Users
This technical design describes implementation and API for Users.
Users API
POST /api/users/
Creates a new User.
Permissions
Requires authentication and users.create permission.
Request
- Body parameters
| Key | Type | Notes |
|---|---|---|
| username | string | Unique email address |
| account_type | enum | Please check "details.schema" in OPTIONS /api/users/ |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| password | string | |
| roles | array | Roles IDs |
| delay_activation | bool | |
| timezone | enum | |
| is_ip_restriction_enabled | bool | |
| allowed_ip_ranges | list |
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
POST /api/users/
json
{
"username": <str>,
"account_type": <enum>,
"first_name": <str>,
"last_name": <str>,
"job_title": <str>,
"company_name": <str>,
"phone": <str>,
"mobile": <str>,
"roles": [<int>],
"delay_activation": <bool>,
"is_ip_restriction_enabled": <bool>,
"allowed_ip_ranges": [<str>]
}Validations
- username
- is valid email
- is unique
- is not null
- max length is 100
- account_type
- is a valid choice
- first_name
- is string
- is not null
- max length is 100
- min length is 1
- last_name
- is string
- is not null
- max length is 100
- min length is 1
- job_title
- is string
- is not null
- max length is 100
- company_name
- is string
- is not null
- max length is 100
- phone
- is string
- is not null
- max length is 20
- mobile
- is string
- is not null
- max length is 20
- delay_activation
- is bool
- is optional
- timezone
- is valid choice
- password
- is string
- is not null
- password_prevent_reuse
- password_rotation_interval
- max_repeating_chars
- min_letters
- min_numbers
- min_symbols
- min_lower_case
- min_upper_case
- min_length
- validated only for account types:
service_internalandservice_external
- is_ip_restriction_enabled
- is bool
- is optional
- allowed_ip_ranges
- is list of valid combination of IP address and network prefix ([10.0.0.1/32", "2001:db8::/32"]).
- both Pv4 and IPv6 addresses are allowed.
- is optional
- maximum number of items is 10
Restrictions
- Separate limits for each user account type are enforced (defaults in table below).
- Limits are configurable per build.
| Account type | Limit |
|---|---|
| Internal | 1000 |
| External | 2500 |
| Full | 100 |
| 1 Time Completion | 5000 |
| Super Admin | 25 |
| Service Internal | 1 |
| Service External | 5 |
- The
Service Internalaccount type has the same permissions asSuper Admin, except that it cannot change passwords.
Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| link_sent_at | datetime | |
| link_sent_by | user | |
| timezone | enum | |
| next_actions | array | |
| is_ip_restriction_enabled | bool | |
| allowed_ip_ranges | list | |
| _meta | Object |
- Successful status
201 Created - Response body schema
json
{
"id": <int>,
"username": <str>,
"account_type": <enum>,
"first_name": <str>,
"last_name": <str>,
"job_title": <str>,
"company_name": <str>,
"phone": <str>,
"mobile": <str>,
"status": <enum>,
"activated_at": <datetime>,
"password_set_at": <datetime>,
"password_expires_at": <datetime>,
"roles": [<int>],
"created_at": <datetime>,
"created_by": <user>,
"modified_at": <datetime>,
"modified_by": <user>,
"link_sent_at": <datetime>,
"link_sent_by": <user>,
"timezone": <enum>,
"is_ip_restriction_enabled": <bool>,
"allowed_ip_ranges": [<str>],
"next_actions": [<str>],
"_meta": {
"labels": {
"roles": [<str>]
},
"permissions": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"allowed_account_type_changes": [<str>]
}
}Errors
Standard validation errors and additional custom errors enumerated in the table below:
| Cause | Response code | Message |
|---|---|---|
| "roles" provided with non config admin account | 400 Bad Request | "roles": ["Roles can be assigned only to config admin account."] |
| Wrong delay_activation value | 400 Bad Request | "delay_activation": ["Must be a valid boolean."] |
| delay_activation not allowed | 400 Bad Request | "delay_activation": [ "delay_activation can not be set with this account type." ] |
| Limit of accounts has been exceeded | 400 Bad Request | "detail": "Limit of {LIMIT} {account_type} accounts has been exceeded.", "error_code": "ERR_LIMIT_EXCEEDED" |
| Timezone is not a valid choice | 400 Bad Request | "timezone": ["value is not a valid choice."] |
| Timezone is null | 400 Bad Request | "timezone": ["This field may not be null."] |
| Password does not satisfy password complexity requirements | 400 Bad Request | "password": ["Max repeating chars 2"] |
| Invalid IP address | 400 Bad Request | "allowed_ip_ranges": ["Must be a valid set of IPv4 or IPv6 network addresses."] |
| Max number of items exceeded | 400 Bad Request | "allowed_ip_ranges": ["Limit of 10 IP restrictions has been exceeded."] |
| Wrong is_ip_restriction_enabled value | 400 Bad Request | "is_ip_restriction_enabled": ["Must be a valid boolean."] |
GET /api/users/
Returns list of Users.
