**Source URL:** https://limited.veevavault.dev/safety/vault-api/api-reference/24.2/users/create-users/create-multiple-users.md

# Create Multiple Users



<Aside>Beginning in v18.1, Admins create and manage users with `user__sys` object records. Unless you are adding cross-domain or VeevaID users or adding users to a domain without assigning Vault membership, we strongly recommend using the [Create Object Records](/vault-api/api-reference/24.2/vault-objects/create-upsert-object-records/#create-user-object-records) endpoint to create new users.</Aside>
Create new users and assign them to Vaults in bulk. You can also add multiple existing users as cross-domain users or VeevaID users.

* The maximum input file size is 1GB.

* The values in the input must be UTF-8 encoded.

* CSVs must follow the standard RFC 4180 format, with some [exceptions](/vault-api/references/csv-rfc-deviations).

* The maximum batch size is 500.

<Endpoint path="/api/{version}/objects/users" method="POST"></Endpoint>

## Headers {#headers}

<FieldTable>
| Name | Description |
| --- | --- |
| `Content-Type` | `application/json` or `text/csv` |
| `Accept` | `application/json` (default) or `text/csv` |
</FieldTable>

## Body Parameters {#body-parameters}

Prepare a JSON or CSV input file. You may add values to any other editable user field, unless you are adding a [cross-domain](/vault-api/api-reference/24.2/users/update-users) user or [VeevaID](/vault-api/api-reference/24.2/users/update-users) user.
See [Retrieve Users](/vault-api/api-reference/24.2/users/retrieve-all-users) for all possible values.
Using only the required fields will add users to your domain but will not assign them to individual Vaults within your domain.
To assign users to individual Vaults, you must also use the required [Vault Membership](/vault-api/api-reference/24.2/users/update-users) parameters.

<FieldTable>
| Name | Description |
| --- | --- |
| `user_name__v` | The user’s Vault username (login credential). For example, `ewoodhouse@veepharm.com` |
| `user_first_name__v` | The user's first name. |
| `user_last_name__v` | The user's last name. |
| `user_email__v` | The user's email address. |
| `user_timezone__v` | The user's time zone. Retrieve values from [Retrieve Users](/vault-api/api-reference/24.2/users/retrieve-all-users). |
| `user_locale__v` | The user's location. Retrieve values from [Retrieve Users](/vault-api/api-reference/24.2/users/retrieve-all-users). |
| `security_policy_id__v` | The user's security policy. Retrieve values from [Retrieve All Security Policies](/vault-api/api-reference/24.2/security-policies/retrieve-all-security-policies). |
| `user_language__v` | The user's preferred language. Retrieve values from [Retrieve Users](/vault-api/api-reference/24.2/users/retrieve-all-users). |
| `domain` | If you set this to `true`, the user will not be assigned to a Vault. |
| `security_profile__v` | The user’s security profile. If omitted, the default value is `document_user__v`. |
| `license_type__v` | The license type is the first level of access control that Vault applies to a user. If your Vault utilizes user-based licensing, assign application licensing using the `app_licensing` field. |
| `vault_membership` | Use this field to assign a user to individual Vaults within your domain. This is required to create cross-domain users or VeevaID users. Learn how to configure this parameter in the [Vault Membership](/vault-api/api-reference/24.2/users/update-users) section. |
| `app_licensing` | Use this field to assign a user to individual applications within your Vault. Learn how to configure this parameter in the [Application Licensing](/vault-api/api-reference/24.2/users/update-users) section. |
</FieldTable>

##### Vault Membership {#vault-membership}

To assign user permissions across Vaults, create cross-domain users,or create VeevaID users, you must include the `vault_membership` column configured with the following fields:

<FieldTable>
| Name | Description |
| --- | --- |
| `vault_id` | The Vault ID to assign the user to. |
| `active__v` | Set the user to active (`true`) or inactive (`false`). If not specified, default value is `true`. |
| `security_profile__v` | Set the user's security profile, for example, `read_only_user__v`. If not specified, this value defaults to `document_user__v`. |
| `license_type__v` | Set the user's license type, for example, `read_only__v`. If not specified, this value defaults to `full__v`. |
</FieldTable>
For example, to add an active user to Vault ID 3003 with the `system_admin__v` security profile and the `full__v` license type:

<FieldTable>
| `vault_membership` |
| --- |
| `3003`:`true`:`system_admin__v`:`full__v` |
</FieldTable>

##### Application Licensing {#application-licensing}

To add a user to specific applications within a Vault or across Vaults, you must include the `app_licensing` column configured with the following fields:

<FieldTable>
| Name | Description |
| --- | --- |
| `vault_id` | The Vault ID to assign the user to. |
| `active__v` | Set the user to active (`true`) or inactive (`false`). If not specified, default value is `true`. |
| `application_name` | The application to add the user to. For example, use `rimReg_v` to assign a user to the RIM Registrations application. Obtain the values available in your Vault from the [Retrieve Application License Usage](/vault-api/api-reference/24.2/users/retrieve-application-license-usage) request. |
| `license_type__v` | Set the user's license type for a specific application, for example, `read_only__v`. You must select a license value for at least one application. Possible values are:`full__v``external__v``learner_user__v``read_only__v`Some license values may be invalid depending on the application. The `license_type__v` for an application cannot be more permissive than the user's Vault-wide license type. If omitted, the default value is `full__v`. The request fails if you provide an invalid `license_type__v` value for a specific application. Learn more about [valid license values by application in Vault Help](https://platform.veevavault.help/en/lr/5721). |
</FieldTable>
The format for adding these fields is:

`{vault_id}|{application_name}{:active__v}{:license_type__v}`

To add a user to more than one application, separate the applications with a pipe. To add a user to applications in multiple Vaults, separate the Vaults with a semicolon. For example:

<FieldTable>
| `app_licensing` |
| --- |
| `3003`|`rimReg_v:true:full__v`|`rimSubs_v:true:full__v;4112`|`rimSubs_v:true:full__v` |
</FieldTable>
This adds an active user to both RIM Registrations and RIM Submissions in Vault ID 3003, and to the RIM Submissions application in Vault ID 4112, all with the `full__v` license type.

##### Add Cross-Domain Users {#add-cross-domain-users}

The following are the only fields required to add cross-domain users. All other fields are ignored. Learn more about cross-domain users in [Vault Help](https://platform.veevavault.help/en/lr/38996).

<FieldTable>
| Name | Description |
| --- | --- |
| `user_name__v` | The user’s Vault username (login credential). For example, `ewoodhouse@veepharm.com`. |
| `vault_membership` | Assign this user permissions across domains. Learn how to configure this parameter in the [Vault Membership](/vault-api/api-reference/24.2/users/update-users) section. |
</FieldTable>

##### Add VeevaID Users {#add-veevaid-users}

The following are the only fields required to add an existing VeevaID user to Vault. All other fields are ignored.

<FieldTable>
| Name | Description |
| --- | --- |
| `user_name__v` | The user’s Vault username (login credential). For example, `ewoodhouse@veepharm.com`. |
| `vault_membership` | Assign this user permissions across domains. Learn how to configure this parameter in the [Vault Membership](/vault-api/api-reference/24.2/users/update-users) section. |
| `security_policy_id__v` | The `name__v` value of your Vault’s VeevaID security profile, for example, `25285`. You can retrieve this ID from the [Retrieve All Security Policies](/vault-api/api-reference/24.2/security-policies/retrieve-all-security-policies) endpoint. |
</FieldTable>

## Query Parameters: Upsert Users {#query-parameters-upsert-users}

Upsert is a combination of create and update. Use one input file to create new users and update existing users at the same time. If a matching user record is found in your Vault, it is updated with the field values specified in the input. If no matching user record is found, a new user is created using values in the input.

<FieldTable>
| Name | Description |
| --- | --- |
| `operation` | To upsert users, you must include `operation=upsert` |
| `idParam` | To upsert users, you must include either `idParam=id` or `idParam=user_name__v` to the request endpoint. |
</FieldTable>
<DownloadButton href="/sample-files/vault-create-users-sample-csv-input.csv" label="Download Input File"></DownloadButton>

## Request {#request}

<CodeExample title="">
```
curl -X POST -H "Authorization: {SESSION_ID}" \
-H "Content-Type: text/csv" \
-H "Accept: text/csv" \
--data-binary @"C:\Vault\Users\create_users.csv" \
https://myvault.veevavault.com/api/v12.0/objects/users

```
</CodeExample>

## Response {#response}

<CodeExample title="">
```
{
   "responseStatus":"SUCCESS",
   "data":[
      {
         "responseStatus":"SUCCESS",
         "id":"12021"
      },
      {
         "responseStatus":"SUCCESS",
         "id":"12022"
      },
      {
         "responseStatus":"SUCCESS",
         "id":"12023"
      },
      {
         "responseStatus":"FAILURE",
         "errors":[
            {
               "type":"INVALID_DATA",
               "message":"Error message describing why this user was not created."
            }
         ]
      }
   ]
}

```
</CodeExample>

## Response Details: {#response-details}

On `SUCCESS`, Vault responds will list the `id` of each user. The order results are displayed in the response is the same as the order of records in the input.



---

**Previous:** [Create Single User](/safety/vault-api/api-reference/24.2/users/create-users/create-single-user)  
**Next:** [Update Users](/safety/vault-api/api-reference/24.2/users/update-users)