Administrative-Org Admin

User and organization management performed by admins of the platform’s administrative organization. All paths below are relative to /api/v1.

Auth: every endpoint requires a valid token, an organization supplied via the ?org=<slug> query parameter, and the admin_of_administrative_org authorization relation. Send the token as a header:

curl -H "Authorization: token $AKP_TOKEN" \
  "https://<akp-host>/api/v1/admin/orgs?org=appscode"

All endpoints accept the common query parameter:

NameTypeRequiredDescription
orgstringyesOrganization slug providing org context (resolved from ?org=).

Organizations

GET /admin/orgs

List all organizations on the platform.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Response: 200 — an array of Organization objects.
[
  {
    "id": 3,
    "username": "appscode",
    "full_name": "",
    "avatar_url": "https://<akp-host>/accounts/avatars?obj=avatars/3-<hash>",
    "description": "",
    "website": "",
    "location": "",
    "rancherManagementClusterEndPoint": "",
    "visibility": "public",
    "orgType": 6
  }
]

Verified: GET returned 200 against appscode on 2026-07-14.


Users

GET /admin/users

List all users on the platform.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Response: 200 — an array of User objects.
[
  {
    "id": 5,
    "login": "example-user",
    "username": "example-user",
    "full_name": "Example User",
    "email": "[email protected]",
    "avatar_url": "https://<akp-host>/accounts/avatars?obj=avatars/5-<hash>",
    "is_admin": false,
    "active": true,
    "type": 0,
    "created": "2026-01-01T00:00:00Z",
    "last_login": "2026-07-01T00:00:00Z"
  }
]

Verified: GET returned 200 against appscode on 2026-07-14.

POST /admin/users

Create a user.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Request body: CreateUserOption.
{
  "username": "example-user",
  "email": "[email protected]",
  "password": "<password>",
  "full_name": "Example User",
  "login_name": "example-user",
  "source_id": 0,
  "must_change_password": true,
  "send_notify": true
}
FieldTypeRequiredDescription
usernamestringyesThe new user’s username.
emailstringyesPrimary email address.
passwordstringyesInitial password.
full_namestringnoDisplay name.
login_namestringnoExternal login name (for non-local auth sources).
source_idint64noAuthentication source ID (0 = built-in).
must_change_passwordbooleannoForce a password change on first login.
send_notifybooleannoSend a registration notification email.
  • Response: 201 — the created User.

PATCH /admin/users/{username}

Edit an existing user.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername of the user to edit.
  • Request body: EditUserOption.
{
  "email": "[email protected]",
  "full_name": "Example User",
  "active": true,
  "admin": false,
  "prohibit_login": false,
  "allow_create_organization": true
}
FieldTypeRequiredDescription
emailstringyesPrimary email address.
source_idint64noAuthentication source ID.
login_namestringnoExternal login name.
full_namestringnoDisplay name.
passwordstringnoNew password (if changing).
must_change_passwordbooleannoForce a password change on next login.
websitestringnoWebsite URL.
locationstringnoLocation.
activebooleannoWhether the account is active.
adminbooleannoGrant platform-admin.
allow_git_hookbooleannoAllow git hooks.
allow_import_localbooleannoAllow importing local repositories.
prohibit_loginbooleannoPrevent the user from signing in.
allow_create_organizationbooleannoAllow the user to create organizations.
  • Response: 200 — the updated User.

DELETE /admin/users/{username}

Delete a user.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername of the user to delete.
  • Response: 204 — no content.

POST /admin/users/{username}/update

Update a user’s profile as admin.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername of the user to update.
  • Request body: Profile.
{
  "name": "example-user",
  "full_name": "Example User",
  "email": "[email protected]",
  "keep_email_private": false,
  "website": "https://example.com",
  "location": "Earth",
  "language": "en-US",
  "description": "Platform user"
}
FieldTypeRequiredDescription
namestringnoUsername.
full_namestringnoDisplay name.
emailstringnoPrimary email.
keep_email_privatebooleannoHide the email from public profile.
websitestringnoWebsite URL.
locationstringnoLocation.
languagestringnoPreferred language/locale.
descriptionstringnoProfile description.
  • Response: 200 — the updated Profile.

POST /admin/users/{username}/change-password

Change a user’s password as admin.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername of the user.
  • Request body: UpdatePasswordParams.
{
  "old_password": "<old-password>",
  "password": "<new-password>",
  "retype": "<new-password>"
}
FieldTypeRequiredDescription
old_passwordstringnoCurrent password.
passwordstringnoNew password.
retypestringnoNew password, confirmed.
  • Response: 200 — password updated.

GET /admin/users/{username}/orgs

List the organizations a user belongs to.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername of the user.
  • Response: 200 — a list of organizations (the response shape is delegated to the org listing handler; it is returned as an untyped JSON object/array).

Verified: GET returned 200 against appscode (user appscode) on 2026-07-14.

POST /admin/users/{username}/orgs

Create an organization owned by the given user.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
usernamestringUsername that will own the new organization.
  • Request body: CreateOrgOption.
{
  "username": "new-org",
  "full_name": "New Org",
  "description": "Example organization",
  "website": "https://example.com",
  "location": "Earth",
  "orgType": "public",
  "visibility": "public"
}
FieldTypeRequiredDescription
usernamestringyesOrganization slug.
full_namestringnoDisplay name.
descriptionstringnoDescription.
websitestringnoWebsite URL.
locationstringnoLocation.
orgTypestringnoOne of public (default), limited, private.
rancherManagementClusterEndPointstringnoRancher management cluster endpoint.
visibilitystringnoOne of ``, public, limited, private.
  • Response: 201 — the created Organization.

GET /admin/users/{uid}

Get user information by numeric user ID.

  • Auth: token + ?org= + admin_of_administrative_org.
  • Path parameters:
NameTypeDescription
uidint64Numeric user ID.

Note: this shares the /admin/users/{...} path with the username-based routes above; supply a numeric ID here to look a user up by ID.

  • Response: 200 — a User object.

Verified: returned 404 against appscode (uid 1) on 2026-07-14 — no user with that ID exists; the endpoint is reachable and authorized.