# Signup user with username

Sign up a new user and create a new account (tenant). Include the frontegg-vendor-host header (your domain name from Portal → Workspace Settings → Domains). Required fields: email, provider (authentication method: local, saml, google, github), companyName, and metadata (can be empty {}). Requires an environment authentication token.

Endpoint: POST /resources/users/v1/signUp/username
Security: bearer

## Header parameters:

  - `frontegg-vendor-host` (string, required)

  - `frontegg-application-id` (string, required)
    The application ID

## Request fields (application/json):

  - `provider` (string, required)
    Enum: "local", "saml", "google", "github", "facebook", "microsoft", "scim2", "slack", "apple"

  - `metadata` (string)
    Stringified JSON object. Use the JSON.stringify() method.

  - `username` (string, required)

  - `name` (string)

  - `profilePictureUrl` (string)

  - `password` (string)

  - `skipInviteEmail` (boolean)

  - `roleIds` (array)

  - `emailMetadata` (object)

  - `companyName` (string, required)

  - `recaptchaToken` (string)

  - `invitationToken` (string)

  - `email` (string)

  - `phoneNumber` (string)

## Response 201 fields (application/json):

  - `shouldActivate` (boolean)

  - `userId` (string)

  - `tenantId` (string)

  - `authResponse` (object)

  - `authResponse.tokenType` (string)

  - `authResponse.otcToken` (string)

  - `authResponse.mfaRequired` (boolean, required)

  - `authResponse.mfaToken` (string)

  - `authResponse.resetPasswordToken` (string)

  - `authResponse.passwordExpiresIn` (number)

  - `authResponse.notificationPeriod` (number)

  - `authResponse.mfaEnrolled` (boolean)

  - `authResponse.mfaDevices` (object)

  - `authResponse.mfaDevices.webauthn` (array, required)

  - `authResponse.mfaDevices.webauthn.id` (string, required)

  - `authResponse.mfaDevices.webauthn.deviceType` (string, required)
    Enum: "Platform", "CrossPlatform"

  - `authResponse.mfaDevices.webauthn.name` (string, required)

  - `authResponse.mfaDevices.phones` (array, required)

  - `authResponse.mfaDevices.phones.phoneNumber` (string, required)

  - `authResponse.mfaDevices.authenticators` (array, required)

  - `authResponse.mfaDevices.emails` (array, required)

  - `authResponse.mfaDevices.emails.email` (string, required)

  - `authResponse.mfaStrategies` (object)

  - `authResponse.qrCode` (string)

  - `authResponse.recoveryCode` (string)

  - `authResponse.accessToken` (string, required)

  - `authResponse.refreshToken` (string, required)

  - `authResponse.expiresIn` (number, required)

  - `authResponse.expires` (string, required)

  - `authResponse.userEmail` (string)

  - `authResponse.emailVerified` (boolean)

  - `authResponse.isBreachedPassword` (boolean)

  - `activationToken` (string)


## Response 200 fields