Users

A User represents a person who can login to Rebilly, and take actions subject to their granted permissions.

Retrieve a list of users

Retrieve a list of users.

Request
Security:
query Parameters
limit
integer [ 0 .. 1000 ]

The collection items limit.

offset
integer >= 0

The collection items offset.

sort
Array of strings

The collection items sort field and order (prefix with "-" for descending sort).

filter
string

The collection items filter requires a special format. Use "," for multiple allowed values. Use ";" for multiple fields. See the filter guide for more options and examples about this format.

q
string

The partial search of the text fields.

header Parameters
Organization-Id
string (ResourceId) <= 50 characters
Deprecated

Organization identifier in scope of which need to perform request (if not specified, the default organization will be used).

It is deprecated. Use servers with /organizations/{organizationId} base path instead.

Example: 4f6cf35x-2c4y-483z-a0a9-158621f77a21
Responses
200

A list of users was retrieved successfully.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

get/users
Request samples
$users = $client->users()->search([
    'filter' => 'firstName:John',
]);
Response samples
application/json
[
  • {
    }
]

Create an user

Create an user.

Request
Security:
header Parameters
Organization-Id
string (ResourceId) <= 50 characters
Deprecated

Organization identifier in scope of which need to perform request (if not specified, the default organization will be used).

It is deprecated. Use servers with /organizations/{organizationId} base path instead.

Example: 4f6cf35x-2c4y-483z-a0a9-158621f77a21
Request Body schema: application/json

User resource.

email
required
string <email> <= 100 characters

The user email.

firstName
required
string

User's first name.

lastName
required
string

User's last name.

businessPhone
string

The user business phone number.

mobilePhone
string

The user mobile phone number.

password
string <password>

User's password. If not provided, password reset email will be sent.

permissions
Array of strings <operationId>

The user's permissions. See the format in example. Use wildcard * for full access.

totpRequired
boolean

The user setting of two-factor authentification.

totpSecret
string

The user TOTP key for authentification app (if TOTP enabled).

totpUrl
string <url>

The user link to QR-code for TOTP authentification app (if TOTP enabled).

country
string

The user country setting - two letter code.

preferences
object

User preferences like timezone, language and many more. This is an object with custom properties.

roleIds
Array of strings

The user's roles identifiers.

allowedIps
Array of strings or null <ip> (AllowedIps)

The list of allowed IP addresses. Private subnets are not allowed. Set to null to remove restrictions.

Responses
201

User was created.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

422

Invalid data was sent.

post/users
Request samples
application/json
{
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ]
}
Response samples
application/json
{
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "computedPermissions": [
    ],
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "loginTime": "2019-08-24T14:15:22Z",
  • "reportingCurrency": "string",
  • "availableCurrencies": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "status": "active",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ],
  • "_links": [
    ]
}

Retrieve user

Retrieve user with specified identifier string.

Request
Security:
path Parameters
id
required
string <= 50 characters ^[@~\-\.\w]+$

The resource identifier string.

header Parameters
Organization-Id
string (ResourceId) <= 50 characters
Deprecated

Organization identifier in scope of which need to perform request (if not specified, the default organization will be used).

It is deprecated. Use servers with /organizations/{organizationId} base path instead.

Example: 4f6cf35x-2c4y-483z-a0a9-158621f77a21
Responses
200

User was retrieved successfully.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

404

Resource was not found.

get/users/{id}
Request samples
$user = $client->users()->load('userId');
Response samples
application/json
{
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "computedPermissions": [
    ],
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "loginTime": "2019-08-24T14:15:22Z",
  • "reportingCurrency": "string",
  • "availableCurrencies": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "status": "active",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ],
  • "_links": [
    ]
}

Create or update user with predefined ID

Create or update user with predefined identifier string.

Request
Security:
path Parameters
id
required
string <= 50 characters ^[@~\-\.\w]+$

The resource identifier string.

header Parameters
Organization-Id
string (ResourceId) <= 50 characters
Deprecated

Organization identifier in scope of which need to perform request (if not specified, the default organization will be used).

It is deprecated. Use servers with /organizations/{organizationId} base path instead.

