> ## Documentation Index
> Fetch the complete documentation index at: https://iam-docs.razi.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Create Machine User

<Warning>
  Only a super Admin user is allowed to proceed with this flow.

  Make sure to either:

  * Send a valid `Authorization` header with of type `Bearer TOKEN_VALUE` where **TOKEN\_VALUE** is the token generated for the super admin.
  * In case your app supports cookie, you can enable request cookies as our API Automatically sets a cookie named `session-token` which is forwarded with each request to our api.
</Warning>

To create a machine or service user who can access the API programmatically,
you would need to make a POST request to the following endpoint:

```bash
curl --request POST \
  --url https://dev-iam.razi.ai/v1/authorization/machine-users \
  --header 'Authorization: Bearer YOUR_SECRET_TOKEN' \
  --header 'Content-Type: application/json' \
  --header 'X-App-Name: ' \
  --data '{
  "userName": "robot"
}'
```

Upon successful creation of the machine user, you will receive a response similar to the below:

```json
{
    "machineUserId": "280719066056893738",
    "clientId": "example-client-id",
    "clientSecret": "zNUTk6frtcdrpEbRiOYx3lGjZpou1oRGVxt40SUj2qkBzUVh8gybTmOObmFvDPKw"
}
```

<Info>
  Use the clientId and clientSecret generated to generate the access token for
  the machine user to authenticate and access the services.
  Store the secrets in a <b>safe</b> and <b>secure</b> place as you will not be able to retrieve them after.
</Info>

<Warning>
  Please note that the client secrets should be unique to each application. Each application should generate its
  own set of client secret.
</Warning>

<Tip>
  [Link to Playground](https://dev-iam.razi.ai/docs#tag/authorization/POST/v1/authorization/users/machine)
</Tip>