- This would allow anyone with a personal access token (even a read-only token, once scopes are implemented) to escalate their access by obtaining the private token.
14 KiB
Users
List users
Get a list of users.
This function takes pagination parameters page
and per_page
to restrict the list of users.
For normal users
GET /users
[
{
"id": 1,
"username": "john_smith",
"name": "John Smith",
"state": "active",
"avatar_url": "http://localhost:3000/uploads/user/avatar/1/cd8.jpeg",
"web_url": "http://localhost:3000/u/john_smith"
},
{
"id": 2,
"username": "jack_smith",
"name": "Jack Smith",
"state": "blocked",
"avatar_url": "http://gravatar.com/../e32131cd8.jpeg",
"web_url": "http://localhost:3000/u/jack_smith"
}
]
For admins
GET /users
[
{
"id": 1,
"username": "john_smith",
"email": "john@example.com",
"name": "John Smith",
"state": "active",
"avatar_url": "http://localhost:3000/uploads/user/avatar/1/index.jpg",
"web_url": "http://localhost:3000/u/john_smith",
"created_at": "2012-05-23T08:00:58Z",
"is_admin": false,
"bio": null,
"location": null,
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"last_sign_in_at": "2012-06-01T11:41:01Z",
"confirmed_at": "2012-05-23T09:05:22Z",
"theme_id": 1,
"color_scheme_id": 2,
"projects_limit": 100,
"current_sign_in_at": "2012-06-02T06:36:55Z",
"identities": [
{"provider": "github", "extern_uid": "2435223452345"},
{"provider": "bitbucket", "extern_uid": "john.smith"},
{"provider": "google_oauth2", "extern_uid": "8776128412476123468721346"}
],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": true,
"external": false
},
{
"id": 2,
"username": "jack_smith",
"email": "jack@example.com",
"name": "Jack Smith",
"state": "blocked",
"avatar_url": "http://localhost:3000/uploads/user/avatar/2/index.jpg",
"web_url": "http://localhost:3000/u/jack_smith",
"created_at": "2012-05-23T08:01:01Z",
"is_admin": false,
"bio": null,
"location": null,
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"last_sign_in_at": null,
"confirmed_at": "2012-05-30T16:53:06.148Z",
"theme_id": 1,
"color_scheme_id": 3,
"projects_limit": 100,
"current_sign_in_at": "2014-03-19T17:54:13Z",
"identities": [],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": true,
"external": false
}
]
You can search for users by email or username with: /users?search=John
In addition, you can lookup users by username:
GET /users?username=:username
For example:
GET /users?username=jack_smith
Single user
Get a single user.
For user
GET /users/:id
Parameters:
id
(required) - The ID of a user
{
"id": 1,
"username": "john_smith",
"name": "John Smith",
"state": "active",
"avatar_url": "http://localhost:3000/uploads/user/avatar/1/cd8.jpeg",
"web_url": "http://localhost:3000/u/john_smith",
"created_at": "2012-05-23T08:00:58Z",
"is_admin": false,
"bio": null,
"location": null,
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": ""
}
For admin
GET /users/:id
Parameters:
id
(required) - The ID of a user
{
"id": 1,
"username": "john_smith",
"email": "john@example.com",
"name": "John Smith",
"state": "active",
"avatar_url": "http://localhost:3000/uploads/user/avatar/1/index.jpg",
"web_url": "http://localhost:3000/u/john_smith",
"created_at": "2012-05-23T08:00:58Z",
"is_admin": false,
"bio": null,
"location": null,
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"last_sign_in_at": "2012-06-01T11:41:01Z",
"confirmed_at": "2012-05-23T09:05:22Z",
"theme_id": 1,
"color_scheme_id": 2,
"projects_limit": 100,
"current_sign_in_at": "2012-06-02T06:36:55Z",
"identities": [
{"provider": "github", "extern_uid": "2435223452345"},
{"provider": "bitbucket", "extern_uid": "john.smith"},
{"provider": "google_oauth2", "extern_uid": "8776128412476123468721346"}
],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": true,
"external": false
}
User creation
Creates a new user. Note only administrators can create new users.
