# Authorised Users Corporate and Consumer identities can invite authorised users to access their account. Once on-boarded, authorised users can create and manage instruments and transactions on behalf of the identity they are on-boarded with. With the `access_token` representing the identity and the consent of the identity, you will be able to create and invite authorised users for the Identity. Creating and inviting users on behalf of identities are restricted features; by default these endpoints are not available for use. ## Create a user - [POST /users](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/usercreate.md): Creates a user linked to the identity represented by the access_token. Creating authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use. ## Deactivate a user - [POST /users/{user_id}/deactivate](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/userdeactivate.md): De-activate the user identified by the user_id path parameter. Deactivated users cannot log in or execute any operations with their credentials. This operations is not final and a user can be re-activated using the userActivate operation. Note that another active user would need to log in so as to re-activate the de-activated user. Please contact our support team or your account manager to request access to this endpoint. ## Send a user invite - [POST /users/{user_id}/invite](https://api.weavr.io/products/multi-backoffice/openapi/authorised-users/userinvitesend.md): Once a user is created using the userCreate operation, the user needs to setup his/her password. An invitation needs to be sent to the user in order to be able to set up the password for the first time. The invitation email, which remains valid for 1 month, will contain a URL having all information required to setup the password. Inviting authorised users on behalf of an identity is a restricted feature and by default, this functionality is not available for use.