-
Notifications
You must be signed in to change notification settings - Fork 1
API Users
Remember before using any API you will need to first authentication. Read more about authenticating
Get token before using any of the below calls
curl http://localhost:8080/token \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-u "apitestuseradmin:TestPassword"
{
_id: {Internal Identifier},
dateCreated: ISODate("2013-11-20T22:27:41.%LZ"),
email: "[email protected]",
enabled: false,
firstname: "Test",
lastname: "User",
login: "somelogin",
pass_hash: "some crypto hash",
permissions: [],
profile: {},
role: "admin",
salt: "some salt"
}
-
role: Available roles (admin, editor, author, reader, external, none) admin: can do anything (manage users, permissions, content, nodes, content types) editor: can completely manage content and nodes author: can manage content reader: only read content external: equivalent to reader but different in case your application needs to handle them differently none: user can't do anything
- NOTE: There are 2 concepts of roles, the first is global the second is by node. An admin can specify specific permissions by node to help protect data.
-
permissions: where node specific permissions are stored for a user
-
profile: this is where you can save custom information about a user and store whatever you wish, every application is different and this can be were custom data gets saved
The GET /users API call will return a list of users in the CMS.
GET /users
Example Call
curl http://localhost:8080/users \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-H "authorization: Token {valid token}"
Available Params
There are some supported querystring parameters that will allow you to page through the user list.
- limit - [Integer] Number of results to return
- skip - [Integer] Starting index
Example call with params
curl http://localhost:8080/users?limit=10&skip=0 \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-H "authorization: Token {valid token}"
Display records from 1-10
Gets currently authenticated user.
GET /user
Example Call
curl http://localhost:8080/user \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-H "authorization: Token {valid token}"
Get a single user.
GET /users/:id
Example Call
curl http://localhost:8080/users/{userid} \
-H "Accept: application/json" \
-H "Accept-Language: en_US" \
-H "authorization: Token {valid token}"
Parameters:
- id (required) - The ID of a user
Creates a new user. Note only administrators can create new users.
POST /users
Example Call
curl -X POST http://localhost:8080/users -H "Accept: application/json" -H "Accept-Language: en_US" -H "authorization: Token Yjk5Njc5MTAtNmU5Ni00YTAzLWJmNTEtNmRhOGRkN2VjYjlh" -d '{"login": "testuserdocumentation", "role": "reader","enabled": true,"email": "[email protected]", "name": "Test User", "password": "TestPassword"}'
Parameters:
- email (required) - Email
- password (required) - Password
- login (required) - Username
- name (required) - Name
Modifies an existing user. Only administrators can change attributes of a user.
PUT /users
Parameters:
Required Fields: '_id', 'name', 'email', 'role', 'login'
You can optionally decorate the user with any other information that you want.
Results
Deletes a user. Available only for administrators. This is an idempotent function, calling this function for a non-existent user id still returns a status code 200 Ok. The JSON response differs if the user was actually deleted or not. In the former the user is returned and in the latter not.
DELETE /users/:id
Parameters:
- id (required) - The ID of the user