Skip to main content

Users

TrackVision Users are the individual accounts that let you authenticate into app and API. Each user can belong to a role with associated access policies and permissions.

The users Object

User collection stores individual account information for system authentication and authorization.

Field NameTypeDescription
iduuidPrimary key. Unique identifier for the user (UUID format).
first_namestringFirst name of the user.
last_namestringLast name of the user.
emailstringEmail address of the user. Must be unique across all users.
passwordstringHashed password of the user for authentication.
locationstringOptional location information for the user.
titlestringJob title or role description for the user.
descriptionstringOptional detailed description of the user.
tagsobjectArray of tags associated with the user for categorization.
avataruuidForeign key to files collection for user avatar image.
languagestringLanguage code for TrackVision UI (e.g., en-US, es-ES).
appearancestringUI appearance preference: auto, light, or dark.
theme_lightstringTheme identifier to use in light mode.
theme_darkstringTheme identifier to use in dark mode.
theme_light_overridesobjectCustom theme overrides for light mode.
theme_dark_overridesobjectCustom theme overrides for dark mode.
tfa_secretstringTwo-factor authentication secret key when TFA is enabled.
statusstringUser status: draft, invited, active, suspended, or archived.
roleobjectForeign key to roles collection defining user permissions.
tokenstringStatic access token for API authentication.
policiesarray of objectsDirect policy assignments through junction table.
last_accessdatetimeTimestamp of user's last API or system access.
last_pagestringLast page accessed in the TrackVision application.
providerstringAuthentication provider used (local, oauth, etc.).
external_identifierstringUser ID from external authentication provider.
auth_dataobjectAdditional authentication data from external providers.
email_notificationsbooleanWhether user receives email notifications (default: true).

List Users

List all users that exist in TrackVision.

Request

GET /users

SEARCH /users

If using SEARCH you can provide a query object as the body of your request.

Learn more about SEARCH ->

Query Parameters

Supports all global query parameters.

Response

An array of up to limit user objects. If no items are available, data will be an empty array.

Example

GET /users

SEARCH /users

Retrieve a User

List an existing user by primary key.

Request

GET /users/:id

Query Parameters

Supports all global query parameters.

Response

Returns the requested user object.

Example

GET /users/72a1ce24-4748-47de-a05f-ce9af3033727

Retrieve the Current User

Retrieve the currently authenticated user.

Request

GET /users/me

Query Parameters

Supports all global query parameters.

Response

Returns the user object for the currently authenticated user.

Example

GET /users/me

Update the Current User

Update the authenticated user.

Request

PATCH /users/me

Provide a partial user object as the body of your request.

Query Parameters

Supports all global query parameters.

Response

Returns the updated user object for the authenticated user.

Example

PATCH /users/me

{
	"email": "new.email@example.com"
}

Create a User

Create a new user

Request

POST /users

Provide a user object as the body of your request.

Query Parameters

Supports all global query parameters.

Request Body

A partial user object.

email and password are required to authenticate with the default authentication provider.

Response

Returns the user object for the created user.

Example

POST /users

{
	"email": "another@example.com",
	"password": "tr4ckvision",
	"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
}

Create Multiple Users

Create multiple new users

Request

POST /users

Provide an array of user objects as the body of your request.

Query Parameters

Supports all global query parameters.

Request Body

An array of partial user objects.

email and password are required.

Response

Returns the user objects for the created users.

Example

POST /users

[
	{
		"email": "admin@example.com",
		"password": "p455w0rd",
		"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
	},
	{
		"email": "another@example.com",
		"password": "tr4ckvision",
		"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
	}
]

Update a User

Update an existing user.

Request

PATCH /users/:id

Provide a partial user object as the body of your request.

Query Parameters

Supports all global query parameters.

Request Body

A partial user object.

Response

Returns the user object for the updated user.

Example

PATCH /users/72a1ce24-4748-47de-a05f-ce9af3033727

{
	"title": "CTO"
}

Update Multiple Users

Update multiple existing users.

Request

PATCH /users

{
	"keys": user_id_array,
	"data": partial_user_object
}

Query Parameters

Supports all global query parameters.

