--- title: Create User Import External Password description: For user import operations in which the imported user's password remains on the external directory (and is not imported into PingOne), the import action uses the password.external.gateway configuration to designate that the user's authoritative password is managed by an external service. component: pingone-api page_id: pingone-api:platform:users/users-1/create-user-import-external-password canonical_url: https://developer.pingidentity.com/pingone-api/platform/users/users-1/create-user-import-external-password.html section_ids: prerequisites: Prerequisites headers: Headers body: Body example-request: Example Request --- # Create User Import External Password ## ```none POST {{apiPath}}/v1/environments/{{envID}}/users ``` For user import operations in which the imported user's password remains on the external directory (and is not imported into PingOne), the import action uses the `password.external.gateway` configuration to designate that the user's authoritative password is managed by an external service. | | | | - | ------------------------------------------------------------------------------------------------------------------- | | | For passwords with `password.external.gateway` configured, the user's password `status` state is set to `EXTERNAL`. | The `POST {{apiPath}}/v1/environments/{{envID}}/users` operation imports a new user resource to the specified environment. This operation uses the `application/vnd.pingidentity.user.import+json` custom content type in the request header. New users must be assigned to a `population` resource identified by its ID, and the request must set a value for the `username` attribute. The `username` attribute must be unique to an environment (spanning populations). Access to populations is determined by roles. It's possible that `username` conflicts may arise, if you or your worker application attempt to create a user that exists in a population to which you have no access. The `password` property sets the attributes needed to specify an external directory as the password manager. For this use case, the `password` property configures the following sub-properties: ### Prerequisites * Refer to [Users](../../users.html) and [User Operations](../users-1.html) for important overview information. * Create a population to get a `popID`. Refer to [Create Population](../../populations/create-population.html). Run [Read All Populations](../../populations/read-all-populations.html) to find an existing population. * Create an LDAP gateway to get a `gatewayID`. Refer to [Create LDAP Gateway](../../gateway-management/gateways/create-ldap-gateway.html). Run [Read All Gateways](../../gateway-management/gateways/read-all-gateways.html) to find an existing gateway. * Create an LDAP gateway to get a `userTypeID`. Refer to [Create LDAP Gateway](../../gateway-management/gateways/create-ldap-gateway.html). > **Collapse: Request Model** > > | Property | Type | Required? | > | ------------------------------------------------- | --------- | --------- | > | `password.external` | Object | Required | > | `password.external.gateway` | Object | Required | > | `password.external.gateway.id` | UUID | Required | > | `password.external.gateway.type` | String | Optional | > | `password.external.gateway.userType` | Reference | Required | > | `password.external.gateway.userType.id` | UUID | Required | > | `password.external.gateway.correlationAttributes` | Object | Required | > > For more information about gateways LDAP data model and gateway user types, refer to [Gateway Management](../../gateway-management.html). ### Headers Authorization      Bearer {{accessToken}} Content-Type      application/vnd.pingidentity.user.import+json ### Body raw ( application/vnd.pingidentity.user.import+json ) ```json { "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password" : { "external" : { "gateway" : { "id" : "{{gatewayID}}", "userType": { "id" : "{{userTypeID}}" }, "correlationAttributes" : { "uid" : "{{username}}" } } } } } ``` ## ### Example