Manage accounts with /config/users
Use /config/users
to retrieve, create, and configure V‑Spark user accounts, to retrieve user account status, to retrieve the authorization method used for login, and to retrieve or configure the permissions that they have in V‑Spark and within each company.
/config/users
cannot update: approved
— Account approval status cannot be set to 1.auth.method
— Authentication method, which can only be specified when creating a user.password
/config
POST requests must include entity information as top-level JSON data. Higher-level entity information does not need to be included in JSON POST data when entity names are included as path parameters.
Data written to V‑Spark with /config
is additive—that is, if objects in request JSON data exist, they are configured to use the request JSON. Objects that do not exist are created.
Set user permissions
/config/users/
to set View
(read) and Create/Edit
(write) permissions for a user. Account permissions may be set for the system, a company, or an organization, depending on the request token's permissions scope. - System permissions
System administrator access gives the user account read and write permissions to every aspect of the V‑Spark host system. That means they can create, delete, and modify any company, organization, folder, application, or user account on the system.
Sysadmins can also approve user accounts, change user account passwords, create and delete system-wide announcements, and enable system-wide
readonly
mode.The following example JSON describes a user account with sysadmin access.
"DocTestCo": { "test.user.01": { "name": "System Administrator", "email": "test.user.01@company.com", "company": "DocTestCo", "auth": { "verified": false, "disabled": false, "method": "standard" }, "permissions": { "system": [ "write" ] } }... }...
- Company permissions
Company-level access gives the user account read and write permissions for individual companies.
Company View (read) permission enables the user to view dashboards and transcripts for any organization under that company.
Company Create/Edit (write) permission enables the user to
- create and add user accounts to that company.
- modify permissions for company user accounts.
- create and edit company organizations, folders, and applications.
The following example JSON describes a user account with read and write access to the company DocTestCo.
"manual.user.03": { "auth": { "disabled": false, "verified": true, "method": "standard" }, "company": "DocTestCo", "email": "manual.user.03@company.com", "name": "Manual User 03", "permissions": { "DocTestCo": { "all": [ "read", "write" ] } }... }...
- Organization permissions
Organization-level access gives the user account read and write permissions for individual organizations.
Organization View (read) permission enables the user to view organization dashboards and transcripts.
Organization Create/Edit (write) permission enables the user to create and modify organization folders and applications.
The following example JSON describes a user account with read and write access to the organization DocTesting, which is under the company DocTestCo.
"manual.user.03": { "auth": { "disabled": false, "verified": true, "method": "standard" }, "company": "DocTestCo", "email": "manual.user.03@company.com", "name": "Manual User 03", "permissions": { "DocTestCo": { "orgs": { "DocTestCo-DocTesting": [ "read", "write" ]... } }... }... }...
GET and POST JSON differences
The /config/users
API supports additional name/value pairs that can be used as part of your JSON input when programmatically creating user accounts. These fields are in addition to those in sample JSON output.
Name | Type | Values | Description | |
---|---|---|---|---|
| Enables you to specify the password that will be assigned to a user account when it is created. An example of specifying a password using this field is the following:
If the | |||
| standard, oidc | Specify the user's login authorization method.
Once a user's authorization method has been set, it cannot be changed. |
Optional /config/users/
fields can also be used in JSON sent to /config/CO-SHORT/users/
. The main difference between those two endpoints is that /config/users/
JSON must include the primary company for each user.