Permissions
Requires authentication and any of:
users.listpermissionuser_groups.viewpermission.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
GET /api/users/
Response
The response contains only users for which request user has users.list permission.
| Key | Type | Notes |
|---|---|---|
| limit | int | |
| offset | int | |
| total_count | int | Total number of results visible to the user (based on permissions). |
| filtered_count | int | Number of results visible to the user (based on permissions) with filters applied. |
| next | url | Next page URL (null if there is no next page) |
| previous | url | Previous page URL (null if there is no previous page) |
| results | Array | List of results. Described in the next table. |
Response results array
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| roles | array | Roles IDs |
| account_type | enum | Please check "details.schema" in OPTIONS /api/users/ |
| status | enum | |
| full_name | string | |
| last_login | datetime | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| link_sent_at | datetime | |
| link_sent_by | user | |
| next_actions | array | |
| _meta.permissions | Object | Object describing permissions. |
- Successful status
200 OK - Response body schema
json
{
"limit": <int>,
"offset": <int>,
"filtered_count": <int>,
"total_count": <int>,
"next": <str | null>,
"previous": <str | null>,
"results": [
{
"id": <int>,
"username": <str>,
"roles": [<int>],
"account_type": <enum>,
"status": <enum>,
"full_name": <str>,
"last_login": <datetime>,
"activated_at": <datetime>,
"password_set_at": <datetime>,
"password_expires_at": <datetime>,
"created_at": <datetime>,
"created_by": <user>,
"modified_at": <datetime>,
"modified_by": <user>,
"link_sent_at": <datetime>,
"link_sent_by": <user>,
"next_actions": [<str>],
"_meta": {
"permissions": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
}
}
}
]
}Sorting
| Parameter | Example | Notes |
|---|---|---|
| id | /api/users/?ordering=id | Ascending |
| id | /api/users/?ordering=-id | Descending (-) |
| username | /api/users/?ordering=username | Ascending |
| username | /api/users/?ordering=-username | Descending (-) |
| last_login | /api/users/?ordering=last_login | Ascending |
| last_login | /api/users/?ordering=-last_login | Descending (-) |
| activated_at | /api/users/?ordering=activated_at | Ascending |
| activated_at | /api/users/?ordering=-activated_at | Descending (-) |
| password_set_at | /api/users/?ordering=password_set_at | Ascending |
| password_set_at | /api/users/?ordering=-password_set_at | Descending (-) |
| created_at | /api/users/?ordering=created_at | Ascending |
| created_at | /api/users/?ordering=-created_at | Descending (-) |
| modified_at | /api/users/?ordering=modified_at | Ascending |
| modified_at | /api/users/?ordering=-modified_at | Descending (-) |
| link_sent_at | /api/users/?ordering=link_sent_at | Ascending |
| link_sent_at | /api/users/?ordering=-link_sent_at | Descending (-) |
Filtering
Please check ALX API standards for predicates available per type.
| Parameter | Type |
|---|---|
| id | int |
| username | |
| full_name | string |
| account_type | enum |
| status | enum |
| roles | set |
| is_available | bool |
| is_super_admin | bool |
| last_login | datetime |
| activated_at | datetime |
| password_set_at | datetime |
| created_at | datetime |
| created_by | user |
| modified_at | datetime |
| modified_by | user |
| link_sent_at | datetime |
| link_sent_by | user |
Errors
| Error | Response code | Message |
|---|---|---|
| Wrong ordering value | 400 Bad Request | "ordering": ["Select a valid choice. {value} is not one of the available choices."] |
| Wrong status filter value | 400 Bad Request | "status": ["Select a valid choice. {value} is not one of the available choices."] |
| Wrong link_sent_by filter value | 400 Bad Request | "link_sent_by": ["Select a valid choice. That choice is not one of the available choices."] |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/users/id/
Returns single User by id.
Permissions
Requires authentication and users.view permission.
Request
- URL parameters
| Key | Type | Notes |
|---|---|---|
| id | int |
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
GET /api/users/
id/
Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| link_sent_at | datetime | |
| link_sent_by | user | |
| timezone | enum | |
| is_ip_restriction_enabled | bool | |
| allowed_ip_ranges | list | |
| next_actions | array | |
| _meta | Object |
- Successful status
200 OK - Response body schema:
json
{
"id": <int>,
"username": <str>,
"account_type": <enum>,
"first_name": <str>,
"last_name": <str>,
"job_title": <str>,
"company_name": <str>,
"phone": <str>,
"mobile": <str>,
"status": <enum>,
"activated_at": <datetime>,
"password_set_at": <datetime>,
"password_expires_at": <datetime>,
"roles": [<int>],
"created_at": <datetime>,
"created_by": <user>,
"modified_at": <datetime>,
"modified_by": <user>,
"link_sent_at": <datetime>,
"link_sent_by": <user>,
"timezone": <enum>,
"is_ip_restriction_enabled": <bool>,
"allowed_ip_ranges": [<str>],
"next_actions": [<str>],
"_meta": {
"labels": {
"roles": [<str>]
},
"permissions": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"allowed_account_type_changes": [<str>]
}
}Errors
| Error | Response code | Message |
|---|---|---|
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| User with "id" does not exist | 404 Not Found | "detail": "Not found." |
PATCH /api/users/id/
Updates single User.
Permissions
Requires authentication and users.edit permission.
For changing password, Super Admin account type is required.
