Management API
You can query and delete arbitrary users of your registered application using the Management API. The API is available
at the URL path /.q/api/management
.
Authorization
Requests are authorized by providing the application secret in the Authorization
header of the request. For example,
to retrieve the data of the user with the ID 63d3f1e2-e396-4f35-8411-b855375e6885
, you would perform the following
request using curl:
curl -H "Authorization: S2XHHOEpDUTOUW3kPPPV6NjT6zJ4RioN" https://demo-application.qloud.space/.q/api/management/users/63d3f1e2-e396-4f35-8411-b855375e6885
Endpoints
GET /users/{id}
Returns the data of the user with the given ID.
Success
Status: 200
{
"id": "92ee40a0-bb53-40b4-84d2-39d76b2cee2b",
"provider": "EMAIL",
"providerSubject": "ada.lovelace@example.com",
"name": "Ada Lovelace",
"email": "ada.lovelace@example.com",
"emailVerified": true,
"signedUpAt": "2022-09-08T09:41:57.067363Z"
}
provider
is one of the following values:EMAIL
,GOOGLE
,GITHUB
,FACEBOOK
.providerSubject
is the ID assigned to the user by the identity provider. If the user registered via e-mail, the provider subject is equal to theemail
property.email
is optional. For example, a user authenticated via GitHub might not have a public e-mail address.emailVerified
is false if the user has registered via e-mail, but has not clicked the confirmation link in the verification e-mail yet.
Possible Errors
User Does Not Exist
Status: 404
{
"title": "User 92ee40a0-bb53-40b4-84d2-39d76b2cee1b does not exist",
"type": "https://qloud.network/not-found",
"status": 404
}
DELETE /users/{id}
Deletes user with the given ID. All tokens of the user will be rejected after this call. The user will still be able to sign up again using the same authentication method (e.g. the same e-mail address). This new user will have a different ID.
Success
Status: 204
Empty response.
Possible Errors
Status: 404
{
"title": "User 92ee40a0-bb53-40b4-84d2-39d76b2cee1b does not exist",
"type": "https://qloud.network/not-found",
"status": 404
}