API ReferenceManagement

User Management API Overview

Overview

The User Management APIs let you programmatically create, update, search, and delete users using a management key.

Management keys are generated from Company > Management Keys. Include the key in the Authorization header as a bearer token in the format <Project ID>:<Management Key>.

Endpoints

These are the available User Management API endpoints:

  1. Load User
  2. Get User Provider Token
  3. Search Users
  4. Get User's Login History
  5. Create User
  6. Batch Create Users
  7. Update User
  8. Update User Status
  9. Update User Email
  10. Update User Login ID
  11. Update User Phone
  12. Update User Display Name
  13. Update User Picture
  14. Update User Custom Attributes
  15. Update JWT
  16. Expire User Password
  17. Set Active Password for User
  18. Set Temporary Password for User
  19. Update User Add Tenant
  20. Update User Remove Tenant
  21. Update User Add Role
  22. Set User's Roles
  23. Update User Remove Role
  24. Add Application to User
  25. Set Applications for User
  26. Remove Application from User
  27. Log User Out of All Sessions
  28. Delete User's Passkeys
  29. Delete User
  30. Batch Delete Users

Examples

Loading a user

Use the Load User API endpoint to retrieve user information.

Important

Do not call Load User in a frequently invoked function such as authentication middleware. Instead, use custom claims to include the data you need directly in the session token.

Creating a user

  1. Call the Create User API endpoint with the desired user configuration.
  2. The user can then log in using any supported sign-in method, which changes their status from invited to active.

Updating a user

Important

Update User performs a full overwrite — any field not included in the request body will be removed from the user. For example, if a user has both an email and a phone number but the update only includes email, the phone number will be cleared. To modify individual fields without affecting other settings, use one of the specific update endpoints listed above (Update User Email, Update User Phone, etc.).

When a user's details change (for example, a role is added), their JWT is automatically refreshed within their current session.

Was this helpful?

On this page