> ## Documentation Index
> Fetch the complete documentation index at: https://doc.lucidworks.com/llms.txt
> Use this file to discover all available pages before exploring further.
# Create user
> Create a new user.
This API should only be called to manage users in the native security realm, which manages both authentication and authorization within the Fusion UI. Users from other security realms, such as LDAP or SAML, are managed directly by the Fusion auth proxy access control component. It referred to as the auth proxy because it handles both authentication and authorization for all requests to the Fusion REST API services for SSO services.
Before working with the User API to create a user, be sure the native security realm is set up and ready.
## OpenAPI
````yaml /api-reference/5.9/fusion-api-api-docs.json post /users
openapi: 3.0.1
info:
title: Fusion Proxy API
description: Manage Fusion users, roles, realms, access tokens, and API keys.
contact:
name: Lucidworks
url: www.lucidworks.com
email: support@lucidworks.com
license:
name: License of API
url: https://lucidworks.com/legal/developer-license-agreement/
version: '5.9'
servers:
- url: https://{FUSION HOST}/api
description: Fusion
variables:
FUSION HOST:
default: FUSION_HOST
description: Your environment host.
security: []
tags:
- name: Realm management
description: >-
Endpoints for creating, configuring, and managing authentication realms
such as LDAP, SAML, OIDC, and others.
- name: User management
description: >-
Endpoints for creating, updating, deleting, and retrieving Fusion users
and their associated metadata.
- name: Suggestions
description: >-
Endpoints that provide query suggestions or autocomplete results to
improve search experiences.
- name: API key management
description: >-
Endpoints for managing API keys used to authenticate Fusion services and
integrations.
- name: OAuth 2.0
description: >-
Endpoints that support OAuth 2.0 authentication, including token issuance
and validation.
- name: Role management
description: >-
Endpoints for creating and managing user roles and their associated
permissions within Fusion.
- name: System status
description: >-
Endpoints for retrieving basic system health, configuration, and
authentication status.
externalDocs:
description: Lucidworks Documentation
url: https://doc.lucidworks.com/
paths:
/users:
post:
tags:
- User management
summary: Create user
description: >-
Create a new user.
This API should only be called to manage
users in the native security realm, which manages both authentication
and authorization within the Fusion UI. Users from other security
realms, such as LDAP or SAML, are managed directly by the Fusion auth
proxy access control component. It referred to as the auth proxy because
it handles both authentication and authorization for all requests to the
Fusion REST API services for SSO services.
Before working with
the User API to create a user, be sure the native security realm is set
up and ready.
operationId: createUser
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/CreateUser_PublicView'
example:
username: new-user-test
password: 1testpassword
roleNames:
- search
- developer
timezone: Mountain Time (US & Canada)
permissions:
- methods:
- GET
- POST
- PUT
required: true
responses:
'201':
description: Created
content:
application/json:
schema:
$ref: '#/components/schemas/User_PublicView'
example:
id: be0885f2-9885-4c46-f3ea-8e5d0041c292
username: 1new-user-test
realmName: native
createdAt: '2025-10-30T21:59:01Z'
roleNames:
- search
- developer
timezone: Mountain Time (US & Canada)
permissions:
- methods:
- PUT
- POST
- GET
'409':
description: User with a name or ID already exists
content:
'*/*':
schema:
$ref: '#/components/schemas/User_PublicView'
components:
schemas:
CreateUser_PublicView:
required:
- username
type: object
properties:
id:
type: string
username:
type: string
realmName:
type: string
writeOnly: true
default: native
password:
type: string
description: >-
Passwords must contain alpha+numeric chars and have a length of
8-20. Additional non-newline chars are allowed.
properties:
empty:
type: boolean
passwordHash:
type: string
roleNames:
type: array
writeOnly: true
items:
type: string
description: Indicates which roles are dynamically applied to users in the realm.
timezone:
type: string
example: Pacific Time (US & Canada)
permissions:
type: array
items:
$ref: '#/components/schemas/GlobPermission_PublicView'
realm:
type: string
roles:
type: array
description: >-
One or more user roles. Use `GET /roles` to get the list of existing
roles.
items:
type: string
User_PublicView:
type: object
properties:
id:
type: string
example: fe0885f2-8885-4c46-a3ea-8e5d0041c293
username:
type: string
example: admin
realmName:
type: string
example: ldap-internal
createdAt:
type: string
format: date-time
example: '2025-09-23T17:48:07Z'
updatedAt:
type: string
format: date-time
example: '2025-10-31T12:28:04Z'
roleNames:
type: array
items:
type: string
description: Indicates which roles are dynamically applied to users in the realm.
example:
- search
- developer
timezone:
type: string
example: Pacific Time (US & Canada)
permissions:
type: array
items:
$ref: '#/components/schemas/GlobPermission_PublicView'
GlobPermission_PublicView:
type: object
properties:
methods:
uniqueItems: true
type: array
items:
type: string
enum:
- GET
- POST
- PUT
- DELETE
- HEAD
- PATCH
- OPTIONS
path:
type: string
example: /
params:
type: object
additionalProperties:
type: array
items:
type: string
````