Core
API v2.x
2
APIAPI v2.x

createUser #

Creates a new user.

The body contains the user data and must have the following properties:

This method is not intended to be exposed to the anonymous user because it allows the user to assign the profile of their choice.

Expose the security:createRestrictedUser method instead.

Query Syntax #

HTTP #

URL: http://kuzzle:7512/users/<_id>/_create[?refresh=wait_for]
URL(2): http://kuzzle:7512/users/_create[?refresh=wait_for]
Method: POST
Body:
{
  "content": {
    "profileIds": ["<profileId>"],
    // additional user properties (optional)
    "fullname": "John Doe"
  },
  "credentials": {
    // example with the "local" authentication strategy
    "local": {
      username: "jdoe",
      password: "foobar"
    }
  }
}

Other protocols #

{
  "controller": "security",
  "action": "createUser",
  "body": {
    "content": {
      "profileIds": ["<profileId>"],
      // additional user properties (optional)
      "fullname": "John Doe"
    },
    "credentials": {
      // example with the "local" authentication strategy
      "local": {
        username: "jdoe",
        password: "foobar"
      }
    }
  },

  // optional arguments
  "_id": "<kuid>",
  "refresh": "wait_for",
  "kuid": "human"
}

Arguments #

Optional: #

  • _id: user kuid. An error is returned if the provided identifier already exists. If not provided, a random kuid is automatically generated.
  • refresh: if set to wait_for, Kuzzle will not respond until the newly created user is indexed (default: "wait_for")
  • kuid: if set to human, Kuzzle will generate a human readable id, otherwise if set to uuid Kuzzle will generate a standard uuid (default: "human")

Body properties #

  • content: an object describing the user. Properties:
    • profileIds: an array of security profiles attributed to the user
    • any other property: optional additional user information
  • credentials: describe how the new user can be authenticated. This object contains any number of properties, named after the target authentication strategy to use. Each one of these properties are objects containing the credentials information, corresponding to that authentication strategy. If left empty, the new user is created but cannot be authenticated.

Response #

Returns the user creation status:

  • _id: new user kuid
  • _source: new user content and attributed profiles
{
  "status": 200,
  "error": null,
  "controller": "security",
  "action": "createUser",
  "requestId": "<unique request identifier>",
  "result": {
    "_id": "<kuid>",
    "_source": {
      "profileIds": ["<profileId>"],
      "fullname": "John Doe"
    }
  }
}
Edit this page on Github(opens new window)