POST /v2/clients/:id/users

Create a user owned by a client. The `client` relationship does
NOT grant the user any access to the client or its sub-resources;
to grant read access to reporting entities, populate
`readAccessToReportingEntities`.

Path params:
  id (required) — Client identifier.

Request:
{
  "data": {
    "type": "user",
    "attributes": {
      "firstName":    "string (required)",
      "lastName":     "string (required)",
      "contactEmail": "string (required)"
    },
    "relationships": {
      "readAccessToReportingEntities": {
        "data": [ { "type": "reporting-entity", "id": "string" } ]
      }
    }
  }
}

Response (201 Created):
{
  "data": {
    "id": "string",
    "type": "user",
    "attributes": { /* same as request */ },
    "relationships": {
      "client": { "data": { "type": "client", "id": "string" } },
      "readAccessToReportingEntities": {
        "data": [ { "type": "reporting-entity", "id": "string" } ]
      }
    }
  }
}