Skip to content
Authrim

EndUser Management

Overview

The EndUser Management API provides endpoints for managing end user accounts within a tenant. In addition to creating, updating, and deleting users, operations such as suspend, lock, and anonymize are available.

Endpoint List

MethodEndpointDescription
GET/api/admin/usersList users
GET/api/admin/users/:idGet user details
POST/api/admin/usersCreate user
PUT/api/admin/users/:idUpdate user
DELETE/api/admin/users/:idDelete user
POST/api/admin/users/:id/suspendSuspend user
POST/api/admin/users/:id/unsuspendUnsuspend user
POST/api/admin/users/:id/lockLock user
POST/api/admin/users/:id/unlockUnlock user
POST/api/admin/users/:id/anonymizeAnonymize user
POST/api/admin/users/:id/retry-piiRetry PII sync
DELETE/api/admin/users/:id/piiDelete PII

List Users

Retrieve a list of users within the tenant.

Endpoint

GET /api/admin/users

Query Parameters

ParameterTypeRequiredDescription
limitinteger-Number of items (default: 20, max: 100)
cursorstring-Pagination cursor
searchstring-Search query (email, name)
statusstring-Status filter (active, suspended, locked)
rolestring-Role filter
created_afterinteger-After creation date (Unix timestamp)
created_beforeinteger-Before creation date (Unix timestamp)

Request Example

Terminal window
curl -X GET "https://{tenant-domain}/api/admin/users?limit=20&status=active" \
  -H "Authorization: Bearer {token}"

Response Example

{
  "items": [
    {
      "id": "usr_abc123",
      "email": "[email protected]",
      "name": "John Doe",
      "status": "active",
      "email_verified": true,
      "created_at": 1705881600,
      "updated_at": 1705968000,
      "last_login_at": 1706054400
    }
  ],
  "total": 150,
  "cursor": "eyJpZCI6InVzcl9hYmMxMjMifQ=="
}

Get User Details

Retrieve detailed information for a specified user.

Endpoint

GET /api/admin/users/:id

Path Parameters

ParameterTypeRequiredDescription
idstringUser ID

Request Example

Terminal window
curl -X GET "https://{tenant-domain}/api/admin/users/usr_abc123" \
  -H "Authorization: Bearer {token}"

Response Example

{
  "id": "usr_abc123",
  "email": "[email protected]",
  "name": "John Doe",
  "status": "active",
  "email_verified": true,
  "phone": "+1-555-123-4567",
  "phone_verified": true,
  "profile": {
    "picture": "https://example.com/avatar.jpg",
    "locale": "en",
    "timezone": "America/New_York"
  },
  "metadata": {
    "department": "Engineering"
  },
  "created_at": 1705881600,
  "updated_at": 1705968000,
  "last_login_at": 1706054400,
  "login_count": 42,
  "failed_login_attempts": 0
}

Error Responses

HTTP StatusError CodeDescription
404user_not_foundUser not found

Create User

Create a new user.

Endpoint

POST /api/admin/users

Request Body

FieldTypeRequiredDescription
emailstringEmail address
namestring-Display name
passwordstring-Password (invitation email sent if not specified)
phonestring-Phone number
email_verifiedboolean-Mark as email verified
phone_verifiedboolean-Mark as phone verified
profileobject-Profile information
metadataobject-Custom metadata
send_welcome_emailboolean-Send welcome email (default: true)

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "[email protected]",
    "name": "New User",
    "password": "SecurePassword123!",
    "email_verified": true,
    "profile": {
      "locale": "en",
      "timezone": "America/New_York"
    },
    "metadata": {
      "department": "Sales"
    }
  }'

Response Example

{
  "id": "usr_xyz789",
  "email": "[email protected]",
  "name": "New User",
  "status": "active",
  "email_verified": true,
  "created_at": 1706140800,
  "updated_at": 1706140800
}

Error Responses

HTTP StatusError CodeDescription
409email_already_existsEmail address is already in use
422validation_errorInvalid input data

Update User

Update existing user information.

Endpoint

PUT /api/admin/users/:id

Path Parameters

ParameterTypeRequiredDescription
idstringUser ID

Request Body

FieldTypeRequiredDescription
emailstring-Email address
namestring-Display name
phonestring-Phone number
email_verifiedboolean-Email verification status
phone_verifiedboolean-Phone verification status
profileobject-Profile information
metadataobject-Custom metadata

Request Example

Terminal window
curl -X PUT "https://{tenant-domain}/api/admin/users/usr_abc123" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "John Doe (Updated)",
    "metadata": {
      "department": "Marketing"
    }
  }'

Response Example

{
  "id": "usr_abc123",
  "email": "[email protected]",
  "name": "John Doe (Updated)",
  "status": "active",
  "updated_at": 1706227200
}

Delete User

Delete a user.

Endpoint

DELETE /api/admin/users/:id

Path Parameters

ParameterTypeRequiredDescription
idstringUser ID

Request Example

Terminal window
curl -X DELETE "https://{tenant-domain}/api/admin/users/usr_abc123" \
  -H "Authorization: Bearer {token}"

Response

Status code 204 No Content (no body)

Suspend User

Temporarily suspend a user. Suspended users cannot log in.

Endpoint

POST /api/admin/users/:id/suspend

Path Parameters

ParameterTypeRequiredDescription
idstringUser ID

Request Body

FieldTypeRequiredDescription
reasonstring-Suspension reason

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/suspend" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "reason": "Terms of service violation"
  }'

Response Example

{
  "id": "usr_abc123",
  "status": "suspended",
  "suspended_at": 1706313600,
  "suspended_reason": "Terms of service violation"
}

Unsuspend User

Reactivate a suspended user.

Endpoint

POST /api/admin/users/:id/unsuspend

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/unsuspend" \
  -H "Authorization: Bearer {token}"

Response Example

{
  "id": "usr_abc123",
  "status": "active",
  "unsuspended_at": 1706400000
}

Lock User

Lock a user. Typically used when suspicious access is detected.

Endpoint

POST /api/admin/users/:id/lock

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/lock" \
  -H "Authorization: Bearer {token}" \
  -H "Content-Type: application/json" \
  -d '{
    "reason": "Suspicious login attempts detected"
  }'

Unlock User

Unlock a locked user.

Endpoint

POST /api/admin/users/:id/unlock

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/unlock" \
  -H "Authorization: Bearer {token}"

Anonymize User

Anonymize user personal information for compliance with privacy regulations such as GDPR.

Endpoint

POST /api/admin/users/:id/anonymize

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/anonymize" \
  -H "Authorization: Bearer {token}"

Response Example

{
  "id": "usr_abc123",
  "status": "anonymized",
  "anonymized_at": 1706486400
}

Retry PII Sync

Retry synchronization for users where PII database sync failed.

Endpoint

POST /api/admin/users/:id/retry-pii

Request Example

Terminal window
curl -X POST "https://{tenant-domain}/api/admin/users/usr_abc123/retry-pii" \
  -H "Authorization: Bearer {token}"

Response Example

{
  "id": "usr_abc123",
  "pii_sync_status": "synced",
  "pii_synced_at": 1706572800
}

Delete PII

Delete only the user’s PII (Personally Identifiable Information). Core data is retained.

Endpoint

DELETE /api/admin/users/:id/pii

Request Example

Terminal window
curl -X DELETE "https://{tenant-domain}/api/admin/users/usr_abc123/pii" \
  -H "Authorization: Bearer {token}"

Response

Status code 204 No Content (no body)