const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
metadata: {
external_id: 'user_789_in_my_system',
customer_tier: 'standard',
signup_source: 'web'
},
display_name: 'John Doe',
vault: {
'identity.first_name': 'John',
'identity.last_name': 'Doe',
'identity.email': 'john.doe@example.com',
'identity.date_of_birth': '1990-01-15'
}
})
};
fetch('https://api.getpalm.com/v1/user', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));{
"id": "123e4567-e89b-12d3-a456-426614174000",
"object": "user",
"created_at": "2025-10-24T10:30:00Z",
"updated_at": "2025-10-24T15:45:00Z",
"metadata": {
"external_id": "user_123_in_my_system",
"customer_tier": "premium",
"signup_source": "mobile_app"
},
"status": "active",
"verification": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"risk_level": "low",
"workflow": {
"name": "KYC Verification",
"version": 1
},
"executed_at": "2024-01-15T10:30:00.000Z"
},
"display_name": "John Doe",
"email_fingerprint": "f7c3bc1d808e04732adf679965ccc34ca7ae3441",
"phone_fingerprint": "a8d4bc2e919f15843beg890076ddd45db8bf4552",
"vault": {
"identity.first_name": "John",
"identity.last_name": "Doe"
}
}Create a new user
Creates a new user record with optional display name, metadata, and vault data. Vault fields use the identity.* key format (e.g., identity.first_name, identity.email).
const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
metadata: {
external_id: 'user_789_in_my_system',
customer_tier: 'standard',
signup_source: 'web'
},
display_name: 'John Doe',
vault: {
'identity.first_name': 'John',
'identity.last_name': 'Doe',
'identity.email': 'john.doe@example.com',
'identity.date_of_birth': '1990-01-15'
}
})
};
fetch('https://api.getpalm.com/v1/user', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));{
"id": "123e4567-e89b-12d3-a456-426614174000",
"object": "user",
"created_at": "2025-10-24T10:30:00Z",
"updated_at": "2025-10-24T15:45:00Z",
"metadata": {
"external_id": "user_123_in_my_system",
"customer_tier": "premium",
"signup_source": "mobile_app"
},
"status": "active",
"verification": {
"id": "550e8400-e29b-41d4-a716-446655440000",
"risk_level": "low",
"workflow": {
"name": "KYC Verification",
"version": 1
},
"executed_at": "2024-01-15T10:30:00.000Z"
},
"display_name": "John Doe",
"email_fingerprint": "f7c3bc1d808e04732adf679965ccc34ca7ae3441",
"phone_fingerprint": "a8d4bc2e919f15843beg890076ddd45db8bf4552",
"vault": {
"identity.first_name": "John",
"identity.last_name": "Doe"
}
}Authorizations
Enter your API key in the format: sk_test_xxxxx or sk_live_xxxxx
Body
Store up to 50 custom key-value pairs for application-specific data. Useful for storing references to external systems, feature flags, or other custom attributes.
Show child attributes
Show child attributes
{
"external_id": "user_789_in_my_system",
"customer_tier": "standard",
"signup_source": "web"
}Display name for the user
"John Doe"
User data to store in the vault. Use vault field IDs as keys (e.g., "identity.email", "identity.first_name"). See UserVaultFieldsDto for the complete list of available fields.
Show child attributes
Show child attributes
{
"identity.first_name": "John",
"identity.last_name": "Doe",
"identity.email": "john.doe@example.com",
"identity.date_of_birth": "1990-01-15"
}Response
User created successfully
Unique identifier for the resource
"123e4567-e89b-12d3-a456-426614174000"
Object type identifier, always "user"
user "user"
ISO 8601 timestamp of when the resource was created
"2025-10-24T10:30:00Z"
ISO 8601 timestamp of when the resource was last updated
"2025-10-24T15:45:00Z"
Store up to 50 custom key-value pairs for application-specific data. Useful for storing references to external systems, feature flags, or other custom attributes.
Show child attributes
Show child attributes
{
"external_id": "user_123_in_my_system",
"customer_tier": "premium",
"signup_source": "mobile_app"
}Current status of the user
active, suspended, deleted "active"
Most recent verification information. Null if user has never been verified.
Show child attributes
Show child attributes
Display name for the user
"John Doe"
SHA-256 fingerprint of the user's email address. Used for duplicate detection and search without exposing the actual email. Automatically generated when email is stored in vault.
"f7c3bc1d808e04732adf679965ccc34ca7ae3441"
SHA-256 fingerprint of the user's phone number. Used for duplicate detection and search without exposing the actual phone. Automatically generated when phone is stored in vault.
"a8d4bc2e919f15843beg890076ddd45db8bf4552"
Cached vault field values for non-encrypted fields. Keys are full field IDs (e.g., "identity.first_name"). Only includes fields where encrypted=false in vault_field_definition.
{
"identity.first_name": "John",
"identity.last_name": "Doe"
}Was this page helpful?