User Endpoints #
User Retrieval #
GET /users/{id}
Retrieves a user by its ID.
Authentication required: yes
Permissions: users-read
Query parameters: none
Request body: none
Response body:
{
"id": "9bsv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Currer",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
],
"root": false
}
-
id
- string
The ID of the user. -
created_at
- string (RFC 3339)
The exact time when the user was created. -
updated_at
- string (RFC 3339)
The exact time when the user was updated. -
name
- string
The name of the user. -
permissions
- array of strings
The permissions assigned to the user. The full list of permissions can be found here. -
root
- boolean
Specifies whether the user is the root (also known as, admin) user or not.
User Self-Retrieval #
GET /users/self
Retrieves an authenticated user.
Authentication required: yes
Permissions: none
Query parameters: none
Request boody: none
Response body:
{
"id": "9bsv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Currer",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
],
"root": false
}
User properties are described in detail here.
Multiple Users Retrieval #
GET /users
Retrieves multiple users.
Authentication required: yes
Permissions: users-read
Query parameters:
-
limit
- unsigned int
The number of users per page. -
page
- unsigned int
The user batch index. -
filter-name-includes
- string (optional; default: unused)
If specified, only users whose names include this value are returned. The filtering process is case-insensitive.filter-name-includes
should be used as the default search bar filter. -
sort-{index}-created-at
- string (enum; optional; default: unused)
If specified, users are sorted by their creation timestamps. The value determines whether ascending (asc
) or descending (desc
) order is used. -
sort-{index}-updated-at
- string (enum; optional; default: unused)
If specified, users are sorted by their update timestamps. The value determines whether ascending (asc
) or descending (desc
) order is used. -
sort-{index}-name
- string (enum; optional; default: unused)
If specified, users are sorted by their names. The value determines whether ascending (asc
) or descending (desc
) order is used.
Many differentfilter-
andsort-
keys may be used at the same time, however, to ensure predictable sorting,sort-
keys must include an index denoting their precendence. For example, if?sort-1-name=asc&sort-2-created-at=desc
query is being used, users are first sorted by their names and only then by their creation timestamps.
Request body: none
Response body:
{
"page_count": 300,
"users": [
{
"id": "9bsv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Currer",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
],
"root": false
},
{
"id": "12sv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Ellis",
"permissions": [
"engine-state-read",
"engine-configs-read"
],
"root": false
}
]
}
-
page_count
- unsigned int
The number of available pages that may be retrieved with the same filtering options. -
users
- array of objects
The array of users.User properties are described in detail here.
User Count Retrieval #
GET /users/count
Retrieves the total number of users.
Authentication required: yes
Permissions: users-read
Query parameters: none
Request body: none
Response body:
{
"count": 300
}
count
- unsigned int
The total number of users.
User Creation #
POST /users
Creates a new user.
Authentication required: yes
Permissions: users-write
Query parameters: none
Request body:
{
"name": "Currer",
"password": "secret123",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
]
}
-
name
- string
The name of the new user. It must match the following regexp:^[\w-.]+$
-
password
- string
The password of the new user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character. -
permissions
- array of strings (optional; default: unused)
The permissions assigned to the new user. The full list of permissions can be found here.
Response body:
{
"id": "9bsv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Currer",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
],
"root": false
}
User properties are described in detail here.
User Update #
PATCH /users/{id}
Updates a user by its ID.
Authentication required: yes
Permissions: users-write
Query parameters: none
Request body:
{
"name": "Currer1",
"permissions": [
"engine-state-read",
"engine-state-write",
"engine-configs-read",
"engine-configs-write"
]
}
-
name
- string (optional; default: unused)
The new name of the user. It must match the following regexp:^[\w-.]+$
-
permissions
- array of strings (optional; default: unused)
The new permission list of the user. The new array replaces the old one on the user’s object, so if a new permission is needed in the middle of the old array, the whole updated array must be sent. The full list of permissions can be found here.
Response body: none
User Self-Update #
PATCH /users/self
Updates an authenticated user.
Authentication required: yes
Permissions: none
Query parameters: none
Request body:
{
"name": "Currer1",
"password": "secret1234",
"old_password": "secret123"
}
-
name
- string (optional; default: unused)
The new name of the user. It must match the following regexp:^[\w-.]+$
-
password
- string (optional; default: unused)
The new password of the user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character. -
old_password
- string (mandatory if ‘password’ is provided; default: unused)
The old password of the user. It is only used to verify the user before changing its password. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character.
Response body: none
User Deletion #
DELETE /users/{id}
Deletes a user by its ID.
Authentication required: yes
Permissions: users-write
Query parameters: none
Request body: none
Response body: none
Root User Status Retrieval #
GET /users/root-status
Retrieves the root (also known as, admin) user’s account status information.
Authentication required: no
Permissions: none
Query parameters: none
Request body: none
Response body:
{
"default_password": true
}
default_password
- boolean
Specifies whether the root user has the default password active or not.
Login #
POST /auth
Creates a new session for a user.
Authentication required: no
Permissions: none
Query parameters: none
Request body:
{
"name": "Currer",
"password": "secret123",
"long_session": true
}
-
name
- string
The name of the user. It must match the following regexp:^[\w-.]+$
-
password
- string
The password of the user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character. -
long_session
- boolean (optional; default: false)
If provided, specifies whether the session cookie should remain active after the client (e.g., browser) restarts. If the value istrue
, the session expires in two weeks after its creation.
Response body:
{
"id": "9bsv0s78ajk0036f3m60",
"created_at": "2020-09-10T21:01:20Z",
"updated_at": "2020-09-10T21:01:20Z",
"name": "Currer",
"permissions": [
"engine-state-read",
"engine-state-write",
"exchange-orders-read",
"exchange-live-data-read",
"engine-configs-read",
"engine-configs-write"
],
"root": false
}
User properties are described in detail here.
Logout #
DELETE /auth
Terminates an active session.
Authentication required: yes
Permissions: none
Query parameters: none
Request body: none
Response body: none