Certicheck

User Routes

This page provides routes for managing users. The following routes are available:

POST /users

Description: Creates a new user for organization.

Authentication: Requires OWNER role with user_management,create and write permission.

Parameters: None

Request Body:

json
{
  "user": {
    "firstName": "John", // (string, required): The first name of the user.
    "lastName": "Doe", // (string, required): The last name of the user.
    "email": "johndoe@example.com" //(string, required): The email of the user
  },
  "organization": {
    "role": "OWNER", // (array of strings, required): The role of the user
    "accessScope": ["read", "write", "update"], // (array of strings, required): The access scopes granted to the user
    "applicationName": "tokenMinter" // (string, required): The name of the application or service the user belongs to.
  }
}

Response:

  • 201 Created with the newly created user object.
json
{
  "localUser": {
    "deleted": false,
    "email": "johndoe@example.com",
    "orgId": "6672c1973ea83f202742da3c",
    "credits": [],
    "creditsRemaining": 0,
    "creditsTotal": 0,
    "creditsUsed": 0,
    "id": "667d49c5e99f7b8df036bc4f"
  },
  "response": {
    "data": {
      "createdBy": "66740e7d73420fb7e949e2e3",
      "deleted": false,
      "email": "johndoe@example.com",
      "emailVerified": false,
      "failedLoginAttempts": 0,
      "firstName": "John",
      "lastName": "Doe",
      "organizations": [
        {
          "accessScope": ["read", "write", "update", "user_management"],
          "applicationName": "tokenMinter",
          "deleted": false,
          "orgId": "6672c1973ea83f202742da3c",
          "role": "OWNER",
          "_id": "667d49c5e99f7b8df036bc50"
        }
      ],
      "profilePicture": {
        "original": "",
        "thumbnail": ""
      },
      "twoFactorAuth": false,
      "_id": "667d49c5e99f7b8df036bc4f",
      "createdAt": "2024-06-27T11:15:17.080Z",
      "updatedAt": "2024-06-27T11:15:17.080Z",
      "__v": 0
    },
    "message": "Registration successful. Verification email sent.",
    "status": "success"
  }
}

Errors:

  • 400 Bad Request if the request body is missing required fields or contains invalid data.
  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 500 Internal Server Error if there is an issue creating the user in the database.

Usage:

To create a new user, send a POST request to /users with a JSON request body containing the user and organization details as specified.

GET /users

Description: Retrieves a list of all users of the particular organization of the owner calling the route.

Authentication: Requires OWNER role with user_management and read permission.

Parameters: None

Response:

  • 200 OK with an array of user objects.
json
[
  {
    "email": "johndoe@example.com",
    "deleted": false,
    "orgId": "abcd1234",
    "credits": [],
    "creditsRemaining": 0,
    "creditsTotal": 0,
    "creditsUsed": 0,
    "id": "1234abcd"
  },
  {
    "deleted": false,
    "email": "janedoe@example.com",
    "orgId": "abcd1234",
    "credits": [],
    "creditsRemaining": 0,
    "creditsTotal": 0,
    "creditsUsed": 0,
    "id": "abcd5678"
  }
]

Errors:

  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 500 Internal Server Error if there is an issue retrieving users from the database.

Usage:

To get a user, send a GET request to /users

POST /users/owner

Description: Creates a new owner user for the organization.

Authentication: Requires ADMIN role with user_management, create and write permissions.

Parameters: None

Request Body:

json
{
  "user": {
    "firstName": "John", // (string, required): The first name of the user
    "lastName": "Doe", // (string, required): The last name of the user.
    "email": "johndoe@example.com" // (string, required): The email of the user.
  },
  "organization": {
    "role": "OWNER", // (string, required): The role of the user within the organization,
    "orgId": "6672c1973ea83f202742da3c", // (string, required): The ID of the organization the user belongs to
    "accessScope": ["read", "write", "update"], // (array of strings, required): The access scopes granted to the user
    "applicationName": "tokenMinter" // (string, required): The name of the application or service the user belongs to.
  }
}

Response:

