Create a user

POST /resources/v3alpha/users

Create a new user with an optional data schema.

Request

Query Parameters

instance.id string

instance.domain string

organization.orgId string

organization.orgDomain string

application/json
application/grpc
application/grpc-web+proto

Body

required

schemaId stringrequired

Possible values: non-empty and <= 200 characters

Define the schema the user's data schema by providing it's ID.

data object

contact

object

Set the contact information (email, phone) for the user.

email

object

address stringrequired

Possible values: non-empty and <= 200 characters

Set the email address.

sendCode

object

Let ZITADEL send the link to the user via email.

urlTemplate string

Possible values: non-empty and <= 200 characters

Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the email as already verified.

phone

object

number stringrequired

Possible values: non-empty and <= 20 characters

Set the user's phone number.

sendCode object

Let ZITADEL send the link to the user via SMS.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the phone as already verified.

authenticators

object

Set the initial authenticators of the user.

usernames

object[]

Array [

username stringrequired

Possible values: non-empty and <= 200 characters

Set the user's username. This will be used for identification during authentication.

isOrganizationSpecific boolean

By default username must be unique across all organizations in an instance. This option allow to restrict the uniqueness to the user's own organization. As a result, this username can only be used if the authentication is limited to the corresponding organization.

This can be useful if you provide multiple usernames for a single user, where one if specific to your organization, e.g.:

gigi-giraffe@zitadel.com (unique across organizations)
gigi-giraffe (unique only inside the ZITADEL organization)

]

password

object

password stringrequired

Possible values: non-empty and <= 200 characters

Provide the plain text password. ZITADEL will take care to store it in a secure way (hash).

hash stringrequired

Possible values: non-empty and <= 200 characters

Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets.

changeRequired boolean

Provide if the user needs to change the password on the next use.

currentPassword stringrequired

Possible values: non-empty and <= 200 characters

Provide the current password to verify you're allowed to change the password.

verificationCode stringrequired

Possible values: non-empty and <= 20 characters

Or provider the verification code generated during password reset request.

userId string

Possible values: non-empty and <= 200 characters

Optionally set a unique identifier of the user. If unset, ZITADEL will take care of it.

Body

required

schemaId stringrequired

Possible values: non-empty and <= 200 characters

Define the schema the user's data schema by providing it's ID.

data object

contact

object

Set the contact information (email, phone) for the user.

email

object

address stringrequired

Possible values: non-empty and <= 200 characters

Set the email address.

sendCode

object

Let ZITADEL send the link to the user via email.

urlTemplate string

Possible values: non-empty and <= 200 characters

Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the email as already verified.

phone

object

number stringrequired

Possible values: non-empty and <= 20 characters

Set the user's phone number.

sendCode object

Let ZITADEL send the link to the user via SMS.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the phone as already verified.

authenticators

object

Set the initial authenticators of the user.

usernames

object[]

Array [

username stringrequired

Possible values: non-empty and <= 200 characters

Set the user's username. This will be used for identification during authentication.

isOrganizationSpecific boolean

This can be useful if you provide multiple usernames for a single user, where one if specific to your organization, e.g.:

gigi-giraffe@zitadel.com (unique across organizations)
gigi-giraffe (unique only inside the ZITADEL organization)

]

password

object

password stringrequired

Possible values: non-empty and <= 200 characters

Provide the plain text password. ZITADEL will take care to store it in a secure way (hash).

hash stringrequired

Possible values: non-empty and <= 200 characters

Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets.

changeRequired boolean

Provide if the user needs to change the password on the next use.

currentPassword stringrequired

Possible values: non-empty and <= 200 characters

Provide the current password to verify you're allowed to change the password.

verificationCode stringrequired

Possible values: non-empty and <= 20 characters

Or provider the verification code generated during password reset request.

userId string

Possible values: non-empty and <= 200 characters

Optionally set a unique identifier of the user. If unset, ZITADEL will take care of it.

Body

required

schemaId stringrequired

Possible values: non-empty and <= 200 characters

Define the schema the user's data schema by providing it's ID.

data object

contact

object

Set the contact information (email, phone) for the user.

email

object

address stringrequired

Possible values: non-empty and <= 200 characters

Set the email address.

sendCode

object

Let ZITADEL send the link to the user via email.

urlTemplate string

Possible values: non-empty and <= 200 characters

Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the email as already verified.

phone

object

number stringrequired

Possible values: non-empty and <= 20 characters

Set the user's phone number.

sendCode object

Let ZITADEL send the link to the user via SMS.

returnCode object

Get the code back to provide it to the user in your preferred mechanism.

isVerified boolean

Set the phone as already verified.

authenticators

object

Set the initial authenticators of the user.

usernames

object[]

Array [

username stringrequired

Possible values: non-empty and <= 200 characters

Set the user's username. This will be used for identification during authentication.

isOrganizationSpecific boolean

This can be useful if you provide multiple usernames for a single user, where one if specific to your organization, e.g.:

gigi-giraffe@zitadel.com (unique across organizations)
gigi-giraffe (unique only inside the ZITADEL organization)

]

password

object

password stringrequired

Possible values: non-empty and <= 200 characters

Provide the plain text password. ZITADEL will take care to store it in a secure way (hash).

hash stringrequired

Possible values: non-empty and <= 200 characters

Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets.

changeRequired boolean

Provide if the user needs to change the password on the next use.

currentPassword stringrequired

Possible values: non-empty and <= 200 characters

Provide the current password to verify you're allowed to change the password.

verificationCode stringrequired

Possible values: non-empty and <= 20 characters

Or provider the verification code generated during password reset request.

userId string

Possible values: non-empty and <= 200 characters

Optionally set a unique identifier of the user. If unset, ZITADEL will take care of it.

Responses

200
201
403
404
default

A successful response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.624Z",
    "changed": "2024-11-22T16:27:05.624Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.624Z",
    "changed": "2024-11-22T16:27:05.624Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.625Z",
    "changed": "2024-11-22T16:27:05.625Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

User successfully created

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.626Z",
    "changed": "2024-11-22T16:27:05.626Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.626Z",
    "changed": "2024-11-22T16:27:05.626Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

Schema
Example (from schema)

Schema

details

object

id string

created date-time

the timestamp of the first event applied to the object.

changed date-time

the timestamp of the last event applied to the object.

owner

object

the parent object representing the returned objects context.

type string

Possible values: [OWNER_TYPE_UNSPECIFIED, OWNER_TYPE_SYSTEM, OWNER_TYPE_INSTANCE, OWNER_TYPE_ORG]

Default value: OWNER_TYPE_UNSPECIFIED

id string

emailCode string

The email code will be set if a contact email was set with a return_code verification option.

phoneCode string

The phone code will be set if a contact phone was set with a return_code verification option.

{
  "details": {
    "id": "69629012906488334",
    "created": "2024-11-22T16:27:05.627Z",
    "changed": "2024-11-22T16:27:05.627Z",
    "owner": "69629023906488334"
  },
  "emailCode": "SKJd342k",
  "phoneCode": "IFi39dk2"
}

Returned when the user does not have permission to access the resource.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Returned when the resource does not exist.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

An unexpected error response.

application/json
application/grpc
application/grpc-web+proto

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Schema
Example (from schema)

Schema

code int32

message string

details

object[]

Array [

@type string

]

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Create a user

/resources/v3alpha/users

Request​

Query Parameters

Body

Body

Body

Responses​

Request

Responses