- URL:https://<root>/orgs/<orgID>/security/users/createUser(POST only)
- Required Capability:Default administrator role | Security and infrastructure
- Version Introduced:10.9
Description
The createUser operation creates either a built-in (arcgis) user account or an enterprise user account, the designation of which is specified using the provider parameter.
Note:
When ArcGIS Enterprise on Kubernetes is connected to an enterprise identity store, users sign in using their enterprise credentials. By default, new installations do not allow accounts from an enterprise identity store to be registered automatically.
Request parameters
Parameter | Details |
---|---|
username (Required) | The name of the user account. Eligible user names must be at least six characters in length, using alphanumeric values with only the following symbols allowed:
|
password (Optional; Required if provider is arcgis) | The password for the account. This parameter is required if the provider parameter value is arcgis; otherwise, the password parameter is ignored. Eligible passwords must be at least eight characters in length and contain at least one letter (A-Z, a-z) and one number (0-9). All special characters are supported.
|
firstname (Required) | The first name for the user account.
|
lastname (Required) | The last name for the user account.
|
role (Required) | The role for the user account. The default value is org_user. Values: org_admin | org_publisher | org_user | iBBBBBBBBBBBBBBB (Data Editor)| iAAAAAAAAAAAAAAA (Viewer) |
userLicenseTypeId (Required) | The user type for the account. Values: creatorUT | editorUT | GISProfessionalAdvUT | GISProfessionalBasicUT | GISProfessionalStdUT | viewerUT | fieldWorkerUT |
email (Required) | The email address for the user account. Example
|
provider (Required) | The provider for the account. The default value is arcgis. Values: arcgis | enterprise |
idpUsername (Optional; Required if provider is enterprise) | The name of the user as stored by the enterprise user store. This parameter is required if the provider parameter value is enterprise. Example
|
description (Optional) | The user account description. Example
|
f | The response format. The default response is html. Values: html | json | pjson |
Example usage
The following is a sample POST request for the createUser operation:
POST /context/admin/orgs/0123456789ABCDEF/security/users/createUser HTTP/1.1
Host: organization.domain.com
Content-Type: application/x-www-form-urlencoded
Content-Length: []
username=KubeAdmin&password=test.pass1&firstname=John&lastname=Smith&role=org_admin&userLicenseTypeId=creatorUT&email=jsmith@org.com&provider=arcgis&idpUsername=&description=&f=pjson&token=Mb0ORrkLObNO2Q8FZoUCHHzSMzZi0CbhLHNRYMqqa6URG_ojQJF3rNsJAfRB23MyCrLwSmuaHPUo4AEIrUuoH1-4Ot5xh4565FtlQahXAhK2C7Sy0oydZhBwD8KdFSnVlnLr-e9uI5ovSWZ2lGNn9SwoV2MPMzeAh_5r-q-wgwF8DTT_nhuCXJGkMRy-48jjGS2aN5FI18STHZ8RAuKxGasH90SI3C7njZzlGCUrY5m6BDhCMsdpZA14GwNX8Cis
JSON Response example
{"status": "success"}
The following is a sample error message returned when the requirements for the username parameter are not met:
{
"error" : {
"code" : 500,
"message" : "\"Failed to create user 'tuser'. Invalid username specified. The username must be at least six characters and may only contain Latin-based alphanumeric characters or \"@\", \".\", and \"_\".",
"details" : null
}
}
The following is a sample error message returned when the requirements for the password parameter are not met:
{
"error" : {
"code" : 500,
"message" : "The password does not meet the minimum strength requirement.",
"details" : null
}
}