AuthServer
Users
Create users and manage credentials.
Users are the people who authenticate through SqlOS. Each user has an email, a display name, and optionally a password.
Create a user#
Dashboard: Auth Server > Users
SDK:
var user = await adminService.CreateUserAsync(new CreateUserRequest
{
DisplayName = "Jane Doe",
Email = "jane@acme.com",
Password = "securePassword123"
});Admin API:
curl -X POST http://localhost:5062/sqlos/admin/auth/api/users \
-H "Content-Type: application/json" \
-d '{"displayName": "Jane Doe", "email": "jane@acme.com", "password": "securePassword123"}'User types#
| Type | Created by | Has password |
|---|---|---|
| Local | Dashboard, SDK, Email OTP signup, or invitation signup | Optional |
| SSO-provisioned | SAML login with auto-provisioning | No |
| OIDC-linked | Google, Microsoft, GitHub, Apple, or custom social login | No |
Users without a password can sign in through Email OTP, SSO, or OIDC. You can add a password later through the dashboard or SDK when local password auth is enabled.
Passwordless users#
Email OTP signup and invitation signup create users with verified primary email addresses and no password. That is the normal model for passwordless applications.
If your app uses organization onboarding, create an Email Invitation instead of creating a user directly. The invitation acceptance flow verifies the invited email and creates or reactivates the membership transactionally.
Email normalization#
Emails are normalized on creation (lowercased, trimmed). Use SqlOSAdminService.NormalizeEmail() for consistent lookups:
var normalized = SqlOSAdminService.NormalizeEmail("Jane@Acme.COM");
// → "jane@acme.com"