Creates an account in an Identity as a Service (IDaaS) Enterprise Identity Access Management (EIAM) instance.
Debugging
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resourcesis used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
| Operation | Access level | Resource type | Condition key | Associated operation |
|---|---|---|---|---|
| eiam:CreateUser | create | *All Resources * |
| none |
Request parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| InstanceId | string | Yes | The ID of the instance. | idaas_ue2jvisn35ea5lmthk267xxxxx |
| Username | string | Yes | The name of the account. The name can be up to 64 characters in length and can contain letters, digits, underscores (_), periods (.), at signs (@), and hyphens (-). | user_001 |
| DisplayName | string | No | The display name of the account. The display name can be up to 64 characters in length. | name_001 |
| Password | string | Yes | The password of the account. For more information, view the password policy of the instance in the IDaaS console. | 123456 |
| PhoneRegion | string | No | The country code of the mobile phone number. The country code contains only digits and does not contain a plus sign (+). | 86 |
| PhoneNumber | string | No | The mobile phone number, which contains 6 to 15 digits. | 12345678901 |
| PhoneNumberVerified | boolean | No | Specifies whether the mobile phone number is a trusted mobile phone number. This parameter is required if the PhoneNumber parameter is specified. If you have no special business requirements, set this parameter to true. | true |
| string | No | The email address of the user who owns the account. The email address prefix can contain letters, digits, underscores (_), periods (.), and hyphens (-). | example@example.com | |
| EmailVerified | boolean | No | Specifies whether the email address is a trusted email address. This parameter is required if the Email parameter is specified. If you have no special business requirements, set this parameter to true. | true |
| UserExternalId | string | No | The external ID of the account. The external ID can be used to associate the account with an external system. The external ID can be up to 64 characters in length. If you do not specify an external ID for the account, the ID of the account is used as the external ID by default. | user_d6sbsuumeta4h66ec3il7yxxxx |
| PrimaryOrganizationalUnitId | string | Yes | The ID of the primary organizational unit to which the account belongs. | ou_wovwffm62xifdziem7an7xxxxx |
| OrganizationalUnitIds | array | No | The IDs of organizational units to which the account belongs. An account can belong to multiple organizational units. | |
| string | No | The ID of the organizational unit. | ou_adz2vmgiwpo4tu6jtss3mynjji | |
| Description | string | No | The description of the organizational unit. The description can be up to 256 characters in length. | description text |
| CustomFields | array<object> | No | The extended fields. | description |
| object | No | The information about the extended field. | ||
| FieldName | string | No | The name of the extended field. You must create the extended field in advance. To create an extended field, log on to the IDaaS console. In the left-side navigation pane, choose Accounts > Extended Fields, and then click Create Field on the Extended Fields page. | age |
| FieldValue | string | No | The value of the extended field. The value follows the limits on the properties of the extended field. | 10 |
| PasswordInitializationConfig | object | No | The configurations for password initialization. | |
| PasswordInitializationPolicyPriority | string | No | The priority of the password initialization policy. By default, this parameter does not take effect. Valid values:
| global |
| PasswordForcedUpdateStatus | string | No | Specifies whether to forcibly change the password status. Default value: disabled. Valid values:
| enabled |
| UserNotificationChannels | array | No | The password notification methods. | |
| string | No | The password notification method. Valid values:
| sms | |
| PasswordInitializationType | string | No | The password initialization method. Set the value to random,
| random |
Response parameters
Examples
Sample success responses
JSONformat
{
"RequestId": "0441BD79-92F3-53AA-8657-F8CE4A2B912A",
"UserId": "user_d6sbsuumeta4h66ec3il7yxxxx"
}Error codes
For a list of error codes, visit the Service error codes.
Change history
| Change time | Summary of changes | Operation |
|---|---|---|
| 2023-08-09 | The internal configuration of the API is changed, but the call is not affected | View Change Details |
| 2023-04-04 | The internal configuration of the API is changed, but the call is not affected | View Change Details |