API:Account creation

From MediaWiki.org
Jump to: navigation, search
Tools clipart.png This page is part of the MediaWiki API documentation.
Language: English  • 日本語
MediaWiki API

Quick overview:

v · d · e
MediaWiki version: 1.21

Creating accounts[edit | edit source]

You can create accounts using the API. This can be a new account for yourself, or you can create an account for someone else, with a random password mailed to that person. Account creations are recorded in Special:log/newusers. If you're logged in, your username will also be recorded when creating an account.

Parameters[edit | edit source]

  • name: User name
  • password: Password (ignored if mailpassword is set)
  • domain: Domain for external authentication (optional)
  • token: Account creation token obtained in first request
  • email: Email address of user (Optional unless mailpassword is set)
  • realname: Real name of user (Optional. Additionally many wikis have realname disabled via $wgHiddenPrefs)
    Note: To check whether realname is enabled or not, request api.php?action=query&meta=userinfo&uiprop=realname. If you get no realname property back in the response, realname is a hidden preference.
  • mailpassword: If set to any value, a random password will be generated and e-mailed to the user (instead of using the password parameter)
  • reason: Optional reason for creating the account. Will be shown in the account creation log (example).
  • language: Language code to set as default for the user

Extended parameters when used with Extension:ConfirmEdit:

  • captchaid: Previously-provided CAPTCHA ID to send with followup request, if captcha was required
  • captchaword: User-provided answer of CAPTCHA to send with followup request, if captcha was required

Token[edit | edit source]

To create an account, a token is required. To retrieve a token, you make the request that you want, except with the token field being an empty string. Once you retrieve the token, you make the request again with the token filled in. This is similar to how the log in module works. See the example below for details.

Unlike most API Tokens, create account tokens will only work for one request. After creating an account with this module, you need a new token before you can create another account (The success message will contain such a token)

Example[edit | edit source]

Note: In this example, all parameters are passed in a GET request just for the sake of simplicity. However, action=createaccount requires POST requests; GET requests will cause an error.


Step 1: Retrieve token to create an account for GymBeauWhales

We should now receive a response like:

<?xml version="1.0"?>
<api>
 <createaccount token="387bc54bd0ec29333178800ce4213306" result="needtoken" />
</api>
If you get an error about "newcookiesfornew", it is due to a bug in early versions of 1.21. Repeating the request should fix that

We take the token given here, and add it to the request:


Step 2: Actually create GymBeauWhales account

Assuming everything works, we should get a result like:

<?xml version="1.0"?>
<api>
 <createaccount token="387bc54bd0ec29333178800ce4213306" userid="1234" username="GymBeauWhales" result="success" />
</api>

And GymBeauWhales@wikipmediawiki.net would get an email with instructions on how to log in.

CAPTCHA[edit | edit source]

When used with Extension:ConfirmEdit, a CAPTCHA may be presented for new account creations. This is supported via extension in the API here.

When submitting per the above rules and receiving a response, you may also receive a captcha node in the return data, similar to what is sometimes returned by action=edit.

For a text-based CAPTCHA:

{
  "createaccount": {
    "result": "NeedCaptcha",
    "captcha": {
      "type": "simple",
      "mime": "text/plain",
      "id": "323035635",
      "question": "77+5"
    }
  }
}

For an image-based CAPTCHA:

{
  "createaccount": {
    "result": "NeedCaptcha",
    "captcha": {
      "type": "image",
      "mime": "image/png",
      "id": "1147869849",
      "url": "/core/index.php?title=Special:Captcha/image&wpCaptchaId=1147869849"
    }
  }
}

Be aware that the URL may be site-relative or protocol-relative.

As of the current code (see [1]) you won't receive the captcha prompt response until after basic validation errors have been taken care of.


Possible outputs[edit | edit source]

The result attribute can have one of three values:

  • needtoken: A token is needed. A token parameter should also be set with a token to use.
    <?xml version="1.0"?><api><createaccount token="8217b293a6bd0bba84cc1cb661a06a5d" result="needtoken" /></api>
    
    • If you get a needtoken result when you are expecting a success result, make sure the token you are sending is correct, and that you are sending along any cookies sent by the API.
  • success: Everything worked
    <?xml version="1.0"?><api><createaccount token="387bc54bd0ec29333178800ce4213306" userid="1234" username="foo" result="success" /></api>
    
  • warning: Not used in core, however extensions can (in theory) add warnings, in which case the result attribute will be warning. However, this still generally means the account was created successfully.

Possible errors[edit | edit source]

All errors are formatted as:

<error code="code" info="info">

Many of the info codes to this module correspond to system messages. As a result the info part may change and in particular will vary with language.

Code Info
nocookiesfornew The user account was not created, as we could not confirm its source. Ensure you have cookies enabled, reload this page and try again.
Note: This code is sometimes returned due to a bug in early versions of MediaWiki 1.21. If you receive this error, retrying the request (ensuring cookies are sent) should fix.
sorbs_create_account_reason Your IP address is listed as an open proxy in the DNSBL.
noname You have not specified a valid username
userexists Username entered already in use
password-name-match Your password must be different from your username.
password-login-forbidden The use of this username and password has been forbidden
noemailtitle No email address
invalidemailaddress The e-mail address cannot be accepted as it appears to have an invalid format
externaldberror There was either an authentication database error or you are not allowed to update your external account
passwordtooshort The password was shorter than the value of $wgMinimalPasswordLength
noemail There is no e-mail address recorded for user
mustbeposted The createaccount module requires a POST request
acct_creation_throttle_hit Visitors to this wiki using your IP address have created $1 accounts in the last day, which is the maximum allowed in this time period. As a result, visitors using this IP address cannot create any more accounts at the moment.
wrongpassword Incorrect password entered. Please try again.
Note: Can be caused by the "domain" field being incorrect.
aborted Aborted by an extension (info will have more details)
blocked You cannot create a new account because you are blocked
permdenied-createaccount You do not have the right to create a new account
createaccount-hook-aborted An extension aborted the account creation
captcha-createaccount-fail (With Extension:ConfirmEdit and old core) Submitted CAPTCHA answer was incorrect

Disable[edit | edit source]

To disable specifically this API feature, insert the following line in your configuration file:

$wgAPIModules['createaccount'] = 'ApiDisabled';

See also[edit | edit source]