diff --git a/README.md b/README.md
index a26c8c8..9b4ecdf 100644
--- a/README.md
+++ b/README.md
@@ -26,9 +26,7 @@ For CI, there is still [a bug](https://github.com/Kong/insomnia/issues/4747) we
     - createdAt
     - lastModified
  - [ ] ExternalID
-    - [ ] Users
     - [ ] Groups - [waiting for feedback](https://help.nextcloud.com/t/add-metadata-to-groups/139271)
- - [ ] if no emails in user, return nice array
  - [ ] json exceptions
  - [ ] group member removal
  - [ ] pagination
diff --git a/lib/Controller/UserController.php b/lib/Controller/UserController.php
index a757a00..2c4c2ca 100644
--- a/lib/Controller/UserController.php
+++ b/lib/Controller/UserController.php
@@ -89,6 +89,7 @@ class UserController extends ApiController {
 	 * @param bool   $active
 	 * @param string $displayName
 	 * @param array  $emails
+	 * @param string $externalId
 	 * @param string $userName
 	 * @return SCIMJSONResponse
 	 * @throws Exception
@@ -96,6 +97,7 @@ class UserController extends ApiController {
 	public function create(bool   $active = true,
 							string $displayName = '',
 							array  $emails = [],
+							string $externalId = '',
 							string $userName = ''): SCIMJSONResponse {
 		if ($this->userManager->userExists($userName)) {
 			$this->logger->error('Failed createUser attempt: User already exists.', ['app' => 'SCIMServiceProvider']);
@@ -112,6 +114,7 @@ class UserController extends ApiController {
 				}
 			}
 			$newUser->setEnabled($active);
+			$this->SCIMUser->setExternalId($userName, $externalId);
 			return new SCIMJSONResponse($this->SCIMUser->get($userName));
 		} catch (Exception $e) {
 			$this->logger->warning('Failed createUser attempt with SCIMException exeption.', ['app' => 'SCIMServiceProvider']);
diff --git a/lib/Service/SCIMUser.php b/lib/Service/SCIMUser.php
index 4f71860..8b04c2d 100644
--- a/lib/Service/SCIMUser.php
+++ b/lib/Service/SCIMUser.php
@@ -35,8 +35,11 @@ class SCIMUser {
 		}
 
 		$enabled = $this->config->getUserValue($targetUserObject->getUID(), 'core', 'enabled', 'true') === 'true';
+		$externalId = $this->config->getUserValue($targetUserObject->getUID(), 'SCIMServiceProvider', 'ExternalId', '');
+		$email = $targetUserObject->getSystemEMailAddress();
 
-		return [
+
+		$SCIMUser = [
 			'schemas' => ["urn:ietf:params:scim:schemas:core:2.0:User"],
 			'id' => $userId,
 			'name' => [
@@ -50,14 +53,32 @@ class SCIMUser {
 			],
 			'userName' => $userId,
 			'displayName' => $targetUserObject->getDisplayName(),
-			'emails' => [ // todo if no emails
-				[
-					'primary' => true,
-					'value' => $targetUserObject->getSystemEMailAddress()
-				]
-			],
-			'externalId' => '1234', // todo
 			'active' => $enabled
 		];
+		if ($externalId !== '') {
+			$SCIMUser['externalId'] = $externalId;
+		}
+		if ($email !== null) {
+			$SCIMUser['email'] = [ // todo if no emails
+				[
+					'primary' => true,
+					'value' => $email
+				]
+			];
+		}
+
+		return $SCIMUser;
 	}
+
+	/**
+	 * Sets externalId on user
+	 *
+	 * @param string $userId
+	 * @param string $externalId
+	 * @throws Exception
+	 */
+	public function setExternalId(string $userId, string $externalId) {
+		$this->config->setUserValue($userId, 'SCIMServiceProvider', 'ExternalId', $externalId);
+	}
+
 }