Skip to main content
API docs by Redocly

User Management Interface Definition

Download OpenAPI specification:Download

Contact Developer: openapi@supos.com

Service interface provided by user management:

Authentication

Sign

Security Scheme Type: API Key
Header parameter name: Authorization

Token

Security Scheme Type: HTTP
HTTP Authorization Scheme: bearer
Bearer format: JWT

users

User Management

Add new user

  • Optional: user description, role, fill in role code for role.
  • Mandatory items: user name, password, personnel code, time zone, user type userType, company code companyCode, the current value of accountType is 0 , common user.
  • Username rules: only letters, numbers, special symbols *()-_. special characters, and other special symbols such as +/?%#&=space{} "':,[], etc., are related to compatibility and are not supported for now. Please note!
  • User descriptions can contain up to 255 characters.
  • Username uniqueness rule: uniqueness under the group, after the user is deleted, the user cannot be recreated with this name.
  • Time zone format: GMT+0800.
  • Added recoveryDeleted field, when recoveryDeleted=true, it supports adding deleted users, if recoveryDeleted is not passed or false, deleted users cannot be added
Authorizations:
SignToken
Request Body schema: application/json
username
required
string <= 50 characters
  • Username rules: only letters, numbers, special symbols *()-_. and their combinations are supported, no more than 50 characters.
  • Username only supports the 6 special characters *()-_., others Special symbols such as +/?%#&=space{} "':,[], etc. are compatible and are not supported for now, please be informed!
password
required
string

User Password

userDesc
string

User Description

timeZone
required
string
Default: "GMT+0800"

Time Zone

personCode
required
string

Personnel Code

companyCode
required
string
Default: "Default Company"

Company Code

accountType
required
integer
Value: 0

0 normal users

roleNameList
Array of strings

Character code set

recoveryDeleted
boolean
Default: false
Enum: false true

Whether to restore deleted users, the default value is false, do not restore deleted users.

Responses

Request samples

Content type
application/json
{
  • "username": "zhangsan",
  • "password": "xxxxx",
  • "userDesc": "Normal User",
  • "timeZone": "GMT+0800",
  • "personCode": "person01",
  • "companyCode": "default",
  • "accountType": 0,
  • "roleNameList": [
    ],
  • "recoveryDeleted": false
}

Response samples

Content type
application/json
{
  • "code": 100106021,
  • "message": "Password rule: 6 to 8-digit password containing uppercase and lowercase numbers"
}

Get user list by page

  • Mandatory items: current page number, number of records per page, and company code
  • Optional items: role code, modification time, whether the query has been deleted; when the role code is passed, only the specified code is queried and bound Role users
  • Sorting rule: Sort in descending order according to modification time
  • Typical scenario: In the user synchronization scenario, when you want to query all users, you can not pass the modification time (modifyTime) parameter, so as to obtain all user data; When you want to obtain incremental users after a certain time, you can pass the modification time (modifyTime) as a certain time to obtain user data that has been modified after this time
  • Support querying deleted user data through the includeDeleted parameter
Authorizations:
SignToken
query Parameters
keyword
string <= 50 characters

Fuzzy matching keywords, support fuzzy matching parameters include: User name (userName) User description (userDesc)

  • For example: input "user01", Match and query all the data containing "user01" in the above parameters;
  • does not support case-sensitive query;
  • does not support multiple query conditions, the input data will be used as a single value to match the query;
  • If the relevant data matching the query does not exist, the returned data structure is an empty collection.
pageIndex
required
integer >= 1
Default: 1

Current page number

pageSize
required
integer [ 10 .. 500 ]
Default: 20

Number of records per page

companyCode
required
string

Company Code

roleCode
string

Role Code

modifyTime
string
Example: modifyTime=2020-12-07T18:07:44.000+0800

Modification time:

  • UTC time, with time zone, the format is: yyyy-MM-dd'T'HH:mm:ss.SSSZ"
includeDeleted
boolean
Default: false

Whether to filter deleted users

  • true: Query deleted users
  • false: Do not query deleted users
  • When the passed parameter is empty, the system defaults to false

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Batch delete users

  • Maximum number of deletions: 100
  • Minimum number of deletions: 1
  • Delete user names that do not exist in the system: By default, the user will not be prompted that the user name does not exist, and the system will regard the deletion as successful
  • Transaction behavior: Either all deletions are successful, or all deletions are not successful, and partial deletions will not occur
  • Unable to delete pending users
  • System administrator users cannot be deleted
Authorizations:
SignToken
query Parameters
usernames
required
string
Example: usernames=user1,user2

