> ## Documentation Index > Fetch the complete documentation index at: https://docs.insforge.dev/llms.txt > Use this file to discover all available pages before exploring further. # Register new user > Creates a new user account ## OpenAPI ````yaml https://raw.githubusercontent.com/InsForge/InsForge/main/openapi/auth.yaml post /api/auth/users openapi: 3.0.3 info: title: Insforge Authentication API version: 2.0.0 description: Authentication endpoints with separated auth and profile tables servers: [] security: [] paths: /api/auth/users: post: tags: - Client summary: Register new user description: Creates a new user account parameters: - name: client_type in: query schema: type: string enum: - web - mobile - desktop - server default: web description: > Client type determines how refresh tokens are returned: - web: Refresh token stored in httpOnly cookie, csrfToken returned in response - mobile/desktop/server: refreshToken returned directly in response body requestBody: required: true content: application/json: schema: type: object required: - email - password properties: email: type: string format: email example: user@example.com password: type: string description: >- Password meeting configured requirements (check /api/auth/email/config for current requirements) example: securepassword123 name: type: string example: John Doe redirectTo: type: string format: uri description: >- Used for link-based email verification. The email link always opens an InsForge backend endpoint first; after the token is verified, InsForge redirects the browser to this URL. This URL must be included in allowedRedirectUrls. Recommended: use your app's sign-in page. responses: '200': description: User created successfully content: application/json: schema: type: object properties: user: $ref: '#/components/schemas/UserResponse' accessToken: type: string nullable: true description: >- JWT authentication token (null if email verification required) csrfToken: type: string nullable: true description: >- CSRF token for use with refresh endpoint (web clients only, null if email verification required) refreshToken: type: string nullable: true description: >- Refresh token for mobile/desktop/server clients (null for web clients or if email verification required) requireEmailVerification: type: boolean description: Whether email verification is required before login '400': description: Invalid request '403': description: Signups disabled — project has disabled new user registration content: application/json: schema: $ref: '#/components/schemas/ErrorResponse' example: error: AUTH_SIGNUP_DISABLED message: User signups are disabled for this project. statusCode: 403 '409': description: User already exists components: schemas: UserResponse: type: object properties: id: type: string format: uuid email: type: string format: email profile: type: object nullable: true additionalProperties: true description: User profile data (name, avatar_url, and custom fields) properties: name: type: string avatar_url: type: string format: uri metadata: type: object nullable: true additionalProperties: true description: System metadata (device ID, login IP, etc.) emailVerified: type: boolean providers: type: array items: type: string createdAt: type: string format: date-time updatedAt: type: string format: date-time ErrorResponse: type: object required: - error - message - statusCode properties: error: type: string description: Error code for programmatic handling example: VALIDATION_ERROR message: type: string description: Human-readable error message example: Email is already in use statusCode: type: integer description: HTTP status code example: 400 nextActions: type: string description: Suggested action to resolve the error example: Please use a different email address ````