POST /user
Requires authentication with server access token.
Create a new user. Not available for mobile clients, for historical reasons. See the signup endpoint.
The email is globally unique in Schibsted account, and there can only be one account associated with any given email address. To query for the availability of an email address, see the email status endpoint.
If a password is not provided, one will be generated by the system and emailed to the user. All passwords are stored fully encrypted, thus user-provided passwords can never be communicated in clear-text.
Only an available email address is required to create a Schibsted account. The additional parameters that can be provided may also be filled in by the user in their Schibsted account profile at any later point.
See also
Help us improve
Did you spot an error? Or maybe you just have a suggestion for how we can improve? Leave us a comment.
Request
POST /api/2/user
required | |
displayName | optionalThe user's preferred display name |
name | optionalJSON object containing |
birthday | optionalThe date of birth, YYYY-MM-DD |
addresses | optionalA JSON string. A map of addresses, with the address type as keys and the address objects/maps as values. See the address type for appropriate types |
gender | optionalGender. Legal values and a localized description can be fetched from /api/2/describe/User?property=gender. |
photo | optionalURL to a profile photo |
preferredUsername | optionalThe user's preferred user name |
url | optionalAn external URL related to the user |
utcOffset | optionalThe user's timezone, given as UTC offset (number of hours), e.g. "+02:00" etc |
redirectUri | optionalWhen the user is created, they will receive an email to confirm. After completing registration, they will be redirected to this URL if specified. If not specified, the user is redirected to the client default redirectUri. |
locale | optionalPreferred user language. By default it is nb_NO for Norway, and sv_SE for Sweden. You can also use en_US, es_ES, ca_ES and eu_ES. |
Example request
curl
Minimal example
curl https://login.schibsted.com/api/2/user \
-X POST \
-H "Authorization: Bearer [access token]" \
-d "email=johnd@example.com"
With all parameters
curl https://login.schibsted.com/api/2/user \
-X POST \
-H "Authorization: Bearer [access token]" \
-d "email=johnd@example.com" \
-d "displayName=John" \
-d "name={"givenName":"John","familyName":"Doe","formatted":"John Doe"}" \
-d "birthday=1977-01-31" \
-d "addresses={"home":{"country":"Norway","streetNumber":"1","longitude":"","floor":"","locality":"","formatted":"STREET 1, 0123 OSLO, NORGE","streetEntrance":"","apartment":"","postalCode":"0123","latitude":"","type":"home","region":"","streetAddress":"STREET"}}" \
-d "gender=undisclosed" \
-d "photo=http://gravatar.com/xyz" \
-d "preferredUsername=johnd" \
-d "url=http://example.com" \
-d "utcOffset=+02:00" \
-d "redirectUri=http://somewhere.com/else/" \
-d "locale=nb_NO"
Response
This endpoint supports the JSON, JSON-P, and response formats.
Success: 201 Created
Returns the newly created user object.
User
The user object is based on the portable contacts specification. It is extended with some custom fields. userId
is an integer and represents the unique user ID, while id
is a legacy uuid and should be ignored in new integrations. The uuid
is also a user identifier, which is is globally unique and should therefore be the preferred identifier for a user. The email
and phoneNumber
fields will always contain the primary used for both if available. The corresponding *Verified fields are the date of the last time those were verified.
When requesting a user that is not connected to the authorized client, only public profile data will be available:
id
userId
uuid
status
displayName
name
gender
preferredUsername
utcOffset
published
updated
lastLoggedIn
locale
tracking
id ✓ | stringLegacy |
---|---|
userId ✓ | integer (as string)Unique user ID. Custom extension. |
uuid ✓ | stringUnique user UUID. Custom extension. Should be preferred as the user identifier. |
name ✓ | NameJSON object containing |
displayName ✓ | stringName suitable for displaying to end-users. |
published ✓ | date-timeThe date this user was first added. Can return false if the user account was deleted. |
updated ✓ | date-timeThe most recent date the details of this user were updated |
status ✓ | User status |
email ✓ | stringPrimary email |
emailVerified | stringDate when the email was last verified. |
emails ✓ | list of Email addressesAll user's registered email addresses. |
phoneNumber | stringPrimary phone number |
phoneNumberVerified | stringDate when the phone number was last verified. |
phoneNumbers | list of Phone numbersAll user's registered phone numbers. |
verified | stringDate when user last verified data (email, phone number). Returns false if user wasn't verified. |
url | string |
photo | stringURL to a photo of the user (GIF/JPG/PNG) |
preferredUsername | string |
gender ✓ | stringOne of undisclosed, female, male, other, withheld. Default is undisclosed. Portable contacts |
birthday ✓ | dateDate of birth in YYYY-MM-DD format. Year will be 0000 if not provided. Defaults to 0000-00-00. Portable contacts |
locale ✓ | stringThe user's preferred locale. Locales follow ISO Language and country codes respectively, joined by an underscore. |
utcOffset ✓ | stringThe user's timezone, given as offset from UTC. |
lastLoggedIn ✓ | datetimeReturns false if the user has not been logged in before. |
lastAuthenticated ✓ | datetimeThe last time the user authenticated with their password. Returns false if the user has not been authenticated before. |
imported | datetime |
migrated | datetime |
addresses | collection of Addresses, as an object with |
accounts | list of Third-party accountsThird-party accounts and other client services |
merchants | arrayList of Schibsted account merchants the user is connected to |
currentLocation | list of AddressesIf user has no current location returns empty array. |
tracking | booleanIf |
The check mark ✓ indicates that the field always contains a valid non-empty value.
