Athena

Auth Admin

Admin methods for users, roles, impersonation, audit, API keys, clients, and email tooling.

Endpoints and Methods

  • auth.admin.role.set() -> POST /admin/set-role
  • auth.admin.user.list() -> GET /admin/list-users
  • auth.admin.user.session.list() -> POST /admin/list-user-sessions
  • auth.admin.user.create() -> POST /admin/create-user
  • auth.admin.user.unban() -> POST /admin/unban-user
  • auth.admin.user.ban() -> POST /admin/ban-user
  • auth.admin.user.impersonate() -> POST /admin/impersonate-user
  • auth.admin.user.stopImpersonating() -> POST /admin/stop-impersonating
  • auth.admin.user.session.revoke() -> POST /admin/revoke-user-session (single session token)
  • auth.admin.user.session.revoke() -> POST /admin/revoke-user-sessions (bulk revoke by userId or payload fan-out)
  • auth.admin.user.remove() -> POST /admin/remove-user
  • auth.admin.user.setPassword() -> POST /admin/set-user-password
  • auth.admin.hasPermission() -> POST /admin/has-permission
  • auth.admin.apiKey.create() -> POST /admin/api-key/create
  • auth.admin.athenaClient.create() -> POST /admin/athena-client/create
  • auth.admin.athenaClient.list() -> GET /admin/athena-client/list
  • auth.admin.auditLog.list() -> GET /admin/audit-log/list
  • auth.admin.email.list() -> GET /admin/email/list
  • auth.admin.email.get() -> GET /admin/email/get
  • auth.admin.email.create() -> POST /admin/email/create
  • auth.admin.email.update() -> POST /admin/email/update
  • auth.admin.email.delete() -> POST /admin/email/delete
  • auth.admin.email.failure.list() -> GET /admin/email-failure/list
  • auth.admin.email.failure.get() -> GET /admin/email-failure/get
  • auth.admin.email.failure.create() -> POST /admin/email-failure/create
  • auth.admin.email.failure.update() -> POST /admin/email-failure/update
  • auth.admin.email.failure.delete() -> POST /admin/email-failure/delete
  • auth.admin.email.template.list() -> GET /admin/email-template/list
  • auth.admin.email.template.get() -> GET /admin/email-template/get
  • auth.admin.email.template.create() -> POST /admin/email-template/create
  • auth.admin.email.template.update() -> POST /admin/email-template/update
  • auth.admin.email.template.delete() -> POST /admin/email-template/delete
  • auth.admin.emailTemplate.list() -> GET /admin/email-template/list (legacy alias)
  • auth.admin.emailTemplate.get() -> GET /admin/email-template/get (legacy alias)
  • auth.admin.emailTemplate.create() -> POST /admin/email-template/create (legacy alias)
  • auth.admin.emailTemplate.update() -> POST /admin/email-template/update (legacy alias)
  • auth.admin.emailTemplate.delete() -> POST /admin/email-template/delete (legacy alias)

Examples

ATHENA_AUTH_BASE_URL="http://localhost:3001/api/auth"
ATHENA_AUTH_TOKEN="<bearer-token>"

