User management
How to use our user endpoints
The users
part of the Delivery API provides access to a range of endpoints that enable the creation of users, and management of existing user information. The majority of these endpoints require a valid JWT, either to get the authenticated user, or to ensure the user has permission to access or update the information.
The endpoints available fall into the following categories:
- Create user
- Password management
- Address management
- Update user information
Create user
To create a new user, include either a unique username or an email address in the request body. If these criteria are not met, a 403 error will be returned.
POST <yourHost>/dwapi/users/create
{
"address": "Test Street",
"city": "Aarhus",
"company": "Dynamicweb",
"country": "Denmark",
"email": "test@dynamicweb.dk",
"firstName": "John",
"houseNumber": "123",
"lastName": "Smith",
"userName": "TestUser"
}
If successful, the endpoint returns a User
{
"address": "Test Street",
"address2": null,
"location": {
"lat": 0,
"lng": 0
},
"city": "Aarhus",
"company": "Dynamicweb",
"country": "Denmark",
"countryCode": null,
"currency": null,
"shopID": null,
"stockLocationID": 0,
"customerNumber": null,
"department": "",
"email": "test@dynamicweb.dk",
"firstName": "John",
"houseNumber": "123",
"id": 1243,
"image": "",
"jobTitle": null,
"lastName": "Smith",
"middleName": "",
"name": "",
"phone": "",
"phoneBusiness": "",
"phoneMobile": "",
"phonePrivate": "",
"state": null,
"title": "",
"userName": "TestUser",
"zip": null,
"externalID": null,
"customFields": {
"AccessUser_Identification Number": {
"systemName": "AccessUser_Identification Number",
"tableName": "AccessUser",
"fieldType": "text",
"name": "Identification Number",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
},
"AccessUser_TestingCustomField": {
"systemName": "AccessUser_TestingCustomField",
"tableName": "AccessUser",
"fieldType": "text",
"name": "Test@ing Custom Field",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
}
},
"addressCustomFields": {
"AccessUserAddress_Testingfiled": {
"systemName": "AccessUserAddress_Testingfiled",
"tableName": "AccessUserAddress",
"fieldType": "text",
"name": "Testing@filed",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
}
}
}
Password management
The User login credentials
section provides endpoints allowing a user to change their password. Passwords can be changed in two contexts:
- User who is not logged in: A recovery token is required to reset the password
- Current user: Password reset requires the JWT
User who is not logged in
For a user who is not logged in the password change requires two steps:
- Generate Recovery Token
- The
POST <yourHost>/dwapi/users/password/recover
endpoint sends a recovery link to the email address provided. The generated recovery token is added to the link in the body of the email - e.g.https://www.example.com/recoverpassword?RecoveryToken=31a5377f-0ab8-42cf-ac4e-760373f1597d
. - If no user is found with the provided email address, a 404 is returned.
- The
- Reset Password
- With the generated recovery token, use the
/password/reset
endpoint to reset your password - e.g.POST <yourHost>/dwapi/users/password/reset?newPassword=test111&recoveryToken=31a5377f-0ab8-42cf-ac4e-760373f1597d
. - If the user is authenticated, and the
newPassword
meets the complexity requirements, then the response will be 200 - Password changed.
- With the generated recovery token, use the
Current user
The PATCH <yourHost>/dwapi/users/password/reset
endpoint is used to reset the password of a user who is currently logged in. This endpoint uses the JWT in the Authorization header to authenticate the user.
If the newPassword
meets the complexity requirements, the response will be 200 - Password changed.
Address management
All /address
endpoints require the JWT.
