Users

Last updated 1 month ago

List users in a team

get

Retrieves a paginated list of users. Can filter by: - Specific team (using team slug) - User role (owner, member, application) - No team filter returns users across all teams the requester has access to

    Returns user details including email, role, team memberships, and timestamps. Pagination is supported via limit and offset parameters. Only users with owner role can list users.

Authorizations

Query parameters

teamstringOptional

Team identifier (slug) to filter users by

Example: engineering

limitnumberOptional

Number of records to return

Example: 10

offsetnumberOptional

Number of records to skip

Example: 0

rolestring · enumOptional

Filter by role

Possible values:

Responses

200

List of users retrieved successfully

application/json

400

Bad request

401

Unauthorized

get

GET /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*

{
  "users": [
    {
      "id": "text",
      "firstName": "text",
      "lastName": "text",
      "email": "text",
      "role": "owner",
      "teams": [
        "text"
      ],
      "authData": {}
    }
  ],
  "total": 1
}

Get current user profile

get

Retrieves the complete profile of the currently authenticated user. Returns: - User identification (ID, email) - Account details and role - Team memberships - Authentication metadata (first name, last name) - JWT token information if available

    This endpoint is useful for applications to understand the current user's permissions and profile after authentication.

Authorizations

Responses

200

User profile retrieved successfully

application/json

401

Unauthorized

get

GET /sfp/api/users/me HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*

{
  "id": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "role": "owner",
  "teams": [
    "text"
  ],
  "authData": {}
}

Get user by email

get

Retrieves detailed information about a specific user by their email address.

    Access control:
    - Self-lookup: Users can always retrieve their own full profile
    - Owner lookup: Owners can view other users but receive limited data (no sensitive auth metadata)
    - Team-specific lookup: Optionally filter by team using the team slug parameter
    
    Returns user profile including account details, team memberships, and appropriate metadata based on access level.

Authorizations

Path parameters

emailstringRequired

User email

Query parameters

teamstringOptional

Team slug (optional for self-lookups)

Responses

200

User profile retrieved successfully

application/json

400

Bad request

401

Unauthorized

404

User not found

get

GET /sfp/api/users/{email} HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*

{
  "id": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "role": "owner",
  "teams": [
    "text"
  ],
  "authData": {}
}

Update user details

put

Updates user profile information. Users can update: - Their own profile (self-update) - Other users' profiles if they have owner role

    Updatable fields include:
    - User metadata (first name, last name)
    - Role assignments within teams
    - Team associations
    
    The endpoint validates permissions and ensures users cannot escalate their own privileges. Returns the updated user profile on success.

Authorizations

Path parameters

emailstringRequired

User email

Query parameters

teamstringOptional

Team slug (optional)

Body

firstNamestringOptional

First name of the user

Example: John

lastNamestringOptional

Last name of the user

Example: Doe

rolestring · enumOptional

Role of the user in the team

Possible values:

Responses

200

User updated successfully

application/json

400

Bad request

401

Unauthorized

404

User not found

put

PUT /sfp/api/users/{email} HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "firstName": "John",
  "lastName": "Doe",
  "role": "owner"
}

{
  "success": true,
  "user": {
    "id": "text",
    "firstName": "text",
    "lastName": "text",
    "email": "text",
    "role": "owner",
    "teams": [
      "text"
    ],
    "authData": {}
  },
  "error": "text"
}

Delete a user from a team

delete

Removes a user from a team or from all teams. This endpoint: - Removes the user's team membership(s) - Revokes access to team resources - Optionally removes from all teams if no team is specified - Does not delete the user account itself (user can still log in but won't have team access)

    Only users with owner role can delete users. Users cannot delete themselves. If removing from all teams, the user effectively loses all access to the system.

Authorizations

Body

emailstringRequired

Email address of the user to remove

Example: john.doe@example.com

teamstringOptional

Team identifier (slug) to remove the user from. If not provided, user will be removed from all teams.

Example: engineering

Responses

200

User deleted successfully

application/json

400

Bad request

application/json

401

Unauthorized

application/json

delete

DELETE /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "email": "john.doe@example.com",
  "team": "engineering"
}

{
  "success": true,
  "email": "text",
  "team": "text",
  "userId": "text",
  "teamAccountId": "text",
  "error": "text"
}

Create a new user in a team

post

Creates a new user account and adds them to the specified team. This endpoint: - Creates the user in the authentication system - Assigns the specified role (owner, member, or application) - Associates the user with the team - Sends a welcome email with login instructions

    Only users with owner role can create new users. The email must be unique across the system. If the user already exists in another team, they will be added to the specified team with the given role.

Authorizations

Body

firstNamestringRequired

First name of the user

Example: John

lastNamestringRequired

Last name of the user

Example: Doe

emailstringRequired

Email address of the user

Example: john.doe@example.com

teamstringRequired

Team identifier (slug) to add the user to

Example: engineering

rolestring · enumRequired

Role of the user in the team

Default: memberPossible values:

Responses

201

User created successfully

application/json

400

Bad request

application/json

401

Unauthorized

application/json

post

POST /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 105

{
  "firstName": "John",
  "lastName": "Doe",
  "email": "john.doe@example.com",
  "team": "engineering",
  "role": "member"
}

{
  "success": true,
  "userId": "text",
  "teamAccountId": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "team": "text",
  "role": "owner",
  "isExistingUser": true,
  "error": "text"
}