Delegated / General Use APIs
Usually accessible by authorization_code grant. Users typically have permissions to access all these APIs at the time of account creation. All API calls are made on behalf of the user associated with the token.
Create User
Creates a user.
Authentication
No Authentication
Scope
NA
Special Instructions
After account creation, a code is sent to the user's email which should be exchanged again in POST /user/verify-email to activate the account. APIs are accessible only after account activation. If user.account-creation.require-email-verification is false, accounts are automatically marked as email verified while being created.
URL
POST /user/create
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| username | string | Username for the user. Contains text, numbers and _ and at least 8 letters | Required |
| firstName | string | First name of the user. | Required |
| lastName | string | Last name of the user. | Required |
| string | Email address of the user. | Required | |
| password | string | Password for the user. | Required |
| phoneCountryCode | string | Valid country code. | Optional |
| phone | string | Phone number of the user. | Optional |
Request Sample (JSON)
{
"username": "john_doe",
"firstName": "John",
"lastName": "Doe",
"phoneCountryCode": "+00",
"phone": "0000000000",
"email": "user@example.com",
"password": "$uper&ecurePassw0rd"
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| ok | integer | 0 or 1 |
Response Sample
{
"ok": 1
}
Verify Email
Marks the user's account associated with the auto generated code as a verified.
Login
Creates a cookie session and returns user details. To be called before calling /oauth/token.
Authentication
No Authentication
Scope
NA
URL
POST /user/login
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| username | string | Username for the user. Contains text, numbers and _ and at least 8 letters | Required |
| string | Email address of the user. | Required | |
| password | string | Password for the user. | Required |
| userAgent | string | User Agent of the browser. | Required |
Request Sample (JSON)
{
"username": "john_doe",
"email": "user@example.com",
"password": "$uper&ecurePassw0rd",
"userAgent": "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1"
}
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| userInfo | object | The user details |
| 2faEnabled | object | Specifies if 2FA is enabled for the user |
| sessionHash | object | Unqiue ID for the session to be sent in /do-2fa |
Response Sample - Without 2FA
{
"ok": 1,
"data": {
"2faEnabled": false,
"user": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "John",
"middleName": null,
"lastName": "Doe",
"gender": "male",
"username": "john_doe",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://profile.picture/url",
"pronouns": "he/him",
"verified": true,
"varifiedDate": "2023-09-12T15:50:58.690Z",
"customLink": "https://custom.link",
"followingCount": 0,
"followerCount": 0,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "string",
"subscriptionExpiry": "2023-09-12T15:50:58.691Z",
"isBanned": true,
"isRestricted": true,
"email": "john_doe@example.com",
"phone": "string",
"customData": {}
}
}
}
Response Sample - With 2FA
{
"ok": 1,
"data": {
"2faEnabled": true,
"sessionHash": "0f4e1ea6-9f2f-4239-96ec-64cbfc7e4815",
"user": {
"_id": "507f1f77bcf86cd799439011",
"username": "john_doe",
"email": "john_doe@example.com"
}
}
}
Do 2FA
Complete Two-Factor authentication for a user after /login.
/login.Authentication
No Authentication
URL
POST /user/do-2fa
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | ID of the user for whom 2FA has to be completed. | Required |
| code | string | 2FA code. | Required |
| sessionHash | string | Unique code for the login from /login API. | Required |
Request Sample (JSON)
[
{
"target": "507f1f77bcf86cd799439011",
"code": 22625
}
]
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1,
"data": {
"user": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "John",
"middleName": null,
"lastName": "Doe",
"gender": "male",
"username": "john_doe",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://profile.picture/url",
"pronouns": "he/him",
"verified": true,
"varifiedDate": "2023-09-12T15:50:58.690Z",
"customLink": "https://custom.link",
"followingCount": 0,
"followerCount": 0,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "string",
"subscriptionExpiry": "2023-09-12T15:50:58.691Z",
"isBanned": true,
"isRestricted": true,
"email": "john_doe@example.com",
"phone": "string",
"customData": {}
}
}
}
Enable 2FA
Enable Two-Factor authentication for the user.
Logout
Logs out the current user.
Logout All
Logs out all sessions and invalidates all access and refresh tokens of the current user.
Generate Password Reset Code
Generate code to initiate a password reset.
Authentication
No Authentication
Scope
NA
Special Instructions
A code is sent to the email sent in the request which should be exchanged to reset password.
URL
GET /user/code
Query Parameters
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| string | Email of the user | Required |
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Reset Password
Change the password of the user who initiated password reset in GET /user/code.
Authentication
Requires code from email
Scope
NA
URL
POST /user/reset-password
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| code | string | Code received in email | Required |
| password | string | New password | Required |
Request Sample (JSON)
[
{
"code": "xxx-yyy-zzz-111-222-333",
"password": "new_Passw0rd"
}
]
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Switch to Private Account
Mark a user's account as private or public.
