# Create credentials

Creates new password credentials for a user that doesn't already have a password. The password is temporary, and must be reset upon the user's first login. Required permissions: apps:create, [appId]:create, authenticators:create.

Endpoint: POST /v1/users/{user_id}/password
Security: ClientAccessToken

## Path parameters:

  - `user_id` (string, required)
    The ID of the user

## Request fields (application/json):

  - `password` (string, required)
    The user's new password

  - `force_replace` (boolean)
    When true the password is temporary and the user will be required to replace it upon successful login

  - `device_id` (string)
    The device associated with this registration.

  - `username` (string)
    The user's new username. This will be the identifier the user will use to authenticate. If username is not provided and the user has verified their email, that email address will be used as the username.

  - `enforce_complexity` (boolean)
    If true, the password must meet the password complexity requirements. If false, the password can be any string.

## Response 201 fields (application/json):

  - `result` (object, required)

  - `result.message` (string, required)
    Example: "Password registered"

## Response 400 fields (application/json):

  - `error_code` (string)
    Enum: "system_invalid_input", "auth_password_breached", "auth_password_policy_disabled", "auth_password_weak"

  - `message` (string)

## Response 404 fields (application/json):

  - `error_code` (string)
    Enum: "user_not_found"

  - `message` (string)

## Response 409 fields (application/json):

  - `error_code` (string)
    Enum: "auth_password_already_configured"

  - `message` (string)


