Description
You have to call this method when you want create a new user in DruID, and user credentials exists in another provider (eg: meta, x, google, etc). This process could also been known as Social Register.
Please, read first Druid Oauth2 Documentation to learn about Oauth2 protocol and the meaning of each token.
As you know, DruID defines a set of mandatory data for registration depending of the entry point you are using; be aware that if you send more data than defined in minimal register configuration, not needed data will be discarded and it will be not persisted nor validated.
The difference with traditional register, is that if you provide an external_id field, and you indicate that identifier (eg: email) is confirmed, registered account will be confirmed (because we suspense and trust that third provider has confirmed that identifier). Be careful with ‘confirmed’ attribute, because it can lead to serious legal problems, if you indicate that an identifier is confirmed, but none really confirmed it.
You must provide a real external identifier, indicating also a real external provider. Otherwise, ‘confirm’ attribute will be ignored and account must be confirmed by DruID.
Endpoint URL:
POST https://{your-endpoint-domain.com}/activityid/v1/user/create
Request parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
| Authorization | “Bearer app_token” Literal text Bearer followed by app_token that is the token obtained from /oauth2/token endpoint | string | yes |
| Content-Type | The type of content that will be used for requests to be JSON | string | yes |
| Accept | The type of content that will be used for responses to be JSON | string | yes |
| From | Name of the entry point | string | yes |
| Accept-Language | Language of this request | Locale | no |
Query string parameters
| Parameter | Description | Type | Required |
|---|---|---|---|
| sc | With this paramater you can configure how user fields are validated: by default ALL validation errors are returned back to service caller (). If you want to receive only ONE validation error each time, you have to send query String parameter ‘sc=true’ | boolean | no |
| state | An opaque value used by the client to maintain state between the request and callback. | string | no |
Request example
| Parameter | Description | Type | Required | Value |
|---|---|---|---|---|
| actor.id | app_id of the application you are using to log user | string | yes | app id |
| actor.objectType | Type of the object which represents the actor. | string | yes | ‘application’ |
| verb | Verb used for create user | string | yes | ‘create’ |
| object.objectType | ObjectType represents the user | string | yes | ‘user’ |
| object.password | Password of the user. it must be send plain | string | yes | user password |
| object.ids | User identifiers. More info about user identifiers User Info | struct | yes | struct |
| object.datas | User datas. More info about user datas User Info | struct | yes | struct |
| object.assertions | Struct that defines legalities manage by the user. More info about user assertions User Info | struct | yes | struct |
| object.context | Struct holding the info related with the Oauth context | struct | yes | struct |
| object.context.objectType | The type of context. In this case, a basic oath session. | string | yes | ‘oauth_session’ |
| object.context .accessToken | The accessToken struct | struct | yes | struct |
| object.context .accessToken.value | The value of the access token | string | yes | ‘myfunnytoken’ |
| object.context .accessToken.expiresOn | The expiration date of the token. Can be expressed as a ISO 8601 string or as an unix epoch integer | string | yes | ‘2020-04-23T18:27:53.511+0000’ |
| source.id | Type of device doing the activity | string | yes | ‘unknown’ | ‘pc’ | ‘mobile’ | ‘tablet’ | ‘game_console’ | ‘itv’ |
| source.objectType | Type of source | string | yes | ‘device’ |
Response examples
Response: user created and notification sent
| Parameter | Description | Type |
|---|---|---|
| result.status | HTTP status code | string |
Response: user created and notification failed
Response: User not created due to validation errors
| Code | Type | Description |
|---|---|---|
| 400 | Error | Bad Request: The request could not be understood by the server due to malformed syntax |
| 401 | Error | Unauthorized: authentication is required and has failed or has not yet been provided (token is invalid, etc) |
| 412 | Error | Precondition failed: User can not be created because he/she has some data errors |
| 451 | Error | Unavailable For Legal Reasons: user must accept new terms and conditions |
| 500 | Error | Internal Server Error: The server encountered an unexpected condition which prevented it from fulfilling the request |
| 502 | Error | Bad Gateway: notification service has failed |
| 201 | Success | User created successfully |
| 207 | Partial Success | Multi-Status: user is created succesfully, but confirmation notification could not be sent |