Users

Get user by email

get

Retrieves detailed information about a specific user by their email address.

    Access control:
    - Self-lookup: Users can always retrieve their own full profile
    - Owner lookup: Owners can view other users but receive limited data (no sensitive auth metadata)
    - Team-specific lookup: Optionally filter by team using the team slug parameter
    
    Returns user profile including account details, team memberships, and appropriate metadata based on access level.
Authorizations
Path parameters
emailstringRequired

User email

Query parameters
teamstringOptional

Team slug (optional for self-lookups)

Responses
200
User profile retrieved successfully
application/json
get
GET /sfp/api/users/{email} HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*
{
  "id": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "role": "owner",
  "teams": [
    "text"
  ],
  "authData": {}
}

Update user details

put

Updates user profile information. Users can update: - Their own profile (self-update) - Other users' profiles if they have owner role

    Updatable fields include:
    - User metadata (first name, last name)
    - Role assignments within teams
    - Team associations
    
    The endpoint validates permissions and ensures users cannot escalate their own privileges. Returns the updated user profile on success.
Authorizations
Path parameters
emailstringRequired

User email

Query parameters
teamstringOptional

Team slug (optional)

Body
firstNamestringOptional

First name of the user

Example: John
lastNamestringOptional

Last name of the user

Example: Doe
rolestring · enumOptional

Role of the user in the team

Possible values:
Responses
200
User updated successfully
application/json
put
PUT /sfp/api/users/{email} HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "firstName": "John",
  "lastName": "Doe",
  "role": "owner"
}
{
  "success": true,
  "user": {
    "id": "text",
    "firstName": "text",
    "lastName": "text",
    "email": "text",
    "role": "owner",
    "teams": [
      "text"
    ],
    "authData": {}
  },
  "error": "text"
}

List users in a team

get

Retrieves a paginated list of users. Can filter by: - Specific team (using team slug) - User role (owner, member, application) - No team filter returns users across all teams the requester has access to

    Returns user details including email, role, team memberships, and timestamps. Pagination is supported via limit and offset parameters. Only users with owner role can list users.
Authorizations
Query parameters
teamstringOptional

Team identifier (slug) to filter users by

Example: engineering
limitnumberOptional

Number of records to return

Example: 10
offsetnumberOptional

Number of records to skip

Example: 0
rolestring · enumOptional

Filter by role

Possible values:
Responses
200
List of users retrieved successfully
application/json
get
GET /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*
{
  "users": [
    {
      "id": "text",
      "firstName": "text",
      "lastName": "text",
      "email": "text",
      "role": "owner",
      "teams": [
        "text"
      ],
      "authData": {}
    }
  ],
  "total": 1
}

Get current user profile

get

Retrieves the complete profile of the currently authenticated user. Returns: - User identification (ID, email) - Account details and role - Team memberships - Authentication metadata (first name, last name) - JWT token information if available

    This endpoint is useful for applications to understand the current user's permissions and profile after authentication.
Authorizations
Responses
200
User profile retrieved successfully
application/json
get
GET /sfp/api/users/me HTTP/1.1
Host: 
Authorization: Bearer JWT
Accept: */*
{
  "id": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "role": "owner",
  "teams": [
    "text"
  ],
  "authData": {}
}

Delete a user from a team

delete

Removes a user from a team or from all teams. This endpoint: - Removes the user's team membership(s) - Revokes access to team resources - Optionally removes from all teams if no team is specified - Does not delete the user account itself (user can still log in but won't have team access)

    Only users with owner role can delete users. Users cannot delete themselves. If removing from all teams, the user effectively loses all access to the system.
Authorizations
Body
emailstringRequired

Email address of the user to remove

Example: [email protected]
teamstringOptional

Team identifier (slug) to remove the user from. If not provided, user will be removed from all teams.

Example: engineering
Responses
200
User deleted successfully
application/json
delete
DELETE /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "email": "[email protected]",
  "team": "engineering"
}
{
  "success": true,
  "email": "text",
  "team": "text",
  "userId": "text",
  "teamAccountId": "text",
  "error": "text"
}

Create a new user in a team

post

Creates a new user account and adds them to the specified team. This endpoint: - Creates the user in the authentication system - Assigns the specified role (owner, member, or application) - Associates the user with the team - Sends a welcome email with login instructions

    Only users with owner role can create new users. The email must be unique across the system. If the user already exists in another team, they will be added to the specified team with the given role.
Authorizations
Body
firstNamestringRequired

First name of the user

Example: John
lastNamestringRequired

Last name of the user

Example: Doe
emailstringRequired

Email address of the user

Example: [email protected]
teamstringRequired

Team identifier (slug) to add the user to

Example: engineering
rolestring · enumRequired

Role of the user in the team

Default: memberPossible values:
Responses
201
User created successfully
application/json
post
POST /sfp/api/users HTTP/1.1
Host: 
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 105

{
  "firstName": "John",
  "lastName": "Doe",
  "email": "[email protected]",
  "team": "engineering",
  "role": "member"
}
{
  "success": true,
  "userId": "text",
  "teamAccountId": "text",
  "firstName": "text",
  "lastName": "text",
  "email": "text",
  "team": "text",
  "role": "owner",
  "isExistingUser": true,
  "error": "text"
}

Last updated

Was this helpful?