See quickstart Menu

How to manage users via API

Use the Administrative API to create integrations with other applications, perform bulk operations, reset passwords, assign apps and much more.

Our API is designed using RESTful principles and requires different levels of authorization depending on the resources and actions that you might want to take.

Use the API Reference here here or continue reading to discover how to make API requests using different languages.

SDKs

We created client SDKs in the following languages to help with authentication, making requests, and to facilitate use of this API.

Authorizing Requests

All API requests require an OAuth2.0 Bearer token in the Authorization header. A valid credential pair of client_id and client_secret is required to generate the token.

  1. Follow these steps to create an API Credential pair

  2. Use the API to generate an access token or use one of our SDKs to generate tokens.

Sample: Create a user

See the Create User API for a complete list of available user attributes.


const request = require('request')

let options = {
  method: 'POST',
  uri: 'https://api.us.onelogin.com/api/1/users',
  auth: {
    bearer: 'ACCESS TOKEN'
  },
  json: {
    firstname: "Sally",
    lastname: "Tyler",
    email: "styler@onelogin.com",
    username: "styler"
  }
}

request(options, function(error, response, body){
  console.log(body)
})
      

using System;
using System.Net.Http;
using System.Net.Http.Headers;
using System.Text;
using System.Threading.Tasks;
using Newtonsoft.Json;

...

var client = new HttpClient();

client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

dynamic user = new {
    firstname = "Sally",
    lastname = "Tyler",
    email = "styler@onelogin.com",
    username = "styler"
};

var request = new HttpRequestMessage(){
    Method = HttpMethod.Post,
    RequestUri = new Uri("https://api.us.onelogin.com/api/1/users"),
    Content = new StringContent(JsonConvert.SerializeObject(user))
};

// We add the Content-Type Header like this because otherwise dotnet
// adds the utf-8 charset extension to it which is not compatible with OneLogin
request.Content.Headers.ContentType = new MediaTypeHeaderValue("application/json");

var response = await client.SendAsync(request);
var responseBody = await response.Content.ReadAsStringAsync();

dynamic json = JsonConvert.DeserializeObject(responseBody);
      

This makes use of the OneLogin Ruby Gem


require 'onelogin'

client = OneLogin::Api::Client.new(
    client_id: 'ONELOGIN CLIENT ID',
    client_secret:'ONELOGIN CLIENT SECRET',
    region: 'us'
)

user = client.create_user(
  firstname: "Sally",
  lastname: "Tyler",
  email: "styler@onelogin.com",
  username: "styler"
)
      

This makes use of the OneLogin Python SDK


from onelogin.api.client import OneLoginClient

client = OneLoginClient(
  'ONELOGIN CLIENT ID',
  'ONELOGIN CLIENT SECRET',
  'us'
)

user = client.create_user({
  "firstname": "Sally",
  "lastname": "Tyler",
  "email": "styler@onelogin.com",
  "username": "styler"
})
      

This makes use of the OneLogin Java SDK


Client client = new Client();

Map params = new HashMap();
params.put("email", "styler@onelogin.com");
params.put("firstname", "Sally");
params.put("lastname", "Tyler");
params.put("username", "Styler");

User user = client.createUser(params);
      

This makes use of the OneLogin PHP SDK


use \OneLogin\api\OneLoginClient;

$client = new OneLoginClient('ONELOGIN CLIENT ID', 'ONELOGIN CLIENT SECRET', 'us');

$params = array(
  "email" => "styler@onelogin.com",
  "firstname" => "Sally",
  "lastname" => "Tyler",
  "username" => "styler"
);

$user = $client->createUser($params);