Download OpenAPI specification:
A Bonterra API Gateway that routes requests to internal Bonterra APIs
This endpoint is used to generate an OAuth token by redirecting the request to Bonterra Auth's token endpoint.
| Content-Type required | string Default: application/json Content type header |
Token request
| grant_type required | string The grant type of the token request. Accepted values are 'client_credentials', 'authorization_code' and 'refresh_token'. |
| client_id | string The client id provided by the Bonterra API application. |
| client_secret | string The client secret provided by the Bonterra API application. |
| audience | string Required parameter that identifies the API you want to access. Use the API origin (https://api.bonterra.network) as the audience value. |
| scope | string The scope of the token request. |
| redirect_uri | string The redirect uri provided by the Bonterra API application, this is used for standalone management API. |
| refresh_token | string The refresh token provided by the Bonterra API application. |
| code | string The authorization code returned by the /authorize call. |
| code_verifier | string The code verifier provided by the Bonterra API application (for PKCE). |
| access_token required | string The access token issued by the authorization server. |
| expires_in required | string The lifetime in seconds of the access token. |
| token_type required | string The type of the token issued. |
| refresh_token | string The refresh token issued by the authorization server. |
| id_token | string The id token issued by the authorization server. |
{- "grant_type": "string",
- "client_id": "string",
- "client_secret": "string",
- "audience": "string",
- "scope": "string",
- "redirect_uri": "string",
- "refresh_token": "string",
- "code": "string",
- "code_verifier": "string"
}{- "access_token": "string",
- "expires_in": "string",
- "token_type": "string",
- "refresh_token": "string",
- "id_token": "string"
}Create a new user in the Bonterra Auth Service
| Content-Type required | string Default: application/json Content type header |
User creation request
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| email required | string <email> The user's email address |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| verifyEmail | boolean Default: false Whether to send a verification email |
| verifyPhoneNumber | boolean Default: false Whether to send a verification SMS |
| password required | string >= 8 characters The user's password |
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| email required | string <email> The user's email address |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified required | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| userId required | string The unique identifier for the user |
| createdAt required | string <date-time> The date and time when the user was created |
| updatedAt required | string <date-time> The date and time when the user was last updated |
required | Array of objects The user's identities |
| multifactor | Array of strings The user's multifactor authentication methods |
| lastIp | string The last IP address used by the user |
| lastLogin | string <date-time> The date and time of the user's last login |
| loginsCount | integer The number of times the user has logged in |
{- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "verifyEmail": false,
- "verifyPhoneNumber": false,
- "password": "stringst"
}{- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "userId": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "identities": [
- {
- "userId": "string",
- "provider": "string",
- "isSocial": true
}
], - "multifactor": [
- "string"
], - "lastIp": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "loginsCount": 0
}Get a user by user id.
| user_id required | string The ID of the user |
| fields | string Fields to include or exclude |
| has_fields | boolean Default: true Whether to include fields |
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| email required | string <email> The user's email address |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified required | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| userId required | string The unique identifier for the user |
| createdAt required | string <date-time> The date and time when the user was created |
| updatedAt required | string <date-time> The date and time when the user was last updated |
required | Array of objects The user's identities |
| multifactor | Array of strings The user's multifactor authentication methods |
| lastIp | string The last IP address used by the user |
| lastLogin | string <date-time> The date and time of the user's last login |
| loginsCount | integer The number of times the user has logged in |
{- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "userId": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "identities": [
- {
- "userId": "string",
- "provider": "string",
- "isSocial": true
}
], - "multifactor": [
- "string"
], - "lastIp": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "loginsCount": 0
}Delete a user from the Bonterra Auth. The user id in the path is the user id.
| user_id required | string The ID of the user |
{- "error": "string"
}Update a user in the Bonterra Auth Service. The user id in the path is the user id.