Request
- URL parameters
| Key | Type | Notes |
|---|---|---|
| id | int |
- Body parameters
| Key | Type | Notes |
|---|---|---|
| username | string | Unique email address |
| account_type | enum | Please check table below to determine allowed operations |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| password | string | |
| roles | array | Roles can be provided only to "config admin" account type |
| delay_activation | bool | |
| timezone | enum | |
| is_ip_restriction_enabled | bool | |
| allowed_ip_ranges | list |
- Allowed "account_type" changes
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
PATCH /api/users/
id/
json
{
"username": <str>,
"account_type": <enum>,
"first_name": <str>,
"last_name": <str>,
"job_title": <str>,
"company_name": <str>,
"phone": <str>,
"mobile": <str>,
"password": <str>,
"roles": [<int>],
"delay_activation": <bool>,
"is_ip_restriction_enabled": <bool>,
"allowed_ip_ranges": [<str>]
}Restrictions
- Separate limits for each user account type are enforced (defaults in table below).
- Limits are configurable per build.
| Account type | Limit |
|---|---|
| Internal | 1000 |
| External | 2500 |
| Full | 100 |
| 1 Time Completion | 5000 |
| Super Admin | 25 |
| Service Internal | 1 |
| Service External | 5 |
- The
Service Internalaccount type has the same permissions asSuper Admin, except that it cannot change passwords. - The password can be changed for Service accounts only. Attempts to change the password for other account types are silently ignored.
Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| link_sent_at | datetime | |
| link_sent_by | user | |
| timezone | enum | |
| is_ip_restriction_enabled | bool | |
| allowed_ip_ranges | list | |
| next_actions | array | |
| _meta | Object |
- Successful status
200 OK - Response body schema:
json
{
"id": <int>,
"username": <str>,
"account_type": <enum>,
"first_name": <str>,
"last_name": <str>,
"job_title": <str>,
"company_name": <str>,
"phone": <str>,
"mobile": <str>,
"status": <enum>,
"activated_at": <datetime>,
"password_set_at": <datetime>,
"password_expires_at": <datetime>,
"roles": [<int>],
"created_at": <datetime>,
"created_by": <user>,
"modified_at": <datetime>,
"modified_by": <user>,
"link_sent_at": <datetime>,
"link_sent_by": <user>,
"timezone": <enum>,
"is_ip_restriction_enabled": <bool>,
"allowed_ip_ranges": [<str>],
"_meta": {
"labels": {
"roles": [<str>]
},
"permissions": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"allowed_account_type_changes": [<str>]
}
}Errors
Standard validation errors and additional custom errors enumerated in the table below:
| Cause | Response code | Message |
|---|---|---|
| Account type change not allowed | 400 Bad Request | "account_type": ["Account type cannot be changed from {current type} to {new type}."] |
| Wrong delay_activation value | 400 Bad Request | "delay_activation": ["Must be a valid boolean."] |
| delay_activation not allowed | 400 Bad Request | "delay_activation": [ "delay_activation can not be set." ] |
| "roles" provided with non config admin account | 400 Bad Request | "roles": ["Roles can be assigned only to config admin account."] |
| Limit of accounts has been exceeded | 400 Bad Request | "detail": "Limit of {LIMIT} {account_type} accounts has been exceeded.", "error_code": "ERR_LIMIT_EXCEEDED" |
| Timezone is not a valid choice | 400 Bad Request | "timezone": ["value is not a valid choice."] |
| Timezone is null | 400 Bad Request | "timezone": ["This field may not be null."] |
| Password does not satisfy password complexity requirements | 400 Bad Request | "password": ["Max repeating chars 2"] |
| Non Super Admin attempts to change password | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| Invalid IP address | 400 Bad Request | "allowed_ip_ranges": ["Must be a valid set of IPv4 or IPv6 network addresses."] |
| Max number of items exceeded | 400 Bad Request | "allowed_ip_ranges": ["Limit of 10 IP restrictions has been exceeded."] |
| Wrong is_ip_restriction_enabled value | 400 Bad Request | "is_ip_restriction_enabled": ["Must be a valid boolean."] |
| Modifying own allowed_ip_ranges | 400 Bad Request | "allowed_ip_ranges": ["You cannot modify your own IP restriction settings."] |
| Modifying own is_ip_restriction_enabled | 400 Bad Request | "is_ip_restriction_enabled": ["You cannot modify your own IP restriction settings."] |
DELETE /api/users/id/
Deletes single User.
Permissions
Requires authentication and users.delete permission.
