Create user

import requests

url = "https://{FUSION HOST}/api/users"

payload = {
    "username": "new-user-test",
    "password": "1testpassword",
    "roleNames": ["search", "developer"],
    "timezone": "Mountain Time (US & Canada)",
    "permissions": [{ "methods": ["GET", "POST", "PUT"] }]
}
headers = {"Content-Type": "application/json"}

response = requests.post(url, json=payload, headers=headers)

print(response.text)

{
  "id": "be0885f2-9885-4c46-f3ea-8e5d0041c292",
  "username": "1new-user-test",
  "realmName": "native",
  "createdAt": "2025-10-30T21:59:01Z",
  "roleNames": [
    "search",
    "developer"
  ],
  "timezone": "Mountain Time (US & Canada)",
  "permissions": [
    {
      "methods": [
        "PUT",
        "POST",
        "GET"
      ]
    }
  ]
}

Create user

Create a new user.

This API should only be called to manage users in the native security realm, which manages both authentication and authorization within the Fusion UI. Users from other security realms, such as LDAP or SAML, are managed directly by the Fusion auth proxy access control component. It referred to as the auth proxy because it handles both authentication and authorization for all requests to the Fusion REST API services for SSO services.

Before working with the User API to create a user, be sure the native security realm is set up and ready.

POST

users

Create user

import requests

url = "https://{FUSION HOST}/api/users"

payload = {
    "username": "new-user-test",
    "password": "1testpassword",
    "roleNames": ["search", "developer"],
    "timezone": "Mountain Time (US & Canada)",
    "permissions": [{ "methods": ["GET", "POST", "PUT"] }]
}
headers = {"Content-Type": "application/json"}

response = requests.post(url, json=payload, headers=headers)

print(response.text)

{
  "id": "be0885f2-9885-4c46-f3ea-8e5d0041c292",
  "username": "1new-user-test",
  "realmName": "native",
  "createdAt": "2025-10-30T21:59:01Z",
  "roleNames": [
    "search",
    "developer"
  ],
  "timezone": "Mountain Time (US & Canada)",
  "permissions": [
    {
      "methods": [
        "PUT",
        "POST",
        "GET"
      ]
    }
  ]
}

Body

application/json

username

string

required

string

realmName

string

default:native

password

string

Passwords must contain alpha+numeric chars and have a length of 8-20. Additional non-newline chars are allowed.

passwordHash

string

roleNames

string[]

Indicates which roles are dynamically applied to users in the realm.

timezone

string

Example:

"Pacific Time (US & Canada)"

permissions

object[]

Show child attributes

permissions.methods

enum<string>[]

Available options:

GET,

POST,

PUT,

DELETE,

HEAD,

PATCH,

OPTIONS

permissions.path

string

Example:

"/"

permissions.params

object

Show child attributes

permissions.params.{key}

string[]

realm

string

roles

string[]

One or more user roles. Use GET /roles to get the list of existing roles.

Response

Created

string

Example:

"fe0885f2-8885-4c46-a3ea-8e5d0041c293"

username

string

Example:

"admin"

realmName

string

Example:

"ldap-internal"

createdAt

string<date-time>

Example:

"2025-09-23T17:48:07Z"

updatedAt

string<date-time>

Example:

"2025-10-31T12:28:04Z"

roleNames

string[]

Indicates which roles are dynamically applied to users in the realm.

Example:

["search", "developer"]

timezone

string

Example:

"Pacific Time (US & Canada)"

permissions

object[]

Show child attributes

permissions.methods

enum<string>[]

Available options:

GET,

POST,

PUT,

DELETE,

HEAD,

PATCH,

OPTIONS

permissions.path

string

Example:

"/"

permissions.params

object

Show child attributes

permissions.params.{key}

string[]

List users Get a user

⌘I

Admin

Apps Manager

Async Parsing

Connectors

Indexing

Job Config

Job Launcher

Job Rest Server

ML Model Service

Proxy

Query

Templating

Create user

Body

Response