POST /users
Parameters:
email
(required) - Emailpassword
(required) - Passwordusername
(required) - Usernamename
(required) - Nameskype
(optional) - Skype IDlinkedin
(optional) - LinkedIntwitter
(optional) - Twitter accountwebsite_url
(optional) - Website URLprojects_limit
(optional) - Number of projects user can createextern_uid
(optional) - External UIDprovider
(optional) - External provider namebio
(optional) - User's biographylocation
(optional) - User's locationadmin
(optional) - User is admin - true or false (default)can_create_group
(optional) - User can create groups - true or falseconfirm
(optional) - Require confirmation - true (default) or falseexternal
(optional) - Flags the user as external - true or false(default)
User modification
Modifies an existing user. Only administrators can change attributes of a user.
PUT /users/:id
Parameters:
email
- Emailusername
- Usernamename
- Namepassword
- Passwordskype
- Skype IDlinkedin
- LinkedIntwitter
- Twitter accountwebsite_url
- Website URLprojects_limit
- Limit projects each user can createextern_uid
- External UIDprovider
- External provider namebio
- User's biographylocation
(optional) - User's locationadmin
(optional) - User is admin - true or false (default)can_create_group
(optional) - User can create groups - true or falseexternal
(optional) - Flags the user as external - true or false(default)
Note, at the moment this method does only return a 404 error, even in cases where a 409 (Conflict) would be more appropriate, e.g. when renaming the email address to some existing one.
User deletion
Deletes a user. Available only for administrators.
This is an idempotent function, calling this function for a non-existent user id
still returns a status code 200 OK
.
The JSON response differs if the user was actually deleted or not.
In the former the user is returned and in the latter not.
DELETE /users/:id
Parameters:
id
(required) - The ID of the user
Current user
Gets currently authenticated user.
GET /user
{
"id": 1,
"username": "john_smith",
"email": "john@example.com",
"name": "John Smith",
"state": "active",
"avatar_url": "http://localhost:3000/uploads/user/avatar/1/index.jpg",
"web_url": "http://localhost:3000/u/john_smith",
"created_at": "2012-05-23T08:00:58Z",
"is_admin": false,
"bio": null,
"location": null,
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"last_sign_in_at": "2012-06-01T11:41:01Z",
"confirmed_at": "2012-05-23T09:05:22Z",
"theme_id": 1,
"color_scheme_id": 2,
"projects_limit": 100,
"current_sign_in_at": "2012-06-02T06:36:55Z",
"identities": [
{"provider": "github", "extern_uid": "2435223452345"},
{"provider": "bitbucket", "extern_uid": "john_smith"},
{"provider": "google_oauth2", "extern_uid": "8776128412476123468721346"}
],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": true,
"external": false
}
List SSH keys
Get a list of currently authenticated user's SSH keys.
GET /user/keys
[
{
"id": 1,
"title": "Public key",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=",
"created_at": "2014-08-01T14:47:39.080Z"
},
{
"id": 3,
"title": "Another Public key",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=",
"created_at": "2014-08-01T14:47:39.080Z"
}
]
Parameters:
- none
List SSH keys for user
Get a list of a specified user's SSH keys. Available only for admin
GET /users/:uid/keys
Parameters:
uid
(required) - id of specified user
Single SSH key
Get a single key.
GET /user/keys/:id
Parameters:
id
(required) - The ID of an SSH key
{
"id": 1,
"title": "Public key",
"key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAiPWx6WM4lhHNedGfBpPJNPpZ7yKu+dnn1SJejgt4596k6YjzGGphH2TUxwKzxcKDKKezwkpfnxPkSMkuEspGRt/aZZ9wa++Oi7Qkr8prgHc4soW6NUlfDzpvZK2H5E7eQaSeP3SAwGmQKUFHCddNaP0L+hM7zhFNzjFvpaMgJw0=",
"created_at": "2014-08-01T14:47:39.080Z"
}
Add SSH key
Creates a new key owned by the currently authenticated user.