User Name Collection

Responses

Response samples

Content type
application/json
{
  • "code": 100106017,
  • "message": "{name},{name} has something to do and cannot be deleted"
}

Get user details

Query the detailed information of the specified user, username is required

Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Responses

Response samples

Content type
application/json
{
  • "username": "admin",
  • "userDesc": "Super System Administrator",
  • "accountType": 0,
  • "lockStatus": 0,
  • "valid": 1,
  • "personCode": "person01",
  • "personName": "person01",
  • "modifyTime": "2020-09-22T07:38:13.893+0800",
  • "createTime": "2020-09-22T07:38:13.893+0800",
  • "userRoleList": [
    ],
  • "avatar": "/auth/v2/users/admin/avatar"
}

Modify user

  • Time zone format: GMT+0800,
  • User description, time zone, bound personnel, and locked user can be modified
  • User description can be up to 255 characters.
Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Request Body schema: application/json
userDesc
string

User Description

timeZone
string

Time Zone

personCode
string

personnel code

lockStatus
integer
Enum: 0 1

Lock status 0 not locked 1 is locked

Responses

Request samples

Content type
application/json
{
  • "userDesc": "Company Director",
  • "timeZone": "GMT+0000",
  • "personCode": "person01",
  • "lockStatus": 0
}

Response samples

Content type
application/json
{
  • "code": 100106500,
  • "message": "timeZone time zone format error"
}

Unbind role

  • Unbind up to 10 roles
  • System administrators cannot edit roles
Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Request Body schema: application/json
roleCodes
required
Array of strings

Character code set

Responses

Request samples

Content type
application/json
{
  • "roleCodes": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100106013,
  • "message": "role1, role2 does not exist"
}

Bind role

  • The maximum number of bound roles is 10
  • System administrator users cannot edit roles
Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Request Body schema: application/json
roleCodes
required
Array of strings

Character code set

Responses

Request samples

Content type
application/json
{
  • "roleCodes": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100106013,
  • "message": "role1, role2 does not exist"
}

Reset system default administrator password

  • This interface only resets the password of the admin user
  • Before using this interface, please contact the administrator to enable permissions
  • The returned password is encrypted by base64, and base64 reverse solution is required before decryption. The decryption algorithm is as follows
  • The symmetric decryption algorithm is AES-128-ECB, and the data uses the padding method PKCS5Padding
  • The symmetric decryption key is aeskey=md5(sk), and the aeskey is 16 bytes

Responses

Response samples

Content type
application/json
{
  • "password": "9Bo0JPnIfi0A9tptjB/pwisHnom1gSPm/OLyuPDXldM="
}

Unbind third-party identity binding

  • Unbind third-party identities
  • The maximum number of unbinds: 10
  • The minimum number of unbinds: 1
  • Unbind identities that do not exist in the system: By default, this will not be prompted The binding does not exist, and the system regards the unbinding as successful
Authorizations:
SignToken
path Parameters
username
required
string

User name, required

query Parameters
identityIds
required
string
Example: identityIds=12131231,123123123

A collection of unique identifiers

Responses

New user, will be discarded soon, migrated to /auth/v2/users Deprecated

  • Optional: user description, role, fill in the role code.
  • Mandatory items: user name, password, user name, time zone, only ordinary users can be added.
  • User name rules: Letters, numbers or underscores and their combinations, no more than 50 characters.
  • User descriptions can be up to 255 characters.
  • Username uniqueness rules: uniqueness under the group, after the user is deleted, the name cannot be recreated User.
  • Time zone format: GMT+0800.
Authorizations:
SignToken
Request Body schema: application/json
username
required
string

username

password
required
string

User Password

userFullName
string

User Full Name

userDesc
string

User Description

timeZone
required
string
Default: "GMT+0800"

Time Zone

roleNameList
Array of strings

Character code set

Responses

Request samples

Content type
application/json
{
  • "username": "test",
  • "password": "xxxxx",
  • "userFullName": "Normal User",
  • "userDesc": "Normal User",
  • "timeZone": "GMT+0800",
  • "roleNameList": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100106021,
  • "message": "Password rule: 6 to 8-digit password containing uppercase and lowercase numbers"
}

