Users

Create, list, update and delete users within a HookSentry tenant.

Create User

POST /api/v1/users

Creates a new user linked to the authenticated tenant. The password is stored as a hash — never in plain text.

Auth: Bearer token

Body

FieldTypeRequiredDescription
emailstringYesUnique email address on the platform — max 255 characters
passwordstringYesPlain text password — stored as a hash
roleintegerNo (default 0)0 = Developer, 1 = Admin, 10 = Owner, 20 = Viewer
var request = new HttpRequestMessage(HttpMethod.Post, "https://api.hooksentry.com/api/v1/users")
{
    Content = JsonContent.Create(new
    {
        email = "dev@acme.com",
        password = "SenhaSegura123!",
        role = 0
    })
};
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

using var client = new HttpClient();
var response = await client.SendAsync(request);

Return codes

  • 201 Created — user created successfully
  • 400 Bad Request — invalid data (malformed email, empty password)
  • 401 Unauthorized — missing or invalid token
  • 404 Not Found — tenant not found
  • 409 Conflict — a user with this email already exists
{
  "id": "5a6b7c8d-9e0f-4a1b-8c2d-3e4f5a6b7c8d",
  "tenantId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "email": "dev@acme.com",
  "status": "Active",
  "role": "Developer",
  "createdAt": "2026-07-03T14:32:00.000Z",
  "updatedAt": "2026-07-03T14:32:00.000Z"
}

Get Users

GET /api/v1/users

Returns a page of users belonging to the authenticated tenant — always isolated by tenant. See Pagination & Filtering for the shared query parameters.

Auth: Bearer token

Filters (optional)

ParameterTypeDescription
Statusinteger0 = Active, 1 = Inactive
Roleinteger0 = Developer, 1 = Admin, 10 = Owner, 20 = Viewer
var request = new HttpRequestMessage(HttpMethod.Get,
    "https://api.hooksentry.com/api/v1/users?Qt=10&Pg=1&CpOrd=id&TpOrd=Desc");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

using var client = new HttpClient();
var response = await client.SendAsync(request);

Return codes

  • 200 OK — paginated list of users (without password field)
  • 400 Bad Request — invalid sort field
  • 401 Unauthorized — missing or invalid token
{
  "total": 4,
  "items": [
    {
      "id": "5a6b7c8d-9e0f-4a1b-8c2d-3e4f5a6b7c8d",
      "tenantId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
      "email": "dev@acme.com",
      "status": "Active",
      "role": "Developer",
      "createdAt": "2026-07-03T14:32:00.000Z",
      "updatedAt": "2026-07-03T14:32:00.000Z"
    }
  ]
}

Get User by ID

GET /api/v1/users/{id}

Looks up a user by UUID. The user must belong to the caller's tenant. The password field is never returned.

Auth: Bearer token

Path parameters

ParameterTypeDescription
idUUIDUser UUID
var request = new HttpRequestMessage(HttpMethod.Get, $"https://api.hooksentry.com/api/v1/users/{userId}");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

using var client = new HttpClient();
var response = await client.SendAsync(request);

Return codes

  • 200 OK — user data (without password field)
  • 401 Unauthorized — missing or invalid token
  • 403 Forbidden — user belongs to another tenant
  • 404 Not Found — user not found
{
  "id": "5a6b7c8d-9e0f-4a1b-8c2d-3e4f5a6b7c8d",
  "tenantId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "email": "dev@acme.com",
  "status": "Active",
  "role": "Developer",
  "createdAt": "2026-07-03T14:32:00.000Z",
  "updatedAt": "2026-07-03T14:32:00.000Z"
}

Update User

PATCH /api/v1/users/{id}

Partially updates a user belonging to the authenticated tenant. Only fields included in the body are changed.

Auth: Bearer token

Path parameters

ParameterTypeDescription
idUUIDUser UUID

Body (all fields optional)

FieldTypeDescription
emailstringNew unique email address on the platform
passwordstringNew plain text password — stored as a hash
roleintegerNew role — 0 Developer, 1 Admin, 10 Owner, 20 Viewer
statusintegerNew status — 0 Active, 1 Inactive

Role changes require a privileged caller:

Changing role requires the caller to be Admin or Owner. Promoting a user to Owner requires the caller to already be an Owner — otherwise the request returns 403 Forbidden.

var request = new HttpRequestMessage(HttpMethod.Patch, $"https://api.hooksentry.com/api/v1/users/{userId}")
{
    Content = JsonContent.Create(new { role = 1, status = 0 })
};
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

using var client = new HttpClient();
var response = await client.SendAsync(request);

Return codes

  • 200 OK — user updated successfully
  • 400 Bad Request — invalid value (malformed email, role out of domain)
  • 401 Unauthorized — missing or invalid token
  • 403 Forbidden — user belongs to another tenant, or caller lacks the role required for the change
  • 404 Not Found — user not found
  • 409 Conflict — email already in use by another user
{
  "id": "5a6b7c8d-9e0f-4a1b-8c2d-3e4f5a6b7c8d",
  "tenantId": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "email": "dev@acme.com",
  "status": "Active",
  "role": "Admin",
  "createdAt": "2026-07-03T14:32:00.000Z",
  "updatedAt": "2026-07-03T15:20:00.000Z"
}

Delete User

DELETE /api/v1/users/{id}

Permanently deletes a user from the authenticated tenant. Irreversible.

Auth: Bearer token — Admin or Owner role

Path parameters

ParameterTypeDescription
idUUIDUUID of the user to delete

Irreversible:

Deletion is permanent. Require explicit confirmation in your UI before calling this endpoint.

var request = new HttpRequestMessage(HttpMethod.Delete, $"https://api.hooksentry.com/api/v1/users/{userId}");
request.Headers.Authorization = new AuthenticationHeaderValue("Bearer", accessToken);

using var client = new HttpClient();
var response = await client.SendAsync(request);

Return codes

  • 204 No Content — user deleted successfully
  • 401 Unauthorized — missing, invalid token, or missing role claim
  • 403 Forbidden — caller is not Admin/Owner, or the target belongs to another tenant
  • 404 Not Found — user not found