The POST /environments/{{envID}}/users operation adds a new user resource to the specified environment.

This operation does not support an attribute to set the new user’s password. To create a user and set the password, see Import a user. For information about setting a user’s password after creating the new user, see Set password.

The username value must be unique to an environment (spanning populations). Access to populations is determined by roles. It’s possible that username conflicts may arise, if you or your worker application attempt to create a user that exists in a population to which you have no access.

In the example, locales is a multi-valued custom attribute. Its value must be an array, regardless of the number of values provided. See Custom attributes in Schemas for more information.

New users are assigned to the default population for the environment, if one exists, and if the population ID is not provided in the request. The request must also set a value for the username attribute.

New users who are not authenticating with PingOne must be assigned an identity provider with the identityProvider.id attribute. If identityProvider.id is not provided, PingOne is set as the default identity provider. The identityProvider.type value is read-only, and its value is dependent on the value of identityProvider.id. If identityProvider.id is not provided, the default value of identityProvider.type is PING_ONE.

If you’re intending to set a custom attribute on the user, you’ll need to first create the custom attribute for the schema using Create Attribute. If you neglect to do this, the custom attribute values are ignored when the user is created.

If successful, the response returns a 201 Successfully created message and shows the new user resource’s property data.