# Adjust payload fields using the OpenAPI schema in this page.

# auth.admin.role.set() -> POST /admin/set-role
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/set-role" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.list() -> GET /admin/list-users
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/list-users" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.user.session.list() -> POST /admin/list-user-sessions
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/list-user-sessions" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.create() -> POST /admin/create-user
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/create-user" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.unban() -> POST /admin/unban-user
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/unban-user" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.ban() -> POST /admin/ban-user
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/ban-user" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.impersonate() -> POST /admin/impersonate-user
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/impersonate-user" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.stopImpersonating() -> POST /admin/stop-impersonating
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/stop-impersonating" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.session.revoke() -> POST /admin/revoke-user-session
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/revoke-user-session" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.session.revoke() -> POST /admin/revoke-user-sessions
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/revoke-user-sessions" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.remove() -> POST /admin/remove-user
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/remove-user" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.user.setPassword() -> POST /admin/set-user-password
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/set-user-password" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.hasPermission() -> POST /admin/has-permission
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/has-permission" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.apiKey.create() -> POST /admin/api-key/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/api-key/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.athenaClient.create() -> POST /admin/athena-client/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/athena-client/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.athenaClient.list() -> GET /admin/athena-client/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/athena-client/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.auditLog.list() -> GET /admin/audit-log/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/audit-log/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.list() -> GET /admin/email/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.get() -> GET /admin/email/get
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email/get" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.create() -> POST /admin/email/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.update() -> POST /admin/email/update
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email/update" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.delete() -> POST /admin/email/delete
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email/delete" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.failure.list() -> GET /admin/email-failure/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-failure/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.failure.get() -> GET /admin/email-failure/get
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-failure/get" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.failure.create() -> POST /admin/email-failure/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-failure/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.failure.update() -> POST /admin/email-failure/update
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-failure/update" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.failure.delete() -> POST /admin/email-failure/delete
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-failure/delete" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.template.list() -> GET /admin/email-template/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-template/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.template.get() -> GET /admin/email-template/get
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-template/get" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.email.template.create() -> POST /admin/email-template/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.template.update() -> POST /admin/email-template/update
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/update" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.email.template.delete() -> POST /admin/email-template/delete
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/delete" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.emailTemplate.list() -> GET /admin/email-template/list
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-template/list" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.emailTemplate.get() -> GET /admin/email-template/get
curl -X GET "$ATHENA_AUTH_BASE_URL/admin/email-template/get" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN"

# auth.admin.emailTemplate.create() -> POST /admin/email-template/create
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/create" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.emailTemplate.update() -> POST /admin/email-template/update
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/update" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'

# auth.admin.emailTemplate.delete() -> POST /admin/email-template/delete
curl -X POST "$ATHENA_AUTH_BASE_URL/admin/email-template/delete" \
  -H "content-type: application/json" \
  -H "authorization: Bearer $ATHENA_AUTH_TOKEN" \
  -d '{"...":"See OpenAPI requestBody schema"}'
use reqwest::Client;
use serde_json::json;

let base_url = "http://localhost:3001/api/auth";
let token = "<bearer-token>";
let http = Client::new();

// Adjust payload fields using the OpenAPI schema in this page.

