Signs up a new email and password user or anonymous user, or upgrades an anonymous user to email and password. For an admin request with a Google OAuth 2.0 credential with the proper permissions, creates a new anonymous, email and password, or phone number user.
An API key is required in the request in order to identify the Google Cloud project.
HTTP request
POST https://identitytoolkit.googleapis.com/v1/projects/{targetProjectId}/tenants/{tenantId}/accounts
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
target |
The project ID of the project which the user should belong to. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. If this is not set, the target project is inferred from the scope associated to the Bearer access token. |
tenant |
The ID of the Identity Platform tenant to create a user under. If not set, the user will be created under the default Identity Platform project. |
Request body
The request body contains data with the following structure:
JSON representation |
---|
{ "email": string, "password": string, "displayName": string, "captchaChallenge": string, "captchaResponse": string, "instanceId": string, "idToken": string, "emailVerified": boolean, "photoUrl": string, "disabled": boolean, "localId": string, "phoneNumber": string, "mfaInfo": [ { object ( |
Fields | |
---|---|
email |
The email to assign to the created user. The length of the email should be less than 256 characters and in the format of |
password |
The password to assign to the created user. The password must be be at least 6 characters long. If set, the |
display |
The display name of the user to be created. |
captchaChallenge |
|
captcha |
The reCAPTCHA token provided by the reCAPTCHA client-side integration. reCAPTCHA Enterprise uses it for assessment. Required when reCAPTCHA enterprise is enabled. |
instanceId |
|
id |
A valid ID token for an Identity Platform user. If set, this request will link the authentication credential to the user represented by this ID token. For a non-admin request, both the |
email |
Whether the user's email is verified. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
photo |
The profile photo url of the user to create. |
disabled |
Whether the user will be disabled upon creation. Disabled accounts are inaccessible except for requests bearing a Google OAuth2 credential with proper permissions. |
local |
The ID of the user to create. The ID must be unique within the project that the user is being created under. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
phone |
The phone number of the user to create. Specifying this field requires a Google OAuth 2.0 credential with the proper permissions. |
mfa |
The multi-factor authentication providers for the user to create. |
client |
The client type: web, Android or iOS. Required when enabling reCAPTCHA enterprise protection. |
recaptcha |
The reCAPTCHA version of the reCAPTCHA token in the captchaResponse. |
Response body
If successful, the response body contains an instance of SignUpResponse
.
Authorization scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/identitytoolkit
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.