The GET <yourHost>/dwapi/users/addresses
endpoint can be used to retrieve all addresses for the current user. This returns a list of Address
[
{
"id": 1075,
"company": "Dynamicweb",
"name": "John",
"address": "Newvej",
"address2": "",
"houseNumber": "15",
"zip": "8250",
"city": "Aalborg",
"countryCode": "DK",
"state": "",
"phone": "",
"mobile": null,
"email": "",
"isDefault": false
},
{
"id": 1076,
"company": "Dynamicweb",
"name": "",
"address": "Extra Street",
"address2": "",
"houseNumber": "61",
"zip": "8000",
"city": "Aarhus",
"countryCode": "DK",
"state": "",
"phone": "",
"mobile": null,
"email": "",
"isDefault": false
}
]
Details of a particular address can be found using GET <yourHost>/dwapi/users/address/{id}
, with the ID being the ID of the address.
An address can be updated using the PATCH <yourHost>/dwapi/users/address{id}
endpoint. Provide the ID of the address as a parameter (which can be found using /users/addresses
endpoint if unknown). In the body of the request specify the properties to be updated. The response of this request is a fully updated Address
To add a new address, use the POST <yourHost>/dwapi/users/address
endpoint and specify the details in the body of the request:
{
"id": 0,
"company": "Dynamicweb",
"name": "John",
"address": "Newvej",
"houseNumber": "15",
"zip": "8250",
"city": "Aalborg",
"countryCode": "DK",
"isDefault": false
}
The result of the above POST
request is an Address
{
"id": 1075,
"company": "Dynamicweb",
"name": "John",
"address": "Newvej",
"address2": null,
"houseNumber": "15",
"zip": "8250",
"city": "Aalborg",
"countryCode": "DK",
"state": null,
"phone": null,
"mobile": null,
"email": null,
"isDefault": false
}
Update user information
The users/info
endpoints allow the current user to view or update their information. Similar to the /address
endpoints, these endpoints all require the JWT to authenticate the user.
GET <yourHost>/dwapi/users/info
returns a User
To update or add information for a user, use the PATCH <yourHost>/dwapi/users/info
endpoint. This endpoint only updates the properties that have been sent in the request body:
{
"address": "ChangeVej",
"city": "Vejle",
"houseNumber": "25"
}
This returns a User
{
"address": "ChangeVej",
"address2": "",
"location": {
"lat": 0,
"lng": 0
},
"city": "Vejle",
"company": "",
"country": "Denmark",
"countryCode": "DK",
"currency": "",
"shopID": "",
"stockLocationID": 0,
"customerNumber": "",
"department": "",
"email": "efe@dynamicweb.dk",
"firstName": "",
"houseNumber": "25",
"id": 1242,
"image": "",
"jobTitle": "",
"lastName": "Smith",
"middleName": "",
"name": "John",
"phone": "",
"phoneBusiness": "",
"phoneMobile": "",
"phonePrivate": "",
"state": "",
"title": "",
"userName": "JohnSmith",
"zip": "8000",
"externalID": "",
"customFields": {
"AccessUser_Identification Number": {
"systemName": "AccessUser_Identification Number",
"tableName": "AccessUser",
"fieldType": "text",
"name": "Identification Number",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
},
"AccessUser_TestingCustomField": {
"systemName": "AccessUser_TestingCustomField",
"tableName": "AccessUser",
"fieldType": "text",
"name": "Test@ing Custom Field",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
}
},
"addressCustomFields": {
"AccessUserAddress_Testingfiled": {
"systemName": "AccessUserAddress_Testingfiled",
"tableName": "AccessUserAddress",
"fieldType": "text",
"name": "Testing@filed",
"options": [
{
"key": "",
"value": ""
}
],
"sort": 0,
"value": ""
}
}
}
Using the PUT <yourHost>/dwapi/users/info
endpoint will change all properties provided in the request body, and override any fields not provided in the request body. The userName
field is required.
Important
Any existing properties of the UserViewModel that are not included in the request body of the PUT
endpoint will be overridden with value of null
for the given user.
Please ensure you have included all properties you need in the request body before continuing.
{
"address": "New Street",
"city": "Vejle",
"houseNumber": "16",
"userName": "JohnSmith"
}
This request updates the user with the user name "JohnSmith", changing their address, city, and house number, and rendering all other properties as null.