// auth.admin.role.set() -> POST /admin/set-role
let response = http
    .post(format!("{base_url}/admin/set-role"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.list() -> GET /admin/list-users
let response = http
    .get(format!("{base_url}/admin/list-users"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.session.list() -> POST /admin/list-user-sessions
let response = http
    .post(format!("{base_url}/admin/list-user-sessions"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.create() -> POST /admin/create-user
let response = http
    .post(format!("{base_url}/admin/create-user"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.unban() -> POST /admin/unban-user
let response = http
    .post(format!("{base_url}/admin/unban-user"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.ban() -> POST /admin/ban-user
let response = http
    .post(format!("{base_url}/admin/ban-user"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.impersonate() -> POST /admin/impersonate-user
let response = http
    .post(format!("{base_url}/admin/impersonate-user"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.stopImpersonating() -> POST /admin/stop-impersonating
let response = http
    .post(format!("{base_url}/admin/stop-impersonating"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.session.revoke() -> POST /admin/revoke-user-session
let response = http
    .post(format!("{base_url}/admin/revoke-user-session"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.session.revoke() -> POST /admin/revoke-user-sessions
let response = http
    .post(format!("{base_url}/admin/revoke-user-sessions"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.remove() -> POST /admin/remove-user
let response = http
    .post(format!("{base_url}/admin/remove-user"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.user.setPassword() -> POST /admin/set-user-password
let response = http
    .post(format!("{base_url}/admin/set-user-password"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.hasPermission() -> POST /admin/has-permission
let response = http
    .post(format!("{base_url}/admin/has-permission"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.apiKey.create() -> POST /admin/api-key/create
let response = http
    .post(format!("{base_url}/admin/api-key/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.athenaClient.create() -> POST /admin/athena-client/create
let response = http
    .post(format!("{base_url}/admin/athena-client/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.athenaClient.list() -> GET /admin/athena-client/list
let response = http
    .get(format!("{base_url}/admin/athena-client/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.auditLog.list() -> GET /admin/audit-log/list
let response = http
    .get(format!("{base_url}/admin/audit-log/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.list() -> GET /admin/email/list
let response = http
    .get(format!("{base_url}/admin/email/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.get() -> GET /admin/email/get
let response = http
    .get(format!("{base_url}/admin/email/get"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.create() -> POST /admin/email/create
let response = http
    .post(format!("{base_url}/admin/email/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.update() -> POST /admin/email/update
let response = http
    .post(format!("{base_url}/admin/email/update"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.delete() -> POST /admin/email/delete
let response = http
    .post(format!("{base_url}/admin/email/delete"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.failure.list() -> GET /admin/email-failure/list
let response = http
    .get(format!("{base_url}/admin/email-failure/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.failure.get() -> GET /admin/email-failure/get
let response = http
    .get(format!("{base_url}/admin/email-failure/get"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.failure.create() -> POST /admin/email-failure/create
let response = http
    .post(format!("{base_url}/admin/email-failure/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.failure.update() -> POST /admin/email-failure/update
let response = http
    .post(format!("{base_url}/admin/email-failure/update"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.failure.delete() -> POST /admin/email-failure/delete
let response = http
    .post(format!("{base_url}/admin/email-failure/delete"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.template.list() -> GET /admin/email-template/list
let response = http
    .get(format!("{base_url}/admin/email-template/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.template.get() -> GET /admin/email-template/get
let response = http
    .get(format!("{base_url}/admin/email-template/get"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.template.create() -> POST /admin/email-template/create
let response = http
    .post(format!("{base_url}/admin/email-template/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.template.update() -> POST /admin/email-template/update
let response = http
    .post(format!("{base_url}/admin/email-template/update"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.email.template.delete() -> POST /admin/email-template/delete
let response = http
    .post(format!("{base_url}/admin/email-template/delete"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.emailTemplate.list() -> GET /admin/email-template/list
let response = http
    .get(format!("{base_url}/admin/email-template/list"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.emailTemplate.get() -> GET /admin/email-template/get
let response = http
    .get(format!("{base_url}/admin/email-template/get"))
    .bearer_auth(token)
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.emailTemplate.create() -> POST /admin/email-template/create
let response = http
    .post(format!("{base_url}/admin/email-template/create"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.emailTemplate.update() -> POST /admin/email-template/update
let response = http
    .post(format!("{base_url}/admin/email-template/update"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;

// auth.admin.emailTemplate.delete() -> POST /admin/email-template/delete
let response = http
    .post(format!("{base_url}/admin/email-template/delete"))
    .bearer_auth(token)
    .json(&json!({
        "...": "See OpenAPI requestBody schema"
    }))
    .send()
    .await?;
let _ = response.error_for_status()?;
import { client } from "./auth-client"

await client.auth.admin.role.set({
  userId: "usr_1",
  role: "admin",
})

await client.auth.admin.user.list()
await client.auth.admin.user.session.list({ userId: "usr_1" })

await client.auth.admin.user.create({
  email: "new-user@example.com",
  password: "temporary-password",
})

await client.auth.admin.user.unban({ userId: "usr_1" })
await client.auth.admin.user.ban({ userId: "usr_2", banReason: "policy violation" })

await client.auth.admin.user.impersonate({ userId: "usr_3" })
await client.auth.admin.user.stopImpersonating({ userId: "usr_3" })

// single payload -> /admin/revoke-user-session
await client.auth.admin.user.session.revoke({
  userId: "usr_3",
  sessionToken: "sess_token_1",
})

// multiple payloads -> /admin/revoke-user-sessions
await client.auth.admin.user.session.revoke([
  { userId: "usr_3", sessionToken: "sess_token_2" },
  { userId: "usr_3", sessionToken: "sess_token_3" },
])