Request Body

keys Required
Array of primary keys of the users you'd like to update.

data Required
Any of the user object's properties.

Response

Returns the user objects for the updated users.

Example

PATCH /users

{
	"keys": ["72a1ce24-4748-47de-a05f-ce9af3033727", "9c3d75a8-7a5f-41a4-be0a-1488fd974511"],
	"data": {
		"title": "CTO"
	}
}

Delete a User

Delete an existing user.

Request

DELETE /users/:id

Response

Empty body.

Example

DELETE /users/72a1ce24-4748-47de-a05f-ce9af3033727

Delete Multiple Users

Delete multiple existing users.

Request

DELETE /users

Provide an array of user IDs as the body of your request.

Request Body

An array of user primary keys

Response

Empty body.

Example

DELETE /users

["653925a9-970e-487a-bfc0-ab6c96affcdc", "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"]

Register a new User

Register a new user.

Request

POST /users/register

{
	"email": user_email,
	"password": user_password
}

Request Body

email Required
Email for the new user.

password Required
Password for the new user.

first_name
First name for the new user.

last_name
Last name for the new user.

verification_url
Provide a custom verification url which the link in the email will lead to. The verification token will be passed as a parameter.
Note: You need to configure the

USER_REGISTER_URL_ALLOW_LIST environment variable to enable this feature.

Response

Empty body.

Example

POST /users/register

{
	"email": "another@example.com",
	"password": "d1r3ctus"
}

Verify Registered Email

Verify the registered email address. The register user endpoint sends the email a link for verification.

This link includes a token, which is then used to activate the registered user.

Request

GET /users/register/verify-email?token=token

Query Parameters

token Required
Emailed registration token.

Response

Empty body.

Example

GET /users/register/verify-email?token=eyJh...KmUk

Invite a new User

Invite a new user by email.

Request

POST /users/invite

{
	"email": invited_user_email,
	"role": invited_user_role
}

Request Body

email Required
User email to invite.

role Required
Role of the new user.

invite_url
Provide a custom invite url which the link in the email will lead to. The invite token will be passed as a parameter.
Note: You need to configure the USER_INVITE_URL_ALLOW_LIST environment variable to enable this feature.

Response

Empty body.

Example

POST /users/invite

{
	"email": "another@example.com",
	"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
}

Accept User Invite

Accept your invite. The invite user endpoint sends the email a link to the TrackVision UI.

This link includes a token, which is then used to activate the invited user.

Request

POST /users/invite/accept

{
	"token": invite_token,
	"password": user_password
}

Request Body

token Required
Accept invite token.

password Required
Password for the user.

Response

Empty body.

Example

POST /users/invite/accept

{
	"token": "eyJh...KmUk",
	"password": "tr4ckvision"
}

Generate Two-Factor Authentication Secret

Generates a secret and returns the URL to be used in an authenticator app.

Request

POST /users/me/tfa/generate

{
	"password": user_password
}

Request Body

password Required
The user's password.

Response

secret string
OTP secret to be saved in the authenticator app.

otpauth_url string
otpauth:// formatted URL. Can be rendered as QR code and used in most authenticator apps.

Example

POST /users/me/tfa/generate

{
	"password": "tr4ckvision"
}

Enable Two-Factor Authentication

Adds a TFA secret to the user account.

Request

POST /users/me/tfa/enable

{
	"otp": one_time_password,
	"secret": two_factor_authorization_secret
}

Request Body

secret Required
The TFA secret from tfa/generate.

otp Required
OTP generated with the secret, to recheck if the user has a correct TFA setup

Response

Empty response.

Example

POST /users/me/tfa/enable

{
	"otp": "123456",
	"secret": "3CtiutsNBmY3szHE"
}

Disable Two-Factor Authentication

Disables two-factor authentication by removing the OTP secret from the user.

Request

POST /users/me/tfa/disable

{
	"otp": one_time_password
}

Request Body

otp Required
One-time password generated by the authenticator app.

Response

Empty response.

Example

POST /users/me/tfa/disable

{
	"otp": "859014"
}