Example: 4f6cf35x-2c4y-483z-a0a9-158621f77a21
Request Body schema: application/json

User resource.

email
required
string <email> <= 100 characters

The user email.

firstName
required
string

User's first name.

lastName
required
string

User's last name.

businessPhone
string

The user business phone number.

mobilePhone
string

The user mobile phone number.

password
string <password>

User's password. If not provided, password reset email will be sent.

permissions
Array of strings <operationId>

The user's permissions. See the format in example. Use wildcard * for full access.

totpRequired
boolean

The user setting of two-factor authentification.

totpSecret
string

The user TOTP key for authentification app (if TOTP enabled).

totpUrl
string <url>

The user link to QR-code for TOTP authentification app (if TOTP enabled).

country
string

The user country setting - two letter code.

preferences
object

User preferences like timezone, language and many more. This is an object with custom properties.

roleIds
Array of strings

The user's roles identifiers.

allowedIps
Array of strings or null <ip> (AllowedIps)

The list of allowed IP addresses. Private subnets are not allowed. Set to null to remove restrictions.

Responses
200

User was updated.

201

User was created.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

404

Resource was not found.

422

Invalid data was sent.

put/users/{id}
Request samples
application/json
{
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ]
}
Response samples
application/json
{
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "computedPermissions": [
    ],
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "loginTime": "2019-08-24T14:15:22Z",
  • "reportingCurrency": "string",
  • "availableCurrencies": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "status": "active",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ],
  • "_links": [
    ]
}

Delete user

Delete user with predefined identifier string.

Request
Security:
path Parameters
id
required
string <= 50 characters ^[@~\-\.\w]+$

The resource identifier string.

header Parameters
Organization-Id
string (ResourceId) <= 50 characters
Deprecated

Organization identifier in scope of which need to perform request (if not specified, the default organization will be used).

It is deprecated. Use servers with /organizations/{organizationId} base path instead.

Example: 4f6cf35x-2c4y-483z-a0a9-158621f77a21
Responses
204

User was deleted.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

404

Resource was not found.

409

User has related resources and cannot be deleted.

delete/users/{id}
Request samples
try {
    $client->users()->delete('userId');
} catch (ServerException $e) {
    echo $e->getMessage();
}
Response samples
application/json
{
  • "status": 400,
  • "title": "string",
  • "detail": "string",
  • "error": "string"
}

Change a user's password

Updates user's password with the specified newPassword. And checks if. currentPassword matches the actual one.

Request
Security:
path Parameters
id
required
string <= 50 characters ^[@~\-\.\w]+$

The resource identifier string.

Request Body schema: application/json

currentPassword and newPassword.

currentPassword
required
string <password>

Current user's password - used when requesting password change.

newPassword
required
string <password>

New user's password - used when requesting password change.

Responses
201

Password updated successfully.

401

Unauthorized access, invalid credentials were used.

403

Access forbidden.

404

Resource was not found.

422

Invalid data was sent.

post/users/{id}/password
Request samples
application/json
{
  • "currentPassword": "pa$$word",
  • "newPassword": "pa$$word"
}
Response samples
application/json
{
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "computedPermissions": [
    ],
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "loginTime": "2019-08-24T14:15:22Z",
  • "reportingCurrency": "string",
  • "availableCurrencies": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "status": "active",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ],
  • "_links": [
    ]
}

Reset (renew) totpSecret

Reset (renew) totpSecret.

Request
Security:
path Parameters
id
required
string <= 50 characters ^[@~\-\.\w]+$

The resource identifier string.

Responses
201

totpSecret reset (renewed) successfully.

404

Resource was not found.

post/users/{id}/totp-reset
Request samples
$user = $client->users()->resetTotp('userId');
Response samples
application/json
{
  • "id": "4f6cf35x-2c4y-483z-a0a9-158621f77a21",
  • "email": "user@example.com",
  • "firstName": "string",
  • "lastName": "string",
  • "businessPhone": "string",
  • "mobilePhone": "string",
  • "password": "pa$$word",
  • "permissions": [
    ],
  • "computedPermissions": [
    ],
  • "createdTime": "2019-08-24T14:15:22Z",
  • "updatedTime": "2019-08-24T14:15:22Z",
  • "loginTime": "2019-08-24T14:15:22Z",
  • "reportingCurrency": "string",
  • "availableCurrencies": [
    ],
  • "totpRequired": true,
  • "totpSecret": "string",
  • "totpUrl": "string",
  • "status": "active",
  • "country": "string",
  • "preferences": { },
  • "roleIds": [
    ],
  • "allowedIps": [
    ],
  • "_links": [
    ]
}