Provision and manage user accounts

Updated on Feb 19, 2026
Published on Oct 27, 2025

8 minute(s) read

Prev Next

Post

/webhooks

Security

HTTP

Type basic

HTTP Basic authentication using your Tenant ID and API secret.

Username is the Tenant ID (i.e. eu-west-2_AbcdEfghI)
Password is the API secret you would have received.

You can also authenticate using OAuth 2.0 client credentials (oauth2 security scheme) instead of Basic auth.

OAuth

OAuth 2.0 client credentials authentication.

Use the following token endpoints (replace :tenantId with your Tenant ID):

Public API access tokens
- Staging: https://public.api.learnstaging.link/oauth2/token/:tenantId
- Production: https://public.api.learn.link/oauth2/token/:tenantId
- Staging MEA: https://public.api.meastaging.learn.tech/oauth2/token/:tenantId
- Production MEA: https://public.api.mea.learn.tech/oauth2/token/:tenantId
Webhooks access tokens
- Staging: https://user.api.learnstaging.link/oauth2/token/:tenantId
- Production: https://user.api.learn.link/oauth2/token/:tenantId
- Staging MEA: https://user.api.meastaging.learn.tech/oauth2/token/:tenantId
- Production MEA: https://user.api.mea.learn.tech/oauth2/token/:tenantId

All access tokens must be sent using the Authorization: Bearer <access_token> header.

Scopes

For API access (non-webhooks), the following scopes are available:

api/all – Full read and write access to the API.
api/read – Read-only access to the API.
api/write – Write access to the API.

For webhooks, the following scopes are available:

api/webhooks – Access to webhook functionality.
api/all – Full read and write access to the API, including webhooks.

Tokens must include appropriate scopes for the endpoints you wish to call.

FlowClient Credentials

Token URLhttps://public.api.learn.link/oauth2/token/:tenantId

Body parameters

user_joined

User has joined the organisation

This event is for creating a user or unsuspending a user

"{\n  \"id\": \"UNIQUEREFERENCE111000\",\n  \"timestamp\": \"2020-03-09T22:18:26.625Z\",\n  \"eventType\": \"user_joined\",\n  \"content\": {\n    \"user\": {\n      \"ref\": \"UID30084022\",\n      \"email\": \"user@thrivelearning.com\",\n      \"firstName\": \"Thomas\",\n      \"lastName\": \"Jefferson\",\n      \"role\": \"learner\",\n      \"jobTitle\": \"Director\",\n      \"managerRef\": \"UID0034234555\",\n      \"startDate\": \"2021-08-19T18:00:00.000Z\",\n      \"timeZone\": \"Europe/London\",\n      \"languageCode\": \"en-gb\"\n    }\n  }\n}\n"

user_updated

User information has changed

This event is for updating an existing user

"{\n  \"id\": \"UNIQUEREFERENCE111000\",\n  \"timestamp\": \"2020-03-09T22:18:26.625Z\",\n  \"eventType\": \"user_updated\",\n  \"content\": {\n    \"user\": {\n      \"ref\": \"UID30084022\",\n      \"email\": \"user@thrivelearning.com\",\n      \"role\": \"learneradmin\"\n    }\n  }\n}\n"

user_suspended

User has left the organisation

The event to submit when you want to suspend a user.

"{\n  \"id\": \"UNIQUEREFERENCE111000\",\n  \"timestamp\": \"2020-03-09T22:18:26.625Z\",\n  \"eventType\": \"user_suspended\",\n  \"content\": {\n    \"user\": {\n      \"ref\": \"UID30084022\"\n    }\n  }\n}\n"

user_deleted

User has been deleted from the organisation

This event will obfuscate the user record while keeping the training history

"{\n  \"id\": \"UNIQUEREFERENCE111000\",\n  \"timestamp\": \"2020-03-09T22:18:26.625Z\",\n  \"eventType\": \"user_deleted\",\n  \"content\": {\n    \"user\": {\n      \"ref\": \"UID30084022\"\n    }\n  }\n}\n"

Expand All

object

An envelope containing information about the event and the event requirements

string Required

ExampleUNIQUEREFERENCE111000

timestamp

string Required

Example2020-03-09T22:18:26.625Z

eventType

string Required

Valid values[ "user_joined", "user_updated", "user_suspended", "user_deleted" ]

content

OneOf

UserSuspendedEventBody

object (UserSuspendedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

endDate

string (date-time)

The date this individual left your organisation

object

string Required

ExampleUNIQUEREFERENCE111000

timestamp

string Required

Example2020-03-09T22:18:26.625Z

eventType

string Required

Valid values[ "user_joined", "user_updated", "user_suspended", "user_deleted" ]

content

OneOf

UserSuspendedEventBody

object (UserSuspendedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

endDate

string (date-time)

The date this individual left your organisation

object

object Recursive

content

object

user

object (UserBody)

The input to create, update or suspend a user.

