User Management
Manage users, roles, and permissions for your organization
User Management Overview
Comprehensive user management system with role-based access control (RBAC), fine-grained permissions, and organization management.
Roles
OwnerAdminMember
Permissions
Resource-based access controlSecurity
2FA, Activity logs, Session managementQuick Actions
Invite User
Send invitations to new team members with specific roles and permissions.
POST /usersManage Permissions
Configure fine-grained permissions for users and resources.
PUT /users/:id/permissionsUser Activity
Track user activity, resource usage, and access patterns.
GET /users/:idUser Roles
Owner
Highest AccessFull organization control
Billing and subscription
Delete organization
Admin
Management AccessUser management
Resource management
API key management
Member
Standard AccessOwn resources only
Limited permissions
Read-only by default
Permission System
Resource-Based Permissions
Fine-grained access control for all VPN Enterprise resources
Available Resources
VPN (connections, servers)
Database (instances, backups)
Hosting (sites, deployments)
Users (management)
Permission Levels
Read: View resources and data
Write: Create and modify resources
Delete: Remove resources
Admin: Full resource control
API Endpoints
GET
/usersList all users in your organization (admin only)
Response
{
"success": true,
"users": [
{
"id": "usr_123",
"email": "john@company.com",
"name": "John Doe",
"role": "member",
"status": "active",
"last_login": "2024-12-02T14:20:00Z",
"created_at": "2024-01-15T10:30:00Z",
"permissions": ["vpn:read", "database:read"],
"two_factor_enabled": true
}
],
"total": 25,
"page": 1,
"limit": 20
}POST
/usersInvite a new user to your organization (admin only)
Request Body
{
"email": "newuser@company.com",
"name": "New User",
"role": "member",
"permissions": ["vpn:read", "database:read"],
"send_invitation": true
}GET
/users/:idGet details of a specific user
Response
{
"success": true,
"user": {
"id": "usr_123",
"email": "john@company.com",
"name": "John Doe",
"role": "member",
"status": "active",
"last_login": "2024-12-02T14:20:00Z",
"created_at": "2024-01-15T10:30:00Z",
"permissions": ["vpn:read", "vpn:write", "database:read"],
"two_factor_enabled": true,
"profile": {
"avatar_url": "https://avatars.vpnenterprise.com/usr_123.jpg",
"timezone": "America/New_York",
"language": "en"
},
"activity": {
"vpn_connections": 12,
"databases_created": 3,
"api_calls_30d": 1250
}
}
}PUT
/users/:idUpdate user information and permissions
Request Body
{
"name": "John Smith",
"role": "admin",
"permissions": ["vpn:read", "vpn:write", "database:read", "database:write"],
"status": "active"
}DELETE
/users/:idRemove a user from your organization (admin only)
Response
{
"success": true,
"message": "User removed from organization",
"id": "usr_123",
"email": "john@company.com",
"resources_transferred_to": "usr_456"
}GET
/users/:id/permissionsGet detailed permissions for a user
Response
{
"success": true,
"permissions": {
"vpn": {
"read": true,
"write": true,
"delete": false
},
"database": {
"read": true,
"write": true,
"delete": true
},
"hosting": {
"read": true,
"write": false,
"delete": false
},
"billing": {
"read": false,
"write": false
}
}
}PUT
/users/:id/permissionsUpdate user permissions
Request Body
{
"permissions": {
"vpn": {
"read": true,
"write": true,
"delete": true
},
"database": {
"read": true,
"write": true,
"delete": false
}
}
}Security Best Practices
Principle of Least Privilege
Grant users only the minimum permissions required for their role. Regularly review and audit user permissions.
Two-Factor Authentication
Enforce 2FA for all users, especially those with administrative privileges. Monitor authentication events.
Regular Access Review
Conduct quarterly access reviews to ensure users have appropriate permissions and remove inactive users.