// direct plural payload -> /admin/revoke-user-sessions
await client.auth.admin.user.session.revoke({
  userId: "usr_3",
})

await client.auth.admin.user.remove({ userId: "usr_4" })
await client.auth.admin.user.setPassword({
  userId: "usr_4",
  newPassword: "new-password",
})

await client.auth.admin.hasPermission({
  permissions: { users: ["manage"] },
})

await client.auth.admin.apiKey.create({
  name: "admin-key",
  expiresIn: 3600,
})

await client.auth.admin.athenaClient.create({
  clientName: "dashboard-client",
})
await client.auth.admin.athenaClient.list()

await client.auth.admin.auditLog.list()

await client.auth.admin.email.get({
  query: { id: "email_1" },
})

await client.auth.admin.email.create({
  recipientEmail: "to@example.com",
  subject: "Welcome",
  fromAddress: "no-reply@example.com",
  provider: "resend",
})

await client.auth.admin.email.update({
  id: "email_1",
  subject: "Welcome Updated",
})

await client.auth.admin.email.delete({
  id: "email_1",
})

await client.auth.admin.email.failure.list()
await client.auth.admin.email.failure.get({
  query: { id: "failure_1" },
})
await client.auth.admin.email.failure.create({
  recipientEmail: "to@example.com",
  flow: "transactional",
  errorMessage: "bounce",
})
await client.auth.admin.email.failure.update({
  id: "failure_1",
  resolved: true,
})
await client.auth.admin.email.failure.delete({
  id: "failure_1",
})

await client.auth.admin.email.list()

await client.auth.admin.email.template.create({
  templateKey: "welcome",
  subjectTemplate: "Welcome",
})
await client.auth.admin.email.template.get({
  query: { id: "tmpl_1" },
})
await client.auth.admin.email.template.list()
await client.auth.admin.email.template.update({
  id: "tmpl_1",
  subjectTemplate: "Welcome Updated",
})
await client.auth.admin.email.template.delete({ id: "tmpl_1" })

// legacy alias
await client.auth.admin.emailTemplate.create({
  templateKey: "legacy",
  subjectTemplate: "Legacy",
})
await client.auth.admin.emailTemplate.get({
  query: { id: "legacy_tmpl_1" },
})
await client.auth.admin.emailTemplate.list()
await client.auth.admin.emailTemplate.update({
  id: "legacy_tmpl_1",
  subjectTemplate: "Legacy Updated",
})
await client.auth.admin.emailTemplate.delete({ id: "legacy_tmpl_1" })

OpenAPI Contract

POST
/admin/set-role

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

role*string

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/set-role" \  -H "Content-Type: application/json" \  -d '{    "userId": "string",    "role": "string"  }'
{
  "user": {
    "id": "string",
    "name": "string",
    "email": "string",
    "emailVerified": true,
    "image": "string",
    "createdAt": null,
    "updatedAt": null,
    "username": "string",
    "displayUsername": "string",
    "twoFactorEnabled": true,
    "role": "string",
    "banned": true,
    "banReason": "string",
    "banExpires": null
  }
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/create-user

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

email*string

The email of the user

password*string

The password of the user

name*string

The name of the user

role?string
data?string

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/create-user" \  -H "Content-Type: application/json" \  -d '{    "email": "string",    "password": "string",    "name": "string"  }'
{
  "user": {
    "id": "string",
    "name": "string",
    "email": "string",
    "emailVerified": true,
    "image": "string",
    "createdAt": null,
    "updatedAt": null,
    "username": "string",
    "displayUsername": "string",
    "twoFactorEnabled": true,
    "role": "string",
    "banned": true,
    "banReason": "string",
    "banExpires": null
  }
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
GET
/admin/list-users

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

searchValue?string

The value to search for

searchField?string

The field to search in, defaults to email. Can be email or name

searchOperator?string

The operator to use for the search. Can be contains, starts_with or ends_with

limit?string

The number of users to return

offset?string

The offset to start from

sortBy?string

The field to sort by

sortDirection?string

The direction to sort by

filterField?string

The field to filter by

filterValue?string

The value to filter by

filterOperator?string

The operator to use for the filter

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X GET "http://localhost:3001/api/auth/admin/list-users"
{
  "users": [
    {
      "id": "string",
      "name": "string",
      "email": "string",
      "emailVerified": true,
      "image": "string",
      "createdAt": null,
      "updatedAt": null,
      "username": "string",
      "displayUsername": "string",
      "twoFactorEnabled": true,
      "role": "string",
      "banned": true,
      "banReason": "string",
      "banExpires": null
    }
  ],
  "total": 0,
  "limit": 0,
  "offset": 0
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/list-user-sessions

