User API
Manage users across the mindzieStudio platform. Create, update, and assign users to tenants with flexible API scopes.
Features
Global Operations
System-wide user management with a Global API Key. List all users, create users, update properties, and manage tenant assignments across the entire platform.
Tenant Operations
Tenant-scoped user management that works with either Global or Tenant API Keys. Manage users within a specific tenant context.
Roles & Permissions
User roles define access levels and capabilities. Understand role hierarchy, service accounts, and best practices for access management.
API Scopes
The User API has two scopes:
| Scope | Base Path | API Key Required |
|---|---|---|
| Global | /api/user |
Global API Key |
| Tenant-scoped | /api/tenant/{tenantId}/user |
Global or Tenant API Key |
Available Endpoints
Global User Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/user |
List all users |
| POST | /api/user |
Create a user |
| GET | /api/user/{userId} |
Get user by ID |
| PUT | /api/user/{userId} |
Update user |
| GET | /api/user/by-email/{email} |
Get user by email |
| GET | /api/user/{userId}/tenants |
Get user's tenants |
Tenant-Scoped User Endpoints
| Method | Endpoint | Description |
|---|---|---|
| GET | /api/tenant/{tenantId}/user |
List tenant users |
| POST | /api/tenant/{tenantId}/user |
Create user in tenant |
| GET | /api/tenant/{tenantId}/user/{userId} |
Get user in tenant |
| PUT | /api/tenant/{tenantId}/user/{userId} |
Update user in tenant |
| GET | /api/tenant/{tenantId}/user/by-email/{email} |
Get by email in tenant |
| POST | /api/tenant/{tenantId}/user/{userId} |
Assign user to tenant |
| DELETE | /api/tenant/{tenantId}/user/{userId} |
Remove from tenant |
User Roles
| Role (display) | API role name | Level | Description |
|---|---|---|---|
| Server Administrator | TenantAdmin |
System | Highest access. Full reach across all tenants and the server. |
| Administrator | Administrator |
Tenant | Full administrative authority within a tenant. |
| IT Admin | ITAdmin |
Tenant | Integrations, connections, and global API keys. |
| Analyst | Analyst |
Project | Create and manage analyses, dashboards, and investigations. |
| Developer | Developer |
Project | Build integrations, manage actions and apps. |
| User | User |
Read-only | View dashboards and analyses; cannot modify content. |
See Roles & Permissions for the full role guide.
Authentication
| Endpoint Scope | API Key Type | Access |
|---|---|---|
Global (/api/user) |
Global API Key | All tenants |
| Tenant-scoped | Global API Key | All tenants |
| Tenant-scoped | Tenant API Key | Own tenant only |
See Authentication for details on API key types and usage.
Quick Start
# List all users (Global API key required)
curl -X GET "https://your-mindzie-instance.com/api/user" \
-H "Authorization: Bearer YOUR_GLOBAL_API_KEY"
# List users in a tenant (Tenant API key works)
curl -X GET "https://your-mindzie-instance.com/api/tenant/{tenantId}/user" \
-H "Authorization: Bearer YOUR_TENANT_API_KEY"
Important Notes
- Global vs Tenant Keys: Use tenant-scoped keys for most operations; reserve global keys for system administration
- User Deactivation: Use
disabled: trueinstead of deleting users to preserve audit trails - Service Accounts: Only Server Administrator (
TenantAdmin) and Administrator roles can be service accounts - Capacity Limits: Tenants have configurable user and analyst limits