Request
- URL parameters
| Key | Type | Notes |
|---|---|---|
| id | int |
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
DELETE /api/users/
id/
Response
- Successful status
204 No Content
Errors
| Error | Response code | Message |
|---|---|---|
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| User with "id" does not exist | 404 Not Found | "detail": "Not found." |
OPTIONS /api/users/
Permissions
Requires authentication only.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
OPTIONS /api/users/
Response
- Successful status
200 OK - Response body:
json
{
"list": {
"columns": [
{
"alias": "id",
"type": "int",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "username",
"type": "string",
"predicates": [
"exact",
"iexact",
"contains",
"icontains",
"startswith",
"istartswith",
"endswith",
"iendswith"
],
"sort_ok": true
},
{
"alias": "roles",
"type": "set",
"predicates": [
"containsall",
"containssome",
"isnull"
],
"sort_ok": false,
"autocomplete": "/api/roles/autocomplete/?text__icontains="
},
{
"alias": "account_type",
"type": "enum",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"values": [
{
"value": "internal",
"text": "Internal"
},
{
"value": "external",
"text": "External"
},
{
"value": "service_internal",
"text": "Service Internal"
},
{
"value": "service_external",
"text": "Service External"
},
{
"value": "full",
"text": "Full"
},
{
"value": "one_time_completion",
"text": "1 Time Completion"
},
{
"value": "super_admin",
"text": "Super Admin"
}
]
},
{
"alias": "status",
"type": "enum",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"values": [
{
"value": "created",
"text": "Created"
},
{
"value": "pending",
"text": "Pending"
},
{
"value": "active",
"text": "Active"
}
]
},
{
"alias": "full_name",
"type": "string",
"predicates": [
"exact",
"iexact",
"contains",
"icontains",
"startswith",
"istartswith",
"endswith",
"iendswith"
],
"sort_ok": false
},
{
"alias": "last_login",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range",
"isnull"
],
"sort_ok": true
},
{
"alias": "activated_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range",
"isnull"
],
"sort_ok": true
},
{
"alias": "created_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "created_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
},
{
"alias": "modified_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "modified_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
},
{
"alias": "link_sent_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range",
"isnull"
],
"sort_ok": true
},
{
"alias": "link_sent_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
}
]
},
"details": {
"schema": [
{
"alias": "account_type",
"type": "enum",
"required": true,
"values": [
{
"value": "internal",
"text": "Internal"
},
{
"value": "external",
"text": "External"
},
{
"value": "service_internal",
"text": "Service Internal"
},
{
"value": "service_external",
"text": "Service External"
},
{
"value": "full",
"text": "Full"
},
{
"value": "one_time_completion",
"text": "1 Time Completion"
},
{
"value": "super_admin",
"text": "Super Admin"
}
]
},
{
"alias": "password",
"type": "string",
"schema": [
{
"alias": "required_for_account_types",
"values": [
"service_internal",
"service_external"
]
}
]
},
{
"alias": "username",
"type": "email",
"required": true,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "first_name",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 100
},
{
"type": "min_length",
"length": 1
}
]
},
{
"alias": "last_name",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 100
},
{
"type": "min_length",
"length": 1
}
]
},
{
"alias": "job_title",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "company_name",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "phone",
"type": "string",
"required": false,
"validators": [
{
"type": "phone"
},
{
"type": "max_length",
"length": 20
}
]
},
{
"alias": "mobile",
"type": "string",
"required": false,
"validators": [
{
"type": "phone"
},
{
"type": "max_length",
"length": 20
}
]
},
{
"alias": "roles",
"type": "set",
"required": false,
"autocomplete": "/api/roles/autocomplete/?text__icontains="
},
{
"alias": "delay_activation",
"type": "bool",
"required": false,
"validators": []
},
{
"alias": "timezone",
"type": "enum",
"required": false,
"values": [
{ "value": "Africa/Abidjan" },
{ "value": "America/Chicago"},
{ "value": "Europe/Reykjavik"}
// ...
]
}
]
},
"restrictions": {
"limit_internal": 1000,
"limit_external": 2500,
"limit_full": 100,
"limit_one_time_completion": 5000,
"limit_super_admin": 25,
"limit_items": 8625
}
}POST /api/users/id/send-activation-email/
This API endpoint is for resend an activation email for a given user.
Permissions
Requires authentication and a users.edit permission.
Request
- URL parameters
| Key | Type | Notes |
|---|---|---|
| id | id |
- Headers
Content-Type: application/json
Authorization: JWT access_tokenValidations
- user
- Valid user ID with account status
createdorpending.
- Valid user ID with account status
- Successful status
201 Created
Errors
| Cause | Response code | Message |
|---|---|---|
User with given id has account already activated. | 400 Bad Request | "detail": "The given account has already been activated." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
Invalid id in URL | 404 Not Found | "detail": ["Not found."] |
PATCH /api/users/id/add-roles/
Endpoint to add given roles to existing ones. Batch operation - adds single or multiple roles.
Permissions
Perm to check: users.edit
URL parameters
| Key | Notes |
|---|---|
| id | User ID |
Request Schema
- Headers
Request Method: PATCH
Location: /api/users/{id}/add-roles/
Authorization: JWT access_token- Body
json
{
"roles": [7,8]
}Request example
json
{
"roles": [7,8]
}Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta | Object |
- Successful status
200 OK - Response body schema:
json
{
"id": 4,
"username": "test@mail.test",
"account_type": "full",
"first_name": "User",
"last_name": "FullPermissions",
"job_title": "",
"company_name": "",
"phone": "",
"mobile": "",
"status": "active",
"activated_at": "2021-11-12T10:21:02.637000+01:00",
"password_set_at": "2021-11-12T11:11:59.270000+01:00",
"password_expires_at": null,
"roles": [
7,
8
],
"created_at": "2021-11-12T10:07:41.347000+01:00",
"created_by": null,
"modified_at": "2022-03-15T08:53:42.447000+01:00",
"modified_by": null,
"_meta": {
"labels": {
"roles": [
"Create permissions",
"Edit permissions"
]
},
"permissions": {
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": true
}
}
}Errors
| Error | Response code | Message |
|---|---|---|
| roles is required | 400 Bad Request | "roles": ["This field is required." ] |
| roles is empty | 400 Bad Request | "roles": ["This list may not be empty." ] |
| roles not a list | 400 Bad Request | "roles": ["Expected a list of items but got type "type"."] |
| roles not an integer list | 400 Bad Request | "roles": ["Incorrect type. Expected pk value, received "type"."] |
| roles incorrect account | 400 Bad Request | "roles": ["Roles can be assigned only to config admin account."] |
Wrong/not existing id | 404 Not Found | |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
PATCH /api/users/id/unassign-roles/
Endpoint to remove given roles from existing ones. Batch operation - removes single or multiple roles.
