Here's a link to the VMware vSphere Automation Programming guide.  It's got a lot to go through, but the examples may not be as helpful:  https://developer.vmware.com/docs/16116/GUID-F4F9A3C1-1337-423B-99D4-DB5923A7A58E.html

Also here's an older vCS SSO guide (from 6.x) for some other examples: https://vdc-download.vmware.com/vmwb-repository/dcr-public/53811ce3-590a-4f2e-b640-1cceaa0b6809/e645...

But the online guide above is more current (Assuming you're on 8.x)

- First, you need to authenticate into the environment using the POST /auth/login endpoint. You can use the administrator@vsphere.local account or any other account that has SSO administrator privileges. You will receive a token that you need to use for subsequent requests.

- Next, you need to create a new user using the POST /users endpoint. You can specify the user name, password, domain, description, and other attributes in the request body. You will receive a user ID that you need to use for further operations.

- Then, you need to assign the user to a user group using the PATCH /users/{id} endpoint. You can specify the user group ID in the request body. The user group determines the permissions and roles that the user will have in the environment.

- Optionally, you can create an email address for the new user using the POST /users/{id}/addresses endpoint. You can specify the email address and the type (work or home) in the request body. The email address can be used for notifications and alerts.