Create user accounts for a customer
Create a new user account for your customer.
Prerequisites
Credentials as described in Partner Center authentication. This scenario supports authentication with App+User credentials only.
A customer ID (
customer-tenant-id). If you don't know the customer's ID, you can look it up in Partner Center. Select the Customers workspace from the Partner Center Home page. Select the customer from the Customer list, then select Account. On the customer's Account page, look for the Microsoft ID in the Customer Account details section. The Microsoft ID is the same as the customer ID (customer-tenant-id).User domain can't be a federated domain.
GDAP roles
You'll need at least one of the following GDAP roles:
- User Administrator
- Directory Writers
C#
To obtain a new user account for a customer:
Create a new CustomerUser object with the relevant user information.
Use your IAggregatePartner.Customers collection and call the ById() method.
Call the Users property, followed by the Create method.
// string selectedCustomerId;
// IAggregatePartner partnerOperations;
// var SelectedCustomer;
var userToCreate = new CustomerUser()
{
PasswordProfile = new PasswordProfile() { ForceChangePassword = true, Password = "Password!1" },
DisplayName = "TestDisplayName",
FirstName = "TestFirstName",
LastName = "TestLastName",
UsageLocation = "US",
UserPrincipalName = Guid.NewGuid().ToString("N") + "@" + selectedCustomer.CompanyProfile.Domain.ToString()
};
User createdUser = partnerOperations.Customers.ById(selectedCustomerId).Users.Create(userToCreate);
Sample: Console test app. Project: PartnerSDK.FeatureSamples Class: CustomerUserCreate.cs
REST request
Request syntax
| Method | Request URI |
|---|---|
| POST | {baseURL}/v1/customers/{customer-tenant-id}/users HTTP/1.1 |
URI parameters
Use the following query parameters to identify the correct customer.
| Name | Type | Required | Description |
|---|---|---|---|
| customer-tenant-id | guid | Y | The value is a GUID formatted customer-tenant-id. It allows the reseller to filter the results for a given customer that belongs to the reseller. |
| user-id | guid | N | The value is a GUID formatted user-id that belongs to a single user account. |
Request headers
For more information, see Partner Center REST headers.
Request body
None.
Request example
POST https://api.partnercenter.microsoft.com/v1/customers/<customer-tenant-id>/users HTTP/1.1
Authorization: Bearer <token>
Accept: application/json
MS-RequestId: b1317092-f087-471e-a637-f66523b2b94c
MS-CorrelationId: aaaa0000-bb11-2222-33cc-444444dddddd
{
"usageLocation": "country/region code",
"userPrincipalName": "userid@domain.onmicrosoft.com",
"firstName": "First",
"lastName": "Last",
"displayName": "User name",
"immutableId": "Some unique ID",
"passwordProfile":{
password: "abCD123*",
forceChangePassword: true
},
"attributes": {
"objectType": "CustomerUser"
}
}
REST response
If successful, this method returns a user account, including the GUID.
Response success and error codes
Each response comes with an HTTP status code that indicates success or failure and additional debugging information. Use a network trace tool to read this code, error type, and additional parameters. For the full list, see Error Codes.
Response example
HTTP/1.1 200 OK
Content-Length: 31942
Content-Type: application/json
MS-CorrelationId: aaaa0000-bb11-2222-33cc-444444dddddd
MS-RequestId: b1317092-f087-471e-a637-f66523b2b94c
Date: June 24 2016 22:00:25 PST
{
"usageLocation": "country/region code",
"id": "4b10bf41-ab11-40e3-8c53-cd67849b50de",
"userPrincipalName": "userid@domain.onmicrosoft.com",
"firstName": "First",
"lastName": "Last",
"displayName": "User name",
"immutableId": "Some unique ID",
"passwordProfile": {
"forceChangePassword": true,
"password": "abCD123*"
},
"lastDirectorySyncTime": null,
"userDomainType": "none",
"state": "active",
"softDeletionTime": null,
"attributes": {
"objectType": "CustomerUser"
}
}