Creating an IAM User (Recommended)¶
Function¶
This API is provided for the administrator to create an IAM user.
URI¶
POST /v3.0/OS-USER/users
Request Parameters¶
Parameter | Mandatory | Type | Description |
---|---|---|---|
Content-Type | Yes | String | Fill application/json;charset=utf8 in this field. |
X-Auth-Token | Yes | String | Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see "Actions". |
Parameter | Mandatory | Type | Description |
---|---|---|---|
name | Yes | String | IAM username, which consists of 1 to 64 characters. It can contain letters (case-sensitive), digits, spaces, hyphens (-), underscores (_), and periods (.), and cannot start with a digit or space. |
domain_id | Yes | String | Account ID. For details about how to obtain the account ID, see Obtaining User, Account, User Group, Project, and Agency Information. |
password | No | String | Password of the user. |
No | String | Valid email address with a maximum of 255 characters. | |
areacode | No | String | Country code. The country code must be used together with a mobile number. |
phone | No | String | Mobile number with a maximum of 32 digits. The mobile number must be used together with a country code. |
enabled | No | Boolean | Enabling status of the IAM user. true (default value) indicates that the user is enabled. false indicates that the user is disabled. |
pwd_status | No | Boolean | Indicates whether password reset is required at the first login. By default, password reset is required. |
xuser_type | No | String | Type of the IAM user in the external system. The user type can contain a maximum of 64 characters. xuser_type must be used together with xuser_id and will be verified based on xaccount_type and xdomain_type of the same account. Currently, the parameter value can only be TenantIdp. Note An external system refers to an enterprise management system connected to the cloud platform. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from the cloud platform. Please contact your enterprise administrator. |
xuser_id | No | String | ID of the IAM user in the external system. The user ID can contain a maximum of 128 characters, and must be used together with xuser_type. Due to the latency, the IAM console may not be able to display the external identity ID you have set in real time. Refresh the page later. Note An external system refers to an enterprise management system connected to the cloud platform. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from the cloud platform. Please contact your enterprise administrator. |
description | No | String | Description of the IAM user. |
Response Parameters¶
Parameter | Type | Description |
---|---|---|
status | Integer | Status of the IAM user. |
pwd_status | Boolean | Indicates whether password reset is required at the first login. |
xuser_id | String | ID of the IAM user in the external system. Note An external system refers to an enterprise management system connected to the cloud platform. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from the cloud platform. Please contact your enterprise administrator. |
xuser_type | String | Type of the IAM user in the external system. Note An external system refers to an enterprise management system connected to the cloud platform. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from the cloud platform. Please contact your enterprise administrator. |
description | String | Description of the IAM user. |
name | String | IAM username, which consists of 1 to 32 characters. It can contain letters (case-sensitive), digits, spaces, hyphens (-), underscores (_), and periods (.), and cannot start with a digit or space. |
phone | String | Mobile number with a maximum of 32 digits. The mobile number must be used together with a country code. |
is_domain_owner | Boolean | Indicates whether the IAM user is an administrator. |
domain_id | String | ID of the account used to create the IAM user. |
enabled | Boolean | Enabling status of the IAM user. true (default value) indicates that the user is enabled. false indicates that the user is disabled. |
areacode | String | Country code. |
String | Email address. | |
create_time | String | Time when the IAM user was created. Note The value is a UTC time in the YYYY-MM-DDTHH:mm:ss.ssssss format, for example, 2023-06-28T08:56:33.710000. |
xdomain_id | String | Customer code of the business entity. |
xdomain_type | String | Business entity. |
default_project_id | String | Default project ID. |
id | String | IAM user ID that contains 32 characters. |
password_expires_at | String | Password expiration time. If this parameter is set to null, the password will never expire. Note The value is a UTC time in the YYYY-MM-DDTHH:mm:ss.ssssss format, for example, 2023-06-28T08:56:33.710000. |
Example Request¶
Request for an administrator to create an IAM user named IAMUser, with the email address IAMEmail@example.com and mobile number 0012312345678910 bound, and with both programmatic access and management console access
POST https://sample.domain.com/v3.0/OS-USER/users
{
"user": {
"domain_id": "d78cbac186b744899480f25...",
"name": "IAMUser",
"password": "IAMPassword@",
"email": "IAMEmail@example.com",
"areacode": "00123",
"phone": "12345678910",
"enabled": true,
"pwd_status": false,
"xuser_type": "",
"xuser_id": "",
"description": "IAMDescription"
}
}
Example Response¶
Status code: 201
The IAM user is created successfully.
{
"user": {
"pwd_status": false,
"xuser_id": "",
"xuser_type": "",
"description": "IAMDescription",
"name": "IAMUser",
"phone": "12345678910",
"is_domain_owner": false,
"enabled": true,
"domain_id": "d78cbac186b744899480f25bd...",
"areacode": "00123",
"email": "IAMEmail@example.com",
"create_time": "2020-01-06T08:05:16.000000",
"xdomain_id": "",
"xdomain_type": "",
"id": "07664aec578026691f00c003a...",
"status": null,
"password_expires_at": null,
"default_project_id": null
}
}
Status Codes¶
Status Code | Description |
---|---|
201 | The IAM user is created successfully. |
400 | Invalid parameters. |
401 | Authentication failed. |
403 | Access denied. |
404 | The requested resource cannot be found. |
405 | The method specified in the request is not allowed for the requested resource. |
409 | A resource conflict occurs. |
413 | The request entity is too large. |
500 | Internal server error. |
503 | Service unavailable. |
Error Codes¶
See "Error Codes".