You may provide additional properties however they must match the configured custom fields.

ref

string Required

Your organisation's unique identifier for this individual

ExampleUID30084022

string Required

The email address for the user

Exampleuser@thrivelearning.com

firstName

string Required

The given name of the individual

ExampleThomas

lastName

string Required

The family name of the individual

ExampleJefferson

role

string

The role assigned to this individual. If omitted for user_joined, the role defaults to learner. If omitted for user_updated, the existing role is preserved.

Valid values[ "administrator", "learneradmin", "learner" ]

Examplelearner

jobTitle

string

The name of this individual's role in your organisation

ExampleDirector

managerRef

string

Your organisation's unique identifier for this individual's line manager

ExampleUID0034234555

startDate

string (date-time)

The date this individual started working with your organisation

Example2021-08-19T18:00:00Z

endDate

string (date-time)

The date this individual left your organisation

timeZone

string

The user’s preferred timezone. If not provided the tenant default is used

Defaultnull

ExampleEurope/London

languageCode

string

The user’s preferred language. If not provided the tenant default is used.

One caveat is that the tenant may only use the languages they have requested.

Valid values[ "cs", "de", "en-gb", "en-us", "es", "es-mx", "fi", "fr", "hu", "id", "it", "ja", "ja-jp", "kn-in", "ms-my", "nl", "pl", "pt", "sk", "sv", "th", "tr", "zh-cn" ]

Defaultnull

Exampleen-gb

sso

boolean

Whether this account is managed by an Authentication provider or not.

Exampletrue

domain

string

The domain this individual is associated with

Defaultnull

Exampletenant.learn.link

object

object Recursive

content

object

user

object (UserBody)

The input to create, update or suspend a user.

You may provide additional properties however they must match the configured custom fields.

ref

string Required

Your organisation's unique identifier for this individual

ExampleUID30084022

string Required

The email address for the user

Exampleuser@thrivelearning.com

firstName

string Required

The given name of the individual

ExampleThomas

lastName

string Required

The family name of the individual

ExampleJefferson

role

string

The role assigned to this individual. If omitted for user_joined, the role defaults to learner. If omitted for user_updated, the existing role is preserved.

Valid values[ "administrator", "learneradmin", "learner" ]

Examplelearner

jobTitle

string

The name of this individual's role in your organisation

ExampleDirector

managerRef

string

Your organisation's unique identifier for this individual's line manager

ExampleUID0034234555

startDate

string (date-time)

The date this individual started working with your organisation

Example2021-08-19T18:00:00Z

endDate

string (date-time)

The date this individual left your organisation

timeZone

string

The user’s preferred timezone. If not provided the tenant default is used

Defaultnull

ExampleEurope/London

languageCode

string

The user’s preferred language. If not provided the tenant default is used.

One caveat is that the tenant may only use the languages they have requested.

Valid values[ "cs", "de", "en-gb", "en-us", "es", "es-mx", "fi", "fr", "hu", "id", "it", "ja", "ja-jp", "kn-in", "ms-my", "nl", "pl", "pt", "sk", "sv", "th", "tr", "zh-cn" ]

Defaultnull

Exampleen-gb

sso

boolean

Whether this account is managed by an Authentication provider or not.

Exampletrue

domain

string

The domain this individual is associated with

Defaultnull

Exampletenant.learn.link

UserDeletedEventBody

object (UserDeletedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

object

string Required

ExampleUNIQUEREFERENCE111000

timestamp

string Required

Example2020-03-09T22:18:26.625Z

eventType

string Required

Valid values[ "user_joined", "user_updated", "user_suspended", "user_deleted" ]

content

OneOf

UserSuspendedEventBody

object (UserSuspendedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

endDate

string (date-time)

The date this individual left your organisation

object

object Recursive

content

object

user

object (UserBody)

The input to create, update or suspend a user.

You may provide additional properties however they must match the configured custom fields.

ref

string Required

Your organisation's unique identifier for this individual

ExampleUID30084022

string Required

The email address for the user

Exampleuser@thrivelearning.com

firstName

string Required

The given name of the individual

ExampleThomas

lastName

string Required

The family name of the individual

ExampleJefferson

role

string

The role assigned to this individual. If omitted for user_joined, the role defaults to learner. If omitted for user_updated, the existing role is preserved.

Valid values[ "administrator", "learneradmin", "learner" ]

Examplelearner

jobTitle

string

The name of this individual's role in your organisation

ExampleDirector

managerRef

string

Your organisation's unique identifier for this individual's line manager

ExampleUID0034234555

startDate

string (date-time)

The date this individual started working with your organisation

Example2021-08-19T18:00:00Z

endDate

string (date-time)

The date this individual left your organisation

timeZone

string

The user’s preferred timezone. If not provided the tenant default is used

Defaultnull

ExampleEurope/London

languageCode

string

The user’s preferred language. If not provided the tenant default is used.

One caveat is that the tenant may only use the languages they have requested.

Valid values[ "cs", "de", "en-gb", "en-us", "es", "es-mx", "fi", "fr", "hu", "id", "it", "ja", "ja-jp", "kn-in", "ms-my", "nl", "pl", "pt", "sk", "sv", "th", "tr", "zh-cn" ]

Defaultnull

Exampleen-gb

sso

boolean

Whether this account is managed by an Authentication provider or not.