Permissions
Perm to check: users.edit
URL parameters
| Key | Notes |
|---|---|
| id | User ID |
Request Schema
- Headers
Request Method: PATCH
Location: /api/users/{id}/unassign-roles/
Authorization: JWT access_token- Body
json
{
"roles": [7,8]
}Request example
json
{
"roles": [7,8]
}Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta | Object |
- Successful status
200 OK - Response body schema:
json
{
"id": 4,
"username": "test@mail.test",
"account_type": "full",
"first_name": "User",
"last_name": "FullPermissions",
"job_title": "",
"company_name": "",
"phone": "",
"mobile": "",
"status": "active",
"activated_at": "2021-11-12T10:21:02.637000+01:00",
"password_set_at": "2021-11-12T11:11:59.270000+01:00",
"password_expires_at": null,
"roles": [],
"created_at": "2021-11-12T10:07:41.347000+01:00",
"created_by": null,
"modified_at": "2022-03-15T08:53:42.447000+01:00",
"modified_by": null,
"_meta": {
"labels": {
"roles": []
},
"permissions": {
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": true
}
}
}Errors
| Error | Response code | Message |
|---|---|---|
| roles is required | 400 Bad Request | "roles": ["This field is required." ] |
| roles is empty | 400 Bad Request | "roles": ["This list may not be empty." ] |
| roles not a list | 400 Bad Request | "roles": ["Expected a list of items but got type "type"."] |
| roles not an integer list | 400 Bad Request | "roles": ["Incorrect type. Expected pk value, received "type"."] |
| roles incorrect account | 400 Bad Request | "roles": ["Roles can be assigned only to config admin account."] |
Wrong/not existing id | 404 Not Found | |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/users/autocomplete/
List Users based on query parameters.
Permissions
Requires authentication and users.list permission
Request example
- Headers
Request Method: GET
Location: /api/users/autocomplete/
Authorization: JWT access_tokenResponse
The response contains only users for which request user has users.list permission.
| Key | Type | Notes |
|---|---|---|
| limit | int | |
| offset | int | |
| total_count | int | Total number of items visible to the user (based on permissions). |
| filtered_count | int | Number of items visible to the user (based on permissions) with filters applied. |
| next | URL / null | Next page URL (null if there is no next page) |
| previous | URL / null | Previous page URL (null if there is no previous page) |
| results | Array | Described in the next table. |
Response results array
| Key | Type | Notes |
|---|---|---|
| value | id | |
| text | string |
Response example
- Status
200 OK - Body
json
{
"limit": 100,
"offset": 0,
"filtered_count": 2,
"total_count": 21,
"next": null,
"previous": null,
"results": [
{
"value": 21,
"text": "John Doe",
},
{
"value": 20,
"text": "Sarah Connor",
}
]
}Sorting
| Parameter | Example | Notes |
|---|---|---|
| text | {build}/api/users/autocomplete//?ordering=text | Ascending |
| text | {build}/api/users/autocomplete/?ordering=-text | Descending (-) |
Filtering
For the full description of standard predicates see ALX API standards - Developers guide.
| Parameter | Type |
|---|---|
| id | int |
| text | string |
| Error | Response code | Message |
|---|---|---|
| Max items in filtering by _in exceeded | 400 Bad request | |
| Requesting user is not authenticated | 401 Unauthorized | "detail": "Authentication credentials were not provided." |
| Unauthorized API call | 403 Forbidden | "detail": "You do not have permission to perform this action." |
POST /api/users/reset-password/
The method is intended for requesting password reset email, typically when the user forgot his password. In response the system sends the user an email with the link to the reset password page: <Client URL>/ui/accounts/reset-password/<password-reset-token>/ For now, we will use the current email template.
Permissions
Any user.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
POST /api/users/reset-password/
{
"email": <email>
}- Successful status
200 OK
Errors
| Error | Response code | Message |
|---|---|---|
| Account locked | 400 Bad Request | {"detail": "Password reset is disabled while your account is locked. Please wait until the lockout ends at "datetime".", "error_code": "ERR_ACCOUNT_LOCKED", "data": "lockout_ends_at": "datetime>" }} |
| Reset password token invalidated due to SSO-only account type | 400 Bad Request |
GET /api/users/reset-password/token/
The method is intended for the FE use. Before displaying the Password reset page, FE validates the token. If the token is invalid or it is expired, FE redirects the user to the appropriate page.
Permissions
Requires valid token.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
GET /api/users/reset-password/<token>/Response
| Key | Type | Notes |
|---|---|---|
| User email |
- Successful status
200 OK - Response body schema
json
{
"email": "syl*****e@test.test"
}Errors
| Error | Response code | Message |
|---|---|---|
| Invalid token | 403 Forbidden | "detail": "Authentication credentials were not provided." |
| Token expired | 400 Bad Request | "detail": "Token expired." |
| Account locked | 400 Bad Request | {"detail": "Password reset is disabled while your account is locked. Please wait until the lockout ends at "datetime".", "error_code": "ERR_ACCOUNT_LOCKED", "data": "lockout_ends_at": "datetime>" }} |
| Reset password token invalidated due to SSO-only account type | 400 Bad Request |
POST /api/users/reset-password/token/password/
The method is intended for resetting users password following password reset request. The caller is identified by the token.
