Identity: Users & Settings

APIs for user accounts, profile and security settings, personal access and NATS tokens, cloud credentials, and social (follow) relationships. These endpoints back the account and settings screens of the KubeDB Platform web console and let you script the same operations against the KubeDB Platform API Server.

All routes are served under the /api/v1 prefix. Most endpoints authenticate with a personal access token sent as Authorization: token <YOUR_TOKEN> (it may also be supplied as a token or access_token query parameter). A handful of routes are public (no auth) or use HTTP Basic auth — this is called out per endpoint.

User accounts, profile/security settings, tokens, credentials, and deploy orders. This is the identity foundation the rest of the platform builds on: every authenticated call resolves to a user here, and personal access tokens minted through these endpoints authenticate the token-guarded REST API.

Public / basic-auth user APIs

MethodPathAuthDescription
GET/api/v1/users/searchPublicSearch users
GET/api/v1/users/:usernamePublicGet public info for a user
GET/api/v1/users/:username/orgsPublicList a user’s organizations
GET/api/v1/users/:username/tokensBasic authList a user’s access tokens
POST/api/v1/users/:username/tokensBasic authCreate an access token
DELETE/api/v1/users/:username/tokens/:idBasic authDelete an access token
GET/api/v1/users/:username/followersTokenList a user’s followers
GET/api/v1/users/:username/followingTokenList who a user follows
GET/api/v1/users/:username/following/:targetTokenCheck follow relationship
POST/api/v1/user/signinPublicSign in a user

Authenticated user (/api/v1/user, all require Token)

MethodPathExtra authDescription
GET/api/v1/userGet the authenticated user
GET/api/v1/user/signoutSign out
GET/api/v1/user/firebase-tokenAppsCode-hosted onlyGet a Firebase auth token
GET/api/v1/user/nats/credentialsGet NATS credentials for the user
GET/api/v1/user/nats/admin_credentialsSite adminGet NATS admin credentials
GET/api/v1/user/nats/user_credentialsSite adminGet NATS user credentials
GET/api/v1/user/nats/cluster-resource-historySite adminCluster resource history from NATS
GET/POST/DELETE/api/v1/user/emailsList / add / delete account emails
GET/api/v1/user/followers, /following, /following/:usernameSocial follow info
PUT/DELETE/api/v1/user/following/:usernameFollow / unfollow a user
GET/api/v1/user/orgsList my organizations
GET/api/v1/user/teamsList my teams
GET/api/v1/user/clustersList clusters accessible to me
POST/api/v1/user/validate/username /orgname /emailValidate names/emails
GET/POST/PUT/DELETE/api/v1/user/credentials, /credentials/:credNameManage cloud credentials
GET/api/v1/user/clouds/:cloud/bucketsList buckets for a cloud provider
POST/api/v1/user/deploy/ordersCreate a deployment order
GET/api/v1/user/deploy/orders/:id/render/manifest /render/resources /helm3 /yamlHelm registryPreview/render an order (manifest, resources, Helm 3 script, YAML)

User settings (/api/v1/user/settings, all require Token)

MethodPathDescription
GET/POST/profileGet / update profile
GET/POST/avatar, POST /avatar/deleteManage avatar
POST/account/passwordChange password
GET/POST/account/email, POST /account/email/deleteManage account emails
POST/account/deleteDelete the account
GET/POST/paginationPagination preferences
GET/security/Two-factor status
GET/POST/security/twofa/enrollEnroll in 2FA
POST/security/twofa/regenerate_scratch, /security/twofa/disableManage 2FA
GET/security/webauthn/keysList WebAuthn keys
POST/security/webauthn/request_register, /security/webauthn/registerRegister a WebAuthn key
DELETE/security/webauthn/keys/:idDelete a WebAuthn key
GET/security/sessions/List sessions
DELETE/security/sessions/:sid/revokeRevoke a session
GET/POST/security/account_linkLinked accounts (list / unlink)
GET/organizationsList my organizations
GET/POST/organizations/createCheck permission / create an org
GET/POST/tokens/access-tokens/List / create personal access tokens
POST/tokens/access-tokens/delete-recordsBulk-delete tokens
DELETE/tokens/access-tokens/:idDelete a token
GET/tokens/nats-tokens/List NATS tokens
POST/tokens/nats-tokens/:id/revoke/Revoke a NATS token
GET/POST/applications/oauth2List / create OAuth2 apps
GET/PUT/DELETE/applications/oauth2/:idManage an OAuth2 app
POST/applications/oauth2/:id/regenerate_secret, /:id/revokeRotate secret / revoke grant
GET/applications/oauth2/grantsList OAuth2 grants

Pages

  • Public & Basic-auth User APIs — public user lookup/search, a user’s organizations, social follow info, HTTP Basic-auth token management, and sign-in.
  • Authenticated User — the /api/v1/user/* endpoints: the current user, emails, NATS credentials, cloud credentials, clusters, teams, organizations, and name/email validation.
  • User Settings — the /api/v1/user/settings/* endpoints: profile and avatar, password and account emails, 2FA and WebAuthn security, sessions, personal access and NATS tokens, and OAuth2 applications.