Help Center> Identity and Access Management> API Reference> API> IAM User Management> Creating an IAM User (Recommended)

Creating an IAM User (Recommended)

Function

This API is provided for the administrator to create an IAM user.

The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.

URI

POST /v3.0/OS-USER/users

Request Parameters

**Table 1** Parameters in the request header
Parameter	Mandatory	Type	Description
Content-Type	Yes	String	Fill application/json;charset=utf8 in this field.
X-Auth-Token	Yes	String	Token with Security Administrator permissions.

**Table 2** Parameters in the request body
Parameter	Mandatory	Type	Description
user	Yes	Object	IAM user information.

**Table 3** user
Parameter	Mandatory	Type	Description
name	Yes	String	IAM user name, which consists of 1 to 32 characters. It can contain letters, digits, spaces, hyphens (-), underscores (_), and periods (.) and cannot start with a digit.
domain_id	Yes	String	Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.
password	No	String	Password of the user. The password must meet the following requirements:
email	No	String	Email address with a maximum of 255 characters.
areacode	No	String	Country code. The country code must be used together with a mobile number. The country code of the Chinese mainland is 0086.
phone	No	String	Mobile number with a maximum of 32 digits. The mobile number must be used together with a country code.
enabled	No	Boolean	Enabling status of the IAM user. true (default value) indicates that the user is enabled. false indicates that the user is disabled.
pwd_status	No	Boolean	Indicates whether password reset is required at the first login. By default, password reset is required.
xuser_type	No	String	Type of the IAM user in the external system. The user type can contain a maximum of 64 characters. xuser_type must be used together with xuser_id and will be verified based on xaccount_type and xdomain_type of the same account. NOTE: An external system refers to an enterprise management system connected to HUAWEI CLOUD. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from HUAWEI CLOUD. Please contact your enterprise administrator.
xuser_id	No	String	ID of the IAM user in the external system. The user ID can contain a maximum of 128 characters, and must be used together with xuser_type. NOTE: An external system refers to an enterprise management system connected to HUAWEI CLOUD. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from HUAWEI CLOUD. Please contact your enterprise administrator.
access_mode	No	String	Access type of the IAM user. default: programmatic access and management console access. This option is the default access type. programmatic: programmatic access console: management console access
description	No	String	Description of the IAM user.

Response Parameters

**Table 4** Parameters in the response body
Parameter	Type	Description
user	Object	IAM user information.

**Table 5** user
Parameter	Type	Description
status	Integer	Status of the IAM user.
pwd_status	Boolean	Indicates whether password reset is required at the first login.
xuser_id	String	ID of the IAM user in the external system. NOTE: An external system refers to an enterprise management system connected to HUAWEI CLOUD. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from HUAWEI CLOUD. Please contact your enterprise administrator.
xuser_type	String	Type of the IAM user in the external system. NOTE: An external system refers to an enterprise management system connected to HUAWEI CLOUD. Parameters xaccount_type, xaccount_id, xdomain_type, xdomain_id, xuser_type, and xuser_id cannot be obtained from HUAWEI CLOUD. Please contact your enterprise administrator.
access_mode	String	Access type of the IAM user. default: programmatic access and management console access. This option is the default access type. programmatic: programmatic access console: management console access
description	String	Description of the IAM user.
name	String	IAM user name with 5 to 32 characters. The username can contain special characters, but only hyphens (-), underscores (_), and spaces are allowed. It cannot start with a digit.
phone	String	Mobile number with a maximum of 32 digits. The mobile number must be used together with a country code.
is_domain_owner	Boolean	Indicates whether the IAM user is an account administrator.
domain_id	String	ID of the account to which the IAM user belongs.
enabled	Boolean	Enabling status of the IAM user. true (default value) indicates that the user is enabled. false indicates that the user is disabled.
areacode	String	Country code. The country code of the Chinese mainland is 0086.
email	String	Email address.
create_time	String	Time when the IAM user was created.
xdomain_id	String	Customer code of the business entity.
xdomain_type	String	Business entity.
id	String	IAM user ID.
password_expires_at	String	UTC time when the password will expire. null indicates that the password has unlimited validity.

Example Request

POST https://iam.myhuaweicloud.com/v3.0/OS-USER/users

{
    "user": {
        "domain_id": "d78cbac186b744899480f25...",
        "name": "IAMUser",
        "password": "IAMPassword@",
        "email": "IAMEmail@huawei.com",
        "areacode": "0086",
        "phone": "12345678910",
        "enabled": true,
        "pwd_status": false,
        "xuser_type": "",
        "xuser_id": "",
        "access_mode" : "default",
        "description": "IAMDescription"
    }
}

Example Response

Status code: 201

The IAM user is created successfully.

{
    "user": {
        "pwd_status": false,
        "xuser_id": "",
        "xuser_type": "",
        "access_mode" : "default",
        "description": "IAMDescription",
        "name": "IAMUser",
        "phone": "12345678910",
        "is_domain_owner": false,
        "enabled": true,
        "domain_id": "d78cbac186b744899480f25bd...",
        "areacode": "0086",
        "email": "IAMEmail@huawei.com",
        "create_time": "2020-01-06T08:05:16.000000",
        "xdomain_id": "",
        "xdomain_type": "",
        "id": "07664aec578026691f00c003a..."
    }
}

Status Codes

Status Code	Description
201	The IAM user is created successfully.
400	Invalid parameters.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.
405	The method specified in the request is not allowed for the requested resource.
409	A resource conflict occurs.
413	The request entity is too large.
500	Internal server error.
503	Service unavailable.

Error Codes

See Error Codes.

Parent topic: IAM User Management

Last Article: Querying the IAM Users in a Group

Next Article: Creating an IAM User

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English