Skip to main content
GET
/
api
/
admin
/
users
Admin User Management
curl --request GET \
  --url https://api.example.com/api/admin/users \
  --header 'Authorization: <authorization>'
{
  "users": [
    {
      "id": 123,
      "name": "<string>",
      "email": "<string>",
      "role": "<string>",
      "isActive": true,
      "isSuspended": true,
      "suspensionReason": "<string>",
      "createdAt": "<string>",
      "updatedAt": "<string>"
    }
  ],
  "error": "<string>"
}

Overview

Retrieve a list of all users in the system. This endpoint is restricted to administrators only and returns all user accounts including patients, doctors, and other admins.

Authentication

Authorization
string
required
Bearer token for authentication. Must be a valid JWT token for a user with ADMIN role.

Authorization

This endpoint requires the ADMIN role. Users with PATIENT or DOCTOR roles will receive a 403 Forbidden response.

Response

users
array
Array of user objects
id
integer
Unique user identifier
name
string
User’s full name
email
string
User’s email address (unique)
role
string
User role: ADMIN, PATIENT, or DOCTOR
isActive
boolean
Whether the user account is active (default: true)
isSuspended
boolean
Whether the user account is suspended (default: false)
suspensionReason
string
Reason for suspension if the account is suspended
createdAt
string
ISO 8601 timestamp of account creation
updatedAt
string
ISO 8601 timestamp of last update
The password field is never included in the response for security reasons.

Example Request

curl -X GET https://api.example.com/api/admin/users \
  -H "Authorization: Bearer YOUR_JWT_TOKEN"

Example Response

[
  {
    "id": 1,
    "name": "Dr. Sarah Johnson",
    "email": "[email protected]",
    "role": "DOCTOR",
    "isActive": true,
    "isSuspended": false,
    "suspensionReason": null,
    "createdAt": "2024-01-15T10:30:00.000Z",
    "updatedAt": "2024-01-15T10:30:00.000Z"
  },
  {
    "id": 2,
    "name": "John Smith",
    "email": "[email protected]",
    "role": "PATIENT",
    "isActive": true,
    "isSuspended": false,
    "suspensionReason": null,
    "createdAt": "2024-02-01T14:20:00.000Z",
    "updatedAt": "2024-02-01T14:20:00.000Z"
  },
  {
    "id": 3,
    "name": "Admin User",
    "email": "[email protected]",
    "role": "ADMIN",
    "isActive": true,
    "isSuspended": false,
    "suspensionReason": null,
    "createdAt": "2024-01-01T08:00:00.000Z",
    "updatedAt": "2024-01-01T08:00:00.000Z"
  }
]

Error Responses

error
string
Error message describing what went wrong

403 Forbidden

Returned when the authenticated user does not have the ADMIN role. 
{
  "error": "Access denied"
}

401 Unauthorized

Returned when the Authorization header is missing or contains an invalid token. 
{
  "error": "Unauthorized"
}

500 Internal Server Error

Returned when a server error occurs while fetching users. 
{
  "error": "Error fetching users"
}

Build docs developers (and LLMs) love

Get started for freeTalk to us