POST /auth /users
By using POST /auth /registration /code API, you can invite a new user in the caller’s org. This will create the user and send a registration email to the created User’s email, with a registration code, and pointing him to complete his registration on IBM Digital Asset Haven's dashboard. The user is created without any permissions..
- Authentication
- Organization User (CustomerEmployee)
Service Account
- Required Permissions
Auth:Users:Read: Always required.- Authorizations
- Bearer Token: To authenticate API requests.
- X-DFNS-USERACTION
- User Action Signature: To sign the change-inducing API requests.
- Parameters
-
email string: The email address of the new user.
kind enum: The kind of user being created. In this endpoint it can only be "CustomerEmployee" (creating an "EndUser" is done through the Delegated Registration endpoint) Available options: CustomerEmployee
publicKey
externalId: Value used to correlate the entity with an external system.
isSSORequired: If set to true, the user will have to authenticate via SSO.
- Request body
-
{ curl --request POST \ --url https://api.digitalassets.ibm.com/auth/users \ --header 'Authorization: Bearer <token>' \ --header 'Content-Type: application/json' \ --header 'X-DFNS-USERACTION: <api-key>' \ --data '{ "email": "jsmith@example.com", "kind": "CustomerEmployee", "publicKey": "<string>", "externalId": "<string>", "isSSORequired": false }' - Response
- 200: Success
{ "username": "<string>", "name": "<string>", "userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome", "kind": "AccountUser", "credentialUuid": "<string>", "orgId": "<string>", "isActive": true, "isServiceAccount": true, "isRegistered": true, "isSSORequired": true, "permissionAssignments": [ { "permissionName": "<string>", "permissionId": "<string>", "assignmentId": "<string>", "operations": [ "<string>" ] } ], "permissions": [ "<string>" ] }