Paging to get user list, will be discarded soon, migrate to /auth/v2/users Deprecated

  • Mandatory items: current page number, size of each page
  • Optional: role code, when the user list needs to be obtained according to the role code, the role code is required
  • Sorting rule: according to user modifyTime Descending order of time
  • Synchronize users: leave modifyTime blank for the first time, get full data, fill in to get modified users whose time is greater than modifyTime
  • The user list is a valid user (deleted users will not be returned)
Authorizations:
SignToken
query Parameters
keyword
string

Fuzzy matching keywords, query by username, userDesc fuzzy matching

pageIndex
required
integer

The number of pages to turn, starting from 1

pageSize
integer [ 10 .. 500 ]
Default: 20

Number of elements returned per page

roleCode
string

Role Code

modifyTime
string
Example: modifyTime=2020-12-07T18:07:44.000+0800

Modification time

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Delete users in batches, will be discarded soon, migrate to /auth/v2/users Deprecated

  • Maximum number of deletions: 100
  • Minimum number of deletions: 1
  • Delete user names that do not exist in the system: By default, the user will not be prompted that the user name does not exist, and the system will regard the deletion as successful
  • Transaction behavior: Either all deletions are successful, or all deletions are not successful, and partial deletions will not occur
  • System administrator users cannot delete
Authorizations:
SignToken
query Parameters
usernames
required
string
Example: usernames=user1,user2

User Name Collection

Responses

Response samples

Content type
application/json
{
  • "code": 100106018,
  • "message": "{name}, {name} system administrator user cannot be deleted"
}

Get user details, will be deprecated, migrate to /auth/v2/users/{username} Deprecated

Query the detailed information of the specified user

Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Responses

Response samples

Content type
application/json
{
  • "username": "admin",
  • "userFullName": "Super System Administrator",
  • "userDesc": "Super System Administrator",
  • "accountType": 0,
  • "lockStatus": 0,
  • "modifyTime": "2020-09-22T07:38:13.893+0800",
  • "createTime": "2020-09-22T07:38:13.893+0800",
  • "userRoleList": [
    ]
}

Modify the user, which will be discarded and migrated to /auth/v2/users/{username} Deprecated

  • Time zone format: GMT+0800,
  • can modify user name, description, time zone, and lock user
  • User description can be up to 255 characters.
Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Request Body schema: application/json
userDesc
string

User Description

timeZone
string

Time Zone

userFullName
string

User Full Name

lockStatus
integer
Enum: 0 1

Lock status 0 not locked 1 is locked

Responses

Request samples

Content type
application/json
{
  • "userDesc": "Company Director",
  • "timeZone": "GMT+0000",
  • "userFullName": "Zhang Daming",
  • "lockStatus": 0
}

Response samples

Content type
application/json
{
  • "code": 100106500,
  • "message": "timeZone time zone format error"
}

Upload User Avatar

Upload User Avatar

Authorizations:
SignToken
path Parameters
username
required
string

User name, required

query Parameters
fileName
required
string

File name, required

Request Body schema: multipart/form-data
string <binary>

Responses

Response samples

Content type
application/json
{
  • "fileName": "string",
  • "fileFullPath": "string",
  • "fileDownloadUrl": "string"
}

Load User Avatar

Load User Avatar

Authorizations:
SignToken
path Parameters
username
required
string

User name, required

Responses

Response samples

Content type
application/json
{
  • "code": 100106114,
  • "message": "Avatar file does not exist"
}

V2.8.1

supOS V2.8.1 dedicated authentication interface, which will be discarded soon

Add new user, will be discarded soon Deprecated

  • username is required, password is required.
  • Username rules: letters, numbers or underscores and combinations thereof, no more than 50 characters.
  • E-mail format such as: user001@163.com.
  • n* Time zone format such as: GMT+0800.
Authorizations:
SignToken
Request Body schema: application/json
username
required
string

username

password
required
string

User Password

languageType
string
Deprecated

Language type, not supported by the current version

userDesc
string

User Description

email
string

Email

timeZone
string

Time zone

accountType
integer

Account type 0: normal user 1: APP user, the current version does not support accountType=1

roleNameList
Array of strings

The collection of roles the user belongs to

noticeConfigList
Array of integers
Deprecated

A collection of user notification types, not supported by the current version

Responses

Request samples

Content type
application/json
{
  • "username": "test",
  • "password": "xxxxx",
  • "languageType": "string",
  • "userDesc": "string",
  • "email": "string",
  • "timeZone": "string",
  • "accountType": 0,
  • "roleNameList": [
    ],
  • "noticeConfigList": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Get user list, will be obsolete Deprecated

