-
-
Notifications
You must be signed in to change notification settings - Fork 2.8k
REST API User
Lauri Ojansivu edited this page Sep 25, 2023
·
8 revisions
This page tries to be as up to date as possible. If you see something wrong here, feel free to update the page and help other people like you, that greatly depends on our APIs. If you don't feel comfortable doing this kind of changes, please contact us by creating an issue.
| URL | Requires Auth | HTTP Method |
|---|---|---|
/users/register |
no |
POST |
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
email |
my@email.com |
Required | Your email |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl http://localhost:3000/users/register \
-d "username=myusername&password=mypassword&email=my@email.com"curl -H "Content-type:application/json" \
http://localhost:3000/users/register \
-d '{ "username": "myusername", "password": "mypassword", "email": "my@email.com" }'{
"id": "user id",
"token": "string",
"tokenExpires": "ISO encoded date string"
}{
"id": "XQMZgynx9M79qTtQc",
"token": "ExMp2s9ML1JNp_l11sIfINPT3wykZ1SsVwg-cnxKdc8",
"tokenExpires": "2017-12-15T00:47:26.303Z"
}| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users |
yes |
POST |
| Argument | Example | Required | Description |
|---|---|---|---|
username |
myusername |
Required | Your username |
password |
my$up3erP@ssw0rd |
Required | Your password |
email |
my@email.com |
Required | Your email |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-X POST \
http://localhost:3000/api/users \
-d "username=myusername&password=mypassword&email=my@email.com"curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-H "Content-type:application/json" \
-X POST \
http://localhost:3000/api/users \
-d '{ "username": "myusername", "password": "mypassword", "email": "my@email.com" }'- Login
curl http://example.com/users/login \
-d "username=YOUR-USERNAME-HERE&password=YOUR-PASSWORD-HERE"
As response you get your id and token:
"id":"YOUR-ID-HERE","token":"YOUR-TOKEN-HERE","tokenExpires":"2017-12-23T21:07:10.395Z"}
- Create user. Works both when serf-register enabled and disabled.
curl -H "Authorization: Bearer YOUR-TOKEN-HERE" \
-H "Content-type:application/json" \
-X POST \
http://example.com/api/users \
-d '{ "username": "tester", "password": "tester", "email": "tester@example.com", "fromAdmin": "true" }'
As reply you get new user's id.
{"id":"NEW-USER-ID-HERE"}
- You can get user details with your new user's id:
curl -H "Authorization: Bearer YOUR-TOKEN-HERE" \
http://example.com/api/users/NEW-USER-ID-HERE
Returns the id of the created user.
{
"_id": "user id"
}{
"_id": "EnhMbvxh65Hr7YvtG"
}IMPORTANT : Should not be used as long as this bug exists.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
DELETE |
| Argument | Example | Required | Description |
|---|---|---|---|
id |
BsNr28znDkG8aeo7W |
Required | The id of the user to delete. |
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
-X DELETE \
http://localhost:3000/api/users/EnhMbvxh65Hr7YvtG Returns the id of the deleted user.
{
"_id": "EnhMbvxh65Hr7YvtG"
}Retrieves information about a user.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods. - Only the admin user (the first user) can call the REST API.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
http://localhost:3000/api/users/XQMZgynx9M79qTtQc{
"_id": "XQMZgynx9M79qTtQc",
"createdAt": "2017-09-13T06:45:53.127Z",
"services": {
"password": {
"bcrypt": "$2a$10$CRZrpT4x.VpG2FdJxR3rN.9m0NbQb0OPsSPBDAZukggxrskMtWA8."
},
"email": {
"verificationTokens": [
{
"token": "8rzwpq_So2PVYHVSfrcc5f5QZnuV2wEtu7QRQGwOJx8",
"address": "my@email.com",
"when": "2017-09-13T06:45:53.157Z"
}
]
},
"resume": {
"loginTokens": [
{
"when": "2017-09-13T06:45:53.265Z",
"hashedToken": "CY/PWeDa3fAkl+k94+GWzCtpB5nPcVxLzzzjXs4kI3A="
},
{
"when": "2017-09-16T06:06:19.741Z",
"hashedToken": "74MQNXfsgjkItx/gpgPb29Y0MSNAvBrsnSGQmr4YGvQ="
}
]
}
},
"username": "john",
"emails": [
{
"address": "my@email.com",
"verified": false
}
],
"isAdmin": true,
"profile": {}
}Retrieves the user list.
| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods. - Only the admin user (the first user) can call the REST API.
curl -H "Authorization: Bearer cwUZ3ZsTaE6ni2R3ppSkYd-KrDvxsLcBIkSVfOCfIkA" \
http://localhost:3000/api/users[
{
"_id": "user id",
"username": "string"
}
][
{
"_id": "XQMZgynx9M79qTtQc",
"username": "admin"
},
{
"_id": "vy4WYj7k7NBhf3AFc",
"username": "john"
}
]Retrieves information about a logged-in user with his auth token.
