Users
Retrieves detailed information about a specific user by their email address.
Access control:
- Self-lookup: Users can always retrieve their own full profile
- Owner lookup: Owners can view other users but receive limited data (no sensitive auth metadata)
- Team-specific lookup: Optionally filter by team using the team slug parameter
Returns user profile including account details, team memberships, and appropriate metadata based on access level.
User email
Team slug (optional for self-lookups)
GET /sfp/api/users/{email} HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"id": "text",
"firstName": "text",
"lastName": "text",
"email": "text",
"role": "owner",
"teams": [
"text"
],
"authData": {}
}
Updates user profile information. Users can update: - Their own profile (self-update) - Other users' profiles if they have owner role
Updatable fields include:
- User metadata (first name, last name)
- Role assignments within teams
- Team associations
The endpoint validates permissions and ensures users cannot escalate their own privileges. Returns the updated user profile on success.
User email
Team slug (optional)
First name of the user
John
Last name of the user
Doe
Role of the user in the team
PUT /sfp/api/users/{email} HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 52
{
"firstName": "John",
"lastName": "Doe",
"role": "owner"
}
{
"success": true,
"user": {
"id": "text",
"firstName": "text",
"lastName": "text",
"email": "text",
"role": "owner",
"teams": [
"text"
],
"authData": {}
},
"error": "text"
}
Retrieves a paginated list of users. Can filter by: - Specific team (using team slug) - User role (owner, member, application) - No team filter returns users across all teams the requester has access to
Returns user details including email, role, team memberships, and timestamps. Pagination is supported via limit and offset parameters. Only users with owner role can list users.
Team identifier (slug) to filter users by
engineering
Number of records to return
10
Number of records to skip
0
Filter by role
GET /sfp/api/users HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"users": [
{
"id": "text",
"firstName": "text",
"lastName": "text",
"email": "text",
"role": "owner",
"teams": [
"text"
],
"authData": {}
}
],
"total": 1
}
Retrieves the complete profile of the currently authenticated user. Returns: - User identification (ID, email) - Account details and role - Team memberships - Authentication metadata (first name, last name) - JWT token information if available
This endpoint is useful for applications to understand the current user's permissions and profile after authentication.
GET /sfp/api/users/me HTTP/1.1
Host:
Authorization: Bearer JWT
Accept: */*
{
"id": "text",
"firstName": "text",
"lastName": "text",
"email": "text",
"role": "owner",
"teams": [
"text"
],
"authData": {}
}
Removes a user from a team or from all teams. This endpoint: - Removes the user's team membership(s) - Revokes access to team resources - Optionally removes from all teams if no team is specified - Does not delete the user account itself (user can still log in but won't have team access)
Only users with owner role can delete users. Users cannot delete themselves. If removing from all teams, the user effectively loses all access to the system.
Team identifier (slug) to remove the user from. If not provided, user will be removed from all teams.
engineering
DELETE /sfp/api/users HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"email": "[email protected]",
"team": "engineering"
}
{
"success": true,
"email": "text",
"team": "text",
"userId": "text",
"teamAccountId": "text",
"error": "text"
}
Creates a new user account and adds them to the specified team. This endpoint: - Creates the user in the authentication system - Assigns the specified role (owner, member, or application) - Associates the user with the team - Sends a welcome email with login instructions
Only users with owner role can create new users. The email must be unique across the system. If the user already exists in another team, they will be added to the specified team with the given role.
First name of the user
John
Last name of the user
Doe
Team identifier (slug) to add the user to
engineering
Role of the user in the team
member
Possible values: POST /sfp/api/users HTTP/1.1
Host:
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 105
{
"firstName": "John",
"lastName": "Doe",
"email": "[email protected]",
"team": "engineering",
"role": "member"
}
{
"success": true,
"userId": "text",
"teamAccountId": "text",
"firstName": "text",
"lastName": "text",
"email": "text",
"team": "text",
"role": "owner",
"isExistingUser": true,
"error": "text"
}
Last updated
Was this helpful?