Import external user

POST/admin/v1/users/{userId}:import

Import user from external identity provider if they don't already exist. If the user already exists in UserHub, this is a no-op.

path parameters

userId
string
Required
The identifier of the user.
This must be in the format <externalId>@<connectionId> where externalId is the identity provider user identifier and and connectionId is the User Provider connection identifier.

Returns

id
string
The system-assigned identifier of the user.
state
enum
The current state of the user.
Possible values:
ACTIVEDISABLEDARCHIVEDPENDING_DELETION
stateReason
string
The code that best describes the reason for the state.
uniqueId
string
The client defined unique identifier of the user account.
displayName
string
The human-readable display name of the user.
email
string
The email address of the user.
emailVerified
boolean
Whether the user's email address has been verified.
phoneNumber
string
The E164 phone number for the user (e.g. +12125550123).
phoneNumberVerified
boolean
Whether the user's phone number has been verified.
imageUrl
string
The photo/avatar URL of the user.
currencyCode
string
The default ISO-4217 currency code for the user (e.g. USD).
languageCode
string
The IETF BCP-47 language code for the user (e.g. en).
regionCode
string
The country/region code for the user (e.g. US).
timeZone
string
The IANA time zone for the user (e.g. America/New_York).
address
Address
The default address for the user.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
accountConnections
AccountConnection[]
The connected accounts.
connection
Connection
The tenant connection.
id
string
The system-assigned identifier of the connection.
uniqueId
string
The client defined unique identifier of the connection.
It is restricted to letters, numbers, underscores, and hyphens, with the first character a letter or a number, and a 255 character maximum.
ID's starting with conn_ are reserved.
displayName
string
The human-readable display name of the connection.
The maximum length is 200 characters.
state
enum
The current status of the connection.
Possible values:
PENDING_SETUPACTIVEBROKENDISABLEDARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The connection type.
Possible values:
AMAZON_COGNITOAUTH0BUILTIN_EMAILCUSTOM_USERSGOOGLE_CLOUD_IDENTITY_PLATFORMPOSTMARKSTRIPEWEBHOOK
delegate
ConnectionDelegate
The delegated connection.
id
string
The delegated connection identifier.
uniqueId
string
The client defined unique identifier of the delegated connection.
displayName
string
The human-readable display name of the delegated connection.
state
enum
The current status of the delegated connection.
Possible values:
PENDING_SETUPACTIVEBROKENDISABLEDARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The delegated connection type.
Possible values:
AMAZON_COGNITOAUTH0BUILTIN_EMAILCUSTOM_USERSGOOGLE_CLOUD_IDENTITY_PLATFORMPOSTMARKSTRIPEWEBHOOK
providers
ConnectionProvider[]
The connection providers.
type
enum
The provider type.
Possible values:
ACCOUNTBILLINGEMAILUSER
default
boolean
Whether the connection is the default for the provider type.
createTime
date-time
The creation time of the connection.
updateTime
date-time
The last update time of the connection.
amazonCognito
AmazonCognitoConnection
The Amazon Cognito connection data.
userPoolId
string
The Amazon Cognito user pool ID.
region
string
The Amazon region.
accessKeyId
string
The Amazon access key ID.
accessKeySecret
string
The Amazon access key secret.
oidc
OidcConfig
OpenID Connect (OIDC) configuration.
If configured, this can be used instead of implementing a Portal callback.
issuerUrl
string
The issuer URL.
clientId
string
The client ID.
clientSecret
string
The client secret.
auth0
Auth0Connection
The Auth0 connection data.
domain
string
The Auth0 domain.
clientId
string
The Auth0 client ID.
clientSecret
string
The Auth0 client secret.
oidc
OidcConfig
OpenID Connect (OIDC) configuration.
If configured, this can be used instead of implementing a Portal callback.
issuerUrl
string
The issuer URL.
clientId
string
The client ID.
clientSecret
string
The client secret.
builtinEmail
BuiltinEmailConnection
The builtin email configuration data.
allowedEmails
string[]
The allowed email list.
googleCloudIdentityPlatform
GoogleCloudIdentityPlatformConnection
The Google Cloud Identity Platform (Firebase Auth) connection.
credentials
string
The service account key in JSON format.
projectId
