CreateUser

Creates a user account for the specified Amazon Connect instance.

Important

Certain UserIdentityInfo parameters are required in some situations. For example, Email is required if you are using SAML for identity management. FirstName and LastName are required if you are using Amazon Connect or SAML for identity management.

For information about how to create users using the Amazon Connect admin website, see Add Users in the Amazon Connect Administrator Guide.

Request Syntax

PUT /users/InstanceId HTTP/1.1
Content-type: application/json

{
   "DirectoryUserId": "string",
   "HierarchyGroupId": "string",
   "IdentityInfo": { 
      "Email": "string",
      "FirstName": "string",
      "LastName": "string",
      "Mobile": "string",
      "SecondaryEmail": "string"
   },
   "Password": "string",
   "PhoneConfig": { 
      "AfterContactWorkTimeLimit": number,
      "AutoAccept": boolean,
      "DeskPhoneNumber": "string",
      "PhoneType": "string"
   },
   "RoutingProfileId": "string",
   "SecurityProfileIds": [ "string" ],
   "Tags": { 
      "string" : "string" 
   },
   "Username": "string"
}

URI Request Parameters

The request uses the following URI parameters.

InstanceId

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

Length Constraints: Minimum length of 1. Maximum length of 100.

Required: Yes

Request Body

The request accepts the following data in JSON format.

DirectoryUserId

The identifier of the user account in the directory used for identity management. If Amazon Connect cannot access the directory, you can specify this identifier to authenticate users. If you include the identifier, we assume that Amazon Connect cannot access the directory. Otherwise, the identity information is used to authenticate users from your directory.

This parameter is required if you are using an existing directory for identity management in Amazon Connect when Amazon Connect cannot access your directory to authenticate users. If you are using SAML for identity management and include this parameter, an error is returned.

Type: String

Required: No

HierarchyGroupId

The identifier of the hierarchy group for the user.

Type: String

Required: No

IdentityInfo

The information about the identity of the user.

Type: UserIdentityInfo object

Required: No

Password

The password for the user account. A password is required if you are using Amazon Connect for identity management. Otherwise, it is an error to include a password.

Type: String

Pattern: /^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)[a-zA-Z\d\S]{8,64}$/

Required: No

PhoneConfig

The phone settings for the user.

Type: UserPhoneConfig object

Required: Yes

RoutingProfileId

The identifier of the routing profile for the user.

Type: String

Required: Yes

SecurityProfileIds

The identifier of the security profile for the user.

Type: Array of strings

Array Members: Minimum number of 1 item. Maximum number of 10 items.

Required: Yes

Tags

The tags used to organize, track, or control access for this resource. For example, { "Tags": {"key1":"value1", "key2":"value2"} }.

Type: String to string map

Map Entries: Maximum number of 50 items.

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Key Pattern: ^(?!aws:)[\p{L}\p{Z}\p{N}_.:/=+\-@]*$

Value Length Constraints: Maximum length of 256.

Required: No

Username

The user name for the account. For instances not using SAML for identity management, the user name can include up to 20 characters. If you are using SAML for identity management, the user name can include up to 64 characters from [a-zA-Z0-9_-.\@]+.

Username can include @ only if used in an email format. For example:

• Correct: testuser

• Correct: testuser@example.com

• Incorrect: testuser@example

Type: String

Length Constraints: Minimum length of 1. Maximum length of 100.

Required: Yes

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "UserArn": "string",
   "UserId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

UserArn

The Amazon Resource Name (ARN) of the user account.

Type: String

UserId

The identifier of the user account.

Type: String

Errors

For information about the errors that are common to all actions, see Common Errors.

DuplicateResourceException

A resource with the specified name already exists.

HTTP Status Code: 409

InternalServiceException

Request processing failed because of an error or failure with the service.

HTTP Status Code: 500

InvalidParameterException

One or more of the specified parameters are not valid.

HTTP Status Code: 400

InvalidRequestException

The request is not valid.

HTTP Status Code: 400

LimitExceededException

The allowed limit for the resource has been exceeded.

HTTP Status Code: 429

ResourceNotFoundException

The specified resource was not found.

HTTP Status Code: 404

ThrottlingException

The throttling limit has been exceeded.

HTTP Status Code: 429

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS Command Line Interface

• AWS SDK for .NET

• AWS SDK for C++

• AWS SDK for Go v2

• AWS SDK for Java V2

• AWS SDK for JavaScript V3

• AWS SDK for PHP V3

• AWS SDK for Python

• AWS SDK for Ruby V3