Project Users
Manage user access and permissions for projects. Add users to projects, update their permission levels, and remove access when needed.
Permission Levels
| Level | Description |
|---|---|
Owner (isOwner: true) |
Full control - can modify project settings, manage users, delete project |
Member (isOwner: false) |
Can view and work with project content, cannot manage users or delete |
List Project Users
GET /api/{tenantId}/project/{projectId}/users
Retrieves all users with access to the project.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
tenantId |
GUID | Yes | The tenant identifier |
projectId |
GUID | Yes | The project identifier |
Response (200 OK)
{
"users": [
{
"permissionId": "11111111-1111-1111-1111-111111111111",
"userId": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
"email": "john.smith@example.com",
"displayName": "John Smith",
"isOwner": true,
"dateAssigned": "2024-01-15T10:30:00Z"
},
{
"permissionId": "22222222-2222-2222-2222-222222222222",
"userId": "b2c3d4e5-f6a7-8901-bcde-f23456789012",
"email": "jane.doe@example.com",
"displayName": "Jane Doe",
"isOwner": false,
"dateAssigned": "2024-01-20T14:00:00Z"
}
],
"totalCount": 2
}
User Permission Fields
| Field | Type | Description |
|---|---|---|
permissionId |
GUID | Unique permission record ID |
userId |
GUID | User identifier |
email |
string | User's email address |
displayName |
string | User's display name |
isOwner |
boolean | Whether user is a project owner |
dateAssigned |
datetime | When access was granted |
Add User to Project
POST /api/{tenantId}/project/{projectId}/users/{userId}
Adds a user to the project with specified permissions.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
tenantId |
GUID | Yes | The tenant identifier |
projectId |
GUID | Yes | The project identifier |
userId |
GUID | Yes | The user to add |
Request Body (Optional)
{
"isOwner": false
}
Request Fields
| Field | Type | Default | Description |
|---|---|---|---|
isOwner |
boolean | false | Grant owner permissions |
Response (201 Created)
{
"message": "User added to project successfully"
}
Error Responses
Conflict (409):
{
"error": "User is already a member of this project"
}
Not Found (404):
{
"error": "User not found with ID '{userId}'"
}
Update User Permission
PUT /api/{tenantId}/project/{projectId}/users/{userId}
Updates a user's permission level on the project.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
tenantId |
GUID | Yes | The tenant identifier |
projectId |
GUID | Yes | The project identifier |
userId |
GUID | Yes | The user to update |
Request Body
{
"isOwner": true
}
Response (200 OK)
{
"message": "User permission updated successfully"
}
Remove User from Project
DELETE /api/{tenantId}/project/{projectId}/users/{userId}
Removes a user's access to the project.
Path Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
tenantId |
GUID | Yes | The tenant identifier |
projectId |
GUID | Yes | The project identifier |
userId |
GUID | Yes | The user to remove |
Response (200 OK)
{
"message": "User removed from project successfully"
}
Error Responses
Not Found (404):
{
"error": "User is not a member of this project"
}
Implementation Examples
cURL
# List project users
curl -X GET "https://your-mindzie-instance.com/api/12345678-1234-1234-1234-123456789012/project/87654321-4321-4321-4321-210987654321/users" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
# Add user to project (as member)
curl -X POST "https://your-mindzie-instance.com/api/12345678-1234-1234-1234-123456789012/project/87654321-4321-4321-4321-210987654321/users/a1b2c3d4-e5f6-7890-abcd-ef1234567890" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"isOwner": false}'
# Add user as owner
curl -X POST "https://your-mindzie-instance.com/api/12345678-1234-1234-1234-123456789012/project/87654321-4321-4321-4321-210987654321/users/a1b2c3d4-e5f6-7890-abcd-ef1234567890" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"isOwner": true}'
# Promote user to owner
curl -X PUT "https://your-mindzie-instance.com/api/12345678-1234-1234-1234-123456789012/project/87654321-4321-4321-4321-210987654321/users/a1b2c3d4-e5f6-7890-abcd-ef1234567890" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Content-Type: application/json" \
-d '{"isOwner": true}'
# Remove user from project
curl -X DELETE "https://your-mindzie-instance.com/api/12345678-1234-1234-1234-123456789012/project/87654321-4321-4321-4321-210987654321/users/a1b2c3d4-e5f6-7890-abcd-ef1234567890" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN"
Python
import requests
TENANT_ID = '12345678-1234-1234-1234-123456789012'
BASE_URL = 'https://your-mindzie-instance.com'
class ProjectUserManager:
def __init__(self, token):
self.headers = {
'Authorization': f'Bearer {token}',
'Content-Type': 'application/json'
}
def list_users(self, project_id):
"""List all users with access to the project."""