POST /user/keys
Parameters:
title
(required) - new SSH Key's titlekey
(required) - new SSH key
{
"created_at": "2015-01-21T17:44:33.512Z",
"key": "ssh-dss AAAAB3NzaC1kc3MAAACBAMLrhYgI3atfrSD6KDas1b/3n6R/HP+bLaHHX6oh+L1vg31mdUqK0Ac/NjZoQunavoyzqdPYhFz9zzOezCrZKjuJDS3NRK9rspvjgM0xYR4d47oNZbdZbwkI4cTv/gcMlquRy0OvpfIvJtjtaJWMwTLtM5VhRusRuUlpH99UUVeXAAAAFQCVyX+92hBEjInEKL0v13c/egDCTQAAAIEAvFdWGq0ccOPbw4f/F8LpZqvWDydAcpXHV3thwb7WkFfppvm4SZte0zds1FJ+Hr8Xzzc5zMHe6J4Nlay/rP4ewmIW7iFKNBEYb/yWa+ceLrs+TfR672TaAgO6o7iSRofEq5YLdwgrwkMmIawa21FrZ2D9SPao/IwvENzk/xcHu7YAAACAQFXQH6HQnxOrw4dqf0NqeKy1tfIPxYYUZhPJfo9O0AmBW2S36pD2l14kS89fvz6Y1g8gN/FwFnRncMzlLY/hX70FSc/3hKBSbH6C6j8hwlgFKfizav21eS358JJz93leOakJZnGb8XlWvz1UJbwCsnR2VEY8Dz90uIk1l/UqHkA= loic@call",
"title": "ABC",
"id": 4
}
Will return created key with status 201 Created
on success. If an
error occurs a 400 Bad Request
is returned with a message explaining the error:
{
"message": {
"fingerprint": [
"has already been taken"
],
"key": [
"has already been taken"
]
}
}
Add SSH key for user
Create new key owned by specified user. Available only for admin
POST /users/:id/keys
Parameters:
id
(required) - id of specified usertitle
(required) - new SSH Key's titlekey
(required) - new SSH key
Will return created key with status 201 Created
on success, or 404 Not found
on fail.
Delete SSH key for current user
Deletes key owned by currently authenticated user.
This is an idempotent function and calling it on a key that is already deleted
or not available results in 200 OK
.
DELETE /user/keys/:id
Parameters:
id
(required) - SSH key ID
Delete SSH key for given user
Deletes key owned by a specified user. Available only for admin.
DELETE /users/:uid/keys/:id
Parameters:
uid
(required) - id of specified userid
(required) - SSH key ID
Will return 200 OK
on success, or 404 Not found
if either user or key cannot be found.
List emails
Get a list of currently authenticated user's emails.
GET /user/emails
[
{
"id": 1,
"email": "email@example.com"
},
{
"id": 3,
"email": "email2@example.com"
}
]
Parameters:
- none
List emails for user
Get a list of a specified user's emails. Available only for admin
GET /users/:uid/emails
Parameters:
uid
(required) - id of specified user
Single email
Get a single email.
GET /user/emails/:id
Parameters:
id
(required) - email ID
{
"id": 1,
"email": "email@example.com"
}
Add email
Creates a new email owned by the currently authenticated user.
POST /user/emails
Parameters:
email
(required) - email address
{
"id": 4,
"email": "email@example.com"
}
Will return created email with status 201 Created
on success. If an
error occurs a 400 Bad Request
is returned with a message explaining the error:
{
"message": {
"email": [
"has already been taken"
]
}
}
Add email for user
Create new email owned by specified user. Available only for admin
POST /users/:id/emails
Parameters:
id
(required) - id of specified useremail
(required) - email address
Will return created email with status 201 Created
on success, or 404 Not found
on fail.
Delete email for current user
Deletes email owned by currently authenticated user.
This is an idempotent function and calling it on a email that is already deleted
or not available results in 200 OK
.
DELETE /user/emails/:id
Parameters:
id
(required) - email ID
Delete email for given user
Deletes email owned by a specified user. Available only for admin.
DELETE /users/:uid/emails/:id
Parameters:
uid
(required) - id of specified userid
(required) - email ID
Will return 200 OK
on success, or 404 Not found
if either user or email cannot be found.
Block user
Blocks the specified user. Available only for admin.
PUT /users/:uid/block
Parameters:
uid
(required) - id of specified user
Will return 200 OK
on success, 404 User Not Found
is user cannot be found or
403 Forbidden
when trying to block an already blocked user by LDAP synchronization.
Unblock user
Unblocks the specified user. Available only for admin.
PUT /users/:uid/unblock
Parameters:
uid
(required) - id of specified user
Will return 200 OK
on success, 404 User Not Found
is user cannot be found or
403 Forbidden
when trying to unblock a user blocked by LDAP synchronization.