Provisions a new user within Wristband based on the profile attributes synced from an external IdP. The user will be created with an ACTIVE status and their email will be marked as verified if the IdP asserts that the email is verified.

If the user's email is not verified, and the Enterprise IdP Login Workflow Policy email verification strategy is set to EMAIL_LINK, then this API will asynchronously send a verification email to the user that they can use to verify their email.

For profile attributes not configured to sync from the external IdP, you can manually provide values in the request body. If syncing is enabled for an attribute, its value from the external IdP will override any value you provide—unless the IdP value is null and the field is marked as required in the user schema. In that case, the request body value takes precedence.

Required Permissions

Below is the list of required permissions needed to interact with this API. For each permission, the allowed permission boundaries are also specified.

Permission	Boundary	Description
external-idp-login-workflow:execute	Application	The subject can perform this operation for requests associated with the application to which the subject belongs.