Admin User
For the complete documentation on the "admin" resource, please refer to https://docs.actv8me.com/v1.2/reference/admin
Register an Admin User
Depending on their roles and permissions, Admin users can manage client resources such as campaigns, triggers, content, user segments, and other admin users in the ACTV8me ecosystem.
Client "Owner" (root access)
A Client owner is an admin user who has been granted root access to all client resources. Unless otherwise specified, the person that registers an organization (client) with the ACTV8me platform is assigned as the "Owner" of such a client.
To register your organization, please contact the support team at [email protected]
The following endpoint allows for the registration of an admin user account:
POST /admin
Reference: https://docs.actv8me.com/v1.2/reference/admin#post_admin
Personal Identifiable Information (PII)
During the user account registration process, the ACTV8me backend extracts the user's email (username) and stores it in a separate logical location along with other Personal Identifiable Information (PII). This data is only visible to the authenticated user that owns it, as well as to application admins that have been granted permission to view such data.
Roles and permissions
A role is a set of predefined permissions that can be attached to an admin user to control access to specific resources.
Get available roles
API Reference
To get a list of the roles available, you may use the following endpoint:
GET role?client_id={client_id}
Reference: https://docs.actv8me.com/v1.2/reference/admin#get_role
Get permissions for role
Before assigning a role to an admin user, you should verify its permissions are adequate for the level of access you want to provide to the admin user:
GET role/{id/permission
For detailed information, please refer to https://docs.actv8me.com/v1.2/reference/admin#get_role
Attach role to an Admin user
Once you have verified the role has the permissions you want to grant an admin user, you may use the following endpoint:
POST admin/{id}/role/{role_id}?client_id={client_id}
Reference: https://docs.actv8me.com/v1.2/reference/admin#post_admin-id-role-role-id
User Authentication
The following endpoints allow your application to cover standard user authentication processes such as account validation, credential validation, password retrieval request, and password reset.
Validate account (optional)
Depending on your requirements, you may want to enable account validation (via email verification). This protects your users from malicious attempts to impersonate them using their email account.
POST user/validate
Reference: https://docs.actv8me.com/v1.2/reference/admin#post_admin-validate
Login
If your application provides the ability to register accounts, it should allow users to authenticate their accounts using a valid username and password.
POST admin/login
Reference: https://docs.actv8me.com/v1.2/reference/admin#post_admin-login
Bearer token
An admin user that successfully authenticates their account using valid credentials is assigned an authorization token ("Bearer" token). This token must be passed via the "Authorization" header in subsequent requests to the endpoints that are behind the admin "guard".
Password reset request ("Forgot Password")
It is not uncommon for users to forget their passwords. For that reason, you should provide the ability to request a password reset (i.e. ("forgot password" link) for them to get an email with a link to reset their passwords.
POST admin/password/reset
Reference: https://docs.actv8me.com/v1.2/reference/admin#post_admin-password-reset
Retrieve Admin User Account
Your application may send a request on behalf of the user to retrieve their account information. This information does not contain Personal Identifiable Information (PII) but instead metadata associated with the account such as "created_at," "last_login_at," etc.
GET /admin
Reference: https://docs.actv8me.com/v1.2/reference/admin#get_admin
Retrieve Admin User Profile (PII)
As it is usual in applications that allow for user authentication, your users should have the ability to access their Personal Identifiable Information. This information is commonly presented in a "profile" section.
Personal Identifiable Information (PII)
This data is only visible to the authenticated user that owns it, as well as to application admins that have been granted permission to view such data.
GET /admin/{id}/pii
Reference: https://docs.actv8me.com/v1.2/reference/admin#get_admin-id-pii
Update End-User Profile
Users should also be allowed to update their personal information (PII) in a profile. You may send a request to the following endpoint:
PUT /admin/{id}/pii
Reference: https://docs.actv8me.com/v1.2/reference/admin#put_admin-id-pii
Delete Admin User Profile
To protect their privacy, your application should also allow users to delete their personal information at any time. The following endpoint should be used for that purpose:
DELETE /admin/{id}/pii
Reference: https://docs.actv8me.com/v1.2/reference/admin#delete_admin-id-pii
Delete Admin User Account
Your application should allow your admin users to delete their accounts at any time. Your application should use the following endpoint for that purpose:
DELETE /admin/{id}
Reference: https://docs.actv8me.com/v1.2/reference/admin#delete_admin
Updated over 3 years ago