User
Internal user id. Returned by GET; never accept on POST — upsert key is login_account.
Required. User's given name.
Required. User's family name.
Required. Unique across all users in this tenant.
Required. Stable login handle. Unique across all users in this tenant. This is the upsert key on POST.
Required. 1 = username/password, 2 = SSO.
Possible values: [1, 2]
The alias of the IdP configuration to use for this user (login_type=2). Matches idp_sso_config.alias (e.g. "nuntiq", "default").
Whether the user can sign in. Defaults to true.
Optional start date when the user becomes active.
Optional end date after which the user is no longer active. Set automatically by DELETE /users and POST /users/deactivate-inactive.
True if the user must rotate their password on next sign-in. Set automatically when the API receives a password.
groups object[]
Group memberships. Same shape on POST and GET. On POST, only external_code is honoured — name (if sent) is ignored. Replace-all semantics: omit the field to leave memberships untouched, or send [] to clear them. Unknown codes return 400.
The customer-supplied stable code for the group (configured in the customer portal on each user group).
Group display name. Returned by GET; ignored on POST.
{
"id": 0,
"first_name": "string",
"last_name": "string",
"email": "user@example.com",
"login_account": "string",
"login_type": 1,
"sso_provider": "string",
"is_active": true,
"active_from": "2024-07-29T15:51:28.071Z",
"active_to": "2024-07-29T15:51:28.071Z",
"must_change_password": true,
"groups": [
{
"external_code": "FINANCE",
"name": "Finance Team"
},
{
"external_code": "AP_TEAM",
"name": "Accounts Payable"
}
],
"created_at": "2024-07-29T15:51:28.071Z",
"updated_at": "2024-07-29T15:51:28.071Z"
}