Risk Cloud API: Create Users

Updated on: January 17, 2022

This article walks through creating Users via the Risk Cloud API.

API Authentication

Prior to any interaction with Risk Cloud API we will need to obtain an Access Token for the Authorization header. Instructions on how the Access Token can be obtained can be found here.

Permissions

Creating a User via the Risk Cloud API requires an Access Token from an Admin Primary account.

Background

In order to create Users in your environment via the Risk Cloud API, we will need to assemble the JSON of the User for an API POST request.

The Create User endpoint can be helpful for integrations that automate the onboarding of new colleagues or teams to the Risk Cloud.

Usage

Creating a User via the Risk Cloud API can be accomplished in two steps:

Configure the User in JSON
Create the User via a request

Configure the User in JSON

Below is a sample JSON body of a User to be created.

{
  "active": true,
  "status": "Active",
  "tier": "SECONDARY",
  "valueType": "User",
  "sendEmail": false,
  "email": "[email protected]",
  "first": "FirstName",
  "last": "LastName",
  "company": "Your Company"
}

The properties of tier, sendEmail, email, first, last, and company should be adjusted to the User you will be creating.

The sendEmail property is important in that if this is true then the system will send an automatic Welcome Message after the User is created.

Additionally, the tier property designates the User's access tier. Values can be:

"PRIMARY" Primary users are users who have access to the Build section of the app (these are typically Admin users).
"SECONDARY" Secondary users are users without access to the Build section (these are typically end-users).
"LIMITED" Limited users are secondary users who only use the platform infrequently (these are typically end-users performing quarterly or annual tasks).

Create the User via a request

Once the JSON for the User you'd like to create has been assembled, you can create the User by placing the JSON in the following request.

curl --request POST 'https://your-company.logicgate.com/api/v1/users' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer {ACCESS_TOKEN}' \
--data-raw '{
"active": true,
"status": "Active",
"tier": "SECONDARY",
"valueType": "User",
"sendEmail": false,
"email": "[email protected]",
"first": "FirstName",
"last": "LastName",
"company": "Your Company"
}'

If successful, the User will be created and the response will contain the new User's information as shown below, including the User ID which can be used for future API requests.

{
  "status":"Active",
  "id":"a4b3c2d1",
  "active":true,
  "created":1629383622871,
  "updated":1629383622932,
  "email":"[email protected]",
  "company":"Your Company",
  "imageUrl":null,
  "imageS3Key":null,
  "status":"Active",
  "tier":"SECONDARY",
  "first":"FirstName",
  "last":"LastName",
  "languageTag":"en-GB",
  "timeZone":"Europe/Kiev",
  "notificationPreference":false,
  "mfaEnabled":false,
  "mfaSetup":false,
  "autoprovisioned":false,
  "scimStatus":null,
  "sendEmail":false,
  "roles":[],
  "stepPermissionSets":[],
  "applicationEntitlements":[],
  "records":[],
  "lastLogin":null,
  "external":false,
  "superUser":false,
  "name":"FirstName LastName",
  "locked":false,
  "idOrTransientId":"a4b3c2d1",
  "transientIdOrId":"a4b3c2d1",
  "empty":false
}

Read Previous API Usage Guides

See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Winter 2023.

10 Purpose-Built GRC Solutions. One Connected Platform.

The Root of the Compliance vs Security Paradox

Upcoming Webinar

Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer