# Create an Application User Creating an application user is the equivalent of provisioning API keys (i.e. credentials) for an . > Each Application can have multiple which allows each seller to have multiple API keys that can be independently enabled and disabled. Merchants only have read access to the API. Endpoint: POST /applications/{application_id}/users Version: 2022-02-01 Security: BasicAuth ## Path parameters: - `application_id` (string, required) ID of to use. Example: "APc9vhYcPsRuTSpKD9KpMtPe" ## Response 201 fields (application/json): - `id` (string) The ID of the object. - `created_at` (string) Timestamp of when the object was created. - `updated_at` (string) Timestamp of when the object was last updated. - `created_by` (string) The ID of the application user that created _this_ user. - `email` (string) The email address of the application user (max 100 characters). - `enabled` (boolean) Whether the is enabled and active. Set to to disable the . - `identity` (string,null) ID of the that the object was created under. Example: "IDxxxxxxxxxxxxxxxxxx" - `last_used_date` (string) Timestamp of when the user credentials were last used to make an API call. - `password` (string,null) The you'll use to authetnicate requests. - `role` (string) Details the level of access the [](#Users) has available. Enum: "ROLE_ADMIN", "ROLE_PLATFORM", "ROLE_PARTNER", "ROLE_MERCHANT" - `tags` (object,null) Include up to 50 pairs to annotate requests with custom metadata. - Maximum character length for individual is 40. - Maximum character length for individual is 500. (For example, , , ) - `_links` (object) For your convenience, every response includes several URLs which link to resources relevant to the request. You can use these to make your follow-up requests and quickly access relevant IDs. - `_links.application` (object) Link to the the resource was created under. - `_links.application.href` (string) - `_links.applications` (object) - `_links.self` (object) Link to the resource that was used in the request. ## Response 400 fields (application/json): - `total` (integer) - `_embedded` (object) - `_embedded.errors` (array) - `_embedded.errors.logref` (object) - `_embedded.errors.message` (string) - `_embedded.errors.code` (string) Enum: "UNPROCESSABLE_ENTITY" - `_embedded.errors._links` (object) - `_embedded.errors._links.self` (object) - `_embedded.errors._links.self.href` (string) ## Response 401 fields (application/json): - `total` (integer) - `_embedded` (object) - `_embedded.errors` (array) - `_embedded.errors.code` (string) Enum: "UNKNOWN" - `_embedded.errors.logref` (object) - `_embedded.errors.message` (string) - `_embedded.errors._links` (object) - `_embedded.errors._links.self` (object) - `_embedded.errors._links.self.href` (string) - `_embedded.errors._links.source` (object) ## Response 403 fields (application/json): - `total` (integer) - `_embedded` (object) - `_embedded.errors` (array) - `_embedded.errors.code` (string) Enum: "FORBIDDEN" - `_embedded.errors.logref` (object) - `_embedded.errors.message` (string) - `_embedded.errors._links` (object) - `_embedded.errors._links.source` (object) - `_embedded.errors._links.source.href` (string) ## Response 404 fields (application/json): - `total` (integer) - `_embedded` (object) - `_embedded.errors` (array) - `_embedded.errors.code` (string) Enum: "NOT_FOUND" - `_embedded.errors.logref` (object) - `_embedded.errors.message` (string) - `_embedded.errors._links` (object) - `_embedded.errors._links.source` (object) - `_embedded.errors._links.source.href` (string) ## Response 406 fields (application/json): - `total` (integer) - `_embedded` (object) - `_embedded.errors` (array) - `_embedded.errors.code` (string) Enum: "NOT_FOUND" - `_embedded.errors.logref` (object) - `_embedded.errors.message` (string) - `_embedded.errors._links` (object) - `_embedded.errors._links.source` (object) - `_embedded.errors._links.source.href` (string)