Users
The users endpoint allows administrators to retrieve information about all users in the system.
List Users
GET/api/public/v0/users
Returns a list of all users in the system. This endpoint is restricted to administrators only.
Authentication
Requires an API key with Admin role permissions. See Authentication for more details.
Response Format
{
users: Array<{
email: string // User's email address
name: string // User's display name
role: string // User's role ('owner' | 'admin' | 'user' | 'test-runner' | 'viewer')
authorizationTypes: Array<'password' | 'google'> // Authentication methods
totpEnabled: boolean // Two-factor authentication status
createdAt: string // ISO 8601 timestamp
lastActivity: string // ISO 8601 date
}>
}
User Roles
| Role | Permissions |
|---|---|
| Owner | Full system access with tenant management |
| Admin | Full project access with user management |
| User | Can create and manage test cases and runs |
| Test Runner | Can execute test runs only |
| Viewer | Read-only access to projects |
Example Request
curl \
-H "Authorization: ApiKey your.api.key.here" \
https://your-company.your-region-code.qasphere.com/api/public/v0/users
Example Response
{
"users": [
{
"email": "[email protected]",
"name": "System Admin",
"role": "admin",
"authorizationTypes": ["password"],
"totpEnabled": true,
"createdAt": "2024-01-01T00:00:00Z",
"lastActivity": "2024-11-14"
},
{
"email": "[email protected]",
"name": "Test Engineer",
"role": "test-runner",
"authorizationTypes": ["password", "google"],
"totpEnabled": false,
"createdAt": "2024-03-15T00:00:00Z",
"lastActivity": "2024-11-14"
}
]
}
Error Responses
| Status Code | Description |
|---|---|
| 401 | Invalid or missing API key |
| 403 | Insufficient permissions (non-admin access) |
| 500 | Internal server error |
Important Notes
| Requirement | Description |
|---|---|
| Must be valid and unique within the system | |
| User names | Must be between 1 and 255 characters |
| Dates | Creation and activity dates are in ISO 8601 format |
| Access | Only administrators can access this endpoint |
tip
This endpoint enables you to:
- Audit user access and roles
- Monitor user activity
- Verify authentication methods
- Check 2FA adoption
Get Current User
GET/api/public/v0/users/me
Returns the user identity associated with the calling credential — the API key creator, or the user who consented to an OAuth authorization. Available to any authenticated role.
Authentication
Requires either an API key or an OAuth Bearer token. See Authentication for more details.
Response Format
{
user: {
id: number // User's numeric ID
email: string // User's email address
name: string // User's display name
avatar: string | null // Avatar URL, if set
role: 'owner' | 'admin' | 'user' | 'test-runner' | 'viewer'
}
}
Example Request (API Key)
curl \
-H "Authorization: ApiKey your.api.key.here" \
https://your-company.your-region-code.qasphere.com/api/public/v0/users/me
Example Request (OAuth Bearer)
curl \
-H "Authorization: Bearer your-oauth-access-token" \
https://your-company.your-region-code.qasphere.com/api/public/v0/users/me
Example Response
{
"user": {
"id": 42,
"email": "[email protected]",
"name": "Your Name",
"avatar": null,
"role": "admin"
}
}
Error Responses
| Status Code | Description |
|---|---|
| 401 | Invalid or missing credential |
| 500 | Internal server error |