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/list-user-sessions" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "sessions": [
    {
      "id": "string",
      "expiresAt": null,
      "token": "string",
      "createdAt": null,
      "updatedAt": null,
      "ipAddress": "string",
      "userAgent": "string",
      "userId": "string",
      "impersonatedBy": "string",
      "activeOrganizationId": "string"
    }
  ]
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/unban-user

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/unban-user" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "user": {
    "id": "string",
    "name": "string",
    "email": "string",
    "emailVerified": true,
    "image": "string",
    "createdAt": null,
    "updatedAt": null,
    "username": "string",
    "displayUsername": "string",
    "twoFactorEnabled": true,
    "role": "string",
    "banned": true,
    "banReason": "string",
    "banExpires": null
  }
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/ban-user

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

banReason?string

The reason for the ban

banExpiresIn?string

The number of seconds until the ban expires

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/ban-user" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "user": {
    "id": "string",
    "name": "string",
    "email": "string",
    "emailVerified": true,
    "image": "string",
    "createdAt": null,
    "updatedAt": null,
    "username": "string",
    "displayUsername": "string",
    "twoFactorEnabled": true,
    "role": "string",
    "banned": true,
    "banReason": "string",
    "banExpires": null
  }
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/impersonate-user

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/impersonate-user" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "session": {
    "id": "string",
    "expiresAt": null,
    "token": "string",
    "createdAt": null,
    "updatedAt": null,
    "ipAddress": "string",
    "userAgent": "string",
    "userId": "string",
    "impersonatedBy": "string",
    "activeOrganizationId": "string"
  },
  "user": {
    "id": "string",
    "name": "string",
    "email": "string",
    "emailVerified": true,
    "image": "string",
    "createdAt": null,
    "updatedAt": null,
    "username": "string",
    "displayUsername": "string",
    "twoFactorEnabled": true,
    "role": "string",
    "banned": true,
    "banReason": "string",
    "banExpires": null
  }
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/stop-impersonating

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/stop-impersonating"
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/revoke-user-session

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

sessionToken*string

The session token

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/revoke-user-session" \  -H "Content-Type: application/json" \  -d '{    "sessionToken": "string"  }'
{
  "success": true
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/revoke-user-sessions

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/revoke-user-sessions" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "success": true
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/remove-user

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/remove-user" \  -H "Content-Type: application/json" \  -d '{    "userId": "string"  }'
{
  "success": true
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/set-user-password

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

newPassword*string

The new password

userId*string

The user id

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/set-user-password" \  -H "Content-Type: application/json" \  -d '{    "newPassword": "string",    "userId": "string"  }'
{
  "status": true
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/has-permission

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

permission?objectDeprecated

The permission to check

permissions*object

The permission to check

Response Body

application/json

application/json

application/json

application/json

application/json

application/json

application/json

curl -X POST "http://localhost:3001/api/auth/admin/has-permission" \  -H "Content-Type: application/json" \  -d '{    "permissions": {}  }'
{
  "error": "string",
  "success": true
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
{
  "message": "string"
}
POST
/admin/api-key/create

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

name?string
expiresIn?integer
athenaClientName?string
permissions?object
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/api-key/create" \  -H "Content-Type: application/json" \  -d '{}'
{
  "key": "string",
  "apiKey": {}
}
POST
/admin/athena-client/create

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

clientName*string
description?string
isActive?boolean
pgUriEnvVar?string
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/athena-client/create" \  -H "Content-Type: application/json" \  -d '{    "clientName": "string"  }'
{}
GET
/admin/athena-client/list

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/athena-client/list"
{
  "athenaClients": [
    {}
  ]
}
GET
/admin/audit-log/list