  • 201 Created with the newly created owner user object.
json
{
  "localUser": {
    "deleted": false,
    "email": "johndoe@example.com",
    "orgId": "6672c1973ea83f202742da3c",
    "credits": [],
    "creditsRemaining": 0,
    "creditsTotal": 0,
    "creditsUsed": 0,
    "id": "667d49c5e99f7b8df036bc4f"
  },
  "response": {
    "data": {
      "createdBy": "66740e7d73420fb7e949e2e3",
      "deleted": false,
      "email": "johndoe@example.com",
      "emailVerified": false,
      "failedLoginAttempts": 0,
      "firstName": "John",
      "lastName": "Doe",
      "organizations": [
        {
          "accessScope": ["read", "write", "update", "user_management"],
          "applicationName": "tokenMinter",
          "deleted": false,
          "orgId": "6672c1973ea83f202742da3c",
          "role": "OWNER",
          "_id": "667d49c5e99f7b8df036bc50"
        }
      ],
      "profilePicture": {
        "original": "",
        "thumbnail": ""
      },
      "twoFactorAuth": false,
      "_id": "667d49c5e99f7b8df036bc4f",
      "createdAt": "2024-06-27T11:15:17.080Z",
      "updatedAt": "2024-06-27T11:15:17.080Z",
      "__v": 0
    },
    "message": "Registration successful. Verification email sent.",
    "status": "success"
  }
}

Errors:

  • 400 Bad Request if the request body is missing required fields or contains invalid data.
  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 500 Internal Server Error if there is an issue creating the owner user in the database.

Usage:

To create a new owner user, send a POST request to /users/owner with a JSON request body containing the user and organization details as specified.

POST /users/registerLocalUser

Description: Creates a new local user in the application database.

Authentication: Requires OWNER role with user_management,create and write permission.

Parameters: None

Request Body:

json
{
  "email": "john@example.com", // (string, required): The ID of the user.
  "userId": "667d4f40e99f7b8df036bc87" //  (string, required): The email address of the user.
}

Response:

  • 201 Created with the newly created local user object.

Errors:

  • 400 Bad Request if the request body is missing required fields or contains invalid data.
  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 500 Internal Server Error if there is an issue creating the local user in the database.

Usage:

To create a new user, send a POST request to /users with a JSON request body containing the user and organization details as specified.

GET /users/profile

Description: Retrieves the profile of the authenticated user.

Authentication: Requires USER role with read permission.

Parameters: None

Response:

  • 200 OK with the user profile object.
json
{
  "email": "johndoe@example.com",
  "deleted": false,
  "orgId": "6672c1973ea83f202742da3c",
  "credits": [],
  "creditsRemaining": 0,
  "creditsTotal": 0,
  "creditsUsed": 0,
  "id": "66740e7d73420fb7e949e2e3"
}

Errors:

  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 500 Internal Server Error if there is an issue retrieving the user profile from the database.

Usage: To get details of logged in user, send a GET request to /users/profile.

GET /users/:userId

Description: Retrieves a specific user by ID.

Authentication: Requires ADMIN or OWNER role with read permission.

Parameters:

  • userId (number, required): The ID of the user to retrieve.

Response:

  • 200 OK with the user object.
json
{
  "email": "johndoe@example.com",
  "deleted": false,
  "orgId": "6672c1973ea83f202742da3c",
  "credits": [],
  "creditsRemaining": 0,
  "creditsTotal": 0,
  "creditsUsed": 0,
  "id": "66740e7d73420fb7e949e2e3"
}

Errors:

  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 404 Not Found if the user with the specified ID does not exist.
  • 500 Internal Server Error if there is an issue retrieving the user from the database.

Usage:

To get details of a specific user, send a GET request to /users/:userId.

DELETE /users/:userId

Description: Deletes a user by ID.

Authentication: Requires ADMIN or OWNER role with user_management and delete permission.

Parameters:

  • userId (number, required): The ID of the user to delete.

Response:

  • 204 No Content if the user was successfully deleted.
json
{
  "message": "User deleted successfully"
}

Errors:

  • 401 Unauthorized if the user is not authenticated or does not have the required permissions.
  • 404 Not Found if the user with the specified ID does not exist.
  • 500 Internal Server Error if there is an issue deleting the user from the database.

Usage:

To delete a user from organization, send a DELETE request to /users/:userId.

API Documentation created with ❤️ by TrackGenesis

Copyright © 2025 TrackGenesis®