# User Attributes Object User accounts can be initialized as either an **End-User** or **Service User**: * End-User accounts are assigned to employees. * Service User accounts are used by applications such as the LDAP sync or any application or bot built using the Symphony APIs. **Do not assign Service User accounts to an employee.** Calling certain endpoints requires a Service User configured with the correct role or roles. For more information about End-User and Service User accounts and their roles, see the [Symphony Administration Guide](https://docs.symphony.com/series/4099883-symphony-admin-guides). ### End-User Account Attributes V2 `firstName` and `lastName` have a 64-character limit. All other End-User attributes have a 256-character limit. The following attributes apply to the [Create User V2](/main/user-management/create-user-v2.md) and [Update User v2](/main/user-management/update-user-v2.md) endpoints.\ \&#xNAN;*Note that the column "Required at Creation" concerns only the* [*Create User v2*](/main/user-management/create-user-v2.md) *endpoint.*

userAttributes Object	Required at Creation	Possible Values
accountType	false	Possible values: `NORMAL` (end-user), `SYSTEM` (service user). If not specified, `NORMAL` will be used. When you create a `SYSTEM` account, the following properties are not required: `firstName`, `lastName`.
emailAddress	true	The user's email address. Must be unique.
firstName	true	The user's first name. Required for `NORMAL` users.
lastName	true	The user's last name. Required for `NORMAL` users.
userName	true	Must be unique.
displayName	true	The user's display name.
companyName	true	The user's company name. If not specified, it is set with the default company name.
department	true	The user's department.
division	true	The user's division.
title	true	The user's title.
workPhoneNumber	true	The user's work phone number.
mobilePhoneNumber	true	The user's mobile number.
twoFactorAuthPhone	true	The user's two factor authentication mobile phone number.
smsNumber	true	The user's SMS number.
location	true	The user's location.
recommendedLanguage	true	The recommended language.
jobFunction	true	The user's job function. Possible values: `Analyst, Other` `Business Development Executive` `Corporate Access` `Developer` `Director` `Economist` `Portfolio Manager` `Project Manager` `Research Analyst` `Sales` `Strategist` `Trader`
assetClasses	true	The user's asset classes. Possible values: `Currencies` `Commodities` `Equities` `Fixed Income`
industries	true	The user's industries. Possible values: `Basic Materials` `Conglomerates` `Consumer Cyclicals` `Consumer Non-Cyclicals` `Energy & Utilities` `Financials` `Healthcare` `Real Estate` `Services` `Technology` `Transportation`
marketCoverage	true	Possible values: `EMEA` `NA` `APAC` `LATAM`
responsibility	true	Possible values: `BAU` `Escalation`
function	true	Possible values: `Collateral` `Margin` `Liquidity Management` `Regulatory Outreach` `Confirmation` `Matching` `Allocation` `Settlements` `Trade Processing` `Claims Processing` `Trade Management` `Post Trade Management` `Middle Office` `Pre-Matching`
instrument	true	Possible values: `Securities` `Fixed Income` `Equities`
currentKey	true	A UserKeyRequest Object containing the current RSA key information to use for authenticating the user. When updating the user, this can be set (rotated) to a new key, in which case the existing key is stored in the previousKey and can be used for authentication during the current session
previousKey	true	A UserKeyRequest Object containing the RSA key information from the previous key in a key rotation scenario. The previous key can be used when the currentKey has been updated during the current session. The previousKey is valid for 72 hours.
userMetadata	false	This field is reserved for internal use only. Introduced in SBE 26.1

### Service User Account Attributes

`userAttributes` Object	Required	Possible Values
`accountType`	true	`SYSTEM`
`userName`	true	Must be unique.
`emailAddress`	true	The user's email address.
`displayName`	true	The user's display name.
`companyName`	false	The user's company name. If not specified, it is set with the default company name.
`department`	false	The user's department.
`division`	false	The user's division
`workPhoneNumber`	false	The user's work phone number.
`mobilePhoneNumber`	false	The user's mobile number.
`twoFactorAuthPhone`	false	The user's two factor authentication mobile phone number.
`location`	false	The user's location.
`recommendedLanguage`	false	The recommended language.
`jobFunction`	false	The user's job function. Possible values: `Analyst, Other` `Business Development Executive` `Corporate Access` `Developer` `Director` `Economist` `Portfolio Manager` `Project Manager` `Research Analyst` `Sales` `Strategist` `Trader`
`assetClasses`	false	The user's asset classes. Possible values: `Currencies` `Commodities` `Equities` `Fixed Income`
`industries`	false	The user's industries. Possible values: `Basic Materials` `Conglomerates` `Consumer Cyclicals` `Consumer Non-Cyclicals` `Energy & Utilities` `Financials` `Healthcare` `Real Estate` `Services` `Technology` `Transportation`
`marketCoverage`	false	Possible values: `EMEA` `NA` `APAC` `LATAM`
`responsibility`	false	Possible values: `BAU` `Escalation`
`function`	false	Possible values: `Collateral` `Margin` `Liquidity Management` `Regulatory Outreach` `Confirmation` `Matching` `Allocation` `Settlements` `Trade Processing` `Claims Processing` `Trade Management` `Post Trade Management` `Middle Office` `Pre-Matching`
`instrument`	false	Possible values: `Securities` `Fixed Income` `Equities`
`currentKey`	false	A UserKeyRequest Object containing the current RSA key information to use for authenticating the user. When updating the user, this can be set (rotated) to a new key, in which case the existing key is stored in the previousKey and can be used for authentication during the current session.
`previousKey`	false	A UserKeyRequest Object containing the RSA key information from the previous key in a key rotation scenario. The previous key can be used when the currentKey has been updated during the current session. The previousKey is valid for 72 hours.
`userMetadata`	false	This field is reserved for internal use only. Introduced in SBE 26.1

--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://rest-api.symphony.com/main/user-management/user-attributes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.