Documentation
Powered by

# Users API

Manage users and their roles within the Exit WeWeb Portal system.

# Endpoints

# List Users 

GET /users

Returns users based on your role:

  • Super Admin: All users
  • Client Admin: Users in your client organization
  • Client Manager: Only your own user record

Query Parameters:

  • select - Columns to return
  • client_id - Filter by client (eq, in)
  • role - Filter by role (eq)
  • email - Filter by email (eq, ilike)
  • order - Sort results
  • limit - Limit results
  • offset - Pagination offset

Example Request:

GET /users?select=id,email,role,client_id&client_id=eq.123&role=eq.client_manager
Authorization: Bearer YOUR_TOKEN
apikey: YOUR_ANON_KEY

Response:

[
  {
    "id": "uuid",
    "email": "manager@example.com",
    "role": "client_manager",
    "client_id": 123
  }
]

# Get Single User 

GET /users?id=eq.USER_ID

Response:

[
  {
    "id": "uuid",
    "auth_user_id": "auth_uuid",
    "email": "user@example.com",
    "name": "John Doe",
    "role": "client_admin",
    "client_id": 123,
    "created_at": "2025-01-22T10:00:00Z",
    "updated_at": "2025-01-22T10:00:00Z"
  }
]

# Create User 

POST /users
Content-Type: application/json
Prefer: return=representation

Request Body:

{
  "email": "newuser@example.com",
  "name": "New User",
  "role": "client_manager",
  "client_id": 123,
  "auth_user_id": "auth_uuid"
}

Permissions:

  • Super Admins can create any user
  • Client Admins can create users within their client

# Update User 

PATCH /users?id=eq.USER_ID
Content-Type: application/json
Prefer: return=representation

Request Body:

{
  "name": "Updated Name",
  "role": "client_admin"
}

Permissions:

  • Users can update their own record
  • Super Admins can update any user
  • Client Admins can update users in their client

# Delete User 

DELETE /users?id=eq.USER_ID

Permissions:

  • Super Admins can delete any user (except themselves)
  • Client Admins can delete users in their client (except themselves)

# User Object 

interface User {
  id: string;
  auth_user_id: string;
  email: string;
  name?: string;
  role: 'super_admin' | 'client_admin' | 'client_manager';
  user_role_type?: string; // Legacy field
  client_id?: number;
  created_at: string;
  updated_at: string;
}

# Related Endpoints

# Get User's Accessible Buildings 

GET /rpc/get_user_buildings
Content-Type: application/json

{
  "user_id": "uuid"
}

# Get User's Accessible Inspections 

GET /rpc/get_user_inspections
Content-Type: application/json

{
  "user_id": "uuid"
}

# Error Responses 

{
  "code": "42501",
  "details": null,
  "hint": null,
  "message": "new row violates row-level security policy for table \"users\""
}

© 2025 Exit Inc. All rights reserved.