Request * cURL * C# * Go * HTTP * Java * jQuery * NodeJS * Python * PHP * Ruby * Swift ```shell curl --location --globoff '{{apiPath}}/v1/environments/{{envID}}/users' \ --header 'Content-Type: application/vnd.pingidentity.user.import+json' \ --header 'Authorization: Bearer {{accessToken}}' \ --data '{ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password" : { "external" : { "gateway" : { "id" : "{{gatewayID}}", "userType": { "id" : "{{userTypeID}}" }, "correlationAttributes" : { "uid" : "{{username}}" } } } } }' ``` ```csharp var options = new RestClientOptions("{{apiPath}}/v1/environments/{{envID}}/users") { MaxTimeout = -1, }; var client = new RestClient(options); var request = new RestRequest("", Method.Post); request.AddHeader("Content-Type", "application/vnd.pingidentity.user.import+json"); request.AddHeader("Authorization", "Bearer {{accessToken}}"); var body = @"{" + "\n" + @" ""population"": {" + "\n" + @" ""id"": ""{{popID}}""" + "\n" + @" }," + "\n" + @" ""username"": ""myRemoteUser-1""," + "\n" + @" ""password"" : {" + "\n" + @" ""external"" : {" + "\n" + @" ""gateway"" : {" + "\n" + @" ""id"" : ""{{gatewayID}}""," + "\n" + @" ""userType"": {" + "\n" + @" ""id"" : ""{{userTypeID}}""" + "\n" + @" }," + "\n" + @" ""correlationAttributes"" : {" + "\n" + @" ""uid"" : ""{{username}}""" + "\n" + @" }" + "\n" + @" }" + "\n" + @" }" + "\n" + @" }" + "\n" + @"}"; request.AddStringBody(body, DataFormat.Json); RestResponse response = await client.ExecuteAsync(request); Console.WriteLine(response.Content); ``` ```golang package main import ( "fmt" "strings" "net/http" "io" ) func main() { url := "{{apiPath}}/v1/environments/{{envID}}/users" method := "POST" payload := strings.NewReader(`{ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password" : { "external" : { "gateway" : { "id" : "{{gatewayID}}", "userType": { "id" : "{{userTypeID}}" }, "correlationAttributes" : { "uid" : "{{username}}" } } } } }`) client := &http.Client { } req, err := http.NewRequest(method, url, payload) if err != nil { fmt.Println(err) return } req.Header.Add("Content-Type", "application/vnd.pingidentity.user.import+json") req.Header.Add("Authorization", "Bearer {{accessToken}}") res, err := client.Do(req) if err != nil { fmt.Println(err) return } defer res.Body.Close() body, err := io.ReadAll(res.Body) if err != nil { fmt.Println(err) return } fmt.Println(string(body)) } ``` ```http POST /v1/environments/{{envID}}/users HTTP/1.1 Host: {{apiPath}} Content-Type: application/vnd.pingidentity.user.import+json Authorization: Bearer {{accessToken}} { "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password" : { "external" : { "gateway" : { "id" : "{{gatewayID}}", "userType": { "id" : "{{userTypeID}}" }, "correlationAttributes" : { "uid" : "{{username}}" } } } } } ``` ```java OkHttpClient client = new OkHttpClient().newBuilder() .build(); MediaType mediaType = MediaType.parse("application/vnd.pingidentity.user.import+json"); RequestBody body = RequestBody.create(mediaType, "{\n \"population\": {\n \"id\": \"{{popID}}\"\n },\n \"username\": \"myRemoteUser-1\",\n \"password\" : {\n \"external\" : {\n \"gateway\" : {\n \"id\" : \"{{gatewayID}}\",\n \"userType\": {\n \"id\" : \"{{userTypeID}}\"\n },\n \"correlationAttributes\" : {\n \"uid\" : \"{{username}}\"\n }\n }\n }\n }\n}"); Request request = new Request.Builder() .url("{{apiPath}}/v1/environments/{{envID}}/users") .method("POST", body) .addHeader("Content-Type", "application/vnd.pingidentity.user.import+json") .addHeader("Authorization", "Bearer {{accessToken}}") .build(); Response response = client.newCall(request).execute(); ``` ```javascript var settings = { "url": "{{apiPath}}/v1/environments/{{envID}}/users", "method": "POST", "timeout": 0, "headers": { "Content-Type": "application/vnd.pingidentity.user.import+json", "Authorization": "Bearer {{accessToken}}" }, "data": JSON.stringify({ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password": { "external": { "gateway": { "id": "{{gatewayID}}", "userType": { "id": "{{userTypeID}}" }, "correlationAttributes": { "uid": "{{username}}" } } } } }), }; $.ajax(settings).done(function (response) { console.log(response); }); ``` ```javascript var request = require('request'); var options = { 'method': 'POST', 'url': '{{apiPath}}/v1/environments/{{envID}}/users', 'headers': { 'Content-Type': 'application/vnd.pingidentity.user.import+json', 'Authorization': 'Bearer {{accessToken}}' }, body: JSON.stringify({ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password": { "external": { "gateway": { "id": "{{gatewayID}}", "userType": { "id": "{{userTypeID}}" }, "correlationAttributes": { "uid": "{{username}}" } } } } }) }; request(options, function (error, response) { if (error) throw new Error(error); console.log(response.body); }); ``` ```python import requests import json url = "{{apiPath}}/v1/environments/{{envID}}/users" payload = json.dumps({ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password": { "external": { "gateway": { "id": "{{gatewayID}}", "userType": { "id": "{{userTypeID}}" }, "correlationAttributes": { "uid": "{{username}}" } } } } }) headers = { 'Content-Type': 'application/vnd.pingidentity.user.import+json', 'Authorization': 'Bearer {{accessToken}}' } response = requests.request("POST", url, headers=headers, data=payload) print(response.text) ``` ```php setUrl('{{apiPath}}/v1/environments/{{envID}}/users'); $request->setMethod(HTTP_Request2::METHOD_POST); $request->setConfig(array( 'follow_redirects' => TRUE )); $request->setHeader(array( 'Content-Type' => 'application/vnd.pingidentity.user.import+json', 'Authorization' => 'Bearer {{accessToken}}' )); $request->setBody('{\n "population": {\n "id": "{{popID}}"\n },\n "username": "myRemoteUser-1",\n "password" : {\n "external" : {\n "gateway" : {\n "id" : "{{gatewayID}}",\n "userType": {\n "id" : "{{userTypeID}}"\n },\n "correlationAttributes" : {\n "uid" : "{{username}}"\n }\n }\n }\n }\n}'); try { $response = $request->send(); if ($response->getStatus() == 200) { echo $response->getBody(); } else { echo 'Unexpected HTTP status: ' . $response->getStatus() . ' ' . $response->getReasonPhrase(); } } catch(HTTP_Request2_Exception $e) { echo 'Error: ' . $e->getMessage(); } ``` ```ruby require "uri" require "json" require "net/http" url = URI("{{apiPath}}/v1/environments/{{envID}}/users") http = Net::HTTP.new(url.host, url.port); request = Net::HTTP::Post.new(url) request["Content-Type"] = "application/vnd.pingidentity.user.import+json" request["Authorization"] = "Bearer {{accessToken}}" request.body = JSON.dump({ "population": { "id": "{{popID}}" }, "username": "myRemoteUser-1", "password": { "external": { "gateway": { "id": "{{gatewayID}}", "userType": { "id": "{{userTypeID}}" }, "correlationAttributes": { "uid": "{{username}}" } } } } }) response = http.request(request) puts response.read_body ``` ```swift let parameters = "{\n \"population\": {\n \"id\": \"{{popID}}\"\n },\n \"username\": \"myRemoteUser-1\",\n \"password\" : {\n \"external\" : {\n \"gateway\" : {\n \"id\" : \"{{gatewayID}}\",\n \"userType\": {\n \"id\" : \"{{userTypeID}}\"\n },\n \"correlationAttributes\" : {\n \"uid\" : \"{{username}}\"\n }\n }\n }\n }\n}" let postData = parameters.data(using: .utf8) var request = URLRequest(url: URL(string: "{{apiPath}}/v1/environments/{{envID}}/users")!,timeoutInterval: Double.infinity) request.addValue("application/vnd.pingidentity.user.import+json", forHTTPHeaderField: "Content-Type") request.addValue("Bearer {{accessToken}}", forHTTPHeaderField: "Authorization") request.httpMethod = "POST" request.httpBody = postData let task = URLSession.shared.dataTask(with: request) { data, response, error in guard let data = data else { print(String(describing: error)) return } print(String(data: data, encoding: .utf8)!) } task.resume() ```