string
The Google Cloud Identity Platform/Firebase project ID.
This will default to the project ID in the service account key if not specified.
postmark
PostmarkConnection
The Postmark configuration data.
serverToken
string
The Postmark server token (e.g. 942faf79-bf10-4dc1-830a-dc7943f43f35).
serverId
string
The Postmark server ID.
This is automatically populated when the server token is updated.
from
Email
The from email address.
The Postmark account must be allowed to send from this email address.
address
string
The email address (e.g. [email protected]).
displayName
string
The email name (e.g. Jane Doe).
replyTo
Email
The reply to email address.
address
string
The email address (e.g. [email protected]).
displayName
string
The email name (e.g. Jane Doe).
allowedEmails
string[]
The allowed email list.
stripe
StripeConnection
The Stripe billing configuration data.
accountId
string
The Stripe account ID (e.g. acct_1LcUvxQYGbxD2SPK)
live
boolean
The live vs test status for the Stripe account.
webhook
WebhookConnection
The webhooks configuration data.
url
string
The URL of the events webhook.
headers
string
The headers sent with requests to the connection URL.
signingSecrets
SigningSecret[]
The webhook secrets
secret
string
The signing secret value.
expireTime
date-time
The time the signing secret is set to expire.
externalId
string
The external identifier of the connected account.
adminUrl
string
The external admin URL for the connected account.
state
enum
The status of the connected account.
Possible values:
ACTIVEBROKENDISABLED
stateReason
string
The code that best describes the reason for the state.
displayName
string
The human-readable display name of the external account.
email
string
The email address of the external account.
emailVerified
boolean
Whether the external account's email address has been verified.
phoneNumber
string
The E164 phone number for the external account (e.g. +12125550123).
phoneNumberVerified
boolean
Whether the external account's phone number has been verified.
address
Address
The billing address for the external account.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
currencyCode
string
The currency code for the account.
balanceAmount
string
The balance amount for the account.
A negative value indicates an amount which will be subtracted from the next invoice (credit).
A positive value indicates an amount which will be added to the next invoice (debt).
paymentMethods
PaymentMethod[]
The payment methods for connections that support it.
id
string
The system-assigned identifier of the payment method.
externalId
string
The external identifier of the connected payment method.
state
enum
The status of the connected payment method.
Possible values:
ACTIVEBROKENARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The payment method type.
Possible values:
CARDUNKNOWN
displayName
string
A human-readable description of the payment method.
This can be used to show a description of the payment method when the type is UNKNOWN or not explicitly handled.
fullName
string
The full name of the owner of the payment method.
address
Address
The address for the payment method.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
default
boolean
Whether the payment method is the default for the connected account.
lastPaymentError
Status
The last payment error.
This will be unset if the payment method is updated or if a payment succeeds.
code
enum
The general error code (e.g. INVALID_ARGUMENT).
Possible values:
OKCANCELLEDUNKNOWNINVALID_ARGUMENTDEADLINE_EXCEEDEDNOT_FOUNDALREADY_EXISTSPERMISSION_DENIEDUNAUTHENTICATEDRESOURCE_EXHAUSTEDFAILED_PRECONDITIONABORTEDOUT_OF_RANGEUNIMPLEMENTEDINTERNALUNAVAILABLEDATA_LOSS
message
string
A developer-facing error message.
reason
string
A reason code for the error (e.g. USER_PENDING_DELETION).
param
string
The parameter path related to the error (e.g. member.userId).
metadata
string
Additional metadata related to the error.
localeMessage
string
A user-facing error message.
pullTime
date-time
The last time the payment method was pulled from the connection.
createTime
date-time
The creation time of the payment method connection.
updateTime
date-time
The last update time of the payment method connection.
card
CardPaymentMethod
Card payment method (e.g. Visa credit card).
brand
enum
The brand of the card (e.g. VISA).
Possible values:
AMERICAN_EXPRESSDINERS_CLUBDISCOVERJCBMASTERCARDUNIONPAYVISA
last4
