Admin
Administrative endpoints for managing users and their role assignments. All endpoints require the caller to hold the users_admin role.
Table of Content:
Create user
Create a new user account on behalf of someone else. Two modes:
- Default (
notifyomitted orfalse) — the admin receives a fresh API key pair in the response, intended for programmatic setup. No email is sent. - Invite mode (
notify: true) — the server emails the recipient a welcome message with a link to the portal where they can sign in with email + OTP. The response omits the API key pair fields, since no programmatic credential is created in this path.
Endpoint: https://apis.threatwinds.com/api/auth/v2/admin/user
Parameters
| Parameter | Location | Type | Required | Description | Example |
|---|---|---|---|---|---|
| body | string | Yes | Email address for the new user. | “john@doe.net” | |
| fullName | body | string | Yes | The user’s full name. | “John Doe” |
| alias | body | string | Yes | Unique alias / username. | “johny” |
| roles | body | string[] | Yes | Roles to grant on create. Allowed: "user", "reporter", "trusted". | ["user"] |
| notify | body | bool | No | When true, send an invite email instead of returning an API key pair. | false |
Headers
| Header | Required | Description |
|---|---|---|
| Authorization | Yes | Bearer token. |
| api-key | No | API key (alternative). |
| api-secret | No | API secret. |
To create a user with an API key pair:
curl -X 'POST' \
'https://apis.threatwinds.com/api/auth/v2/admin/user' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"email": "john@doe.net",
"fullName": "John Doe",
"alias": "johny",
"roles": ["user"]
}'
To invite a user via email:
curl -X 'POST' \
'https://apis.threatwinds.com/api/auth/v2/admin/user' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"email": "john@doe.net",
"fullName": "John Doe",
"alias": "johny",
"roles": ["user"],
"notify": true
}'
Returns
Default mode (keypair response):
{
"userID": "5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e",
"email": "john@doe.net",
"apiKey": "fq6JoEFTsxiXAl1cVxPDnK4emIQCwaUB",
"apiSecret": "fq6JoEFTsxiXAl1cVxPDnK4emIQCwaUBfq6JoEFTsxiXAl1cVxPDnK4emIQCwaUB",
"keyID": "5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e",
"keyName": "johny",
"expireAt": 1674492894,
"verified": false
}
Invite mode (notify: true):
{
"userID": "5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e",
"email": "john@doe.net"
}
Delete user
Delete a user account by ID.
Endpoint: https://apis.threatwinds.com/api/auth/v2/admin/user/{id}
Parameters
| Parameter | Location | Type | Required | Description | Example |
|---|---|---|---|---|---|
| id | path | string | Yes | The ID of the user to delete. | “5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e” |
Headers as above.
curl -X 'DELETE' \
'https://apis.threatwinds.com/api/auth/v2/admin/user/5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e' \
-H 'Authorization: Bearer <token>'
Returns
HTTP 202 with no body on success.
Assign role to user
Grant an app-level role to an existing user. Assignable role names: user, reporter, trusted, users_admin, billing_admin, routes_admin, partner.
Endpoint: https://apis.threatwinds.com/api/auth/v2/admin/user/{id}/roles
Parameters
| Parameter | Location | Type | Required | Description | Example |
|---|---|---|---|---|---|
| id | path | string | Yes | The user’s ID. | “5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e” |
| role | body | string | Yes | Role name to assign. | “trusted” |
curl -X 'POST' \
'https://apis.threatwinds.com/api/auth/v2/admin/user/5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e/roles' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{"role": "trusted"}'
Returns
{
"userID": "5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e",
"role": "trusted"
}
409 if the user already has the role; 400 if the role name isn’t one of the assignable set.
Unassign role from user
Remove a role from a user.
Endpoint: https://apis.threatwinds.com/api/auth/v2/admin/user/{id}/roles/{name}
Parameters
| Parameter | Location | Type | Required | Description | Example |
|---|---|---|---|---|---|
| id | path | string | Yes | The user’s ID. | “5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e” |
| name | path | string | Yes | Role name to remove. | “trusted” |
curl -X 'DELETE' \
'https://apis.threatwinds.com/api/auth/v2/admin/user/5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e/roles/trusted' \
-H 'Authorization: Bearer <token>'
Returns
HTTP 204 with no body. 409 if the user doesn’t currently hold that role.
List user’s roles
List every app-level role a user currently holds.
Endpoint: https://apis.threatwinds.com/api/auth/v2/admin/user/{id}/roles
Parameters
| Parameter | Location | Type | Required | Description | Example |
|---|---|---|---|---|---|
| id | path | string | Yes | The user’s ID. | “5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e” |
curl -X 'GET' \
'https://apis.threatwinds.com/api/auth/v2/admin/user/5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e/roles' \
-H 'Authorization: Bearer <token>'
Returns
{
"userID": "5f35d2c4-5633-4b16-bbf0-5ca22ef8ea2e",
"roles": ["user", "trusted"]
}