Create User
Create a new user.
HTTP Request
POST/api/users/
NOTE: NOT USING THE TRAILING SLASH AT THE END OF THE URL RESULTS TO A 500 SERVER ERROR
Authorization
Authorization
- Required: Yes
- Permission: Staff with UserPermission or Admin
- Permission Code: 1221
- Authentication: Token-based (Authorization: Token <your_api_key>)
Request Body
| Field | Type | Required | Description |
|---|---|---|---|
| username | String | Yes | Unique username for the user. |
| password | String | No | Password for the user account. |
| mobile_number | String | No | Mobile phone number of the user. |
| String | No | Email address of the user (nullable). | |
| is_email_verified | Boolean | No | If the email number is a verified one (default=false) |
| avatar | File | No | User profile avatar image |
| first_name | String | No | First name of the user. |
| last_name | String | No | Last name of the user. |
| gender | String | No | Gender of the user (`male`, `female`, `other`) (Default Male) |
| invited_by | Integer | No | id of the inviting user (nullable) |
| is_staff | Boolean | No | Whether user has staff privileges (default: false). |
| is_admin | Boolean | No | Whether user has admin privileges (default: false). |
| is_active | Boolean | No | Whether user account is active (default: true). |
| groups | Array | No | List of group IDs the user belongs to. |
| permissions | Array | No | List permissions IDs the the user have |
Example Requests
- 🐍 Python
- 🌐 Curl
1import requests
2
3api = requests.Session()
4api.headers.update({'Authorization': 'Token f4e75eab6e0f663a972d145478d6fc4b81762070'})
5response = api.post(
6 'http://www.example.com/api/users/',
7 json={
8 'username': 'michael_chen',
9 'password': 'SecurePass123!',
10 'mobile_number': '09113235256',
11 'email': 'michael.chen@techcorp.com',
12 'first_name': 'Michael',
13 'last_name': 'Chen',
14 'gender': 'male',
15 'is_staff': True,
16 'is_admin': False,
17 'is_active': True,
18 'groups': [1, 3]
19 }
20)1curl "http://www.example.com/api/users/" -X POST -H "Authorization: Token XXXXXXXXXXXXXXXXXXXXXX" -H "Content-Type: application/json" -d '{
2 "username": "sarah_williams",
3 "password": "SecurePass456!",
4 "mobile_number": "09113235256",
5 "email": "sarah.williams@techcorp.com",
6 "first_name": "Sarah",
7 "last_name": "Williams",
8 "gender": "female",
9 "is_staff": false,
10 "is_admin": false,
11 "is_active": true,
12 "groups": [2, 4]
13}'Response Fields
| Field | Type | Description |
|---|---|---|
| id | Integer | Unique ID of the user (unique) |
| username | String | Username of the user (unique) |
| mobile_number | String | Mobile phone number of the user(unique, nullable) |
| String | Email address of the user(unique, nullable) | |
| is_email_verified | Boolean | Shows if the email has been verified |
| avatar | String | URL to the user's avatar image (nullable). |
| first_name | String | First name of the user(nullable) |
| last_name | String | Last name of the user(nullable) |
| full_name | String | Full name (nullable). |
| gender | String | Gender of the user.(male/female/other) |
| invited_by | Object(InvitingUser) | User who has invited current user |
| invite_code | String | Related invite code of the user (nullable) |
| invitees_count | Integer | Number of users invited by the current user(nullable) |
| is_active | Boolean | Whether user account is active. |
| is_staff | Boolean | Whether user has staff privileges. |
| is_admin | Boolean | Whether user has admin privileges. |
| is_profile_completed | Boolean | Whether user profile data are complete or not |
| last_login | String (ISO 8601) | Timestamp of last login (null for new users). |
| created_at | String (ISO 8601) | Timestamp when user was created. |
| updated_at | String (ISO 8601) | Timestamp when user was last updated. |
| is_online | Boolean | Whether user is currently online. |
| invitees | Object(InvitedUsers) | List of invited users |
| groups_data | Array[Object] | Array of group objects with detailed info. |
| permissions_data | Array[Ojbect(Permission)] | Array of permissions objects the user have |
Group Data Structure
| Field | Type | Description |
|---|---|---|
| id | Integer | Unique ID of the group |
| name | String | Name of the group |
InvitedUsers/InvitingUser object Structure
| Field | Type | Description |
|---|---|---|
| id | Integer | Unique ID of the inviting/invited user |
| username | String | Username of the inviting/invited user |
| fullnamd | String | Fullname of the inviting/invited user |
Permission Data Structure
| Field | Type | Description |
|---|---|---|
| id | Integer | Unique ID of the permission |
| code | Integer | Unique code of the permission |
| name | String | Name of the permission |
Example Response
{
{
"id": 3,
"username": "Eve68",
"mobile_number": "09521206685",
"email": "Roosevelt.Nader8@yahoo.com",
"is_email_verified": false,
"avatar": null,
"first_name": "پارسا",
"last_name": "حسینینژاد",
"full_name": "پارسا حسینینژاد",
"gender": "male",
"invited_by": null,
"invite_code": null,
"invitees_count": 0,
"is_active": true,
"is_staff": true,
"is_admin": true,
"is_online": true,
"is_profile_completed": true,
"last_login": "2026-02-21T07:28:51.981082Z",
"created_at": "2026-02-21T07:28:52.460757Z",
"updated_at": "2026-02-21T07:28:52.460765Z",
"invitees": [],
"groups_data": [],
"permissions_data": [
{
"id": 1,
"code": 1001,
"name": "general_settings_read"
},
{
"id": 2,
"code": 1002,
"name": "general_settings_update"
},
{
"id": 3,
"code": 1006,
"name": "cache_settings_read"
}
]
}
}
Notes
- Not using the trailing slash
/at the end of the url results to a 500 server error - Users must either have admin or staff privileges, so one of them should be set to
true - The
full_namefield is automatically generated fromfirst_nameandlast_name. - The
groupsfield should contain valid group IDs that already exist in the system. emailandis_email_verifiedare unique together, meaning multiple users may use a duplicate email for themselves, hence only one of them can verify the email.permissionsfield should contain valid permission IDs that already exist in the system.