CreateUser - Amazon FinSpace
Request SyntaxURI Request ParametersRequest BodyResponse SyntaxResponse ElementsErrorsSee Also

End of support notice: On October 7, 2026, AWS will end support for Amazon FinSpace. After October 7, 2026, you will no longer be able to access the FinSpace console or FinSpace resources. For more information, see Amazon FinSpace end of support.

After careful consideration, we decided to end support for Amazon FinSpace, effective October 7, 2026. Amazon FinSpace will no longer accept new customers beginning October 7, 2025. As an existing customer with an Amazon FinSpace environment created before October 7, 2025, you can continue to use the service as normal. After October 7, 2026, you will no longer be able to use Amazon FinSpace. For more information, see Amazon FinSpace end of support.

CreateUser

Creates a new user in FinSpace.

Request Syntax

POST /user HTTP/1.1
Content-type: application/json

{
   "ApiAccess": "string",
   "apiAccessPrincipalArn": "string",
   "clientToken": "string",
   "emailAddress": "string",
   "firstName": "string",
   "lastName": "string",
   "type": "string"
}

URI Request Parameters

The request does not use any URI parameters.

Request Body

The request accepts the following data in JSON format.

emailAddress

The email address of the user that you want to register. The email address serves as a uniquer identifier for each user and cannot be changed after it's created.

Type: String

Length Constraints: Minimum length of 4. Maximum length of 320.

Pattern: [A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4}

Required: Yes

type

The option to indicate the type of user. Use one of the following options to specify this parameter:

  • SUPER_USER – A user with permission to all the functionality and data in FinSpace.

  • APP_USER – A user with specific permissions in FinSpace. The users are assigned permissions by adding them to a permission group.

Type: String

Valid Values: SUPER_USER | APP_USER

Required: Yes

ApiAccess

The option to indicate whether the user can use the GetProgrammaticAccessCredentials API to obtain credentials that can then be used to access other FinSpace Data API operations.

  • ENABLED – The user has permissions to use the APIs.

  • DISABLED – The user does not have permissions to use any APIs.

Type: String

Valid Values: ENABLED | DISABLED

Required: No

apiAccessPrincipalArn

The ARN identifier of an AWS user or role that is allowed to call the GetProgrammaticAccessCredentials API to obtain a credentials token for a specific FinSpace user. This must be an IAM role within your FinSpace account.

Type: String

Length Constraints: Minimum length of 20. Maximum length of 2048.

Pattern: ^arn:aws[a-z\-]*:iam::\d{12}:role/?[a-zA-Z_0-9+=,.@\-_/]+$

Required: No

clientToken

A token that ensures idempotency. This token expires in 10 minutes.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: .*\S.*

Required: No

firstName

The first name of the user that you want to register.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 50.

Pattern: .*\S.*

Required: No

lastName

The last name of the user that you want to register.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 50.

Pattern: .*\S.*

Required: No

Response Syntax

HTTP/1.1 200
Content-type: application/json

{
   "userId": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

userId

The unique identifier for the user.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 26.

Pattern: .*\S.*

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You do not have sufficient access to perform this action.

HTTP Status Code: 403

ConflictException

The request conflicts with an existing resource.

HTTP Status Code: 409

InternalServerException

The request processing has failed because of an unknown error, exception or failure.

HTTP Status Code: 500

LimitExceededException

A limit has exceeded.

HTTP Status Code: 400

ThrottlingException

The request was denied due to request throttling.

HTTP Status Code: 429

ValidationException

The input fails to satisfy the constraints specified by an AWS service.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: