, you need to use the SM2 public key of the GenAuth service for encryption, please read the Introduction section to learn how to obtain the SM2 public key of the GenAuth service. | sm2 |
¶ SendCreateAccountNotificationDto
| Name | Type | Required | Description | Sample value |
|---|---|---|---|---|
| sendEmailNotification | boolean | No | Whether to send email notification after account creation | |
| sendPhoneNotification | boolean | No | Whether to send SMS notification after account creation | |
| appId | string | No | When sending login address, the specified application id will send the login address of this application to the user's email or mobile phone number. The default is the login address of the user pool application panel. | appid1 |
¶ UserDto
| Name | Type | Is this field required? | Description | Sample value |
|---|---|---|---|---|
| userId | string | Yes | The unique identifier of the user, which can be user ID, user name, email, phone number, externalId, or ID in an external identity source. For details, see the description of the userIdType field. The default is user id. | 6229ffaxxxxxxxxcade3e3d9 |
| createdAt | string | yes | creation time | 2022-07-03T03:20:30.000Z |
| updatedAt | string | yes | update time | 2022-07-03T03:20:30.000Z |
| status | string | yes | current status of the account: - Activated: normal status - Suspended: deactivated - Deactivated: disabled - Resigned: resigned - Archived: archived | Suspended |
| workStatus | string | yes | current work status of the account | Closed |
| externalId | string | no | third-party external ID | 10010 |
| string | no | email address, case insensitive | test@example.com | |
| phone | string | No | Phone number without area code. If it is an international phone number, please specify the area code in the phoneCountryCode parameter. | 188xxxx8888 |
| phoneCountryCode | string | No | Phone area code. This parameter is optional for phone numbers in mainland China. The GenAuth SMS service does not currently support international phone numbers. You need to configure the corresponding international SMS service in the GenAuth console. For a complete list of phone area codes, please refer to https://en.wikipedia.org/wiki/List_of_country_calling_codes. | +86 |
| username | string | No | Username, unique in the user pool | bob |
| name | string | No | User's real name, not unique | xxx |
| nickname | string | No | Nickname | xxx |
| photo | string | No | Avatar link | https://files.authing.co/authing-console/default-user-avatar.png |
| loginsCount | number | No | Total number of historical logins | 3 |
| lastLogin | string | No | Last login time | 2022-07-03T03:20:30.000Z |
| lastIp | string | No | Last login IP | 127.0.0.1 |
| gender | string | Yes | Gender: - M: Male, male- F: Female, female- U: Unknown, unknown | M |
| emailVerified | boolean | yes | Is the email address verified? | true |
| phoneVerified | boolean | yes | Is the phone number verified? | true |
| passwordLastSetAt | string | no | The time when the user last changed his password | 2022-07-03T03:20:30.000Z |
| birthdate | string | no | Date of birth | 2022-06-03 |
| country | string | no | Country | CN |
| province | string | no | Province | BJ |
| city | string | no | City | BJ |
| address | string | no | Address | xxxxx |
| streetAddress | string | no | Street address | xxxxx |
| postalCode | string | no | Postal code | 438100 |
| company | string | no | Company | steamory |
| browser | string | no | Last login browser UA | Mozilla/5.0 (Linux; Android 10; V2001A; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/87.0.4280.141 Mobile Safari/537.36 VivoBrowser/10.2.10.0 |
| device | string | no | Last login device | iOS |
| givenName | string | no | First name | xx |
| familyName | string | no | Last name | xxx |
| middleName | string | no | Middle Name | James |
| profile | string | no | Preferred Username | alice |
| preferredUsername | string | no | Preferred Username | alice |
| website | string | no | User Personal Website | https://my-website.com |
| zoneinfo | string | no | User Time Zone Information | GMT-08:00 |
| locale | string | no | Locale | af |
| formatted | string | no | Standard full address | 132, My Street, Kingston, New York 12401. |
| region | string | no | User's region | Xinjiang Uyghur Autonomous Region |
| userSourceType | string | yes | Source type: - excel: Imported via excel- register: User self-registration- adminCreated: Manual creation by the administrator backend (including creating users using the management API)- syncTask: Sync task in the sync center | excel |
| userSourceId | string | no | Application ID or sync task ID | |
| lastLoginApp | string | no | Application ID of the user's last login | |
| mainDepartmentId | string | no | User's main department ID | |
| lastMfaTime | string | no | Time when the user last performed MFA authentication | |
| passwordSecurityLevel | number | no | User password security strength level | 1 |
| resetPasswordOnNextLogin | boolean | No | Require password reset on next login | |
| registerSource | array | No | Registration method | |
| departmentIds | array | No | List of department IDs to which the user belongs | ["624d930c3xxxx5c08dd4986e","624d93102xxxx012f33cd2fe"] |
| identities | array | No | External identity source Nested type: IdentityDto. | |
| identityNumber | string | No | User ID number | 420421xxxxxxxx1234 |
| customData | object | No | User's extended field data | {"school":"xxxxx","age":22} |
| postIdList | array | No | Department ID associated with the user | |
| statusChangedAt | string | no | User status last modified time | 2022-07-03T03:20:30.000Z |
| tenantId | string | no | User tenant ID |
¶ IdentityDto
| Name | Type | Is this field required? | Description | Sample value |
|---|---|---|---|---|
| identityId | string | yes | Identity source ID | 62299d8b866d2dab79a89dc4 |
| extIdpId | string | yes | Identity source connection ID | 6076bacxxxxxxxxd80d993b5 |
| provider | string | yes | External identity source type: - wechat: WeChat- qq: QQ- wechatwork: WeChat for Business- dingtalk: DingTalk- weibo: Weibo- github: GitHub- alipay: Alipay- baidu: Baidu- lark: Feishu- welink: Welink- yidun: NetEase Yidun- qingcloud: Qingyun- google: Google- gitlab: GitLab- gitee: Gitee- twitter: Twitter- facebook: Facebook- slack: Slack- linkedin: Linkedin- instagram: Instagram- oidc: OIDC-type enterprise identity source- oauth2: OAuth2-type enterprise identity source- saml: SAML-type enterprise identity source- ldap: LDAP-type enterprise identity source- ad: AD-type enterprise identity source- cas: CAS-type enterprise identity source- azure-ad: Azure AD-type enterprise identity source | oidc |
| type | string | yes | Identity type, such as unionid, openid, primary | openid |
| userIdInIdp | string | yes | ID in the external identity source | oj7Nq05R-RRaqak0_YlMLnnIwsvg |
| userInfoInIdp | object | yes | User's identity information in idp | |
| accessToken | string | no | Access Token in the external identity source (this parameter is only returned when the user actively obtains it, and the management side interface will not return it). | 57_fK0xgSL_NwVlS-gmUwlMQ2N6AONNIOAYxxxx |
| refreshToken | string | no | Refresh Token in the external identity source (this parameter is only returned when the user actively obtains it, and the management side interface will not return it). | 57_IZFu91Ak1Wg6DRytZFFIOd3upNF5lH7vPxxxxx |
| originConnIds | array | yes | List of identity origin connection IDs that the identity came from | ["605492ac41xxxxe0362f0707"] |