POST /auth /users

By using POST /auth /registration /code API, you can invite a new user in the caller’s org. This will create the user and send a registration email to the created User’s email, with a registration code, and pointing him to complete his registration on IBM Digital Asset Haven's dashboard. The user is created without any permissions..

Authentication
Organization User (CustomerEmployee)

Service Account

Required Permissions
Auth:Users:Read: Always required.
Authorizations
Bearer Token: To authenticate API requests.
X-DFNS-USERACTION
User Action Signature: To sign the change-inducing API requests.
Parameters

email string: The email address of the new user.

kind enum: The kind of user being created. In this endpoint it can only be "CustomerEmployee" (creating an "EndUser" is done through the Delegated Registration endpoint) Available options: CustomerEmployee

publicKey

externalId: Value used to correlate the entity with an external system.

isSSORequired: If set to true, the user will have to authenticate via SSO.

Request body
{
curl --request POST \
  --url https://api.digitalassets.ibm.com/auth/users \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'X-DFNS-USERACTION: <api-key>' \
  --data '{
  "email": "jsmith@example.com",
  "kind": "CustomerEmployee",
  "publicKey": "<string>",
  "externalId": "<string>",
  "isSSORequired": false
}'
Response
200: Success
{
  "username": "<string>",
  "name": "<string>",
  "userId": "us-6b58p-r53sr-rlrd3l5cj3uc4ome",
  "kind": "AccountUser",
  "credentialUuid": "<string>",
  "orgId": "<string>",
  "isActive": true,
  "isServiceAccount": true,
  "isRegistered": true,
  "isSSORequired": true,
  "permissionAssignments": [
    {
      "permissionName": "<string>",
      "permissionId": "<string>",
      "assignmentId": "<string>",
      "operations": [
        "<string>"
      ]
    }
  ],
  "permissions": [
    "<string>"
  ]
}