The admin endpoints provide administrative functionality for managing users, viewing system configuration, and accessing latest archived content.
Authentication
All admin endpoints require:
- Valid JWT token in the
Authorization header
- User must be active (
is_active = true)
- User must have specific permissions for each endpoint
Admin endpoints are powerful and should only be accessible to trusted users. Ensure proper permission configuration.
Get latest posts
Retrieves the latest original posts (OPs) across all boards in catalog format.
Bearer token from the login endpoint
archive_latest_view
curl -X GET "https://archive.example.com/api/v1/latest" \
-H "Authorization: Bearer YOUR_TOKEN"
Response
Array of latest OP posts in catalog format across all configured boards
Show Success response (200)
[
{
"no": 12345678,
"board": "g",
"now": "01/15/26(Wed)12:34:56",
"name": "Anonymous",
"sub": "Thread Subject",
"com": "Thread content..."
}
]
Show No data response (404)
{
"error": "No data found"
}
Get configuration
Retrieves moderation-related configuration values.
Bearer token from the login endpoint
archive_configs_view
curl -X GET "https://archive.example.com/api/v1/configs" \
-H "Authorization: Bearer YOUR_TOKEN"
Response
Returns an array of configuration key-value pairs.
Array of configuration objects with key and value properties
[
{
"key": "hide_post_if_reported",
"value": true
},
{
"key": "hide_upstream_deleted_posts",
"value": true
},
{
"key": "remove_replies_to_hidden_op",
"value": false
},
{
"key": "regex_filter",
"value": true
},
{
"key": "path_to_regex_so",
"value": "/path/to/regex.so"
}
]
User management
List all users
Retrieves all users in the system.
Bearer token from the login endpoint
user_read
curl -X GET "https://archive.example.com/api/v1/users" \
-H "Authorization: Bearer YOUR_TOKEN"
Response
Array of user objects (passwords are redacted)
Show Success response (200)
[
{
"user_id": 1,
"username": "admin",
"password": "",
"is_admin": true,
"is_active": true,
"permissions": ["user_read", "user_create", "report_read"],
"notes": "Primary administrator",
"created_at": "2026-01-01T00:00:00",
"last_update_at": "2026-01-15T12:34:56"
}
]
Get user by ID
GET /api/v1/users/{user_id}
The user’s unique identifier
Bearer token from the login endpoint
user_read
curl -X GET "https://archive.example.com/api/v1/users/1" \
-H "Authorization: Bearer YOUR_TOKEN"
Response
Show Success response (200)
{
"user_id": 1,
"username": "admin",
"password": "",
"is_admin": true,
"is_active": true,
"permissions": ["user_read", "user_create"],
"notes": "Primary administrator",
"created_at": "2026-01-01T00:00:00",
"last_update_at": "2026-01-15T12:34:56"
}
Show User not found (404)
{
"error": "User not found"
}
Create user
Creates a new user account.
Bearer token from the login endpoint
user_create
This endpoint is rate-limited to 6 requests per hour to prevent abuse.
Request body
Username (must not already exist)
User’s password (will be hashed)
Array of permission strings. null for no permissions.
Whether the user has admin privileges
Whether the user account is active
Optional notes about the user
curl -X POST "https://archive.example.com/api/v1/users" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "moderator",
"password": "secure_password",
"permissions": ["report_read", "post_hide"],
"is_admin": false,
"is_active": true,
"notes": "New moderator for /g/"
}'
Response
Show Success response (200)
{
"msg": "User 'moderator' created."
}
{
"error": "Bad credentials"
}
Update user
PUT /api/v1/users/{user_id}
The user’s unique identifier
Bearer token from the login endpoint
user_update
Request body
Username (must match existing user)
Current password (required if changing password)
Array of permission strings
Whether the user has admin privileges
Whether the user account is active
Optional notes about the user
To change a password, both password_old and password_new must be provided. The old password is validated before the change.
The system enforces that at least one active admin must exist. You cannot deactivate or demote the last active admin.
curl -X PUT "https://archive.example.com/api/v1/users/2" \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{
"username": "moderator",
"password_old": null,
"password_new": null,
"permissions": ["report_read", "post_hide", "post_show"],
"is_admin": false,
"is_active": true,
"notes": "Added post_show permission"
}'
Response
Show Success response (200)
{
"msg": "User updated."
}
Show User not found (404)
{
"error": "User not found"
}
Show Bad credentials (400)
{
"error": "Bad credentials"
}
Delete user
DELETE /api/v1/users/{user_id}
The user’s unique identifier
Bearer token from the login endpoint
user_delete
The system enforces that at least one active admin must exist. You cannot delete the last active admin.
curl -X DELETE "https://archive.example.com/api/v1/users/2" \
-H "Authorization: Bearer YOUR_TOKEN"
Response
Show Success response (200)
{
"msg": "User 'moderator' deleted."
}
Show User not found (404)
{
"error": "User not found."
}
{
"error": "User not deleted. There must always be at least one active admin."
}
Available permissions
Users can be granted the following permissions:
user_create - Create new usersuser_read - View user informationuser_update - Modify existing usersuser_delete - Delete usersreport_open - Open reportsreport_close - Close reportsreport_read - View reportsreport_update - Update reportsreport_delete - Delete reportsreport_save_notes - Save moderator notes on reportspost_show - Unhide postspost_hide - Hide postspost_delete - Delete postsmedia_hide - Hide media filesmedia_show - Unhide media filesmedia_delete - Delete media filesarchive_stats_view - View archive statisticsarchive_latest_view - View latest archived postsarchive_configs_view - View system configurationmessages_view - View system messages
Admin users bypass permission checks and have access to all functionality.