> ## Documentation Index
> Fetch the complete documentation index at: https://docs.neuro-tech.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Create account

> Create a Neuron account and receive an initial JWT

## Overview

Creates a new agent account and logs the user in. The account behaves like a regular XMPP account. New accounts are disabled until their email address is verified. Phone verification is optional if a phone number is provided.

## HTTP request

`POST /Agent/Account/Create`

## Authentication

This endpoint requires an API key and secret. Sign the request with HMAC-SHA256 using the API secret as the key.

Signature message:

```text theme={null}
userName:host:eMail:password:apiKey:nonce
```

## Request body

```json theme={null}
{
  "userName": "alice",
  "eMail": "alice@example.com",
  "phoneNr": "+46700000000",
  "password": "correct-horse-battery-staple",
  "apiKey": "your-api-key",
  "nonce": "random-unique-string-at-least-32-chars",
  "signature": "base64-hmac",
  "seconds": 3600,
  "language": "en"
}
```

| Field       | Type   | Required | Description                                   |
| ----------- | ------ | -------- | --------------------------------------------- |
| `userName`  | string | yes      | Username for the account. Do not include `@`. |
| `eMail`     | string | yes      | Email address used for verification.          |
| `phoneNr`   | string | no       | Phone number to verify (optional).            |
| `password`  | string | yes      | Account password.                             |
| `apiKey`    | string | yes      | API key issued by the Neuron operator.        |
| `nonce`     | string | yes      | Unique random string (minimum 32 chars).      |
| `signature` | string | yes      | HMAC signature of the request.                |
| `seconds`   | number | yes      | JWT lifetime in seconds (0 \< seconds  3600). |
| `language`  | string | no       | Optional language code for messages.          |

## Response

```json theme={null}
{
  "created": "2024-08-02T10:22:11Z",
  "updated": "2024-08-02T10:22:11Z",
  "enabled": false,
  "canRelay": true,
  "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "expires": "2024-08-02T11:22:11Z",
  "eMailCodeSent": true,
  "phoneNrCodeSent": false
}
```

| Field             | Type    | Description                                         |
| ----------------- | ------- | --------------------------------------------------- |
| `created`         | string  | Server timestamp when the account was created.      |
| `updated`         | string  | Server timestamp when the account was last updated. |
| `enabled`         | boolean | `false` until the email is verified.                |
| `canRelay`        | boolean | Whether the account can relay email.                |
| `jwt`             | string  | JWT bearer token for authenticated calls.           |
| `expires`         | string  | JWT expiration timestamp.                           |
| `eMailCodeSent`   | boolean | Whether an email verification code was sent.        |
| `phoneNrCodeSent` | boolean | Whether a phone verification code was sent.         |

## Notes

* Protect your API key and secret. They should only be used from secure back-end services.
* Each API key has a limit on how many accounts it can create.
* If you cannot protect secrets (for example, in a browser), use CreateWebForm.

## Next steps

* Verify the email address: [Verify email](/neuron-api/api-reference/accounts-and-onboarding/verify-email)