Permissions
Requires valid token.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
POST /api/users/reset-password/<token>/password/
{
"password": <string>
}Validations
- password
- password_prevent_reuse
- password_rotation_interval
- max_repeating_chars
- min_letters
- min_numbers
- min_symbols
- min_lower_case
- min_upper_case
- min_length
Response
- Successful status
201 Created
json
{
"refresh": "REFRESH_TOKEN",
"access": "ACCESS_TOKEN"
}Errors
| Error | Response code | Message |
|---|---|---|
| Invalid token | 403 Forbidden | "detail": "Authentication credentials were not provided." |
| Invalid password | 400 Bad Request | "password": ["Max repeating chars 2"] |
| Account locked | 400 Bad Request | {"detail": "Password reset is disabled while your account is locked. Please wait until the lockout ends at "datetime".", "error_code": "ERR_ACCOUNT_LOCKED", "data": "lockout_ends_at": "datetime>" }} |
| Reset password token invalidated due to SSO-only account type | 400 Bad Request |
OPTIONS /api/users/reset-password/token/password/
Permissions
Any user.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
OPTIONS /api/users/reset-password/<token>/password/Response
- Successful status
200 OK - Response body:
json
{
"details": {
"schema": [
{
"alias": "password",
"type": "string",
"required": true
}
]
}
}PATCH /api/users/me/
Updates information about logged user.
Permissions
Requires authentication.
Allowed parameters
| Key | Type | Notes |
|---|---|---|
| username | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string |
Any parameter not listed above are silently ignored if passed.
Request
- Headers
Request Method: PATCH
Content-Type: application/json
Location: /api/users/me/
Authorization: JWT access_token- Sample request body
json
{
"username": "alx.dev@autologyx.com",
"first_name": "John",
"last_name": "Smith"
}Validations
- username
- is valid email
- is unique
- is not null
- max length is 100
- first_name
- is string
- is not null
- max length is 100
- min length is 1
- last_name
- is string
- is not null
- max length is 100
- min length is 1
- job_title
- is string
- is not null
- max length is 100
- company_name
- is string
- is not null
- max length is 100
- phone
- is string
- is not null
- max length is 20
- mobile
- is string
- is not null
- max length is 20
Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| user_groups_membership | array | |
| _meta | Object |
- Successful status
200 OK - Response body schema
json
{
"id": 2,
"username": "alx.dev@autologyx.com",
"account_type": "super_admin",
"first_name": "John",
"last_name": "Smith",
"job_title": "",
"company_name": "",
"phone": "",
"mobile": "",
"status": "active",
"activated_at": null,
"password_set_at": "2021-11-05T13:57:07.228000+01:00",
"password_expires_at": null,
"roles": [],
"created_at": "2021-11-05T13:56:26.726000+01:00",
"created_by": null,
"modified_at": "2021-11-16T15:32:53.479000+01:00",
"modified_by": null,
"user_groups_membership": [],
"_meta": {
"labels": {
"roles": [],
"user_groups_membership": [],
},
"permissions": {
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": false
}
}
}Errors
Standard validation errors.
PATCH /api/users/me/set-password/
Updates logged user password.
Permissions
Requires authentication.
Service accounts are not allowed.
Allowed parameters
| Key | Type | Notes |
|---|---|---|
| old_password | string | |
| new_password | string |
Any parameter not listed above are silently ignored if passed.
Request
- Headers
Request Method: PATCH
Content-Type: application/json
Location: /api/users/me/set-password/
Authorization: JWT access_token- Sample request body
json
{
"old_password": "some_old_pass",
"new_password": "some_old_pass"
}Validations
- old_password
- is valid password
- is required
- is not null
- new_password
- is string
- meets security rules
- is required
- is not null
Response
| Key | Type | Notes |
|---|---|---|
| refresh | string | JWT token to refresh JWT access token |
| access | string | JWT token to access ALX API endpoints |
- Successful status
200 OK - Response body schema
json
{
"refresh": "refresh_token",
"access": "access_token"
}Errors
| Cause | Response status code | Response message |
|---|---|---|
| old_password is not provided | 400 Bad Request | "old_password": ["This field is required."] |
| old_password is NULL | 400 Bad Request | "old_password": ["This field may not be null."] |
| old_password is blank string | 400 Bad Request | "old_password": ["This field may not be blank."] |
| old_password is not a string | 400 Bad Request | "old_password": ["Not a valid string."] |
| old_password does not match current password | 400 Bad Request | "old_password": ["Invalid password."] |
| new_password is not provided | 400 Bad Request | "new_password": ["This field is required."] |
| new_password is NULL | 400 Bad Request | "new_password": ["This field may not be null."] |
| new_password is blank_string | 400 Bad Request | "new_password": ["This field may not be blank."] |
| new_password is not a string | 400 Bad Request | "new_password": ["Not a valid string."] |
| new_password does not match security rule about number of repeating chars | 400 Bad Request | "new_password": ["Can have only "number" repeating consecutive chars"] |
| new_password does not match security rule about number of letters | 400 Bad Request | "new_password": ["Must be more complex (must contain "number" or more letters)"] |
| new_password does not match security rule about number of digits | 400 Bad Request | "new_password": ["Must be more complex (must contain "number" or more digits)"] |
| new_password does not match security rule about number of special characters | 400 Bad Request | "new_password": ["Must be more complex (must contain "number" or more special characters)"] |
| new_password does not match security rule about number of uppercase characters | 400 Bad Request | "new_password": ["Must be more complex (must contain "number" or more uppercase characters)"] |
| new_password does not match security rule about number of lowercase characters | 400 Bad Request | "new_password": ["Must be more complex (must contain "number" or more lowercase characters)"] |
