Create User

Create a user in Tenable Vulnerability Management.

Input

Field	Definition	Type	Required
User
Username	The sign-in name for the user. A valid username must be in the format `name@domain`, where domain corresponds to a domain that's approved for your Tenable Vulnerability Management instance. Note: During initial setup, Tenable configures approved domains for your Vulnerability Management instance. To add domains to your instance, contact Tenable Support.	Text	TRUE
Password	The password for the user. Passwords must be at least 12 characters long and contain at least one uppercase letter, one lowercase letter, one number, and one special character.	Text	TRUE
Full Name	The full name of the user.	Text	FALSE
Email	The email address of the user. A valid email address must be in the `name@domain` format where domain corresponds to a domain approved for your Tenable Vulnerability Management instance. Admins can create users with an email address that has a domain outside of the approved domains. This email address overrides the email address set in username. If your request omits this parameter, Tenable Vulnerability Management uses the username value as the user's email address. Note: During initial setup, Tenable configures approved domains for your Vulnerability Management instance. To add domains to your instance, contact Tenable Support.	Text	FALSE
Predefined Role	The user role represented as an integer value, as described in User Roles. Values: `Basic` `Scan Operator` `Standard` `Scan Manager` `Administrator` Note: You can only assign predefined User Roles. You can use Update User Role card to assign Custom Roles. If omitted, the `Basic [16]` user role is applied by default.	Dropdown	FALSE

Output

Field	Definition	Type
User
ID	The unique identifier of the user.	Text
UUID	The UUID of the user.	Text
Username	The username for the user.	Text
Email	The email address of the user. If this attribute is empty, Tenable Vulnerability Management uses the username value as the email address of the user.	Text
Full Name	The full name of the user.	Text
Is Enabled	Specifies whether the user account is enabled (`true`) or disabled (`false`).	True/False
Container UUID	The UUID of the Tenable Vulnerability Management instance to which the user belongs.	Text
Is Lockedout	Specifies whether the user can sign in to the Tenable Vulnerability Management app (`false`) or is locked out (`true`). Tenable Vulnerability Management automatically updates this attribute to true if the `login_fail_count` attribute for the user is greater than 5. To unlock a user account, reset the password of the user using the Change User Password card (chaange password endpoint). Note: A user can be locked out of the user interface but still submit API requests if they are assigned the appropriate authorizations (`api_permitted`). To prevent a user from submitting API requests, limit authorizations using the update user authorizations endpoint, or disable the user entirely using the Update User card (update user endpoint) or enable user account endpoint.	True/False
Type	The type of user. Note: The only supported type is `local`.	Text
Predefined Role	The user role represented as an integer value, as described in User Roles. Note: The value of this field is `0` if the user is assigned a Custom Role.	Number
Groups	A list of UUIDs for the groups to which the user belongs.	List of Text
Raw Output	The raw response body that's returned by the API.	Object