Org
| Method | Path | Auth | Description |
|---|---|---|---|
| GET | /api/v1/users | JWT | List users |
| POST | /api/v1/users | Admin | Create user |
| GET | /api/v1/users/{id} | JWT | Get user |
| PUT | /api/v1/users/{id} | Admin | Update role |
| DELETE | /api/v1/users/{id} | Admin | Delete user |
| GET | /api/v1/users/{id}/avatar | JWT | Get avatar |
| PUT | /api/v1/users/{id}/avatar | JWT | Upload avatar |
GET /api/v1/users
Section titled “GET /api/v1/users”Query parameters: ?q=search (name/email search), ?ids=id1,id2 (bulk lookup).
Response: [{"id", "email", "name", "role", "has_avatar", "created_at"}, ...]
POST /api/v1/users
Section titled “POST /api/v1/users”Request: {"email": "user@example.com", "name": "Jane Doe", "password": "secure123", "role": "member"}
Roles: admin or member.
GET /api/v1/users/{id}
Section titled “GET /api/v1/users/{id}”Returns the user object for the given ID.
PUT /api/v1/users/{id}
Section titled “PUT /api/v1/users/{id}”Update a user’s role. Requires admin privileges.
DELETE /api/v1/users/{id}
Section titled “DELETE /api/v1/users/{id}”Delete a user. Requires admin privileges.
GET /api/v1/users/{id}/avatar
Section titled “GET /api/v1/users/{id}/avatar”Returns the user’s avatar image. Returns 404 if no avatar has been uploaded.
PUT /api/v1/users/{id}/avatar
Section titled “PUT /api/v1/users/{id}/avatar”Upload: Content-Type: image/png, max 1 MB body.