| user_id required | string The ID of the user |
| Content-Type required | string Default: application/json Content type header |
User update request
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
string <email> The user's email address | |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| verifyEmail | boolean Default: false Whether to send a verification email |
| verifyPhoneNumber | boolean Default: false Whether to send a verification SMS |
| password | string >= 8 characters The user's password |
| clientId | string The client ID to use for password hashing |
| passwordHash | string The hashed password |
| passwordHashAlgorithm | string Enum: "bcrypt" "pbkdf2" "argon2" The algorithm used to hash the password |
| passwordHashSalt | string The salt used for password hashing |
| passwordHashRounds | integer The number of rounds used for password hashing |
| passwordHashMemory | integer The memory cost for Argon2 password hashing |
| passwordHashParallelism | integer The parallelism factor for Argon2 password hashing |
| passwordHashLength | integer The length of the password hash |
| passwordHashFunction | string Enum: "sha1" "sha256" "sha512" The function used for PBKDF2 password hashing |
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| email required | string <email> The user's email address |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified required | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| userId required | string The unique identifier for the user |
| createdAt required | string <date-time> The date and time when the user was created |
| updatedAt required | string <date-time> The date and time when the user was last updated |
required | Array of objects The user's identities |
| multifactor | Array of strings The user's multifactor authentication methods |
| lastIp | string The last IP address used by the user |
| lastLogin | string <date-time> The date and time of the user's last login |
| loginsCount | integer The number of times the user has logged in |
{- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "verifyEmail": false,
- "verifyPhoneNumber": false,
- "password": "stringst",
- "clientId": "string",
- "passwordHash": "string",
- "passwordHashAlgorithm": "bcrypt",
- "passwordHashSalt": "string",
- "passwordHashRounds": 0,
- "passwordHashMemory": 0,
- "passwordHashParallelism": 0,
- "passwordHashLength": 0,
- "passwordHashFunction": "sha1"
}{- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "userId": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "identities": [
- {
- "userId": "string",
- "provider": "string",
- "isSocial": true
}
], - "multifactor": [
- "string"
], - "lastIp": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "loginsCount": 0
}Retrieve a paginated list of API clients accessible to the authenticated user
| page | integer >= 1 Default: 1 Page number for pagination (1-indexed) |
| per_page | integer [ 1 .. 100 ] Default: 50 Number of results per page |
| tenant_id | string Filter by tenant ID |
| tenant_type | string Enum: "APRICOT" "BONTERRA" "CONNECT" "EMAIL_SERVICES" "GRANTMAKER" "GRANTS" "NONE" "OPT_ASK_COLD_START" Filter by tenant type |
| status | string Enum: "Active" "Disabled" "Locked" "Revoked" Filter by client status |
| sort | string Default: "desc" Enum: "asc" "desc" Sort order by creation date (ascending or descending) |
required | Array of objects (Client) Array of client objects |
required | object Pagination information |
{- "data": [
- {
- "clientId": "abc123xyz789",
- "clientName": "My Integration",
- "clientDescription": "Custom dashboard for analytics",
- "oauthGrantType": "client_credentials",
- "refreshTokenDurationInMins": 720,
- "refreshTokenIdleLifetimeInMins": 240,
- "tokenValidityInMins": 300,
- "clientMetadata": {
- "appName": "account",
- "productGroup": "account-management"
}, - "clientScopes": [
- "apricot.read",
- "records.read",
- "connect.read"
], - "tenants": [
- {
- "tenantId": "118553",
- "tenantType": "APRICOT",
- "userId": "2539"
}
], - "status": "Active",
- "createdAt": "2025-10-09T10:30:00Z",
- "updatedAt": "2025-10-09T12:00:00Z",
- "bonterraAuthId": "675d02b3-18a9-4a80-87e7-20dff82e2e03"
}
], - "pagination": {
- "page": 0,
- "perPage": 50,
- "total": 150,
- "totalPages": 3
}
}Create a new OAuth2 client for API access
| Content-Type required | string Default: application/json Content type header |
Client creation request
| clientName required | string [ 3 .. 100 ] characters Human-readable name for the client |
| clientDescription | string <= 500 characters Optional description of the client's purpose |
required | Array of objects (Tenant) = 1 items Tenants to associate with this client. Currently limited to 1 tenant per client. |