Failure cases
Some HTTP response codes are used for multiple error situations. There is no consistent way to tell these apart, but the error object will contain a textual explanation of the reason for the error. For explanation on OAuth related failures and errors see OAuth authentication failures.
- 302 Found Verified user already present.
- 401 Unauthorized You don't have administration rights for this client.
- 401 Unauthorized Your client doesn't have administration rights for this client.
- 401 Unauthorized Users cannot be create using an user token.
- 403 Forbidden Client is not authorized to access this API endpoint. Contact Schibsted account to request access.
- 403 Forbidden Requesting IP is not whitelisted
- 403 Forbidden Access token rejected
- 404 Not Found Unknown client ID
- 404 Not Found Client ID mismatch. The client making the request is no the owner of this resource, and does not have administrative privileges for it.
- 409 Conflict The email address is not available.
- 420 Request Ratelimit exceeded
Sample response
JSON
{
"status": 0,
"merchants": [
47000
],
"gender": "undisclosed",
"userId": "018744",
"name": {
"familyName": "Doe",
"givenName": "John",
"formatted": "John Doe"
},
"accounts": {
"52f8e3d9efd04bb749000000": {
"id": "52f8e3d9efd04bb749000000",
"accountName": "Kodemaker",
"domain": "www.kodemaker.no"
}
},
"locale": "nb_NO",
"photo": "https://secure.gravatar.com/avatar/6a6c19fea4a3676970167ce51f39e6ee?s\u003d200",
"phoneNumberVerified": false,
"phoneNumber": "",
"displayName": "John Doe",
"utcOffset": "+02:00",
"emails": [
{
"value": "user@domain1.tld",
"type": "other"
}
],
"published": "2014-04-15 19:43:29",
"hashType": "bcrypt",
"url": "",
"updated": "2014-04-15 19:43:29",
"email": "user@domain.tld",
"lastAuthenticated": false,
"emailVerified": false,
"preferredUsername": "JohnDoe",
"currentLocation": [],
"addresses": {},
"verified": "2014-04-15 19:43:29",
"id": "534d6fc1efd04b7c3f000000",
"phoneNumbers": [],
"birthday": "0000-00-00",
"lastLoggedIn": false,
"passwordChanged": false
}
JSON-P
callback({
"status": 0,
"merchants": [
47000
],
"gender": "undisclosed",
"userId": "018744",
"name": {
"familyName": "Doe",
"givenName": "John",
"formatted": "John Doe"
},
"accounts": {
"52f8e3d9efd04bb749000000": {
"id": "52f8e3d9efd04bb749000000",
"accountName": "Kodemaker",
"domain": "www.kodemaker.no"
}
},
"locale": "nb_NO",
"photo": "https://secure.gravatar.com/avatar/6a6c19fea4a3676970167ce51f39e6ee?s\u003d200",
"phoneNumberVerified": false,
"phoneNumber": "",
"displayName": "John Doe",
"utcOffset": "+02:00",
"emails": [
{
"value": "user@domain1.tld",
"type": "other"
}
],
"published": "2014-04-15 19:43:29",
"hashType": "bcrypt",
"url": "",
"updated": "2014-04-15 19:43:29",
"email": "user@domain.tld",
"lastAuthenticated": false,
"emailVerified": false,
"preferredUsername": "JohnDoe",
"currentLocation": [],
"addresses": {},
"verified": "2014-04-15 19:43:29",
"id": "534d6fc1efd04b7c3f000000",
"phoneNumbers": [],
"birthday": "0000-00-00",
"lastLoggedIn": false,
"passwordChanged": false
});
Comments/feedback
Do you have questions, or just want to contribute some newly gained insight? Want to share an example? Please leave a comment. Our team reads and responds to every question. Additionally, your experience can help others using Schibsted account, and it can help us continuously improve our documentation.