This page tries to be as up to date as possible. If you see something wrong here, feel free to update the page and help other people like you, that greatly depends on our APIs. If you don't feel comfortable doing this kind of changes, please contact us by creating an issue.
| URL | Requires Auth | HTTP Method | 
|---|---|---|
| /users/register | no | POST | 
| Argument | Example | Required | Description | 
|---|---|---|---|
| username | myusername | Required | Your username | 
| password | my$up3erP@ssw0rd | Required | Your password | 
| email | my@email.com | Required | Your email | 
token for any of the authenticated methods.curl http://localhost:3000/users/register \
     -d "username=myusername&password=mypassword&email=my@email.com"
curl -H "Content-type:application/json" \
      http://localhost:3000/users/register \
      -d '{ "username": "myusername", "password": "mypassword", "email": "my@email.com" }'
{
  "id": "user id",
  "token": "string",
  "tokenExpires": "ISO encoded date string"
}
{
  "id": "XQMZgynx9M79qTtQc",
  "token": "ExMp2s9ML1JNp_l11sIfINPT3wykZ1SsVwg-cnxKdc8",
  "tokenExpires": "2017-12-15T00:47:26.303Z"
}
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users | yes | POST | 
| Argument | Example | Required | Description | 
|---|---|---|---|
| username | myusername | Required | Your username | 
| password | my$up3erP@ssw0rd | Required | Your password | 
| email | my@email.com | Required | Your email | 
token for any of the authenticated methods.curl  -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
      -X POST \
      http://localhost:3000/api/users \
      -d "username=myusername&password=mypassword&email=my@email.com"
curl  -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
      -H "Content-type:application/json" \
      -X POST \
      http://localhost:3000/api/users \
      -d '{ "username": "myusername", "password": "mypassword", "email": "my@email.com" }'
1) Login
curl http://example.com/users/login \
     -d "username=YOUR-USERNAME-HERE&password=YOUR-PASSWORD-HERE"
As response you get your id and token:
"id":"YOUR-ID-HERE","token":"YOUR-TOKEN-HERE","tokenExpires":"2017-12-23T21:07:10.395Z"}
2) Create user. Works both when serf-register enabled and disabled.
curl  -H "Authorization: Bearer YOUR-TOKEN-HERE" \
      -H "Content-type:application/json" \
      -X POST \
      http://example.com/api/users \
      -d '{ "username": "tester", "password": "tester", "email": "tester@example.com", "fromAdmin": "true" }'
As reply you get new user's id.
{"id":"NEW-USER-ID-HERE"}
3) You can get user details with your new user's id:
curl -H "Authorization: Bearer YOUR-TOKEN-HERE" \
      http://example.com/api/users/NEW-USER-ID-HERE
Returns the id of the created user.
{
  "_id": "user id"
}
{
  "_id": "EnhMbvxh65Hr7YvtG"
}
IMPORTANT : Should not be used as long as this bug exists.
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users/:id | yes | DELETE | 
| Argument | Example | Required | Description | 
|---|---|---|---|
| id | BsNr28znDkG8aeo7W | Required | The id of the user to delete. | 
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
      -X DELETE \
      http://localhost:3000/api/users/EnhMbvxh65Hr7YvtG    
Returns the id of the deleted user.
{
  "_id": "EnhMbvxh65Hr7YvtG"
}
Retrieves information about a user.
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users/:id | yes | GET | 
token for any of the authenticated methods.curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
      http://localhost:3000/api/users/XQMZgynx9M79qTtQc
{
  "_id": "XQMZgynx9M79qTtQc",
  "createdAt": "2017-09-13T06:45:53.127Z",
  "services": {
    "password": {
      "bcrypt": "$2a$10$CRZrpT4x.VpG2FdJxR3rN.9m0NbQb0OPsSPBDAZukggxrskMtWA8."
    },
    "email": {
      "verificationTokens": [
        {
          "token": "8rzwpq_So2PVYHVSfrcc5f5QZnuV2wEtu7QRQGwOJx8",
          "address": "my@email.com",
          "when": "2017-09-13T06:45:53.157Z"
        }
      ]
    },
    "resume": {
      "loginTokens": [
        {
          "when": "2017-09-13T06:45:53.265Z",
          "hashedToken": "CY/PWeDa3fAkl+k94+GWzCtpB5nPcVxLzzzjXs4kI3A="
        },
        {
          "when": "2017-09-16T06:06:19.741Z",
          "hashedToken": "74MQNXfsgjkItx/gpgPb29Y0MSNAvBrsnSGQmr4YGvQ="
        }
      ]
    }
  },
  "username": "john",
  "emails": [
    {
      "address": "my@email.com",
      "verified": false
    }
  ],
  "isAdmin": true,
  "profile": {}
}
Retrieves the user list.
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users | yes | GET | 
token for any of the authenticated methods.curl -H "Authorization: Bearer cwUZ3ZsTaE6ni2R3ppSkYd-KrDvxsLcBIkSVfOCfIkA" \
      http://localhost:3000/api/users
[
  {
    "_id": "user id",
    "username": "string"
  }
]
[
  {
    "_id": "XQMZgynx9M79qTtQc",
    "username": "admin"
  },
  {
    "_id": "vy4WYj7k7NBhf3AFc",
    "username": "john"
  }
]
Retrieves information about a logged-in user with his auth token.
| URL | Requires Auth | HTTP Method | 
|---|---|---|
| /api/user | yes | GET | 
token for any of the authenticated methods.curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
      http://localhost:3000/api/user
{
  "_id": "vy4WYj7k7NBhf3AFc",
  "createdAt": "2017-09-16T05:51:30.339Z",
  "username": "john",
  "emails": [
    {
      "address": "me@mail.com",
      "verified": false
    }
  ],
  "profile": {}
}
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users/:id | yes | PUT | 
curl -H "Authorization: Bearer t7iYB86mXoLfP_XsMegxF41oKT7iiA9lDYiKVtXcctl" \
     -H "Content-type:application/json" \
     -X PUT \
     http://localhost:3000/api/users/ztKvBTzCqmyJ77on8 \
     -d '{ "action": "disableLogin" }'
| URL | Requires Admin Auth | HTTP Method | 
|---|---|---|
| /api/users/:id | yes | PUT | 
curl -H "Authorization: Bearer t7iYB86mXoLfP_XsMegxF41oKT7iiA9lDYiKVtXcctl" \
     -H "Content-type:application/json" \
     -X PUT \
     http://localhost:3000/api/users/ztKvBTzCqmyJ77on8 \
     -d '{ "action": "enableLogin" }'
If you believe that code is the best documentation, be our guest: models/cards.js