| clientScopes | Array of strings Optional list of scopes to grant to this client. If not provided, all available scopes for the tenant type will be automatically granted. |
| oauthGrantType | string Default: "client_credentials" Enum: "client_credentials" "authorization_code" OAuth 2.0 grant type |
| tokenValidityInMins | integer [ 5 .. 1440 ] Default: 300 Access token validity in minutes |
| refreshTokenDurationInMins | integer [ 60 .. 525600 ] Default: 720 Absolute maximum lifetime of the refresh token in minutes. The refresh token will expire after this duration regardless of usage. Only applicable for authorization_code grant type. |
| refreshTokenIdleLifetimeInMins | integer [ 30 .. 43200 ] Default: 240 Inactivity timeout for the refresh token in minutes. The refresh token will expire if not used within this duration. Only applicable for authorization_code grant type. |
| callbackUrls | Array of strings <uri> [ items <uri > ] Required if oauthGrantType is authorization_code |
| logoutUrls | Array of strings <uri> [ items <uri > ] Allowed logout URLs (for authorization_code only) |
object Optional metadata to attach to the client |
| clientId required | string The unique identifier for the client |
| clientName required | string The name of the client. |
| clientDescription | string The description of the client. |
| oauthGrantType required | string Default: "client_credentials" Enum: "client_credentials" "authorization_code" OAuth 2.0 grant type |
| refreshTokenDurationInMins | integer Absolute maximum lifetime of the refresh token in minutes. The refresh token will expire after this duration regardless of usage. Only applicable for authorization_code grant type. |
| refreshTokenIdleLifetimeInMins | integer Inactivity timeout for the refresh token in minutes. The refresh token will expire if not used within this duration. Only applicable for authorization_code grant type. |
| tokenValidityInMins | integer Access token validity in minutes |
| callbackUrls | Array of strings <uri> [ items <uri > ] Allowed callback URLs (for authorization_code grant type) |
| logoutUrls | Array of strings <uri> [ items <uri > ] Allowed logout URLs (for authorization_code grant type) |
object Additional client metadata | |
| clientScopes required | Array of strings List of scopes granted to this client |
required | Array of objects (Tenant) The tenants that this app client is associated with. |
| status required | string Enum: "Active" "Disabled" "Locked" "Revoked" Current client status |
| createdAt required | string <date-time> The datetime in which this entry was created. |
| updatedAt | string <date-time> The datetime in which the entry was last modified. |
| bonterraAuthId required | string The Bonterra user ID |
| clientSecret required | string Client secret - ONLY returned on creation. Save immediately. |
{- "clientName": "My Integration",
- "clientDescription": "Custom dashboard for analytics",
- "tenants": [
- {
- "tenantId": "118553",
- "tenantType": "APRICOT",
- "userId": "2539"
}
], - "clientScopes": [
- "apricot.read",
- "records.read",
- "connect.read"
], - "oauthGrantType": "client_credentials",
- "tokenValidityInMins": 300,
- "refreshTokenDurationInMins": 720,
- "refreshTokenIdleLifetimeInMins": 240,
- "clientMetadata": {
- "appName": "apricot",
- "productGroup": "apricot"
}
}{- "clientId": "abc123xyz789",
- "clientName": "string",
- "clientDescription": "Custom dashboard for analytics",
- "oauthGrantType": "client_credentials",
- "refreshTokenDurationInMins": 720,
- "refreshTokenIdleLifetimeInMins": 240,
- "tokenValidityInMins": 300,
- "clientMetadata": {
- "appName": "account",
- "productGroup": "account-management"
}, - "clientScopes": [
- "string",
- "records.read",
- "connect.read"
], - "tenants": [
- {
- "tenantId": "118553",
- "tenantType": "APRICOT",
- "userId": "2539"
}
], - "status": "Active",
- "createdAt": "2025-10-09T10:30:00Z",
- "updatedAt": "2025-10-09T12:00:00Z",
- "bonterraAuthId": "675d02b3-18a9-4a80-87e7-20dff82e2e03",
- "clientSecret": "SECRET_xyz789_SAVE_THIS_NOW"
}Delete an API client using one of two strategies:
inactive, and mark the DynamoDB record as inactive. Data is retained for audit and potential recovery.?is_permanent=true): permanently remove the client from Auth0, delete the API Gateway key, remove all tenant mappings, and delete the DynamoDB record.| client_id required | string >= 10 characters The unique identifier of the client |
| is_permanent | boolean Default: false When |
Optional deletion metadata
| reason | string Reason for deleting the client (used for soft delete audit trail) |
{- "reason": "Client requested account closure"
}{- "error": "string"
}Generate a self-service profile ticket for enterprise connections. This endpoint allows customers to create SSO tickets that enable their enterprise customers to set up SSO connections through a self-service assistant.