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

limit?integer
offset?integer
actorUserId?string
action?string
targetType?string
targetId?string
success?boolean
createdAfter?string
Formatdate-time
createdBefore?string
Formatdate-time

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/audit-log/list"
{
  "total": 0,
  "limit": 0,
  "offset": 0,
  "auditLogs": [
    {}
  ]
}
GET
/admin/email/list

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

limit?integer
offset?integer
recipientEmail?string
provider?string
flow?string
subjectContains?string
createdAfter?string
Formatdate-time
createdBefore?string
Formatdate-time

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email/list"
{
  "total": 0,
  "limit": 0,
  "offset": 0,
  "emails": [
    {}
  ]
}
GET
/admin/email/get

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

id*string

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email/get?id=string"
{
  "email": {}
}
POST
/admin/email/create

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

recipientEmail*string
Formatemail
subject*string
fromAddress*string
Formatemail
fromName?string
textBody?string
htmlBody?string
provider*string
flow?string
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email/create" \  -H "Content-Type: application/json" \  -d '{    "recipientEmail": "user@example.com",    "subject": "string",    "fromAddress": "user@example.com",    "provider": "string"  }'
{
  "success": true
}
POST
/admin/email/update

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string
recipientEmail?string
Formatemail
subject?string
fromAddress?string
Formatemail
fromName?|
textBody?|
htmlBody?|
provider?string
flow?|
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email/update" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{
  "email": {}
}
POST
/admin/email/delete

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email/delete" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{
  "success": true
}
GET
/admin/email-failure/list

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

limit?integer
offset?integer
recipientEmail?string
provider?string
flow?string
resolved?boolean
createdAfter?string
Formatdate-time
createdBefore?string
Formatdate-time

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email-failure/list"
{
  "total": 0,
  "limit": 0,
  "offset": 0,
  "emailSendFailures": [
    {}
  ]
}
GET
/admin/email-failure/get

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

id*string

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email-failure/get?id=string"
{
  "emailSendFailure": {}
}
POST
/admin/email-failure/create

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

userId?string
recipientEmail*string
Formatemail
flow*string
provider?string
errorMessage*string
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-failure/create" \  -H "Content-Type: application/json" \  -d '{    "recipientEmail": "user@example.com",    "flow": "string",    "errorMessage": "string"  }'
{
  "success": true
}
POST
/admin/email-failure/update

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string
resolved?boolean
resolutionNote?|
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-failure/update" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{
  "emailSendFailure": {}
}
POST
/admin/email-failure/delete

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-failure/delete" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{
  "success": true
}
POST
/admin/email-template/create

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

templateKey*string
locale?string
subjectTemplate*string
textTemplate?string
htmlTemplate?string
variables?array<>
isActive?boolean
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-template/create" \  -H "Content-Type: application/json" \  -d '{    "templateKey": "string",    "subjectTemplate": "string"  }'
{}
GET
/admin/email-template/list

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

limit?integer
offset?integer
templateKey?string
locale?string
isActive?boolean

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email-template/list"
{
  "total": 0,
  "limit": 0,
  "offset": 0,
  "emailTemplates": [
    {}
  ]
}
GET
/admin/email-template/get

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Query Parameters

id*string

Response Body

application/json

curl -X GET "http://localhost:3001/api/auth/admin/email-template/get?id=string"
{
  "emailTemplate": {}
}
POST
/admin/email-template/update

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string
templateKey?string
locale?string
subjectTemplate?string
textTemplate?|
htmlTemplate?|
variables?array<>
isActive?boolean
metadata?object

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-template/update" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{}
POST
/admin/email-template/delete

Authorization

bearerAuth
AuthorizationBearer <token>

Bearer token authentication

In: header

Request Body

application/json

id*string

Response Body

application/json

curl -X POST "http://localhost:3001/api/auth/admin/email-template/delete" \  -H "Content-Type: application/json" \  -d '{    "id": "string"  }'
{
  "success": true
}

Auth Passkey

Passkey registration/authentication methods and related origins endpoint.

Auth API Key

User-scoped API key CRUD and verification methods.

On this page

Endpoints and MethodsExamplesOpenAPI Contract