The CreateUser operation is used to is used to create a new AssureSign user. This operation requires an AuthenticationToken returned from AuthenticateUser, which in turn requires passing of an active AssureSign username and password.
The CreateUser operation requires knowledge of the following:
- the AssureSign account ContextIdentifier for the account to which the new user should be assigned. This is exposed in the AssureSign administrative application account settings. The ContextIdentifier is in the form of a global unique identifier (GUID).
- an AuthenticationToken, returned from a successful call to AuthenticateUser
- the UserName which must be an email address
- the user's FirstName
- the user's LastName
- the initial Password for the user account (not needed if a random password is being generated)
- the Role the user should be assigned. This is configured in the Roles administration section.
- RequirePasswordChange specifying whether or not the user will be required to change the password upon next login.
- an Inactive flag should the user be initially disabled
- an optional SendCredentialsViaEmail flag
- an optional AutoGeneratePassword flag (typically this should be selected in conjunction with theSendCredentialsViaEmail flag)
- an optional Tags array of user-defined tags that may be used to associated additional data with a user beyond the properties explicitly defined by AssureSign.
Important: Our recommended security best practice is that RequirePasswordChange should only be set to false if the user being added has provided their own password and this is being passed through via the CreateUser operation. If you are creating a password on behalf of the user and communicating that to them, then we recommend setting RequirePasswordChange to true. Also note that the password strength settings configured on the account will be respected, so that the user creation will fail if the Password does not meet all criteria. More information on recommended configurations for passwords may be read here.
<?xml version="1.0" encoding="utf-8"?> <CreateUser xmlns="https://www.assuresign.net/Services/DocumentNOW/Users"> <Request ContextIdentifier="06C4A84A-693C-46CB-8DF2-40A8215AA056" AuthenticationToken="[authentication token]" UserName="firstname.lastname@example.org" FirstName="John" LastName="Doe" Password="12$ccFg7kl22!" Role="Limited User" RequirePasswordChange="true" Inactive="false"> <AutoGeneratePassword>false</AutoGeneratePassword> <SendCredentialsViaEmail>true</SendCredentialsViaEmail> <Tags> <UserTag Name="ExternalUserId" Value="MyUserId" /> </Tags> </Request> </CreateUser>
The SOAP Action header is
The returned result will include:
- a Success flag indicating whether or not the user was created successfully
The CreateUserResult should be checked for the presence of an Exceptions element, which may contain multiple UserException items.
Sample XML response is presented here:
<?xml version="1.0" encoding="utf-8"?> <CreateUserResponse xmlns="https://www.assuresign.net/Services/DocumentNOW/Users"> <CreateUserResult Success="true"> <Exceptions /> </CreateUserResult> </CreateUserResponse>