# User Management ## Get account users - [POST /api/v1/account/users](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users/post.md): This endpoint returns users belonging to the currently active account, with support for keyword search, sorting, pagination, and view-specific formatting. Notes: - Only users belonging to the current account are returned - User data is resolved from cached account user information ## Get user details - [GET /api/v1/account/users/{useridentifier}](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D/get.md): This endpoint returns profile and role-related information for a user identified by the provided user identifier, scoped to the current account. Use cases: - View user profile details in administration screens - Review assigned roles and permissions - Prepare user data for edit or role management workflows ## Update account user - [POST /api/v1/account/users/{useridentifier}](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D/post.md): This endpoint updates profile information and role assignments for a specified user within the current account. The user’s email domain is validated against the list of mail domains configured for the account before the update is processed. Process overview: - Validate the user’s email domain - Update user details through the Identity Provider - Refresh cached account user data - Invalidate licensing and permission-related caches ## Add account user - [POST /api/v1/account/users/add](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1add/post.md): This endpoint creates a new user within the currently active account and assigns the specified roles and permissions. Before user creation, the user’s email domain is validated against the list of mail domains configured for the account. If the domain is not allowed, the request is rejected. Process overview: - Validate the user’s email domain against configured account domains - Create the user through the Identity Provider - Update account user caches and licensing state - Return the newly created user details and role information ## Remove account user - [POST /api/v1/account/users/{useridentifier}/remove](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D~1remove/post.md): This endpoint deletes a specified user from the currently active account. The operation is processed through the Identity Provider and reflected in the account’s user and licensing state. Process overview: - Delete the user through the Identity Provider - Update account user and licensed user caches - Preserve employee-related metadata where applicable ## Restore account user - [POST /api/v1/account/users/{useridentifier}/activate](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D~1activate/post.md): This endpoint reactivates a previously removed user and restores their access to the current account. The operation is processed through the Identity Provider and reflected in the account’s user and licensing state. Process overview: - Restore the user through the Identity Provider - Update cached account user information - Reapply licensing based on assigned roles ## Reset user password - [POST /api/v1/account/users/{useridentifier}/reset](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D~1reset/post.md): This endpoint triggers a password reset for the specified user within the current account. The reset operation is handled by the Identity Provider and applies immediately. Use cases: - Recover access for users who have forgotten their password - Enforce password reset for security or compliance reasons ## Get current user account details - [GET /api/v1/account/users/me/accountdetails](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1me~1accountdetails/get.md): This endpoint returns account-related information for the logged-in user, including details of the account the user belongs to and their association with it. The data is resolved automatically based on the authenticated user context and does not require any account or user identifiers in the request. Use cases: - Display account information in user profile or dashboard screens - Determine the user’s current account context - Retrieve account metadata for self-service features ## Update multiple users - [POST /api/v1/account/users/update](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1update/post.md): This endpoint allows administrators to perform bulk updates on users belonging to the current account. It supports updating role assignments and related account access properties for multiple users in a single request. Request details: Accepts a list of user identifiers to be updated Applies role and access changes uniformly to all specified users Behavior: - Each user update is processed via the identity management provider - Updated user data is synchronized with the account cache - The response includes the updated state for each processed user ## Get active account users - [POST /api/v1/account/users/active](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1active/post.md): This endpoint returns active users associated with the current account, supporting keyword-based filtering, sorting, and pagination. Behavior: - Only users in active status are included - User data is retrieved from the account cache - The response contains a paginated and sorted user list ## Get user organizational units - [GET /api/v1/users/{userId}/organization/structure/units](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1users~1%7Buserid%7D~1organization~1structure~1units/get.md): This endpoint returns the list of organizational units (structure levels) that the specified user has access to within the organization. Behavior: - Fetches organizational access data from the identity management service - Returns only the organizational units the user is permitted to access - Results are returned as a flat list of organizational units ## Assign user organizational units - [POST /api/v1/users/{userId}/organization/structure/units](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1users~1%7Buserid%7D~1organization~1structure~1units/post.md): This endpoint adds or updates the organizational units (structure levels) that a user is allowed to access within the organization. Behavior: - Accepts a list of organizational unit identifiers in the request body - Persists user-to-organization access via the identity management service - Returns the updated list of organizational units assigned to the user ## Unlock user account - [POST /api/v1/account/users/{useridentifier}/unlock](https://zonedevelopersdocumentationv1.redocly.app/apis/user-management/paths/~1api~1v1~1account~1users~1%7Buseridentifier%7D~1unlock/post.md): This endpoint unlocks a user account that has been locked due to security policies such as failed login attempts. Behavior: - Invokes the identity management service to unlock the user - Updates cached user, active user, and basic user details - Preserves employee-related attributes after unlock