  • Fuzzy matching keywords, query by username, userDesc fuzzy matching
Authorizations:
SignToken
query Parameters
keyword
string

Keyword Search

pageIndex
integer
Default: 1

Number of pages to turn, starting from 1

pageSize
integer
Default: 20

Number of elements returned per page

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Get user details, will be deprecated soon Deprecated

Query the detailed information of the specified user

Authorizations:
SignToken
path Parameters
username
required
string

Username

Responses

Response samples

Content type
application/json
{
  • "username": "string",
  • "password": "string",
  • "languageType": "string",
  • "userDesc": "string",
  • "email": "string",
  • "uploadUrl": "string",
  • "userRoleList": [
    ],
  • "noticeConfig": [
    ]
}

Modify the user, it will be discarded Deprecated

  • E-mail format such as: user@163.com;
  • Time zone format such as: GMT+0800;
Authorizations:
SignToken
path Parameters
username
required
string

Username

Request Body schema: application/json
languageType
string
Deprecated

Language type, the current version does not support

userDesc
string

User Description

email
string

Email

timeZone
string

Time zone

roleNameList
Array of strings

The collection of roles the user belongs to

Responses

Request samples

Content type
application/json
{
  • "languageType": "string",
  • "userDesc": "string",
  • "email": "string",
  • "timeZone": "string",
  • "roleNameList": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Delete users in batches and will be discarded soon Deprecated

Delete users in batches

Authorizations:
SignToken
Request Body schema: application/json
list
Array of strings

Responses

Request samples

Content type
application/json
{
  • "list": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Get the user list associated with the role, which will be obsolete Deprecated

Authorizations:
SignToken
path Parameters
name
required
string

role number

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

A new character will be discarded soon Deprecated

  • name is required, showName is required.
  • Role numbering rules: letters, numbers or underscores and their combinations, cannot exceed 50 characters.
  • Role name cannot exceed 50 characters.
  • The character description cannot exceed 255 characters.
Authorizations:
SignToken
Request Body schema: application/json
name
required
string

role number

showName
required
string

Role Name

description
string

Role Description

underControlled
boolean
Deprecated

In terms of data permissions, whether the role is controllable, the current version does not support

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "showName": "string",
  • "description": "string",
  • "underControlled": true
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Get character list, will be obsolete Deprecated

  • Use character number name, character name showName, description keyword fuzzy matching query
Authorizations:
SignToken
query Parameters
keyword
string

Keyword Search

pageIndex
integer
Default: 1

Number of pages to turn, starting from 1

pageSize
integer <= 100
Default: 20

Number of elements returned per page (maximum 100)

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Update character information, will be obsolete Deprecated

  • role name cannot exceed 50 characters;
  • role description cannot exceed 255 characters
Authorizations:
SignToken
path Parameters
name
required
string

Character Number

Request Body schema: application/json
showName
required
string

Role Name

description
string

Role Description

underControlled
boolean
Deprecated

In terms of data permissions, whether the role is controllable, the current version does not support

Responses

Request samples

Content type
application/json
{
  • "showName": "string",
  • "description": "string",
  • "underControlled": true
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Get character details, will be obsolete Deprecated

Query the detailed information of the specified role

Authorizations:
SignToken
path Parameters
name
required
string

Character Number

Responses

Response samples

Content type
application/json
{
  • "resources": [
    ],
  • "name": "string",
  • "showName": "string",
  • "description": "string",
  • "underControlled": true,
  • "createTime": "string",
  • "createUsername": "string",
  • "modifyTime": "string",
  • "modifyUsername": "string"
}

Delete roles in batches and will be discarded soon Deprecated

Delete roles in batches. If a role is bound by a user or position, it cannot be deleted, and a deletion failure message will be prompted;

Authorizations:
SignToken
Request Body schema: application/json
list
Array of strings

Responses

Request samples

Content type
application/json
{
  • "list": [
    ]
}

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Service Internal Exception"
}

Get the list of users associated with roles, which will be discarded and migrated to /supos/auth/v2/users/queryUsersByName/{name} Deprecated

Authorizations:
SignToken
path Parameters
name
required
string

Character Number

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}