The endpoint will:
The SSO ticket URL can then be shared with customer admins to configure their SSO connection.
| Content-Type required | string Default: application/json Content type header |
SSO ticket creation request
| profileId required | string The ID of the self-service profile. Either profileId or profileName must be provided. |
| profileName | string The name of the self-service profile. Either profileId or profileName must be provided. |
| connectionId | string ID of existing connection to modify (for editing existing connections) |
object Configuration for the connection that will be created | |
object Configuration for domain aliases and verification | |
| enabledClients | Array of strings List of application/client IDs to enable for this connection |
Array of objects List of organizations to enable for this connection | |
| ttlSec | integer [ 1 .. 2592000 ] Default: 432000 Time to live for the SSO ticket in seconds (how long the URL is valid before being opened) |
| ticket required | string The SSO ticket ID that can be used to access the self-service assistant |
{- "profileId": "ssp_abc123xyz",
- "profileName": "Enterprise SSO Profile",
- "connectionId": "conn_abc123",
- "connectionConfig": {
- "name": "Acme Corp SSO",
- "displayName": "Acme Corporation",
- "isDomainConnection": true,
- "showAsButton": true,
- "metadata": {
- "customerId": "cust_123"
}, - "options": {
- "domainAliases": [
- "acme.com",
- "acmecorp.com"
], - "idpInitiated": {
- "enabled": true,
- "clientId": "string",
- "clientProtocol": "samlp",
- "clientAuthorizeQuery": "string"
}
}
}, - "domainAliasesConfig": {
- "domainAliases": [
- "acme.com",
- "acmecorp.com"
], - "domainVerification": "none"
}, - "enabledClients": [
- "app_123",
- "app_456"
], - "enabledOrganizations": [
- {
- "organizationId": "org_123",
- "assignMembershipOnLogin": true,
- "showAsButton": true
}
], - "ttlSec": 432000
}
{- "ticket": "ticket_abc123xyz"
}(Deprecated) This endpoint is used to generate an OAuth token by redirecting the request to Cognito's token endpoint. The result will be cached for ${token_endpoint_cache_ttl} seconds based on a combination of the client_id, client_secret, and scope.
| Content-Type required | string Default: application/json Content type header |
Token request
| grant_type required | string The grant type of the token request. Accepted values are 'client_credentials', 'authorization_code' and 'refresh_token'. |
| client_id | string The client id provided by the Bonterra API application. |
| client_secret | string The client secret provided by the Bonterra API application. |
| audience | string Required parameter that identifies the API you want to access. Use the API origin (https://api.bonterra.network) as the audience value. |
| scope | string The scope of the token request. |
| redirect_uri | string The redirect uri provided by the Bonterra API application, this is used for standalone management API. |
| refresh_token | string The refresh token provided by the Bonterra API application. |
| code | string The authorization code returned by the /authorize call. |
| code_verifier | string The code verifier provided by the Bonterra API application (for PKCE). |
| access_token required | string The access token issued by the authorization server. |
| expires_in required | string The lifetime in seconds of the access token. |
| token_type required | string The type of the token issued. |
| refresh_token | string The refresh token issued by the authorization server. |
| id_token | string The id token issued by the authorization server. |
{- "grant_type": "string",
- "client_id": "string",
- "client_secret": "string",
- "audience": "string",
- "scope": "string",
- "redirect_uri": "string",
- "refresh_token": "string",
- "code": "string",
- "code_verifier": "string"
}{- "access_token": "string",
- "expires_in": "string",
- "token_type": "string",
- "refresh_token": "string",
- "id_token": "string"
}The introspection endpoint enables clients to request information about tokens that were issued to them. This endpoint is useful for providing information to the client about the tokens that were issued to them. [WIP]
| Content-Type required | string Default: application/json Content type header |
| Authorization required | string Header that carries token for request Authorization |
| clientId | string |
| credentialState | string |
Array of objects (ApricotUser) |
{- "clientId": "string",
- "credentialState": "string",
- "tenantDataList": [
- {
- "tenantId": "string",
- "tenantType": "string",
- "data": {
- "id": "string"
}
}
]
}| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| name | string The user's full name |
| givenName | string The user's given name |
| familyName | string The user's family name |
| middleName | string The user's middle name |
| nickname | string The user's nickname |
| preferredUsername | string The user's preferred username |