string
The last for digits of the card.
fundingType
enum
The funding method for the card (e.g. DEBIT).
Possible values:
CREDITDEBITPREPAID
expYear
int32
The expiration year.
expMonth
int32
The expiration month.
pullTime
date-time
The last time the account was pulled from the connection.
pushTime
date-time
The last time the account was pushed to the connection.
createTime
date-time
The creation time of the account connection.
updateTime
date-time
The last update time of the account connection.
subscription
AccountSubscription
The user's default active individual subscription.
See memberships for organization subscription and seat information.
id
string
The system-assigned identifier of the subscription.
state
enum
The state of the subscription.
Possible values:
TRIALINGCHECKOUT_ISSUEACTIVEPAST_DUEPAUSED
anchorTime
date-time
The anchor time of the billing cycle.
plan
AccountSubscriptionPlan
The plan.
id
string
The identifier of the plan.
displayName
string
The human-readable display name of the plan.
product
AccountSubscriptionProduct
The plan product.
id
string
The system-assigned identifier of the product.
uniqueId
string
The client defined unique identifier of the product.
displayName
string
The human-readable display name of the product.
memberships
Membership[]
The user's organization memberships.
organization
Organization
The organization.
id
string
The system-assigned identifier of the organization.
state
enum
The current state of the organization.
Possible values:
ACTIVEDISABLEDARCHIVEDPENDING_DELETION
stateReason
string
The code that best describes the reason for the state.
uniqueId
string
The client defined unique identifier of the organization account.
displayName
string
The human-readable display name of the organization.
email
string
The email address of the organization.
emailVerified
boolean
Whether the organization's email address has been verified.
phoneNumber
string
The E164 phone number for the organization (e.g. +12125550123).
phoneNumberVerified
boolean
Whether the organization's phone number has been verified.
imageUrl
string
The photo/avatar URL of the organization.
currencyCode
string
The default ISO-4217 currency code for the organization (e.g. USD).
languageCode
string
The IETF BCP-47 language code for the organization (e.g. en).
regionCode
string
The country/region code for the organization (e.g. US).
timeZone
string
The IANA time zone for the organization (e.g. America/New_York).
address
Address
The default address for the organization.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
accountConnections
AccountConnection[]
The connected accounts.
connection
Connection
The tenant connection.
id
string
The system-assigned identifier of the connection.
uniqueId
string
The client defined unique identifier of the connection.
It is restricted to letters, numbers, underscores, and hyphens, with the first character a letter or a number, and a 255 character maximum.
ID's starting with conn_ are reserved.
displayName
string
The human-readable display name of the connection.
The maximum length is 200 characters.
state
enum
The current status of the connection.
Possible values:
PENDING_SETUPACTIVEBROKENDISABLEDARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The connection type.
Possible values:
AMAZON_COGNITOAUTH0BUILTIN_EMAILCUSTOM_USERSGOOGLE_CLOUD_IDENTITY_PLATFORMPOSTMARKSTRIPEWEBHOOK
delegate
ConnectionDelegate
The delegated connection.
id
string
The delegated connection identifier.
uniqueId
string
The client defined unique identifier of the delegated connection.
displayName
string
The human-readable display name of the delegated connection.
state
enum
The current status of the delegated connection.
Possible values:
PENDING_SETUPACTIVEBROKENDISABLEDARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The delegated connection type.
Possible values:
AMAZON_COGNITOAUTH0BUILTIN_EMAILCUSTOM_USERSGOOGLE_CLOUD_IDENTITY_PLATFORMPOSTMARKSTRIPEWEBHOOK
providers
ConnectionProvider[]
The connection providers.
type
enum
The provider type.
Possible values:
ACCOUNTBILLINGEMAILUSER
default
boolean
Whether the connection is the default for the provider type.
createTime
date-time
The creation time of the connection.
updateTime
date-time
The last update time of the connection.
amazonCognito
AmazonCognitoConnection
The Amazon Cognito connection data.
userPoolId
string
The Amazon Cognito user pool ID.
region
string
The Amazon region.
accessKeyId