url = f'{BASE_URL}/api/{TENANT_ID}/project/{project_id}/users'
response = requests.get(url, headers=self.headers)
response.raise_for_status()
return response.json()
def add_user(self, project_id, user_id, is_owner=False):
"""Add a user to the project."""
url = f'{BASE_URL}/api/{TENANT_ID}/project/{project_id}/users/{user_id}'
payload = {'isOwner': is_owner}
response = requests.post(url, json=payload, headers=self.headers)
response.raise_for_status()
return response.json()
def update_permission(self, project_id, user_id, is_owner):
"""Update a user's permission level."""
url = f'{BASE_URL}/api/{TENANT_ID}/project/{project_id}/users/{user_id}'
payload = {'isOwner': is_owner}
response = requests.put(url, json=payload, headers=self.headers)
response.raise_for_status()
return response.json()
def remove_user(self, project_id, user_id):
"""Remove a user from the project."""
url = f'{BASE_URL}/api/{TENANT_ID}/project/{project_id}/users/{user_id}'
response = requests.delete(url, headers=self.headers)
response.raise_for_status()
return response.json()
# Usage
manager = ProjectUserManager('your-auth-token')
project_id = '87654321-4321-4321-4321-210987654321'
# List current users
result = manager.list_users(project_id)
print(f"Project has {result['totalCount']} users:")
for user in result['users']:
role = 'Owner' if user['isOwner'] else 'Member'
print(f" - {user['displayName']} ({user['email']}) - {role}")
# Add a new user as member
new_user_id = 'a1b2c3d4-e5f6-7890-abcd-ef1234567890'
manager.add_user(project_id, new_user_id, is_owner=False)
print(f"Added user {new_user_id} as member")
# Promote user to owner
manager.update_permission(project_id, new_user_id, is_owner=True)
print(f"Promoted user {new_user_id} to owner")
# Remove user
manager.remove_user(project_id, new_user_id)
print(f"Removed user {new_user_id}")
JavaScript/Node.js
const TENANT_ID = '12345678-1234-1234-1234-123456789012';
const BASE_URL = 'https://your-mindzie-instance.com';
class ProjectUserManager {
constructor(token) {
this.headers = {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
};
}
async listUsers(projectId) {
const url = `${BASE_URL}/api/${TENANT_ID}/project/${projectId}/users`;
const response = await fetch(url, { headers: this.headers });
if (!response.ok) throw new Error(`Failed: ${response.status}`);
return await response.json();
}
async addUser(projectId, userId, isOwner = false) {
const url = `${BASE_URL}/api/${TENANT_ID}/project/${projectId}/users/${userId}`;
const response = await fetch(url, {
method: 'POST',
headers: this.headers,
body: JSON.stringify({ isOwner })
});
if (!response.ok) throw new Error(`Failed: ${response.status}`);
return await response.json();
}
async updatePermission(projectId, userId, isOwner) {
const url = `${BASE_URL}/api/${TENANT_ID}/project/${projectId}/users/${userId}`;
const response = await fetch(url, {
method: 'PUT',
headers: this.headers,
body: JSON.stringify({ isOwner })
});
if (!response.ok) throw new Error(`Failed: ${response.status}`);
return await response.json();
}
async removeUser(projectId, userId) {
const url = `${BASE_URL}/api/${TENANT_ID}/project/${projectId}/users/${userId}`;
const response = await fetch(url, {
method: 'DELETE',
headers: this.headers
});
if (!response.ok) throw new Error(`Failed: ${response.status}`);
return await response.json();
}
}
// Usage
const manager = new ProjectUserManager('your-auth-token');
const projectId = '87654321-4321-4321-4321-210987654321';
// List users
const users = await manager.listUsers(projectId);
console.log(`Project has ${users.totalCount} users`);
users.users.forEach(user => {
const role = user.isOwner ? 'Owner' : 'Member';
console.log(` - ${user.displayName} (${role})`);
});
// Add user as member, then promote to owner
await manager.addUser(projectId, 'user-id-here', false);
await manager.updatePermission(projectId, 'user-id-here', true);
Best Practices
- Limit Owners: Only grant owner access to users who need to manage the project
- Audit Access: Regularly review project users and remove unnecessary access
- Use Members for Analysts: Regular analysts should be members, not owners
- Document Changes: Log permission changes for audit purposes