| profile | string URL of the user's profile page |
| picture | string URL of the user's profile picture |
| website | string URL of the user's website |
| email required | string <email> The user's email address |
| emailVerified | boolean Whether the user's email has been verified |
| gender | string The user's gender |
| birthdate | string The user's birth date |
| zoneinfo | string The user's time zone |
| locale | string The user's locale |
| phoneNumber | string The user's phone number |
| phoneNumberVerified | boolean Whether the user's phone number has been verified |
object The user's address information | |
| updatedAt | string <date-time> The time when the user's information was last updated |
{- "bonterraAuthId": "string",
- "name": "John Doe",
- "givenName": "John",
- "familyName": "Doe",
- "middleName": "Robert",
- "nickname": "Johnny",
- "preferredUsername": "johndoe",
- "email": "john.doe@example.com",
- "emailVerified": true,
- "gender": "male",
- "birthdate": "1990-01-01",
- "zoneinfo": "America/Los_Angeles",
- "locale": "en-US",
- "phoneNumber": "+1 (555) 555-5555",
- "phoneNumberVerified": true,
- "address": {
- "formatted": "123 Main St, Anytown, CA 12345",
- "street_address": "123 Main St",
- "locality": "Anytown",
- "region": "CA",
- "postalCode": "12345",
- "country": "US"
}, - "updatedAt": "2024-03-20T12:00:00Z"
}| Content-Type required | string Default: application/json Content type header |
Revoke refresh token
| client_id required | string The client id provided by the Bonterra API application. |
| client_secret required | string The client secret provided by the Bonterra API application. |
| token required | string The refresh token provided by the Bonterra API application. |
| access_token required | string The access token issued by the authorization server. |
| expires_in required | string The lifetime in seconds of the access token. |
| token_type required | string The type of the token issued. |
| refresh_token | string The refresh token issued by the authorization server. |
| id_token | string The id token issued by the authorization server. |
{- "client_id": "string",
- "client_secret": "string",
- "token": "string"
}{- "access_token": "string",
- "expires_in": "string",
- "token_type": "string",
- "refresh_token": "string",
- "id_token": "string"
}Get users from the Bonterra Auth Service
| q | string Search query using Lucene query syntax |
| per_page | integer Default: 50 Number of results per page |
| connection | string Connection filter |
| fields | string Fields to include or exclude |
| has_fields | boolean Default: true Whether to include fields |
| is_primary_order | boolean Default: false Is primary order |
| search_engine | string Default: "v2" Enum: "v1" "v2" "v3" The version of the search engine to use |
| sort | string Field to sort by |
| page | number Page number |
| bonterraAuthId | string The unique identifier for the user in the Bonterra Auth. |
| email required | string <email> The user's email address |
object User metadata for the user | |
| blocked | boolean Whether the user is blocked |
| emailVerified required | boolean Whether the email has been verified. Passing in true will NOT send a user verification email. |
| phoneNumber | string The user's phone number |
| phoneVerified | boolean Whether the phone number has been verified |
| username | string The user's username |
| familyName | string The user's family name |
| givenName | string The user's given name |
| name | string The user's full name |
| nickname | string The user's nickname |
| picture | string The URL of the user's profile picture |
| isBonterraGrants | boolean Default: false Whether the user is a Bonterra grants user |
| userId required | string The unique identifier for the user |
| createdAt required | string <date-time> The date and time when the user was created |
| updatedAt required | string <date-time> The date and time when the user was last updated |
required | Array of objects The user's identities |
| multifactor | Array of strings The user's multifactor authentication methods |
| lastIp | string The last IP address used by the user |
| lastLogin | string <date-time> The date and time of the user's last login |
| loginsCount | integer The number of times the user has logged in |
[- {
- "bonterraAuthId": "string",
- "email": "user@example.com",
- "userMetadata": { },
- "blocked": true,
- "emailVerified": true,
- "phoneNumber": "string",
- "phoneVerified": true,
- "username": "string",
- "familyName": "string",
- "givenName": "string",
- "name": "string",
- "nickname": "string",
- "picture": "string",
- "isBonterraGrants": false,
- "userId": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "identities": [
- {
- "userId": "string",
- "provider": "string",
- "isSocial": true
}
], - "multifactor": [
- "string"
], - "lastIp": "string",
- "lastLogin": "2019-08-24T14:15:22Z",
- "loginsCount": 0
}
]