string
The Amazon access key ID.
accessKeySecret
string
The Amazon access key secret.
oidc
OidcConfig
OpenID Connect (OIDC) configuration.
If configured, this can be used instead of implementing a Portal callback.
issuerUrl
string
The issuer URL.
clientId
string
The client ID.
clientSecret
string
The client secret.
auth0
Auth0Connection
The Auth0 connection data.
domain
string
The Auth0 domain.
clientId
string
The Auth0 client ID.
clientSecret
string
The Auth0 client secret.
oidc
OidcConfig
OpenID Connect (OIDC) configuration.
If configured, this can be used instead of implementing a Portal callback.
issuerUrl
string
The issuer URL.
clientId
string
The client ID.
clientSecret
string
The client secret.
builtinEmail
BuiltinEmailConnection
The builtin email configuration data.
allowedEmails
string[]
The allowed email list.
googleCloudIdentityPlatform
GoogleCloudIdentityPlatformConnection
The Google Cloud Identity Platform (Firebase Auth) connection.
credentials
string
The service account key in JSON format.
projectId
string
The Google Cloud Identity Platform/Firebase project ID.
This will default to the project ID in the service account key if not specified.
postmark
PostmarkConnection
The Postmark configuration data.
serverToken
string
The Postmark server token (e.g. 942faf79-bf10-4dc1-830a-dc7943f43f35).
serverId
string
The Postmark server ID.
This is automatically populated when the server token is updated.
from
Email
The from email address.
The Postmark account must be allowed to send from this email address.
address
string
The email address (e.g. [email protected]).
displayName
string
The email name (e.g. Jane Doe).
replyTo
Email
The reply to email address.
address
string
The email address (e.g. [email protected]).
displayName
string
The email name (e.g. Jane Doe).
allowedEmails
string[]
The allowed email list.
stripe
StripeConnection
The Stripe billing configuration data.
accountId
string
The Stripe account ID (e.g. acct_1LcUvxQYGbxD2SPK)
live
boolean
The live vs test status for the Stripe account.
webhook
WebhookConnection
The webhooks configuration data.
url
string
The URL of the events webhook.
headers
string
The headers sent with requests to the connection URL.
signingSecrets
SigningSecret[]
The webhook secrets
secret
string
The signing secret value.
expireTime
date-time
The time the signing secret is set to expire.
externalId
string
The external identifier of the connected account.
adminUrl
string
The external admin URL for the connected account.
state
enum
The status of the connected account.
Possible values:
ACTIVEBROKENDISABLED
stateReason
string
The code that best describes the reason for the state.
displayName
string
The human-readable display name of the external account.
email
string
The email address of the external account.
emailVerified
boolean
Whether the external account's email address has been verified.
phoneNumber
string
The E164 phone number for the external account (e.g. +12125550123).
phoneNumberVerified
boolean
Whether the external account's phone number has been verified.
address
Address
The billing address for the external account.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
currencyCode
string
The currency code for the account.
balanceAmount
string
The balance amount for the account.
A negative value indicates an amount which will be subtracted from the next invoice (credit).
A positive value indicates an amount which will be added to the next invoice (debt).
paymentMethods
PaymentMethod[]
The payment methods for connections that support it.
id
string
The system-assigned identifier of the payment method.
externalId
string
The external identifier of the connected payment method.
state
enum
The status of the connected payment method.
Possible values:
ACTIVEBROKENARCHIVED
stateReason
string
The code that best describes the reason for the state.
type
enum
The payment method type.
Possible values:
CARDUNKNOWN
displayName
string
A human-readable description of the payment method.
This can be used to show a description of the payment method when the type is UNKNOWN or not explicitly handled.
fullName
string
The full name of the owner of the payment method.
address
Address
The address for the payment method.
lines
string[]
The address lines.
city
string
The city, district, suburb, town, or village.
state
string
The state, country, province, or region.
postalCode
string
The ZIP or postal code.
country
string
