User

User Management and Authentication

Create a new User.

To create new User(s) in the system. API supports bulk creation with max limit as defined in the UserReq. Please note that either whole batch succeeds or fails, there's no partial batch success. To create one user, please pass array with one user object.

Users can be created based on the roles. Users with types as SYSTEM and EMPLOYEE can create other users if their RBAC mapping provides them the permission. Users with CITIZEN type can only create themselves, while EMPLOYEE and SYSTEM type users can also create other EMPLOYEES and CITIZENS.

User registration will always be a two step process, where this API will create a non authenticated user (without password) and after verification (using OTP) other user details (including password) can be updated using update user API to complete the user registration process.

POST/users/v110/_create

Body

Details for the new user + RequestInfo meta data

Users*array of User (object)

Response

User(s) created sucessfully

Body

Usersarray of User (object)

Request

const response = await fetch('/users/v110/_create', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "id": 0,
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "pwdExpiryDate": 0,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2025-01-22",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}

Update user API

This API will update all user related details based on their type. Following rules apply -

Username cannot be updated once created
Password can only be updated by the user itself (CITIZEN or EMPLOYEE) using reissue OTP issued to them
User can self update mobile number/email by doing OTP verification with old phone/email
An employee can reset another user mobile number/email after OTP/other necessary validation (need specific privilege)

POST/users/v110/_update

Body

Request header for the user with new of values.

Users*array of User (object)

Response

Update user(s) successful

Body

Usersarray of User (object)

Request

const response = await fetch('/users/v110/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "id": 0,
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "pwdExpiryDate": 0,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2025-01-22",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}

The user can update his password after login

This API used for update the password after login

POST/users/v110/password/_update

Body

Request header for the user with new of values.

existingPassword*string

Existing password

newPassword*string

New password

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

Response

Updated password successful

Body

PasswordRes (object)

Request

const response = await fetch('/users/v110/password/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "existingPassword": "text",
      "newPassword": "text",
      "tenantId": "text"
    }),
});
const data = await response.json();

Response

{}

This API act as reset password or forgot password before login

This API used for reset the password when user forgot his password by getting otp Reference through registerd mobile number,

POST/users/v110/password/nologin/_update

Body

Request header for the user with new of values.

otpReference*string

otp reference number which sent to registered mobile

userName*string

Registered User name

newPassword*string

New password

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

Response

Updated password successful

Body

PasswordRes (object)

Request

const response = await fetch('/users/v110/password/nologin/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "otpReference": "text",
      "userName": "text",
      "newPassword": "text",
      "tenantId": "text"
    }),
});
const data = await response.json();

Response

{}

PreviousAPI Specifications NextAccess Control

Last updated 11 months ago

Create a new User.

POST/users/v110/_create

const response = await fetch('/users/v110/_create', { method: 'POST', headers: { "Content-Type": "application/json" }, body: JSON.stringify({ "Users": [ { "userName": "text", "name": "text", "gender": "text", "mobileNumber": "text", "active": false, "locale": "text", "type": "text", "tenantId": "text" } ] }), }); const data = await response.json();

{ "Users": [ { "tenantId": "text", "id": 0, "userName": "text", "authToken": "password", "salutation": "text", "name": "text", "gender": "text", "mobileNumber": "text", "emailId": "text", "aadhaarNumber": "text", "active": false, "pwdExpiryDate": 0, "locale": "text", "type": "text", "accountLocked": false, "roles": [], "userDetails": { "firstName": "text", "middleName": "text", "lastName": "text", "dob": "2025-01-22", "altContactNumber": "text", "fatherName": "text", "husbandName": "text", "bloodGroup": "text", "pan": "text", "permanentAddress": "text", "permanentCity": "text", "permanentPincode": "text", "correspondenceCity": "text", "correspondencePincode": "text", "correspondenceAddress": "text", "signature": "text", "identificationMark": "text", "photo": "text" } } ] }

Update user API

This API will update all user related details based on their type. Following rules apply -

Username cannot be updated once created
Password can only be updated by the user itself (CITIZEN or EMPLOYEE) using reissue OTP issued to them
User can self update mobile number/email by doing OTP verification with old phone/email
An employee can reset another user mobile number/email after OTP/other necessary validation (need specific privilege)

POST/users/v110/_update

const response = await fetch('/users/v110/_update', { method: 'POST', headers: { "Content-Type": "application/json" }, body: JSON.stringify({ "Users": [ { "userName": "text", "name": "text", "gender": "text", "mobileNumber": "text", "active": false, "locale": "text", "type": "text", "tenantId": "text" } ] }), }); const data = await response.json();