| new_password does not match security rule about length | 400 Bad Request | "new_password": ["Invalid Length (Must be "number" characters or more)"] |
| new_password does not match security rule about re-using password from the past | 400 Bad Request | "new_password": ["Password used in the past"] |
| Reset password token invalidated due to SSO-only account type | 400 Bad Request | |
| Service account attempts to change password | 403 Forbidden | "detail": "You do not have permission to perform this action." |
OPTIONS /api/users/me/
Permissions
Requires authentication
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
OPTIONS /api/users/me/Response
- Successful status
200 OK - Response body:
json
{
"details": {
"schema": [
{
"alias": "username",
"type": "email",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "first_name",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
},
{
"type": "min_length",
"length": 1
}
]
},
{
"alias": "last_name",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
},
{
"type": "min_length",
"length": 1
}
]
},
{
"alias": "job_title",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "company_name",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "phone",
"type": "string",
"required": false,
"validators": [
{
"type": "phone"
},
{
"type": "max_length",
"length": 20
}
]
},
{
"alias": "mobile",
"type": "string",
"required": false,
"validators": [
{
"type": "phone"
},
{
"type": "max_length",
"length": 20
}
]
},
{
"alias": "timezone",
"type": "enum",
"required": false,
"values": [
{ "value": "Africa/Abidjan" },
{ "value": "America/Chicago"},
{ "value": "Europe/Reykjavik"}
// ...
]
}
]
}
}GET /api/users/me/
Permissions
Requires authentication
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
GET /api/users/me/Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| username | string | |
| account_type | string | |
| first_name | string | |
| last_name | string | |
| job_title | string | |
| company_name | string | |
| phone | string | |
| mobile | string | |
| status | enum | |
| activated_at | datetime | |
| password_set_at | datetime | |
| password_expires_at | datetime | |
| roles | array | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| user_groups_membership | array | |
| timezone | enum | |
| _meta | Object |
- Successful status
200 OK - Response body schema
json
{
"id": 2,
"username": "alx.dev@autologyx.com",
"account_type": "super_admin",
"first_name": "ALX",
"last_name": "Developer",
"job_title": "",
"company_name": "",
"phone": "",
"mobile": "",
"status": "active",
"activated_at": null,
"password_set_at": "2021-11-05T13:57:07.228000+01:00",
"password_expires_at": null,
"roles": [],
"created_at": "2021-11-05T13:56:26.726000+01:00",
"created_by": null,
"modified_at": "2021-11-16T15:32:53.479000+01:00",
"modified_by": null,
"user_groups_membership": [],
"timezone": "UTC",
"_meta": {
"labels": {
"roles": [],
"user_groups_membership": [],
},
"permissions": {
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": false
}
}
}Errors
| Error | Response code | Message |
|---|---|---|
| Invalid token | 403 Forbidden | "detail": "Authentication credentials were not provided." |
GET /api/users/stats/
Permissions
Requires authentication and users.view permission.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
GET /api/users/stats/Response
| Key | Type | Notes |
|---|---|---|
| internal | object | |
| external | object | |
| full | object | |
| one_time_completion | object | |
| super_admin | object |
Response account_type object
| Key | Type | Notes |
|---|---|---|
| count | int | The current number of accounts of the corresponding type. |
| limit | int | The max number of accounts of the corresponding type. |
- Successful status
200 OK - Response body schema
json
{
"internal": {
"count": <int>,
"limit": <int>
},
"external": {
"count": <int>,
"limit": <int>
},
"full": {
"count": <int>,
"limit": <int>
},
"one_time_completion": {
"count": <int>,
"limit": <int>
},
"super_admin": {
"count": <int>,
"limit": <int>
}
}Errors
Standard validation errors.
GET /api/users/permissions/
Returns logged-in User permissions.
Permissions
Requires authentication.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
GET /api/users/permissions/
Response
| Key | Type | Notes |
|---|---|---|
| company_details | object | |
| authentication_objects | object | |
| custom_components | object | |
| files | object | |
| object_classes | object | |
| object_records | object | |
| object_class_forms | object | |
| object_models | object | |
| roles | object | |
| outbound_mail_setup | object | |
| message_templates | object | |
| sequences | object | |
| single_sign_on | object | |
| tasks | object | |
| task_templates | object | |
| task_group_templates | object | |
| ui_config | object | |
| users | object | |
| standard_authentication | object | |
| user_groups | object | |
| integrations | object |
- Successful status
200 OK - Response body schema
json
{
"company_details": {
"edit": <bool>,
"view": <bool>
},
"authentication_objects": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"custom_components": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"files": {
"store": <bool>,
"list": <bool>,
"delete": <bool>
},
"integrations": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"object_classes": {
"list": <bool>,
"create": <bool>
},
"object_records": {
"create": <bool>,
"list": <bool>
},
"object_class_forms": {
"list": <bool>
},
"object_models": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>
},
"roles": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"outbound_mail_setup": {
"view": <bool>,
"edit": <bool>
},
"message_templates": {
"list": <bool>
},
"sequences": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"single_sign_on": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"tasks": {
"list": <bool>
},
"task_templates": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"task_group_templates": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"ui_config": {
"view": <bool>,
"create": <bool>
},
"users": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
},
"standard_authentication": {
"view": <bool>,
"edit": <bool>
},
"user_groups": {
"create": <bool>,
"list": <bool>
}
}Sorting
Not available.