The 2-letter country code.
default
boolean
Whether the payment method is the default for the connected account.
lastPaymentError
Status
The last payment error.
This will be unset if the payment method is updated or if a payment succeeds.
code
enum
The general error code (e.g. INVALID_ARGUMENT).
Possible values:
OKCANCELLEDUNKNOWNINVALID_ARGUMENTDEADLINE_EXCEEDEDNOT_FOUNDALREADY_EXISTSPERMISSION_DENIEDUNAUTHENTICATEDRESOURCE_EXHAUSTEDFAILED_PRECONDITIONABORTEDOUT_OF_RANGEUNIMPLEMENTEDINTERNALUNAVAILABLEDATA_LOSS
message
string
A developer-facing error message.
reason
string
A reason code for the error (e.g. USER_PENDING_DELETION).
param
string
The parameter path related to the error (e.g. member.userId).
metadata
string
Additional metadata related to the error.
localeMessage
string
A user-facing error message.
pullTime
date-time
The last time the payment method was pulled from the connection.
createTime
date-time
The creation time of the payment method connection.
updateTime
date-time
The last update time of the payment method connection.
card
CardPaymentMethod
Card payment method (e.g. Visa credit card).
brand
enum
The brand of the card (e.g. VISA).
Possible values:
AMERICAN_EXPRESSDINERS_CLUBDISCOVERJCBMASTERCARDUNIONPAYVISA
last4
string
The last for digits of the card.
fundingType
enum
The funding method for the card (e.g. DEBIT).
Possible values:
CREDITDEBITPREPAID
expYear
int32
The expiration year.
expMonth
int32
The expiration month.
pullTime
date-time
The last time the account was pulled from the connection.
pushTime
date-time
The last time the account was pushed to the connection.
createTime
date-time
The creation time of the account connection.
updateTime
date-time
The last update time of the account connection.
subscription
AccountSubscription
The organization's default active subscription.
id
string
The system-assigned identifier of the subscription.
state
enum
The state of the subscription.
Possible values:
TRIALINGCHECKOUT_ISSUEACTIVEPAST_DUEPAUSED
anchorTime
date-time
The anchor time of the billing cycle.
plan
AccountSubscriptionPlan
The plan.
id
string
The identifier of the plan.
displayName
string
The human-readable display name of the plan.
product
AccountSubscriptionProduct
The plan product.
id
string
The system-assigned identifier of the product.
uniqueId
string
The client defined unique identifier of the product.
displayName
string
The human-readable display name of the product.
signupTime
date-time
The sign-up time for the organization.
memberCount
int32
The number of members in the organization.
This includes disabled users, but does not include user's marked for deletion.
disabled
boolean
Whether the organization is disabled.
createTime
date-time
The creation time of the organization.
updateTime
date-time
The last update time of the organization.
role
Role
The user's role within the organization.
id
string
The system-assigned identifier of the role.
uniqueId
string
The client defined unique identifier of the role.
It is restricted to letters, numbers, underscores, and hyphens, with the first character a letter or a number, and a 255 character maximum.
ID's starting with role_ are reserved.
displayName
string
The human-readable display name of the role.
type
enum
The role type.
Possible values:
OWNERMEMBERGUEST
description
string
The description of the role.
The maximum length is 1000 characters.
permissionSets
string[]
The additional permissions allowed by the role.
default
boolean
Whether the role is the default for the tenant.
archived
boolean
The archived status of the role.
createTime
date-time
The creation time of the role.
updateTime
date-time
The last update time of the role.
seat
AccountSubscriptionSeat
The seat associated with the membership.
This will be absent if there is no active default subscription for the organization or the user has not been assigned a seat.
product
AccountSubscriptionProduct
The seat product.
id
string
The system-assigned identifier of the product.
uniqueId
string
The client defined unique identifier of the product.
displayName
string
The human-readable display name of the product.
createTime
date-time
The creation time of the membership.
updateTime
date-time
The last update time of the membership.
signupTime
date-time
The sign-up time for the user.
disabled
boolean
Whether the user is disabled.
createTime
date-time
The creation time of the user.
updateTime
date-time
The last update time of the user.