Exampletrue

domain

string

The domain this individual is associated with

Defaultnull

Exampletenant.learn.link

object

object Recursive

content

object

user

object (UserBody)

The input to create, update or suspend a user.

You may provide additional properties however they must match the configured custom fields.

ref

string Required

Your organisation's unique identifier for this individual

ExampleUID30084022

string Required

The email address for the user

Exampleuser@thrivelearning.com

firstName

string Required

The given name of the individual

ExampleThomas

lastName

string Required

The family name of the individual

ExampleJefferson

role

string

The role assigned to this individual. If omitted for user_joined, the role defaults to learner. If omitted for user_updated, the existing role is preserved.

Valid values[ "administrator", "learneradmin", "learner" ]

Examplelearner

jobTitle

string

The name of this individual's role in your organisation

ExampleDirector

managerRef

string

Your organisation's unique identifier for this individual's line manager

ExampleUID0034234555

startDate

string (date-time)

The date this individual started working with your organisation

Example2021-08-19T18:00:00Z

endDate

string (date-time)

The date this individual left your organisation

timeZone

string

The user’s preferred timezone. If not provided the tenant default is used

Defaultnull

ExampleEurope/London

languageCode

string

The user’s preferred language. If not provided the tenant default is used.

One caveat is that the tenant may only use the languages they have requested.

Valid values[ "cs", "de", "en-gb", "en-us", "es", "es-mx", "fi", "fr", "hu", "id", "it", "ja", "ja-jp", "kn-in", "ms-my", "nl", "pl", "pt", "sk", "sv", "th", "tr", "zh-cn" ]

Defaultnull

Exampleen-gb

sso

boolean

Whether this account is managed by an Authentication provider or not.

Exampletrue

domain

string

The domain this individual is associated with

Defaultnull

Exampletenant.learn.link

UserDeletedEventBody

object (UserDeletedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

UserDeletedEventBody

object (UserDeletedEventBody)

user

object

ref

string

Your organisation's unique identifier for this individual

ExampleUID30084022

Responses

200

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

content

object

user

object (UserResource)

A user resource

string

Example6143eedfd39243e830bdbb8c

ref

string

ExampleUID30084022

string

Exampleuser@thrivelearning.com

firstName

string

ExampleThomas

lastName

string

ExampleJefferson

role

string

The user's role

Valid values[ "administrator", "learneradmin", "learner" ]

Examplelearner

jobTitle

string

ExampleDirector

managerRef

string

ExampleUID0034234555

startDate

string (date-time)

Example2021-01-01T09:00:00Z

endDate

string (date-time)

Example2021-06-11T16:00:00Z

timeZone

string

Defaultnull

ExampleEurope/London

languageCode

string

The user’s preferred language. If not provided the tenant default is used.

One caveat is that the tenant may only use the languages they have requested.

Valid values[ "cs", "de", "en-gb", "en-us", "es", "es-mx", "fi", "fr", "hu", "id", "it", "ja", "ja-jp", "kn-in", "ms-my", "nl", "pl", "pt", "sk", "sv", "th", "tr", "zh-cn" ]

Defaultnull

Exampleen-gb

active

boolean

Whether the account is active or suspended

Exampletrue

createdAt

string

The date and time the user was created

Example2021-08-18T13:48:00+00:00

updatedAt

string

The date and time the user was last modified

Example2021-08-19T18:00:00.000Z

singleSignOn

boolean

Exampletrue

domain

string

The domain this individual is associated with

Exampletenant.learn.link

400

Bad Request

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

error

object (BadRequestError)

The request is invalid

status

number

Example400.0

error

string

ExampleBad Request

message

string

ExampleInvalid JSON on line 1

401

Unauthorized

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

message

object (UnauthorizedError)

You must be authorized to process this request

status

number

Example401.0

error

string

ExampleUnauthorized

message

string

ExampleInvalid client_id

404

Resource could not be found

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

message

object (NotFoundError)

The resource cannot be found or does not exist

status

number

Example404.0

error

string

ExampleNot Found

message

string

ExampleCould not find user with ref

409

Conflict

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

error

object (ConflictError)

There was a conflict with the request and the resource

status

number

Example409.0

error

string

ExampleConflict

message

string

ExampleThe resource already exists

422

Unable to process the requested entity

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

message

object (UnprocessableEntityError)

The request could not be processed due to a validation error

status

number

Example422.0

error

string

ExampleUnprocessable Entity

message

string

ExampleThe startDate must be in a valid ISO 8601 format

default

An unexpected error has occurred

When any default error occurs it may be a system failure and persistent errors may require support.

Expand All

object

string

ExampleUNIQUEREFERENCE111000

timestamp

string

Example2020-03-09T22:18:26.625Z

eventType

string

Valid values[ "user_joined", "user_updated", "user_suspended" ]

message

object (InternalServerError)

The server is unable to process the request

status

number

Example500.0

error

string

ExampleInternal Server Error

Was this article helpful?