Authentication
Requires delegated authentication
Scope
delegated:profile:write
URL
POST /user/private
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| state | boolean | Private status. | Required |
Request Sample (JSON)
[
{
"state": true
}
]
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Get Current User Details
Get information about the current user.
Authentication
Requires delegated authentication.
Scope
delegated:profile:read
URL
GET /user/me
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| user | object | User information object. |
Response Sample
{
"ok": 1,
"data": {
"user": [
{
"_id": "507f1f77bcf86cd799439011",
"firstName": "John",
"middleName": null,
"lastName": "Doe",
"gender": "male",
"username": "john_doe",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "john.doe@example.com",
"phone": "0000000000",
"customData": {}
}
]
}
}
Update User Info
Updates the user's profile details.
Authentication
Requires delegated authentication.
Scope
admin:profile:write
Before You Start
Adjust the editable fields for the system using option user.profile.editable-fields.
URL
PATCH /user/me
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | _id of the user. | Optional |
| username | string | Username for the user. Contains text, numbers and _ and at least 8 letters | Optional |
| firstName | string | First name of the user. | Optional |
| lastName | string | Last name of the user. | Optional |
| string | Email address of the user. | Optional | |
| password | string | Password for the user. | Optional |
| role | string | Role of the user. | Optional |
| phoneCountryCode | string | Valid country code. | Optional |
| phone | string | Phone number of the user. | Optional |
Request Sample (JSON)
{
"username": "john_doe",
"firstName": "John",
"lastName": "Doe",
"role": "user",
"phoneCountryCode": "+00",
"phone": "0000000000",
"email": "user@example.com",
"password": "$uper&ecurePassw0rd"
}
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| ok | integer | 0 or 1 |
Response Sample
{
"ok": 1
}
Get User Details by ID
Get information about a user.
Authentication
Requires delegated authentication.
Scope
delegated:profile:read
URL
GET /user/:userId
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| user | object | User information object. |
Response Sample
{
"ok": 1,
"data": {
"user": [
{
"_id": "507f1f77bcf86cd799439011",
"firstName": "John",
"middleName": null,
"lastName": "Doe",
"gender": "male",
"username": "john_doe",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "john.doe@example.com",
"phone": "0000000000",
"customData": {}
}
]
}
}
Get Invite Codes
Retrieves invite codes for a user.
Authentication
Requires a delegated authentication
Scope
delegated:social:invite-code:read
URL
GET /user/invite-codes
Before You Start
Read more about the Invite-Only system here.
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| inviteCodes | array | Array of invite codes. Absence of targetId parameter in objects means the invite code is not used. |
Response Sample
{
"ok": 1,
"data": {
"inviteCodes": [
{
"code": "GU-2526-1687389089010",
"createdAt": "2023-06-21T16:31:29.012Z",
"updatedAt": "2023-09-06T15:07:42.794Z",
"targetId": "64f895bec011931326757de6"
},
{
"code": "IE-2949-1687895089010",
"createdAt": "2023-06-21T16:31:29.012Z",
"updatedAt": "2023-06-21T16:31:29.012Z"
},
{
"code": "RN-9486-1687365089009",
"createdAt": "2023-06-21T16:31:29.012Z",
"updatedAt": "2023-06-22T16:48:48.622Z"
},
{
"code": "AX-4751-1687286989010",
"createdAt": "2023-06-21T16:31:29.012Z",
"updatedAt": "2023-06-21T16:31:29.012Z"
},
{
"code": "PJ-5631-1689673089010",
"createdAt": "2023-06-21T16:31:29.012Z",
"updatedAt": "2023-06-21T16:31:29.012Z"
}
]
}
}
Search Users
Returns a list of users for a search query
Authentication
Requires delegated authentication.
Scope
delegated:profile:search
URL
POST /user/search
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| query | string | Search query. | Required |
Request Sample (JSON)
{
"query": "rick"
}
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| results | array | Array of users. |
Response Sample
{
"ok": 1,
"data": {
"results": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"source": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
Block
Block a user
Authentication
Requires delegated authentication
Scope
delegated:social:block:write
URL
POST /user/block
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | ID of the user to be blocked. | Required |
Request Sample (JSON)
{
"target": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Unblock
Unblock a user
Authentication
Requires delegated authentication
Scope
delegated:social:block:write
URL
POST /user/unblock
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | ID of the user to be blocked. | Required |
Request Sample (JSON)
{
"target": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Follow
Follow a user
Authentication
Requires delegated authentication
Scope
delegated:social:follow:write
URL
POST /user/follow
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | ID of the user to be followed. | Required |
Request Sample (JSON)
{
"target": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Unfollow
Unfollow a user
Authentication
Requires delegated authentication
Scope
delegated:social:follow:write
URL
POST /user/unfollow
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| target | string | ID of the user to be unfollowed. | Required |
Request Sample (JSON)
{
"target": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
My Followers
Get followers of the current user.