code
enum
The general error code (e.g. INVALID_ARGUMENT).
Possible values:
OKCANCELLEDUNKNOWNINVALID_ARGUMENTDEADLINE_EXCEEDEDNOT_FOUNDALREADY_EXISTSPERMISSION_DENIEDUNAUTHENTICATEDRESOURCE_EXHAUSTEDFAILED_PRECONDITIONABORTEDOUT_OF_RANGEUNIMPLEMENTEDINTERNALUNAVAILABLEDATA_LOSS
message
string
A developer-facing error message.
reason
string
A reason code for the error (e.g. USER_PENDING_DELETION).
param
string
The parameter path related to the error (e.g. member.userId).
metadata
string
Additional metadata related to the error.
localeMessage
string
A user-facing error message.

curl https://api.userhub.com/admin/v1/users/auth0%7C123456789@conn_26yEiYymqy6ZmG:import \
  -H "Authorization: Bearer $USERHUB_ADMIN_KEY" \
  -X POST

const res = await adminApi.users.importAccount(
  "auth0|123456789@conn_26yEiYymqy6ZmG",
);

res, err := adminApi.Users().ImportAccount(
    context.Background(),
    "auth0|123456789@conn_26yEiYymqy6ZmG",
    nil,
)

$res = $adminApi->users->importAccount(
    userId: 'auth0|123456789@conn_26yEiYymqy6ZmG',
);

res = admin_api.users.import_account(
    user_id="auth0|123456789@conn_26yEiYymqy6ZmG",
)

Response bodyJSON

{
  "id": "usr_MKFxzgJaAH8JQ4",
  "state": "ACTIVE",
  "displayName": "Jane Doe",
  "email": "[email protected]",
  "emailVerified": false,
  "address": null,
  "accountConnections": [
    {
      "connection": {
        "id": "conn_26yEiYymqy6ZmG",
        "displayName": "Auth0",
        "state": "ACTIVE",
        "type": "AUTH0",
        "delegate": null,
        "providers": [],
        "createTime": "2024-11-15T13:00:00Z",
        "updateTime": "2024-11-15T13:00:00Z"
      },
      "externalId": "auth0|123456789",
      "adminUrl": "https://manage.auth0.com/dashboard/us/test/users/auth0%7C123456789",
      "state": "ACTIVE",
      "displayName": "Jane Doe",
      "email": "[email protected]",
      "emailVerified": false,
      "paymentMethods": [],
      "pullTime": "2024-11-15T13:00:00Z",
      "pushTime": null,
      "createTime": "2024-11-15T13:00:00Z",
      "updateTime": "2024-11-15T13:00:00Z"
    }
  ],
  "subscription": null,
  "memberships": [],
  "signupTime": "2024-11-15T13:00:00Z",
  "createTime": "2024-11-15T13:00:00Z",
  "updateTime": "2024-11-15T13:00:00Z"
}

PreviousDisconnect external account

NextCreate API session

Import external user

.css-10iahqc{text-transform:capitalize;}path parameters

Returns

path parameters