CreateUser
Creates a user who can be used in WorkMail by calling the RegisterToWorkMail operation.
Request Syntax
{
"DisplayName": "string",
"FirstName": "string",
"HiddenFromGlobalAddressList": boolean,
"IdentityProviderUserId": "string",
"LastName": "string",
"Name": "string",
"OrganizationId": "string",
"Password": "string",
"Role": "string"
}Request Parameters
For information about the parameters that are common to all actions, see Common Parameters.
The request accepts the following data in JSON format.
- DisplayName
-
The display name for the new user.
Type: String
Length Constraints: Maximum length of 256.
Required: Yes
- FirstName
-
The first name of the new user.
Type: String
Length Constraints: Maximum length of 256.
Required: No
- HiddenFromGlobalAddressList
-
If this parameter is enabled, the user will be hidden from the address book.
Type: Boolean
Required: No
- IdentityProviderUserId
-
User ID from the IAM Identity Center. If this parameter is empty it will be updated automatically when the user logs in for the first time to the mailbox associated with WorkMail.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 47.
Pattern:
^([0-9a-f]{10}-|)[A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}$Required: No
- LastName
-
The last name of the new user.
Type: String
Length Constraints: Maximum length of 256.
Required: No
- Name
-
The name for the new user. WorkMail directory user names have a maximum length of 64. All others have a maximum length of 20.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 64.
Pattern:
[\w\-.]+(@[a-zA-Z0-9.\-]+\.[a-zA-Z0-9-]{2,})?Required: Yes
- OrganizationId
-
The identifier of the organization for which the user is created.
Type: String
Length Constraints: Fixed length of 34.
Pattern:
^m-[0-9a-f]{32}$Required: Yes
- Password
-
The password for the new user.
Type: String
Length Constraints: Maximum length of 256.
Pattern:
[\u0020-\u00FF]+Required: No
- Role
-
The role of the new user.
You cannot pass SYSTEM_USER or RESOURCE role in a single request. When a user role is not selected, the default role of USER is selected.
Type: String
Valid Values:
USER | RESOURCE | SYSTEM_USER | REMOTE_USERRequired: No
Response Syntax
{
"UserId": "string"
}Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- UserId
-
The identifier for the new user.
Type: String
Length Constraints: Minimum length of 12. Maximum length of 256.
Errors
For information about the errors that are common to all actions, see Common Errors.
- DirectoryServiceAuthenticationFailedException
-
The directory service doesn't recognize the credentials supplied by WorkMail.
HTTP Status Code: 400
- DirectoryUnavailableException
-
The directory is unavailable. It might be located in another Region or deleted.
HTTP Status Code: 400
- InvalidParameterException
-
One or more of the input parameters don't match the service's restrictions.
HTTP Status Code: 400
- InvalidPasswordException
-
The supplied password doesn't match the minimum security constraints, such as length or use of special characters.
HTTP Status Code: 400
- NameAvailabilityException
-
The user, group, or resource name isn't unique in WorkMail.
HTTP Status Code: 400
- OrganizationNotFoundException
-
An operation received a valid organization identifier that either doesn't belong or exist in the system.
HTTP Status Code: 400
- OrganizationStateException
-
The organization must have a valid state to perform certain operations on the organization or its members.
HTTP Status Code: 400
- ReservedNameException
-
This user, group, or resource name is not allowed in WorkMail.
HTTP Status Code: 400
- UnsupportedOperationException
-
You can't perform a write operation against a read-only directory.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following:
