Request Syntax URI Request Parameters Request Body Response Syntax Response Elements Errors See Also

CreateUser

Creates a new user in FinSpace.

Request Syntax


POST /user HTTP/1.1
Content-type: application/json

{
   "ApiAccess": "string",
   "apiAccessPrincipalArn": "string",
   "clientToken": "string",
   "emailAddress": "string",
   "firstName": "string",
   "lastName": "string",
   "type": "string"
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

emailAddress

The email address of the user that you want to register. The email address serves as a uniquer identifier for each user and cannot be changed after it's created.

Type: String

Length Constraints: Minimum length of 4. Maximum length of 320.

Pattern: [A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}

Required: Yes

type

The option to indicate the type of user. Use one of the following options to specify this parameter:

SUPER_USER – A user with permission to all the functionality and data in FinSpace.
APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permission group.

Type: String

Valid Values: SUPER_USER | APP_USER

Required: Yes

ApiAccess

The option to indicate whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.

ENABLED – The user has permissions to use the APIs.
DISABLED – The user does not have permissions to use any APIs.

Type: String

Valid Values: ENABLED | DISABLED

Required: No

apiAccessPrincipalArn

The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$

Required: No

clientToken

A token that ensures idempotency. This token expires in 10 minutes.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: No

firstName

The first name of the user that you want to register.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 50.

Pattern: .*\S.*

Required: No

lastName

The last name of the user that you want to register.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 50.

Pattern: .*\S.*

Required: No

Response Syntax


HTTP/1.1 200
Content-type: application/json

{
   "userId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

userId

The unique identifier for the user.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 26.

Pattern: .*\S.*

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ConflictException

The request conflicts with an existing resource.

HTTP Status Code: 409

InternalServerException

The request processing has failed because of an unknown error, exception or failure.

HTTP Status Code: 500

LimitExceededException

A limit has exceeded.

HTTP Status Code: 400

ThrottlingException

The request was denied due to request throttling.

HTTP Status Code: 429

ValidationException

The input fails to satisfy the constraints specified by an AWS service.

HTTP Status Code: 400