Create a new human user
POST/v2/users/human
Create/import a new user with the type human. The newly created user will get a verification email if either the email address is not marked as verified and you did not request the verification to be returned.
Request​
- application/json
- application/grpc
- application/grpc-web+proto
Body
required
Array [
]
Array [
]
Possible values: non-empty
and <= 200 characters
optionally set your own id unique for the user.
Possible values: non-empty
and <= 200 characters
optionally set a unique username, if none is provided the email will be used.
organization
object
profile
object
required
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
email
object
required
Possible values: non-empty
and <= 200 characters
sendCode
object
Possible values: non-empty
and <= 200 characters
Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.
The following placeholders can be used: UserID, OrgID, Code
phone
object
Possible values: <= 200 characters
metadata
object[]
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 500000 characters
The value has to be base64 encoded.
password
object
Possible values: non-empty
and <= 200 characters
hashedPassword
object
Possible values: non-empty
and <= 200 characters
"Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets"
idpLinks
object[]
Possible values: non-empty
and <= 200 characters
ID of the identity provider
Possible values: non-empty
and <= 200 characters
ID of the user of the identity provider
Possible values: non-empty
and <= 200 characters
username of the user of the identity provider
Possible values: non-empty
and <= 200 characters
An Implementation of RFC 6238 is used, with HMAC-SHA-1 and time-step of 30 seconds. Currently no other options are supported, and if anything different is used the validation will fail.
Body
required
Array [
]
Array [
]
Possible values: non-empty
and <= 200 characters
optionally set your own id unique for the user.
Possible values: non-empty
and <= 200 characters
optionally set a unique username, if none is provided the email will be used.
organization
object
profile
object
required
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
email
object
required
Possible values: non-empty
and <= 200 characters
sendCode
object
Possible values: non-empty
and <= 200 characters
Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.
The following placeholders can be used: UserID, OrgID, Code
phone
object
Possible values: <= 200 characters
metadata
object[]
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 500000 characters
The value has to be base64 encoded.
password
object
Possible values: non-empty
and <= 200 characters
hashedPassword
object
Possible values: non-empty
and <= 200 characters
"Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets"
idpLinks
object[]
Possible values: non-empty
and <= 200 characters
ID of the identity provider
Possible values: non-empty
and <= 200 characters
ID of the user of the identity provider
Possible values: non-empty
and <= 200 characters
username of the user of the identity provider
Possible values: non-empty
and <= 200 characters
An Implementation of RFC 6238 is used, with HMAC-SHA-1 and time-step of 30 seconds. Currently no other options are supported, and if anything different is used the validation will fail.
Body
required
Array [
]
Array [
]
Possible values: non-empty
and <= 200 characters
optionally set your own id unique for the user.
Possible values: non-empty
and <= 200 characters
optionally set a unique username, if none is provided the email will be used.
organization
object
profile
object
required
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
email
object
required
Possible values: non-empty
and <= 200 characters
sendCode
object
Possible values: non-empty
and <= 200 characters
Optionally set a url_template, which will be used in the verification mail sent by ZITADEL to guide the user to your verification page. If no template is set, the default ZITADEL url will be used.
The following placeholders can be used: UserID, OrgID, Code
phone
object
Possible values: <= 200 characters
metadata
object[]
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 500000 characters
The value has to be base64 encoded.
password
object
Possible values: non-empty
and <= 200 characters
hashedPassword
object
Possible values: non-empty
and <= 200 characters
"Encoded hash of a password in Modular Crypt Format: https://zitadel.com/docs/concepts/architecture/secrets#hashed-secrets"
idpLinks
object[]
Possible values: non-empty
and <= 200 characters
ID of the identity provider
Possible values: non-empty
and <= 200 characters
ID of the user of the identity provider
Possible values: non-empty
and <= 200 characters
username of the user of the identity provider
Possible values: non-empty
and <= 200 characters
An Implementation of RFC 6238 is used, with HMAC-SHA-1 and time-step of 30 seconds. Currently no other options are supported, and if anything different is used the validation will fail.
Responses​
- 200
- 403
- 404
- default
OK
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
{
"userId": "string",
"details": {
"sequence": "2",
"changeDate": "2025-01-06T09:05:14.990Z",
"resourceOwner": "69629023906488334"
},
"emailCode": "string",
"phoneCode": "string"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
{
"userId": "string",
"details": {
"sequence": "2",
"changeDate": "2025-01-06T09:05:14.990Z",
"resourceOwner": "69629023906488334"
},
"emailCode": "string",
"phoneCode": "string"
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
{
"userId": "string",
"details": {
"sequence": "2",
"changeDate": "2025-01-06T09:05:14.990Z",
"resourceOwner": "69629023906488334"
},
"emailCode": "string",
"phoneCode": "string"
}
Returned when the user does not have permission to access the resource.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Returned when the resource does not exist.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}