Authentication All user endpoints require authentication via Bearer token:
Authorization: Bearer <access_token>
List Users curl -X GET "https://api.example.com/api/users?page=1&limit=20&search=john" \ -H "Authorization: Bearer <access_token>"
Page number for pagination (minimum: 1)
Number of results per page (minimum: 1, maximum: 100)
Search term to filter users by name or email
Response Indicates if the request was successful
Array of user objects User’s unique identifier (UUID)
User’s email address (max 320 characters)
User’s full name (max 255 characters)
User’s phone number (max 20 characters)
URL to user’s avatar image (max 500 characters)
Whether the user’s email has been verified
ISO 8601 timestamp of user’s last login
Whether the user account is disabled
ISO 8601 timestamp of user creation
{ "success" : true , "data" : [ { "id" : "550e8400-e29b-41d4-a716-446655440000" , "email" : "[email protected] " , "fullName" : "John Doe" , "phone" : "+1234567890" , "avatar" : "https://example.com/avatars/john.jpg" , "emailVerified" : true , "lastLoginAt" : "2024-03-04T10:30:00Z" , "isDisabled" : false , "createdAt" : "2024-01-15T08:00:00Z" } ], "pagination" : { "page" : 1 , "limit" : 20 , "total" : 45 , "totalPages" : 3 } }
Get User by ID curl -X GET "https://api.example.com/api/users/{id}" \ -H "Authorization: Bearer <access_token>"
User’s unique identifier (UUID)
Response Indicates if the request was successful
User object with detailed information including memberships User’s unique identifier (UUID)
URL to user’s avatar image
Whether the user’s email has been verified
ISO 8601 timestamp of email verification
ISO 8601 timestamp of last login
Whether the user account is disabled
ISO 8601 timestamp of user creation
ISO 8601 timestamp of last update
{ "success" : true , "data" : { "id" : "550e8400-e29b-41d4-a716-446655440000" , "email" : "[email protected] " , "fullName" : "John Doe" , "phone" : "+1234567890" , "avatar" : "https://example.com/avatars/john.jpg" , "emailVerified" : true , "emailVerifiedAt" : "2024-01-15T09:00:00Z" , "lastLoginAt" : "2024-03-04T10:30:00Z" , "isDisabled" : false , "createdAt" : "2024-01-15T08:00:00Z" , "updatedAt" : "2024-03-04T10:30:00Z" } }
Update User curl -X PATCH "https://api.example.com/api/users/{id}" \ -H "Authorization: Bearer <access_token>" \ -H "Content-Type: application/json" \ -d '{ "fullName": "John Smith", "phone": "+1234567890", "avatar": "https://example.com/avatars/john-new.jpg" }'
User’s unique identifier (UUID)
Request Body User’s full name (min: 2, max: 255 characters)
User’s phone number (max: 20 characters). Set to null to remove.
URL to user’s avatar image (max: 500 characters). Set to null to remove.
Response Indicates if the request was successful
{ "success" : true , "data" : { "id" : "550e8400-e29b-41d4-a716-446655440000" , "email" : "[email protected] " , "fullName" : "John Smith" , "phone" : "+1234567890" , "avatar" : "https://example.com/avatars/john-new.jpg" , "emailVerified" : true , "isDisabled" : false , "createdAt" : "2024-01-15T08:00:00Z" , "updatedAt" : "2024-03-04T11:00:00Z" } }
Change Password curl -X PATCH "https://api.example.com/api/users/{id}/password" \ -H "Authorization: Bearer <access_token>" \ -H "Content-Type: application/json" \ -d '{ "currentPassword": "OldPassword123!", "newPassword": "NewSecurePassword456!" }'
User’s unique identifier (UUID)
Request Body User’s current password for verification
New password (min: 8, max: 100 characters)
Response Indicates if the request was successful
{ "success" : true , "message" : "Password changed successfully" }
Disable User curl -X DELETE "https://api.example.com/api/users/{id}" \ -H "Authorization: Bearer <access_token>"
User’s unique identifier (UUID)
Response Indicates if the request was successful
{ "success" : true , "message" : "User disabled successfully" }
Disabling a user sets the isDisabled flag to true and blocks all access. This is a global kill-switch that prevents the user from accessing any companies.
