User

User Management and Authentication

Create a new User.

To create new User(s) in the system. API supports bulk creation with max limit as defined in the UserReq. Please note that either whole batch succeeds or fails, there's no partial batch success. To create one user, please pass array with one user object.

Users can be created based on the roles. Users with types as SYSTEM and EMPLOYEE can create other users if their RBAC mapping provides them the permission. Users with CITIZEN type can only create themselves, while EMPLOYEE and SYSTEM type users can also create other EMPLOYEES and CITIZENS.

User registration will always be a two step process, where this API will create a non authenticated user (without password) and after verification (using OTP) other user details (including password) can be updated using update user API to complete the user registration process.

POST/users/v110/_create

Body

Details for the new user + RequestInfo meta data

Users*array of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Response

User(s) created sucessfully

Body

Usersarray of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Request

const response = await fetch('/users/v110/_create', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2024-11-07",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}

Update user API

This API will update all user related details based on their type. Following rules apply -

Username cannot be updated once created
Password can only be updated by the user itself (CITIZEN or EMPLOYEE) using reissue OTP issued to them
User can self update mobile number/email by doing OTP verification with old phone/email
An employee can reset another user mobile number/email after OTP/other necessary validation (need specific privilege)

POST/users/v110/_update

Body

Request header for the user with new of values.

Users*array of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Response

Update user(s) successful

Body

Usersarray of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Request

const response = await fetch('/users/v110/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2024-11-07",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}

The user can update his password after login

This API used for update the password after login

POST/users/v110/password/_update

Body

Request header for the user with new of values.

existingPassword*string

Existing password

newPassword*string

New password

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

Response

Updated password successful

Body

PasswordRes (object)

Request

const response = await fetch('/users/v110/password/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "existingPassword": "text",
      "newPassword": "text",
      "tenantId": "text"
    }),
});
const data = await response.json();

Response

{}

This API act as reset password or forgot password before login

This API used for reset the password when user forgot his password by getting otp Reference through registerd mobile number,

POST/users/v110/password/nologin/_update

Body

Request header for the user with new of values.

otpReference*string

otp reference number which sent to registered mobile

userName*string

Registered User name

newPassword*string

New password

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

Response

Updated password successful

Body

PasswordRes (object)

Request

const response = await fetch('/users/v110/password/nologin/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "otpReference": "text",
      "userName": "text",
      "newPassword": "text",
      "tenantId": "text"
    }),
});
const data = await response.json();

Response

{}

Create a new User.

POST/users/v110/_create

Body

Details for the new user + RequestInfo meta data

Users*array of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Response

User(s) created sucessfully

Body

Usersarray of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Request

const response = await fetch('/users/v110/_create', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2024-11-07",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}

Update user API

This API will update all user related details based on their type. Following rules apply -

Username cannot be updated once created
Password can only be updated by the user itself (CITIZEN or EMPLOYEE) using reissue OTP issued to them
User can self update mobile number/email by doing OTP verification with old phone/email
An employee can reset another user mobile number/email after OTP/other necessary validation (need specific privilege)

POST/users/v110/_update

Body

Request header for the user with new of values.

Users*array of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Response

Update user(s) successful

Body

Usersarray of User (object)

tenantId*string

Unique Identifier of the tenant to which user primarily belongs

idinteger (int64)

The unique numeric id of an user. To be deprecated in future.

userName*string

The unique username used of the user - this will be used for user login. This needs to be unique within the tenant.

authTokenstring (password)

Authentication token for the user that may be -

Password in case of basic auth
OTP in case of OTP based verification
OAuth auth token for OAuth based auth

salutationstring

The salutation of user name. Example- Mr, Miss, Mrs

name*string

The full name of the user.

gender*string

Gender of the user.

mobileNumber*string

Mobile number of the user

emailIdstring

Email address of the user

aadhaarNumberstring

Aadhaar number of the user

Pattern: [0-9]

active*boolean

True if the user is active and False if the user is inactive.

pwdExpiryDateinteger (int64)

epoch of time when the current auth token (password/OTP) will expire.

locale*string

Value will be set to "en_IN".

type*string

System set value internally. For employee value will be always "EMPLOYEE". For citizen value will be "CITIZEN".

accountLockedboolean

Set to True if account is locked after several incorrect password attempt. False if account is not locked.

rolesarray

List of roles that are attached to the user.

userDetailsUserDetails (object)

Infrequently used details for the user

firstNamestring

The full name of the user.

middleNamestring

The full name of the user.

lastNamestring

The full name of the user.

dobstring (date)

Date of birth of the user in dd/mm/yyyy format.

altContactNumberstring

Alternate contact number of the user

fatherNamestring

User's father's name if available

husbandNamestring

Name of user's husband - if applicable

bloodGroupstring

Blood group of the user.

panstring

PAN number of the user

permanentAddressstring

Permanent address of the user.

permanentCitystring

City of the permanent address.

permanentPincodestring

Permanent address pincode.

correspondenceCitystring

City of the correspondence address.

correspondencePincodestring

Permanent address pincode.

correspondenceAddressstring

Correspondence address of the user.

signaturestring

Image to be loaded for the signature of the employee

identificationMarkstring

Any identification mark of the person.

photostring

Image to be loaded for the photo of the user

Request

const response = await fetch('/users/v110/_update', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "Users": [
        {
          "userName": "text",
          "name": "text",
          "gender": "text",
          "mobileNumber": "text",
          "active": false,
          "locale": "text",
          "type": "text",
          "tenantId": "text"
        }
      ]
    }),
});
const data = await response.json();

Response

{
  "Users": [
    {
      "tenantId": "text",
      "userName": "text",
      "authToken": "password",
      "salutation": "text",
      "name": "text",
      "gender": "text",
      "mobileNumber": "text",
      "emailId": "text",
      "aadhaarNumber": "text",
      "active": false,
      "locale": "text",
      "type": "text",
      "accountLocked": false,
      "roles": [],
      "userDetails": {
        "firstName": "text",
        "middleName": "text",
        "lastName": "text",
        "dob": "2024-11-07",
        "altContactNumber": "text",
        "fatherName": "text",
        "husbandName": "text",
        "bloodGroup": "text",
        "pan": "text",
        "permanentAddress": "text",
        "permanentCity": "text",
        "permanentPincode": "text",
        "correspondenceCity": "text",
        "correspondencePincode": "text",
        "correspondenceAddress": "text",
        "signature": "text",
        "identificationMark": "text",
        "photo": "text"
      }
    }
  ]
}