.. _create_user: Method: Create User ------------------- Description ~~~~~~~~~~~ Create a StoredSafe user. .. note:: This requires :ref:`Admin` capabilities. URL Syntax ~~~~~~~~~~ /api/{version}/user HTTP Method ~~~~~~~~~~~ POST Successful HTTP Response ~~~~~~~~~~~~~~~~~~~~~~~~ 201 Parameters ~~~~~~~~~~ +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | Parameter name | Description | Parameter type | Type | Requirements | Mandatory | Comment | +================+================================+================+=========+===================+===========+==================+ | X-Http-Token | StoredSafe token | HTTP Header | String | | :sup:`1)` | Preferred method | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | token | StoredSafe token | JSON-encoded | String | | :sup:`1)` | Legacy method | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | username | Username | JSON-encoded | String | Length 5 to 32 | Yes | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | status | :ref:`User Capabilities` | JSON-encoded | Array | | Yes | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | fullname | Fullname | JSON-encoded | String | Length 5 to 64 | Yes | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | email | Email | JSON-encoded | String | Length 5 to 128 | Yes | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | yubikey | Yubikey OTP | JSON-encoded | String | Length 44 (exact) | Optional | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | totp | Enable TOTP? | JSON-encoded | Boolean | | Optional | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ | passphrase | Passphrase | JSON-encoded | String | | Yes | | +----------------+--------------------------------+----------------+---------+-------------------+-----------+------------------+ .. note:: :sup:`1)` One of the methods is required. Response Attributes ~~~~~~~~~~~~~~~~~~~ +----------------------------+-------------------------------------------------+---------+ | Attribute | Description | Type | +============================+=================================================+=========+ | CALLINFO.errorcodes | Number of errors | Integer | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.errors | Number of errors | Integer | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.general | Information | Array | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.handler | Handler used | String | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.status | SUCCESS or FAIL | String | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.token | StoredSafe token to be used in subsequent calls | String | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.calculated_status | Calculated user capability | String | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.user_created | Username of created user | String | +----------------------------+-------------------------------------------------+---------+ | CALLINFO.id | User-ID of created user | String | +----------------------------+-------------------------------------------------+---------+ | DATA | Supplied data in prior API-call | String | +----------------------------+-------------------------------------------------+---------+ | HEADERS.(headers) | HTTP Headers | String | +----------------------------+-------------------------------------------------+---------+ | PARAMS | Route parameters (empty) | Array | +----------------------------+-------------------------------------------------+---------+ | ERRORCODES | Error code and text (Only present if errors) | Object | +----------------------------+-------------------------------------------------+---------+ | ERRORS | Error code and text (Only present if errors) | Array | +----------------------------+-------------------------------------------------+---------+ Examples ~~~~~~~~ Create a new user, Mr Foo Manchu, with the username "foomanchu", email "mrfoo@manchu.com" and using the Admin, Audit and Active capability bits (See :ref:`bits`), initialize the user to use Yubikey OTP, disable TOTP and set a reasonable passphrase. **Request** :: POST /api/1.0/user x-http-token: your_storedsafe_token { "username": "foomanchu", "status": [ 2, 3, 7 ], "fullname": "Foo Manchu", "email": "mrfoo@manchu.com", "yubikey": "cccjgjgkhcbbgefdkbbditfjrlnaggevfhenublfnrev", "totp": "False", "passphrase": "~[vN8-x9W6~7P367_vmwAQ53Y", } **Response** :: HTTP/2 201 Content-type: application/json; charset=UTF-8 { "CALLINFO": { "calculated_status": 140, "errorcodes": 0, "errors": 0, "general": [], "handler": "UserHandler", "status": "SUCCESS", "token": "rotated_storedsafe_token", "user_created": "Foo Manchu" }, "DATA": { "email": "mrfoo@manchu.com", "fullname": "Foo Manchu", "passphrase": "~[vN8-x9W6~7P367_vmwAQ53Y", "status": [ 2, 3, 7 ], "token": "your_storedsafe_token", "username": "foomanchu", "yubikey": "cccjgjgkhcbbgefdkbbditfjrlnaggevfhenublfnrev" }, "HEADERS": { "Accept": "*/*", "Content-Length": "169", "Content-Type": "application/json", "Host": "safe.domain.cc", "User-Agent": "curl/7.64.1", "X-Http-Token": "your_storedsafe_token" }, "PARAMS": [] }