Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper permissions, creates a new anonymous, email and password, or phone number user.
An API key is required in the request in order to identify the Google Cloud project.
HTTP request
POST https://identitytoolkit.googleapis.com/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
targetProjectId |
The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. If this is not set, the target project is inferred from the scope associated to the Bearer access token. |
tenantId |
The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project. |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{
"email": string,
"password": string,
"displayName": string,
"captchaChallenge": string,
"captchaResponse": string,
"instanceId": string,
"idToken": string,
"emailVerified": boolean,
"photoUrl": string,
"disabled": boolean,
"localId": string,
"phoneNumber": string,
"mfaInfo": [
{
object ( |
Fields | |
---|---|
email |
The email to assign to the created user. The length of the email should be less than 256 characters and in the format of |
password |
The password to assign to the created user. The password must be be at least 6 characters long. If set, the |
displayName |
The display name of the user to be created. |
captchaChallenge |
|
captchaResponse |
The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for assessment. Required when reCAPTCHA enterprise is enabled. |
instanceId |
|
idToken |
A valid ID token for an Identity Platform user. If set, this request will link the authentication credential to the user represented by this ID token. For a non-admin request, both the |
emailVerified |
Whether the user's email is verified. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
photoUrl |
The profile photo url of the user to create. |
disabled |
Whether the user will be disabled upon creation. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions. |
localId |
The ID of the user to create. The ID must be unique within the project that the user is being created under. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
phoneNumber |
The phone number of the user to create. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
mfaInfo[] |
The multi-factor authentication providers for the user to create. |
Response body
If successful, the response body contains an instance of SignUpResponse
.
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.