Authentication
Requires delegated authentication.
Scope
delegated:social:follow:read
URL
GET /user/followers
Query Parameters
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| limit | integer | Records per page. | Optional |
| offset | integer | _id field of last record in the previous page. | Optional |
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| records | array | Array of follower records. |
Response Sample
{
"ok": 1,
"data": {
"records": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"source": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
My Follow Requests
Get the list of users that have requested to follow the current user.
Authentication
Requires delegated authentication.
Scope
delegated:social:follow:read
URL
GET /user/follow-requests
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| records | array | Array of follow request records. |
Response Sample
{
"ok": 1,
"data": {
"records": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"source": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
Accept Follow Request
Accept a follow request by ID.
Authentication
Requires delegated authentication
Scope
delegated:social:follow:write
URL
PATCH /user/follow-request
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| request | string | ID of the follow entry. | Required |
Request Sample (JSON)
{
"request": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
My Following
Get the list of users that the current user is following.
Authentication
Requires delegated authentication.
Scope
delegated:social:follow:read
URL
GET /user/following
Query Parameters
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| limit | integer | Records per page. | Optional |
| offset | integer | _id field of last record in the previous page. | Optional |
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| records | array | Array of users. |
Response Sample
{
"ok": 1,
"data": {
"records": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"target": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
User Followers
Get followers of a user.
Authentication
Requires delegated authentication.
Scope
delegated:social:follow:read
URL
GET /user/:userId/followers
Query Parameters
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| limit | integer | Records per page. | Optional |
| offset | integer | _id field of last record in the previous page. | Optional |
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| records | array | Array of follower records. |
Response Sample
{
"ok": 1,
"data": {
"records": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"source": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
User Following
Get the list of users that a user is following.
Authentication
Requires delegated authentication.
Scope
delegated:social:follow:read
URL
GET /user/:userId/following
Query Parameters
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| limit | integer | Records per page. | Optional |
| offset | integer | _id field of last record in the previous page. | Optional |
Response Data Parameters
| Parameter | Type | Description |
|---|---|---|
| records | array | Array of users. |
Response Sample
{
"ok": 1,
"data": {
"records": [
{
"_id": "507f191e810c19729de860ea",
"approved": true,
"target": {
"_id": "507f1f77bcf86cd799439011",
"firstName": "Rick",
"middleName": null,
"lastName": "Asthley",
"gender": "male",
"username": "rick_asthley",
"role": "user",
"bio": "Grab a straw, because you suck.",
"designation": "Software Engineer",
"profilePictureUrl": "https://image.com/url",
"pronouns": "he/him",
"verified": true,
"verifiedDate": "2023-09-09T13:45:52.505Z",
"customLink": "https://custom.link",
"followingCount": 250,
"followerCount": 1058,
"isPrivate": true,
"isSubscribed": true,
"subscriptionTier": "basic",
"subscriptionExpiry": "2023-09-09T13:45:52.505Z",
"isBanned": false,
"isRestricted": false,
"email": "rick_asthley@example.com",
"phone": "0000000000",
"customData": {}
}
}
]
}
}
Delete Follower/Following
Delete a follow entry by ID.
Authentication
Requires delegated authentication
Scope
delegated:social:follow:write
URL
DELETE /user/follow-entry
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| entry | string | ID of the follow entry. | Required |
Request Sample (JSON)
{
"entry": "507f1f77bcf86cd799439011"
}
Response Parameters
| Parameter | Type |
|---|---|
| ok | boolean |
Response Sample
{
"ok": 1
}
Set Profile Picture
Sets profile picture of a user.
Authentication
Requires delegated authentication
Scope
delegated:profile:write
Before You Start
Read more about Profile Pictures here.
URL
PATCH /user/profile-picture
Request Body
| Parameter | Type | Description | Required / Optional |
|---|---|---|---|
| profilePicture | file | A PNG file. | Required |
Request Sample (JSON)
{
"profile-picture": /<binary>/
}
Response Data Parameters
| Parameter | Type |
|---|---|
| signedUrl | string |
Response Sample
{
"ok": 1,
"data": {
"signedUrl": "https://profile-picture.url"
}
}
Remove Profile Picture
Deletes profile picture of a user.
List Roles
Retrieves a list of roles available in the system.
Authentication
Requires delegated authentication.
Scope
delegated:roles:read
URL
GET /roles/list
Response Parameters
| Parameter | Type | Description |
|---|---|---|
| roles | array | Array of role objects. |
Response Sample
{
"roles": [
{
"id": "role1",
"displayName": "Role 1",
"ranking": 1,
"description": "This is a description"
"system": true
},
{
"id": "role2",
"displayName": "Role 2",
"ranking": 2,
"description": "This is another description"
"system": true
}
]
}
Error Responses
| Error Code | Description |
|---|---|
| InternalError | An internal server error occurred. |
Error Response Sample
InternalError
{
"error": "Internal server error"
}