UsersModule
UsersModule
Defined in: auth-client/src/core/modules/users.module.ts:15
Constructors
Constructor
new UsersModule(
ctx):UsersModule
Defined in: auth-client/src/core/modules/users.module.ts:16
Parameters
ctx
Returns
UsersModule
Methods
getOrganizations()
getOrganizations(
userId):Promise<AdminUserOrgMembership[]>
Defined in: auth-client/src/core/modules/users.module.ts:44
GET /admin/users/{id}/organizations — a user’s org memberships.
Parameters
userId
string
Returns
Promise<AdminUserOrgMembership[]>
hardDelete()
hardDelete(
params):Promise<void>
Defined in: auth-client/src/core/modules/users.module.ts:107
Hard-delete a user (AUDIT C8). system_admin only — server-side gate.
Parameters
params
reason
string
userId
string
Returns
Promise<void>
impersonate()
impersonate(
params):Promise<AuthResponse>
Defined in: auth-client/src/core/modules/users.module.ts:101
Impersonate another user (AUDIT C7). The caller’s token must carry a role authorized for impersonation (system_admin / super_admin anywhere, org_admin within their org). On success, the SDK swaps in the new token pair so subsequent requests act as the target.
Parameters
params
Returns
Promise<AuthResponse>
list()
list(
req?):Promise<ListUsersResult>
Defined in: auth-client/src/core/modules/users.module.ts:19
GET /admin/users — paginated list. Admin only.
Parameters
req?
ListUsersRequest
Returns
Promise<ListUsersResult>
listRoles()
listRoles(
userId):Promise<UserRoleRecord[]>
Defined in: auth-client/src/core/modules/users.module.ts:50
GET /admin/users/{id}/roles — list a target user’s current base roles. Admin only.
Parameters
userId
string
Returns
Promise<UserRoleRecord[]>
listSessions()
listSessions(
userId):Promise<SessionRecord[]>
Defined in: auth-client/src/core/modules/users.module.ts:72
GET /admin/users/{userId}/sessions — list a target user’s
active sessions. Admin only. See getSessions() for the
self-service equivalent.
Parameters
userId
string
Returns
Promise<SessionRecord[]>
lookup()
lookup(
req):Promise<LookupUserRecord[]>
Defined in: auth-client/src/core/modules/users.module.ts:35
Bulk-resolve users by email and/or id in a single call. Admin only (system_admin or super_admin); 403 otherwise. Either input array may be omitted; both empty returns an empty array.
Use this when a back-office tool needs to render N users from a mix of identifiers — e.g. “look up these 30 emails” — instead of issuing N separate /admin/users requests.
Parameters
req
emails?
string[]
ids?
string[]
Returns
Promise<LookupUserRecord[]>
revokeSessions()
revokeSessions(
userId):Promise<void>
Defined in: auth-client/src/core/modules/users.module.ts:92
POST /admin/users/{userId}/revoke-sessions — terminate every
session for a target user. Admin only. Equivalent of
logoutAll() applied to someone else.
Parameters
userId
string
Returns
Promise<void>
setPassword()
setPassword(
userId,newPassword):Promise<void>
Defined in: auth-client/src/core/modules/users.module.ts:62
POST /auth/admin/set-password — reset a user’s password. Admin only.
Parameters
userId
string
newPassword
string
Returns
Promise<void>
setRoles()
setRoles(
userId,roleCodes):Promise<void>
Defined in: auth-client/src/core/modules/users.module.ts:56
PUT /admin/users/{id}/roles — replace base roles. Admin only.
Parameters
userId
string
roleCodes
string[]
Returns
Promise<void>
terminateSession()
terminateSession(
userId,sessionId):Promise<void>
Defined in: auth-client/src/core/modules/users.module.ts:82
DELETE /admin/users/{userId}/sessions/{sessionId} — terminate
one specific session belonging to a target user. Admin only.
Granular counterpart to adminRevokeUserSessions().
Parameters
userId
string
sessionId
string
Returns
Promise<void>