- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Create a new user in your Okta organization with or without credentials.
항목
유형
설명
activate
boolean
Whether to automatically activate the user after creation.
login [required]
string
Unique identifier for the user (username
).
email [required]
string
Primary email address of user.
secondEmail
string
Secondary email address of user typically used for account recovery.
firstName [required]
string
Given name of the user (givenName
).
lastName [required]
string
Family name of the user (familyName
).
middleName
string
Middle name(s) of the user.
honorificPrefix
string
Honorific prefix(es) of the user, or title in most Western languages.
honorificSuffix
string
Honorific suffix(es) of the user.
title
string
User's title, such as "Vice President".
displayName
string
Name of the user, suitable for display to end users.
nickName
string
Casual way to address the user in real life.
profileUrl
string
URL of user's online profile (for example: a web page).
primaryPhone
string
Primary phone number of user such as home number.
mobilePhone
string
Mobile phone number of user.
streetAddress
string
Full street address component of user's address.
city
string
City or locality component of user's address (locality
).
state
string
State or region component of user's address (region
).
zipCode
string
ZIP code or postal code component of user's address (postalCode
).
countryCode
string
Country name component of user's address (country
).
postalAddress
string
Mailing address component of user's address.
preferredLanguage
string
User's preferred written or spoken languages.
locale
string
User's default location for purposes of localizing items such as currency, date time format, numerical representations, and so on.
timezone
string
User's time zone
userType
string
Used to describe the organization to user relationship such as "Employee" or "Contractor".
employeeNumber
string
Organization or company assigned unique identifier for the user.
costCenter
string
Name of a cost center assigned to user.
organization
string
Name of user's organization.
division
string
Name of user's division.
department
string
Name of user's department.
managerId
string
ID of a user's manager.
manager
string
Display name of the user's manager.
credentials
object
A credential object that specifies primary authentication and recovery credentials for a user. Credential types and requirements vary depending on the provider and security policy of the organization.
provider [required]
object
type [required]
enum
name
string
password
object
value
string
hash
object
algorithm [required]
enum
The algorithm used to generate the hash using the password (and salt, when applicable).
Allowed enum values: BCRYPT,SHA-512,SHA-256,SHA-1,MD5,PBKDF2
value [required]
string
salt
string
Only required for salted hashes. For BCRYPT
, this specifies the radix64-encoded salt used to generate the hash, which must be 22 characters long. For other salted hashes, this specifies the base64-encoded salt used to generate the hash.
workFactor
number
Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm. Minimum value is 1, and maximum is 20.
saltOrder
string
Specifies whether salt was pre- or postfixed to the password before hashing. Only required for salted algorithms.
iterationCount
number
The number of iterations used when hashing passwords using PBKDF2. Must be >= 4096. Only required for PBKDF2
algorithm.
keySize
number
Size of the derived key in bytes. Only required for PBKDF2
algorithm.
digestAlgorithm
enum
Algorithm used to generate the key. Only required for the PBKDF2
algorithm.
Allowed enum values: SHA256_HMAC,SHA512_HMAC
hook
object
type [required]
string
The type of password inline hook. Currently, must be set to default.
recovery_question
object
question
string
answer
string
groupIds
[string]
requirePasswordChange
boolean
A user is created, activated, and the password is set to EXPIRED, so the user must change it the next time they log in.
항목
유형
설명
user [required]
object
id [required]
string
Unique ID for user.
status [required]
enum
Current status of user.
Allowed enum values: STAGED,PROVISIONED,ACTIVE,RECOVERY,LOCKED_OUT,PASSWORD_EXPIRED,SUSPENDED,DEPROVISIONED
created [required]
date-time
Timestamp when user was created.
activated [required]
date-time
Timestamp when user transitioned to ACTIVE
status.
statusChanged
date-time
Timestamp when status last changed.
lastLogin
date-time
Timestamp of last login.
lastUpdated [required]
date-time
Timestamp when user was last updated.
passwordChanged
date-time
Timestamp when password last changed.
type [required]
object
User type that determines the schema for the user's profile.
id [required]
string
transitioningToStatus
enum
Target status of an in-progress asynchronous status transition.
Allowed enum values: PROVISIONED,ACTIVE,DEPROVISIONED
profile
object
login [required]
string
Unique identifier for the user (username
).
email [required]
string
Primary email address of user.
secondEmail
string
Secondary email address of user typically used for account recovery.
firstName [required]
string
Given name of the user (givenName
).
lastName [required]
string
Family name of the user (familyName
).
middleName
string
Middle name(s) of the user.
honorificPrefix
string
Honorific prefix(es) of the user, or title in most Western languages.
honorificSuffix
string
Honorific suffix(es) of the user.
title
string
User's title, such as "Vice President".
displayName
string
Name of the user, suitable for display to end users.
nickName
string
Casual way to address the user in real life.
profileUrl
string
URL of user's online profile (for example: a web page).
primaryPhone
string
Primary phone number of user such as home number.
mobilePhone
string
Mobile phone number of user.
streetAddress
string
Full street address component of user's address.
city
string
City or locality component of user's address (locality
).
state
string
State or region component of user's address (region
).
zipCode
string
ZIP code or postal code component of user's address (postalCode
).
countryCode
string
Country name component of user's address (country
).
postalAddress
string
Mailing address component of user's address.
preferredLanguage
string
User's preferred written or spoken languages.
locale
string
User's default location for purposes of localizing items such as currency, date time format, numerical representations, and so on.
timezone
string
User's time zone
userType
string
Used to describe the organization to user relationship such as "Employee" or "Contractor".
employeeNumber
string
Organization or company assigned unique identifier for the user.
costCenter
string
Name of a cost center assigned to user.
organization
string
Name of user's organization.
division
string
Name of user's division.
department
string
Name of user's department.
managerId
string
ID of a user's manager.
manager
string
Display name of the user's manager.
credentials
object
User's primary authentication and recovery credentials.
provider [required]
object
type [required]
enum
name
string
password
object
value
string
hash
object
algorithm [required]
enum
The algorithm used to generate the hash using the password (and salt, when applicable).
Allowed enum values: BCRYPT,SHA-512,SHA-256,SHA-1,MD5,PBKDF2
value [required]
string
salt
string
Only required for salted hashes. For BCRYPT
, this specifies the radix64-encoded salt used to generate the hash, which must be 22 characters long. For other salted hashes, this specifies the base64-encoded salt used to generate the hash.
workFactor
number
Governs the strength of the hash and the time required to compute it. Only required for BCRYPT algorithm. Minimum value is 1, and maximum is 20.
saltOrder
string
Specifies whether salt was pre- or postfixed to the password before hashing. Only required for salted algorithms.
iterationCount
number
The number of iterations used when hashing passwords using PBKDF2. Must be >= 4096. Only required for PBKDF2
algorithm.
keySize
number
Size of the derived key in bytes. Only required for PBKDF2
algorithm.
digestAlgorithm
enum
Algorithm used to generate the key. Only required for the PBKDF2
algorithm.
Allowed enum values: SHA256_HMAC,SHA512_HMAC
hook
object
type [required]
string
The type of password inline hook. Currently, must be set to default.
recovery_question
object
question
string
answer
string
_links
object
_embedded
object