# Create user Add a user to Transmit. A user_id is returned as part of the User in the response that can then be used to perform other operations, such as get, update and delete. An email or a phone_number are required. Required permissions: apps:create, [appId]:create, users:create. Endpoint: POST /v1/users Security: ClientAccessToken ## Request fields (application/json): - `email` (string) Primary email address of the user - `phone_number` (string) Primary phone number of the user, specified in E.164 format - `username` (string) Username used to identify the user - `secondary_emails` (array) Secondary email addresses to add to user's current emails - `secondary_phone_numbers` (array) Secondary phone numbers to add to user's phone numbers, each specified in E.164 format - `birthday` (string) User's birthday - `address` (object) User's address - `address.country` (string) Country - `address.state` (string) State - `address.city` (string) City - `address.street_address` (string) Street address - `address.postal_code` (string) Postal code - `address.type` (string) Enum: "Home", "Work", "Other" - `name` (object) Object describing user's full name - `name.title` (string) Title - `name.first_name` (string) User's first name - `name.last_name` (string) User's last name - `name.middle_name` (string) User's middle name - `external_account_id` (string) User identifier in an app, set by the app - `custom_app_data` (object) Custom data object for app-related user info - `picture` (string) The picture of user, specified as a URL - `language` (string) The language of the user, as provided by the browser using the [Accept-Language](https://www.rfc-editor.org/rfc/rfc7231#section-5.3.5) header field - `custom_data` (object) Custom data object for tenant user info - `external_user_id` (string) A unique identifier in a tenant - `credentials` (object) The password of the user, who is identified by either a username or primary email. - `credentials.password` (string, required) The user's new password - `credentials.force_replace` (boolean) When true the password is temporary and the user will be required to replace it upon successful login - `delegated_access` (object) If this user is a dependent, this defines the permissions that the primary user will have to act on behalf of the dependent user. - `delegated_access.actor_id` (string, required) The ID of the primary user that has permissions to act on behalf of this user - `delegated_access.permissions` (array, required) Names of permissions that are granted to the primary user on behalf of the dependent ## Response 201 fields (application/json): - `result` (object, required) - `result.email` (object) Primary email address, used as user identifier - `result.email.value` (string, required) Email address - `result.email.email_verified` (boolean) Indicates if email was verified (via magic link, social login, or email verification flows) - `result.email.verified_at` (string) Last verification date of the email - `result.secondary_emails` (array) - `result.secondary_emails.value` (string, required) Email address - `result.secondary_emails.email_verified` (boolean) Indicates if email was verified (via magic link, social login, or email verification flows) - `result.secondary_emails.verified_at` (string) Last verification date of the email - `result.phone_number` (object) Primary phone number, used as user identifier - `result.phone_number.value` (string, required) Phone number - `result.phone_number.phone_number_verified` (boolean) Indicates if phone number was verified (via SMS OTP or verification flow) - `result.phone_number.verified_at` (string) Last verification date of the phone number - `result.secondary_phone_numbers` (array) - `result.secondary_phone_numbers.value` (string, required) Phone number - `result.secondary_phone_numbers.phone_number_verified` (boolean) Indicates if phone number was verified (via SMS OTP or verification flow) - `result.secondary_phone_numbers.verified_at` (string) Last verification date of the phone number - `result.username` (string) Username used to identify the user for password login (unless a primary email will be used instead). Defined only if a password was set for the user. - `result.user_id` (string, required) User ID autogenerated upon user creation - `result.birthday` (string) Birthday as YYYY-MM-DD - `result.address` (object) User's address - `result.address.country` (string) Country - `result.address.state` (string) State - `result.address.city` (string) City - `result.address.street_address` (string) Street address - `result.address.postal_code` (string) Postal code - `result.address.type` (string) Enum: "Home", "Work", "Other" - `result.address.updated_at` (number) Date user's address was last updated - `result.name` (object) Full name - `result.name.title` (string) Title - `result.name.first_name` (string) User's first name - `result.name.last_name` (string) User's last name - `result.name.middle_name` (string) User's middle name - `result.status` (string, required) Enum: "Active", "Disabled", "Pending" - `result.status_changed_at` (string) Date status was last updated - `result.created_at` (number, required) Date user was created in the tenant - `result.updated_at` (number, required) Date user was last updated - `result.identities` (array) - `result.identities.provider_name` (string, required) Name of identity provider - `result.identities.provider_type` (string, required) Indicates whether the identity provider is Transmit (Native) or a social login provider (OAuth2) Enum: "OAuth2", "Native", "External" - `result.identities.auth_type` (string, required) Type of authentication method that was used Enum: "webauthn", "email_otp", "sms_otp", "direct_otp", "email_magic_link", "password", "oauth2", "saml", "transmit", "totp" - `result.identities.identifier` (string, required) Identifier of the user in the provider's system - `result.identities.user_alias` (object) Alias used by the user to authenticate to this provider - `result.identities.user_alias.type` (string, required) Alias type, which varies based on authentication method Enum: "username", "email", "phone_number", "unspecified" - `result.identities.user_alias.value` (string, required) Alias value - `result.identities.first_auth_date` (string, required) Date user first authenticated to this provider - `result.identities.last_auth_date` (string, required) Date user last authenticated to this provider - `result.last_auth` (string) Date user last authenticated - `result.external_account_id` (string) User identifier in an app, set by the app - `result.app_name` (string) Name of the app the user is associated with - `result.custom_app_data` (object) Custom data object for app-related user info - `result.groupIds` (array) List of group IDs the user is assigned to - `result.picture` (string) The picture of user, specified as a URL - `result.language` (string) The language of the user, as provided by the browser using the [Accept-Language](https://www.rfc-editor.org/rfc/rfc7231#section-5.3.5) header field - `result.custom_data` (object) Custom data object for tenant user info - `result.external_user_id` (string) A unique identifier in a tenant - `result.password_information` (object) The information of the user's password - `result.password_information.expired` (boolean, required) Whether the password is currently expired - `result.password_information.temporary` (boolean, required) Whether the password must be reset after first use - `result.password_information.updated_at` (number, required) The date the password was last updated, as unix epoch in milliseconds - `result.password_information.expires_in` (string) The date the password will be expired - `result.identity_providers` (array) - `result.identity_providers.source` (string, required) Type of identity provider Enum: "UserID", "BindID", "Google", "Apple", "Facebook", "Line", "Tiktok", "Transmit Identity", "Transmit Security", "BindIDApi", "Email OTP", "SMS OTP", "Direct OTP", "Email Magic Link", "Password", "Orchestrated", "SAML", "SSO OIDC", "Mobile Biometrics", "totp", "face" - `result.identity_providers.identifier` (string, required) Identifier of the user in the provider's system - `result.identity_providers.email` (string, required) Email used by the user to authenticate to this provider - `result.identity_providers.first_auth_date` (string, required) Date user first authenticated to this provider - `result.identity_providers.last_auth_date` (string, required) Date user last authenticated to this provider ## Response 400 fields (application/json): - `message` (array, required) Example: "Bad request" - `error_code` (number, required) Example: 400 ## Response 409 fields (application/json): - `message` (string, required) - `error_code` (number, required) - `ts_error_code` (string, required)