| URL | Requires Auth | HTTP Method |
|---|---|---|
/api/user |
yes |
GET |
- Notes:
- You will need to provide the
tokenfor any of the authenticated methods.
curl -H "Authorization: Bearer a6DM_gOPRwBdynfXaGBaiiEwTiAuigR_Fj_81QmNpnf" \
http://localhost:3000/api/user{
"_id": "vy4WYj7k7NBhf3AFc",
"createdAt": "2017-09-16T05:51:30.339Z",
"username": "john",
"emails": [
{
"address": "me@mail.com",
"verified": false
}
],
"profile": {}
}| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
PUT |
curl -H "Authorization: Bearer t7iYB86mXoLfP_XsMegxF41oKT7iiA9lDYiKVtXcctl" \
-H "Content-type:application/json" \
-X PUT \
http://localhost:3000/api/users/ztKvBTzCqmyJ77on8 \
-d '{ "action": "disableLogin" }'| URL | Requires Admin Auth | HTTP Method |
|---|---|---|
/api/users/:id |
yes |
PUT |
curl -H "Authorization: Bearer t7iYB86mXoLfP_XsMegxF41oKT7iiA9lDYiKVtXcctl" \
-H "Content-type:application/json" \
-X PUT \
http://localhost:3000/api/users/ztKvBTzCqmyJ77on8 \
-d '{ "action": "enableLogin" }'If you believe that code is the best documentation, be our guest: models/cards.js
Wekan - OpenSource Kanban
- Deep Dive Into WeKan
- Meteor WeKan Roadmap - board at Wekan demo
- Multiverse WeKan Roadmap
- Docs/Manual
- Change Language
- Forgot Password
- About
- Test Edge
- WeKan Design Principles
- FAQ
- IRC FAQ - answers to questions asked at IRC
- Team
- Press
- Blog
- Wekan vs Trello vs Restyaboard
- Results of Survey 2020-01
- Allow private boards only: Disable Public Boards
- Security Disclosure and details of Security in Wekan
- Security issues
- Password Hashing
- Add more RAM to Node.js to prevent crash
- Clustering AWS etc
- Scaling
- Kubernetes
- Redis Oplog
- Meteor Scaling at Meteor Cloud
- Scaling at Meteor forums
- From Previous Export, paste big WeKan JSON
- Progress: Import/Export/Sync
- From CSV/TSV
- From Trello
- From Jira
- From Asana
- From Zenkit
- From old Wekan manually
- Converting Meteor Stylus to CSS
- Repair MongoDB
- Using Meteor MongoDB to repair files
- If board does not open and keeps loading
- Repair Docker
- Wekan Markdown
- Emoji
- Mermaid Diagram DOES NOT WORK ANYMORE
- Numbered text
- Automatic login
- Disable Password Login
- Forgot Password
- Admin: Impersonate user
- Adding Users
- Active users Presence
- Accounts Lockout: Brute force login protection
- LDAP
- LDAP AD Simple Auth
- Keycloak
- Google login
- Azure
- OAuth2, Auth0, GitLab, RocketChat
- Oracle OIM on premise using OAuth2
- ADFS 4.0 using OAuth2 and OpenID
- Azure AD B2C using OAuth2
- Nextcloud
- CAS Please test
- SAML Please test
- Zitadel
- Drag Drop on Mobile and Desktop
- Rclone: Store attachments to cloud storage like S3, MinIO, etc
- Python based features
- Burndown and Velocity Chart
- Wait Spinners
- Translations
- Default Language for All Users
- Roadmap
- Features
- Planning Poker
- Scaling
- Custom Logo
- Subtasks <== Has fix
- Templates
- Cover
- Archive and Delete
- Custom Fields
- Fix Export board menu not visible on some boards
- RAM usage
- Demo
- Swimlane Documentation
- Customize Translations
- Download Wekan for various Platforms: Supported by xet7, Operating Systems, NAS, Cloud
- Helm Chart for Kubernetes
- Caddy
- Nginx
- Apache
- OpenLiteSpeed
- Local self signed TLS
- Let's Encrypt and Google Auth
- TLS with Node.js
- Traefik and self-signed SSL certs
- Example: New card with Python3 and REST API
- Python client to REST API
- Go client to REST API
- Java
- Wekan Sandstorm cards to CSV using Python
- Excel and VBA
- Global Webhook
- Limiting Webhook data
- Receiving Webhooks
- Outgoing Webhook to Discord/Slack/RocketChat/Riot
- Outgoing Webhook to NodeRed
- Outgoing Webhook to PowerShell
- Security: Webhook and CA
- Outgoing Webhooks Data
- Outgoing Webhooks and Let's Encrypt
- Outgoing Webhooks Original Pull Request, multiple Webhooks, more parameters and response order