Users

User Endpoints #

User Retrieval #

GET /users/{id}

Retrieves a user by its ID.

Authentication required: yes

Permissions: users-read

Query parameters: none

Request body: none

Response body:

{
	"id": "9bsv0s78ajk0036f3m60",
	"created_at": "2020-09-10T21:01:20Z",
	"updated_at": "2020-09-10T21:01:20Z",
	"name": "Currer",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"exchange-orders-read",
		"exchange-live-data-read",
		"engine-configs-read",
		"engine-configs-write"
	],
    "root": false
}

  • id - string
    The ID of the user.

  • created_at - string (RFC 3339)
    The exact time when the user was created.

  • updated_at - string (RFC 3339)
    The exact time when the user was updated.

  • name - string
    The name of the user.

  • permissions - array of strings
    The permissions assigned to the user. The full list of permissions can be found here.

  • root - boolean
    Specifies whether the user is the root (also known as, admin) user or not.

User Self-Retrieval #

GET /users/self

Retrieves an authenticated user.

Authentication required: yes

Permissions: none

Query parameters: none

Request boody: none

Response body:

{
	"id": "9bsv0s78ajk0036f3m60",
	"created_at": "2020-09-10T21:01:20Z",
	"updated_at": "2020-09-10T21:01:20Z",
	"name": "Currer",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"exchange-orders-read",
		"exchange-live-data-read",
		"engine-configs-read",
		"engine-configs-write"
	],
    "root": false
}
User properties are described in detail here.

Multiple Users Retrieval #

GET /users

Retrieves multiple users.

Authentication required: yes

Permissions: users-read

Query parameters:

  • limit - unsigned int
    The number of users per page.

  • page - unsigned int
    The user batch index.

  • filter-name-includes - string (optional; default: unused)
    If specified, only users whose names include this value are returned. The filtering process is case-insensitive.

    filter-name-includes should be used as the default search bar filter.

  • sort-{index}-created-at - string (enum; optional; default: unused)
    If specified, users are sorted by their creation timestamps. The value determines whether ascending (asc) or descending (desc) order is used.

  • sort-{index}-updated-at - string (enum; optional; default: unused)
    If specified, users are sorted by their update timestamps. The value determines whether ascending (asc) or descending (desc) order is used.

  • sort-{index}-name - string (enum; optional; default: unused)
    If specified, users are sorted by their names. The value determines whether ascending (asc) or descending (desc) order is used.

Many different filter- and sort- keys may be used at the same time, however, to ensure predictable sorting, sort- keys must include an index denoting their precendence. For example, if ?sort-1-name=asc&sort-2-created-at=desc query is being used, users are first sorted by their names and only then by their creation timestamps.

Request body: none

Response body:

{
	"page_count": 300,
	"users": [
		{
			"id": "9bsv0s78ajk0036f3m60",
			"created_at": "2020-09-10T21:01:20Z",
			"updated_at": "2020-09-10T21:01:20Z",
			"name": "Currer",
			"permissions": [
				"engine-state-read",
				"engine-state-write",
				"exchange-orders-read",
				"exchange-live-data-read",
				"engine-configs-read",
				"engine-configs-write"
			],
            "root": false
		},
		{
			"id": "12sv0s78ajk0036f3m60",
			"created_at": "2020-09-10T21:01:20Z",
			"updated_at": "2020-09-10T21:01:20Z",
			"name": "Ellis",
			"permissions": [
				"engine-state-read",
				"engine-configs-read"
			],
            "root": false
		}
	]
}

  • page_count - unsigned int
    The number of available pages that may be retrieved with the same filtering options.

  • users - array of objects
    The array of users.

    User properties are described in detail here.

User Count Retrieval #

GET /users/count

Retrieves the total number of users.

Authentication required: yes

Permissions: users-read

Query parameters: none

Request body: none

Response body:

{
	"count": 300
}
  • count - unsigned int
    The total number of users.

User Creation #

POST /users

Creates a new user.

Authentication required: yes

Permissions: users-write

Query parameters: none

Request body:

{
	"name": "Currer",
	"password": "secret123",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"exchange-orders-read",
		"exchange-live-data-read",
		"engine-configs-read",
		"engine-configs-write"
	]
}

  • name - string
    The name of the new user. It must match the following regexp: ^[\w-.]+$

  • password - string
    The password of the new user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character.

  • permissions - array of strings (optional; default: unused)
    The permissions assigned to the new user. The full list of permissions can be found here.

Response body:

{
	"id": "9bsv0s78ajk0036f3m60",
	"created_at": "2020-09-10T21:01:20Z",
	"updated_at": "2020-09-10T21:01:20Z",
	"name": "Currer",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"exchange-orders-read",
		"exchange-live-data-read",
		"engine-configs-read",
		"engine-configs-write"
	],
    "root": false
}
User properties are described in detail here.

User Update #

PATCH /users/{id}

Updates a user by its ID.

Authentication required: yes

Permissions: users-write

Query parameters: none

Request body:

{
	"name": "Currer1",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"engine-configs-read",
		"engine-configs-write"
	]
}

  • name - string (optional; default: unused)
    The new name of the user. It must match the following regexp: ^[\w-.]+$

  • permissions - array of strings (optional; default: unused)
    The new permission list of the user. The new array replaces the old one on the user’s object, so if a new permission is needed in the middle of the old array, the whole updated array must be sent. The full list of permissions can be found here.

Response body: none

User Self-Update #

PATCH /users/self

Updates an authenticated user.

Authentication required: yes

Permissions: none

Query parameters: none

Request body:

{
	"name": "Currer1",
	"password": "secret1234",
	"old_password": "secret123"
}

  • name - string (optional; default: unused)
    The new name of the user. It must match the following regexp: ^[\w-.]+$

  • password - string (optional; default: unused)
    The new password of the user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character.

  • old_password - string (mandatory if ‘password’ is provided; default: unused)
    The old password of the user. It is only used to verify the user before changing its password. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character.

Response body: none

User Deletion #

DELETE /users/{id}

Deletes a user by its ID.

Authentication required: yes

Permissions: users-write

Query parameters: none

Request body: none

Response body: none

Root User Status Retrieval #

GET /users/root-status

Retrieves the root (also known as, admin) user’s account status information.

Authentication required: no

Permissions: none

Query parameters: none

Request body: none

Response body:

{
    "default_password": true
}
  • default_password - boolean
    Specifies whether the root user has the default password active or not.

Login #

POST /auth

Creates a new session for a user.

Authentication required: no

Permissions: none

Query parameters: none

Request body:

{
	"name": "Currer",
	"password": "secret123",
	"long_session": true
}

  • name - string
    The name of the user. It must match the following regexp: ^[\w-.]+$

  • password - string
    The password of the user. It must contain at least eight characters in total, out of which at least one should be an upper case letter, one lower case letter, one number and one special character.

  • long_session - boolean (optional; default: false)
    If provided, specifies whether the session cookie should remain active after the client (e.g., browser) restarts. If the value is true, the session expires in two weeks after its creation.

Response body:

{
	"id": "9bsv0s78ajk0036f3m60",
	"created_at": "2020-09-10T21:01:20Z",
	"updated_at": "2020-09-10T21:01:20Z",
	"name": "Currer",
	"permissions": [
		"engine-state-read",
		"engine-state-write",
		"exchange-orders-read",
		"exchange-live-data-read",
		"engine-configs-read",
		"engine-configs-write"
	],
    "root": false
}
User properties are described in detail here.

Logout #

DELETE /auth

Terminates an active session.

Authentication required: yes

Permissions: none

Query parameters: none

Request body: none

Response body: none