Create User - Stytch Docs

// POST /v1/users
const stytch = require('stytch');

const client = new stytch.Client({
  project_id: '${projectId}',
  secret: '${secret}',
});

const params = {
  email: "${email}",
  external_id: "my-external-id",
};

client.Users.Create(params)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });

{
  "request_id": "<string>",
  "user_id": "<string>",
  "email_id": "<string>",
  "status": "<string>",
  "phone_id": "<string>",
  "user": {
    "user_id": "<string>",
    "emails": [
      {
        "email_id": "<string>",
        "email": "<string>",
        "verified": true
      }
    ],
    "status": "<string>",
    "phone_numbers": [
      {
        "phone_id": "<string>",
        "phone_number": "<string>",
        "verified": true
      }
    ],
    "webauthn_registrations": [
      {
        "webauthn_registration_id": "<string>",
        "domain": "<string>",
        "user_agent": "<string>",
        "verified": true,
        "authenticator_type": "<string>",
        "name": "<string>"
      }
    ],
    "providers": [
      {
        "provider_type": "<string>",
        "provider_subject": "<string>",
        "profile_picture_url": "<string>",
        "locale": "<string>",
        "oauth_user_registration_id": "<string>"
      }
    ],
    "totps": [
      {
        "totp_id": "<string>",
        "verified": true
      }
    ],
    "crypto_wallets": [
      {
        "crypto_wallet_id": "<string>",
        "crypto_wallet_address": "<string>",
        "crypto_wallet_type": "<string>",
        "verified": true
      }
    ],
    "biometric_registrations": [
      {
        "biometric_registration_id": "<string>",
        "verified": true
      }
    ],
    "is_locked": true,
    "roles": [
      "<string>"
    ],
    "name": {
      "first_name": "<string>",
      "middle_name": "<string>",
      "last_name": "<string>"
    },
    "created_at": "<string>",
    "password": {
      "password_id": "<string>",
      "requires_reset": true
    },
    "trusted_metadata": {},
    "untrusted_metadata": {},
    "external_id": "<string>",
    "lock_created_at": "<string>",
    "lock_expires_at": "<string>"
  },
  "status_code": 123
}

POST

users

// POST /v1/users
const stytch = require('stytch');

const client = new stytch.Client({
  project_id: '${projectId}',
  secret: '${secret}',
});

const params = {
  email: "${email}",
  external_id: "my-external-id",
};

client.Users.Create(params)
  .then(resp => { console.log(resp) })
  .catch(err => { console.log(err) });

{
  "request_id": "<string>",
  "user_id": "<string>",
  "email_id": "<string>",
  "status": "<string>",
  "phone_id": "<string>",
  "user": {
    "user_id": "<string>",
    "emails": [
      {
        "email_id": "<string>",
        "email": "<string>",
        "verified": true
      }
    ],
    "status": "<string>",
    "phone_numbers": [
      {
        "phone_id": "<string>",
        "phone_number": "<string>",
        "verified": true
      }
    ],
    "webauthn_registrations": [
      {
        "webauthn_registration_id": "<string>",
        "domain": "<string>",
        "user_agent": "<string>",
        "verified": true,
        "authenticator_type": "<string>",
        "name": "<string>"
      }
    ],
    "providers": [
      {
        "provider_type": "<string>",
        "provider_subject": "<string>",
        "profile_picture_url": "<string>",
        "locale": "<string>",
        "oauth_user_registration_id": "<string>"
      }
    ],
    "totps": [
      {
        "totp_id": "<string>",
        "verified": true
      }
    ],
    "crypto_wallets": [
      {
        "crypto_wallet_id": "<string>",
        "crypto_wallet_address": "<string>",
        "crypto_wallet_type": "<string>",
        "verified": true
      }
    ],
    "biometric_registrations": [
      {
        "biometric_registration_id": "<string>",
        "verified": true
      }
    ],
    "is_locked": true,
    "roles": [
      "<string>"
    ],
    "name": {
      "first_name": "<string>",
      "middle_name": "<string>",
      "last_name": "<string>"
    },
    "created_at": "<string>",
    "password": {
      "password_id": "<string>",
      "requires_reset": true
    },
    "trusted_metadata": {},
    "untrusted_metadata": {},
    "external_id": "<string>",
    "lock_created_at": "<string>",
    "lock_expires_at": "<string>"
  },
  "status_code": 123
}

A user_id is returned in the response that can then be used to perform other operations within Stytch. An email or a phone_number is required.

Authorizations

Authorization

string

header

required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password.

Body

application/json

Request type

string

The email address of the end user.

name

object

The name of the user. Each field in the name object is optional.

Show child attributes

attributes

object

Show child attributes

phone_number

string

The phone number to use for one-time passcodes. The phone number should be in E.164 format (i.e. +1XXXXXXXXXX). You may use +10000000000 to test this endpoint, see Testing for more detail.

create_user_as_pending

boolean

Flag for whether or not to save a user as pending vs active in Stytch. Defaults to false. If true, users will be saved with status pending in Stytch's backend until authenticated. If false, users will be created as active. An example usage of a true flag would be to require users to verify their phone by entering the OTP code before creating an account for them.

trusted_metadata

object

The trusted_metadata field contains an arbitrary JSON object of application-specific data. See the Metadata reference for complete field behavior details.

untrusted_metadata

object

The untrusted_metadata field contains an arbitrary JSON object of application-specific data. Untrusted metadata can be edited by end users directly via the SDK, and cannot be used to store critical information. See the Metadata reference for complete field behavior details.

external_id

string

An identifier that can be used in API calls wherever a user_id is expected. This is a string consisting of alphanumeric, ., _, -, or | characters with a maximum length of 128 characters.

roles

string[]

Roles to explicitly assign to this User. See the RBAC guide for more information about role assignment.

Response

Successful response

request_id

string

required

Globally unique UUID that is returned with every API call. This value is important to log for debugging purposes; we may ask for this value to help identify a specific API call when helping you debug an issue.

user_id

string

required

The unique ID of the affected User.

email_id

string

required

The unique ID of a specific email address.

status

string

required

The status of the User. The possible values are pending and active.

phone_id

string

required

The unique ID for the phone number.

user

object

required

The user object affected by this API call. See the Get user endpoint for complete response field details.

Show child attributes

status_code

integer<int32>

required

The HTTP status code of the response. Stytch follows standard HTTP response status code patterns, e.g. 2XX values equate to success, 3XX values are redirects, 4XX are client errors, and 5XX are server errors.

⌘I