Filtering
Not available.
Errors
| Error | Response code | Message |
|---|---|---|
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/users/id/user-groups/
Returns list of groups where a given user is a member.
Permissions
Requires authentication and users.view permission.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
GET /api/users/
id/user-groups/
Response
| Key | Type | Notes |
|---|---|---|
| limit | int | |
| offset | int | |
| total_count | int | Total number of results visible to the user (based on permissions). |
| filtered_count | int | Number of results visible to the user (based on permissions) with filters applied. |
| next | url | Next page URL (null if there is no next page) |
| previous | url | Previous page URL (null if there is no previous page) |
| results | Array | List of results. Described in the next table. |
Response results array
| Key | Type | Notes |
|---|---|---|
| id | int | User Group id |
| name | string | User Group name |
| added_at | datetime | timestamp when the user was added to a user group |
| created_at | datetime | timestamp when the User Group was created |
| created_by | user | user (object) who created the User Group |
| modified_at | datetime | timestamp when the User Group was modified |
| modified_by | user | user (object) who modified the User Group |
| num_of_members | int | number of group members |
| num_of_owners | int | number of group owners |
| _meta.permissions | Object | Object describing permissions. |
- Successful status
200 OK - Response body schema
json
{
"limit": <int>,
"offset": <int>,
"filtered_count": <int>,
"total_count": <int>,
"next": <str | null>,
"previous": <str | null>,
"results": [
{
"id": <int>,
"name": <str>,
"added_at": <datetime>,
"created_by": <user>,
"modified_at": <datetime>,
"modified_by": <user>,
"num_of_members": <int>,
"num_of_owners": <int>,
"_meta": {
"permissions": {
"list": <bool>,
"view": <bool>,
"create": <bool>,
"edit": <bool>,
"delete": <bool>
"edit_perm_sets": <bool>
"edit_members": <bool>
"edit_owners": <bool>
}
}
}
]
}Sorting
| Parameter | Example | Notes |
|---|---|---|
| id | /api/users/?ordering=id | Ascending |
| id | /api/users/?ordering=-id | Descending (-) |
| name | /api/users/?ordering=name | Ascending |
| name | /api/users/?ordering=-name | Descending (-) |
| added_at | /api/users/?ordering=added_at | Ascending |
| added_at | /api/users/?ordering=-added_at | Descending (-) |
| num_of_members | /api/users/?ordering=num_of_members | Ascending |
| num_of_members | /api/users/?ordering=-num_of_members | Descending (-) |
| num_of_owners | /api/users/?ordering=num_of_owners | Ascending |
| num_of_owners | /api/users/?ordering=-num_of_owners | Descending (-) |
| created_at | /api/users/?ordering=created_at | Ascending |
| created_at | /api/users/?ordering=-created_at | Descending (-) |
| modified_at | /api/users/?ordering=modified_at | Ascending |
| modified_at | /api/users/?ordering=-modified_at | Descending (-) |
Filtering
Please check ALX API standards for predicates available per type.
| Parameter | Type |
|---|---|
| id | int |
| name | |
| added_at | datetime |
| num_of_members | int |
| num_of_owners | int |
| created_at | datetime |
| created_by | user |
| modified_at | datetime |
| modified_by | user |
Errors
| Error | Response code | Message |
|---|---|---|
| Wrong ordering value | 400 Bad Request | "ordering": ["Select a valid choice. {value} is not one of the available choices."] |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
Invalid id in URL | 404 Not Found | "detail": ["Not found."] |
OPTIONS /api/users/id/user-groups/
Permissions
Requires authentication only.
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
OPTIONS /api/users/
id/user-groups/
Response
- Successful status
200 OK - Response body:
json
{
"list": {
"columns": [
{
"alias": "id",
"type": "int",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "name",
"type": "string",
"predicates": [
"exact",
"iexact",
"contains",
"icontains",
"startswith",
"istartswith",
"endswith",
"iendswith"
],
"sort_ok": true
},
{
"alias": "added_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "created_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
},
{
"alias": "modified_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
},
{
"alias": "num_of_members",
"type": "int",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "num_of_owners",
"type": "int",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "created_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "modified_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
}
]
}
}GET /api/users/ws-auth/
Permissions
Requires authentication
Request
- Headers
Content-Type: application/json
Authorization: JWT access_token- Schema
json
GET /api/users/ws-auth/Response
| Key | Type | Notes |
|---|---|---|
| uuid | string | The UUID is a standard unique identifier generated by the system and is valid for 5 minutes. The UUID can be used only once, it will expire when use. |
- Successful status
200 OK - Response body schema
json
{
"uuid": "f1b1b1b1-1b1b-1b1b-1b1b-1b1b1b1b1b1b",
}Errors
| Error | Response code | Message |
|---|---|---|
| Invalid token | 401 Unauthorized | "detail": "Authentication credentials were not provided." |