This web service registers a new account for an internal realm user.
Method | Endpoint |
---|---|
POST |
/api/users/register |
Request example
The following lines show an example of a JSON request body:
{
"name": "A User",
"emailAddress": "user@mail.com",
"password": "User's password",
"privacyPolicyAgreement": false
}
Field | Type | Required? | Description |
---|---|---|---|
name |
String | Yes | Expects the name of the new user. |
emailAddress |
String | Yes | Expects the new user's email address. |
password |
String | Yes | Expects the new user's password. |
privacyPolicyAgreement |
Boolean | Yes | Defines whether the user accepts the legal terms. Possible values are true or false . |
- This web service can only add a new user account for an internal realm. An internal realm must therefore be available for the portal in order to call this web service.
- The password must meet the security requirements defined for the internal realm.
- The behavior of this web service depends on the registration type. If the registration type is
Public
, Fluid Topics does not send an email asking the new user to confirm their account. If the registration type isVerified
, Fluid Topics does send an email asking the new user to confirm their account. This web service is open to all users if the registration type isPublic
orVerified
. If the registration type isClosed
, only users with theADMIN
orUSERS_ADMIN
role can use this web service. - In compliance with the OWASP Secure Software Development Lifecycle Requirement #2.3.1, tokens to activate an account expire after a short period (2 hours).
Since the password
parameter expects a plain-text string, the user must reset their password after logging in for the first time.
Return code | Description |
---|---|
201 CREATED |
The request is valid and the user was created. |
400 BAD REQUEST |
One or more required parameters are missing, the email address is invalid, or the password does not comply with security requirements. |
401 UNAUTHORIZED |
The authorization header was not provided or is invalid. |
403 FORBIDDEN |
The user or API key does not have the ADMIN or USERS_ADMIN role. |
For a comprehensive list of all possible return codes, see Return codes.
Response body
The following lines show an example of a JSON response body:
{
"id": "a43eb18a-3f48-4732-9389-61b540ce9d0d",
"displayName": "A User",
"emailAddress": "user@mail.com",
"needsVerification": false
}
Field | Type | Description |
---|---|---|
id |
String | The user's identifier. |
displayName |
String | The user's name as it appears in the portal. |
emailAddress |
String | The user's email address. |
needsVerification |
String | Defines whether the user needs to confirm their account in an email received from Fluid Topics. |