Skip to main content

Authentication

Login

curl -X POST https://your-instance.com/api/accounts/auth/login/ \
  -H "Content-Type: application/json" \
  -d '{
    "username": "admin",
    "password": "your_password"
  }'
Authenticates a user and returns access tokens.
username
string
required
Username
password
string
required
Password
access
string
JWT access token
refresh
string
JWT refresh token
user
object
User information

Logout

curl -X POST https://your-instance.com/api/accounts/auth/logout/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Logs out the current user and invalidates tokens.

Token Refresh

curl -X POST https://your-instance.com/api/accounts/token/refresh/ \
  -H "Content-Type: application/json" \
  -d '{
    "refresh": "YOUR_REFRESH_TOKEN"
  }'
Refreshes an expired access token using a valid refresh token.
refresh
string
required
Refresh token obtained from login
access
string
New JWT access token

Obtain Token Pair

curl -X POST https://your-instance.com/api/accounts/token/ \
  -H "Content-Type: application/json" \
  -d '{
    "username": "admin",
    "password": "your_password"
  }'
Obtains a new JWT token pair for authentication.
access
string
JWT access token
refresh
string
JWT refresh token

Users

List Users

curl -X GET https://your-instance.com/api/accounts/users/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Returns all users in the system (admin only).
id
integer
User ID
username
string
Username
email
string
Email address
is_staff
boolean
Whether user has staff privileges
is_active
boolean
Whether user account is active
groups
array
Array of group IDs user belongs to
date_joined
string
Account creation timestamp

Get User

curl -X GET https://your-instance.com/api/accounts/users/123/ \
  -H "Authorization: Bearer YOUR_TOKEN"

Create User

curl -X POST https://your-instance.com/api/accounts/users/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "username": "newuser",
    "email": "newuser@example.com",
    "password": "secure_password",
    "is_staff": false
  }'
username
string
required
Username (must be unique)
password
string
required
User password
email
string
Email address
is_staff
boolean
default:"false"
Grant staff privileges
is_active
boolean
default:"true"
Whether account is active
groups
array
Array of group IDs to assign

Update User

curl -X PUT https://your-instance.com/api/accounts/users/123/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "email": "updated@example.com",
    "is_active": false
  }'

Delete User

curl -X DELETE https://your-instance.com/api/accounts/users/123/ \
  -H "Authorization: Bearer YOUR_TOKEN"

Groups

List Groups

curl -X GET https://your-instance.com/api/accounts/groups/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Returns all permission groups.
id
integer
Group ID
name
string
Group name
permissions
array
Array of permission IDs

Get Group

curl -X GET https://your-instance.com/api/accounts/groups/5/ \
  -H "Authorization: Bearer YOUR_TOKEN"

Create Group

curl -X POST https://your-instance.com/api/accounts/groups/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Moderators",
    "permissions": [1, 2, 3]
  }'
name
string
required
Group name
permissions
array
Array of permission IDs to assign

Update Group

curl -X PUT https://your-instance.com/api/accounts/groups/5/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Senior Moderators",
    "permissions": [1, 2, 3, 4, 5]
  }'

Delete Group

curl -X DELETE https://your-instance.com/api/accounts/groups/5/ \
  -H "Authorization: Bearer YOUR_TOKEN"

API Keys

List API Keys

curl -X GET https://your-instance.com/api/accounts/api-keys/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Returns all API keys for the authenticated user.
id
integer
API key ID
name
string
API key name/label
key
string
API key value (only shown on creation)
created_at
string
Creation timestamp
last_used
string
Last usage timestamp
is_active
boolean
Whether key is active

Get API Key

curl -X GET https://your-instance.com/api/accounts/api-keys/123/ \
  -H "Authorization: Bearer YOUR_TOKEN"

Create API Key

curl -X POST https://your-instance.com/api/accounts/api-keys/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "My Integration Key"
  }'
name
string
required
Name/label for the API key
key
string
Generated API key (only shown once)

Update API Key

curl -X PUT https://your-instance.com/api/accounts/api-keys/123/ \
  -H "Authorization: Bearer YOUR_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Updated Integration Key",
    "is_active": false
  }'

Delete API Key

curl -X DELETE https://your-instance.com/api/accounts/api-keys/123/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Permanently deletes an API key. This action cannot be undone.

Permissions

List Permissions

curl -X GET https://your-instance.com/api/accounts/permissions/ \
  -H "Authorization: Bearer YOUR_TOKEN"
Returns all available permissions in the system.
id
integer
Permission ID
name
string
Permission name
codename
string
Permission codename
content_type
string
Associated content type

Superuser Initialization

Initialize Superuser

curl -X POST https://your-instance.com/api/accounts/initialize-superuser/ \
  -H "Content-Type: application/json" \
  -d '{
    "username": "admin",
    "password": "secure_password",
    "email": "admin@example.com"
  }'
Initializes the first superuser account. This endpoint is only available when no users exist in the system.
username
string
required
Superuser username
password
string
required
Superuser password
email
string
Superuser email address
status
string
Initialization status
message
string
Status message