Accounts

The Accounts service allows you to manage user accounts registered within your organization, including creation, updates, and access control.

Get the user authentication data

get

Retrieves and returns the account information for the authenticated user.

A user ID or email must be provided as a query parameter.

Authorizations

x-api-keystringRequired

Query parameters

userIdstringOptional

The user ID to fetch the auth account details for

emailstringOptional

The email to fetch the auth account details for

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Responses

200

The response to querying a user's account information. We return an array which will be empty if no user is found, and may contain multiple entries if the query parameter is an email.

application/json

get

/auth/user/

GET /api/accounts/auth/user/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Accept: */*

200

The response to querying a user's account information. We return an array which will be empty if no user is found, and may contain multiple entries if the query parameter is an email.

[
  {
    "uid": "text",
    "emailVerified": true,
    "email": "text",
    "displayName": "text",
    "photoURL": "text",
    "providerData": [
      {
        "providerId": "text",
        "uid": "text",
        "email": "text",
        "displayName": "text",
        "photoURL": "text",
        "phoneNumber": "text"
      }
    ]
  }
]

Create a new user account

post

Creates a new user account in the authentication system. A custom user ID can be provided.

Authorizations

x-api-keystringRequired

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for creating a new auth user

uidstringOptional

The user ID to use for this new user. If not specified, one will be created.

displayNamestringOptional

Optional for user creation, but required for streaming access

emailstringOptional

emailVerifiedbooleanOptional

photoURLstringOptional

Responses

200

The information of the created user

application/json

post

/auth/user/

POST /api/accounts/auth/user/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 89

{
  "uid": "text",
  "displayName": "text",
  "email": "text",
  "emailVerified": true,
  "photoURL": "text"
}

200

The information of the created user

{
  "uid": "text",
  "emailVerified": true,
  "email": "text",
  "displayName": "text",
  "photoURL": "text",
  "providerData": [
    {
      "providerId": "text",
      "uid": "text",
      "email": "text",
      "displayName": "text",
      "photoURL": "text",
      "phoneNumber": "text"
    }
  ]
}

Generate a custom token for a user

post

Generate a custom token for a user that can be used to authenticate.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations

x-api-keystringRequired

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for generating a custom token

userIdstringRequired

The user ID to generate a custom token for

Responses

200

The response to generating a custom token

application/json

post

/token/generate/

POST /api/accounts/token/generate/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "userId": "text"
}

200

The response to generating a custom token

{
  "token": "text"
}

Refresh token

post

Returns a new ID token and refresh token for the given user.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations

x-api-keystringRequired

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for refreshing a token

refreshTokenstringRequired

Responses

200

The response to refreshing a token

application/json

post

/token/refresh/

POST /api/accounts/token/refresh/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 23

{
  "refreshToken": "text"
}

200

The response to refreshing a token

{
  "idToken": "text",
  "refreshToken": "text",
  "expiresIn": "text",
  "userId": "text"
}

post

The endpoint signs in or signs up a user by exchanging a custom Auth token for an ID token and a refresh token.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations

x-api-keystringRequired

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for signing in with a custom token

tokenstringRequired

The custom token to sign in with

Responses

200

The response to generating a custom token

application/json

post

/token/signin/

POST /api/accounts/token/signin/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 16

{
  "token": "text"
}

200

The response to generating a custom token

{
  "idToken": "text",
  "refreshToken": "text",
  "expiresIn": "text",
  "isNewUser": true
}

Fetch a user's account

get

Retrieves and returns the account information for the specified user. An email address and wallet address will only be returned if the user has verified them.

This API can be called by the user themselves, the Unreal server, or any user with read permissions on the organization's user profiles.

Authorizations

x-api-keystringRequired

Path parameters

userIdstringRequired

The user ID to fetch the account for

Header parameters

x-m2-organization-idstringOptional

The ID of an organization

Responses

200

The response to querying a user's account information

application/json

get

/users/{userId}/

GET /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*

200

The response to querying a user's account information

{
  "evmLinkedWallet": "text",
  "email": "text",
  "isGuest": true
}

Update the user account data

patch

Updates the account information for the authenticated user.

Authorizations

x-api-keystringRequired

Path parameters

userIdstringRequired

Header parameters

x-m2-organization-idstringRequired

The ID of an organization

Body

The parameters required to patch a user's account information. At least one of email or emailVerified must be provided.

Responses

200

The information of the patched user

application/json

patch

/users/{userId}/

PATCH /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 37

{
  "email": "text",
  "emailVerified": true
}

200

The information of the patched user

{
  "name": "text",
  "pictureUrl": "text",
  "email": "text",
  "emailVerified": true,
  "evmLinkedWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "evmWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "emailDomain": "text",
  "isGuest": true,
  "tenantId": "text",
  "organizationId": "text"
}

Remove a user's account

delete

Removes the account information for the specified user.

This API can be called by any user with all permissions to an organization or a user who has the highest level of permissions if no organization is provided.

Authorizations

x-api-keystringRequired

Path parameters

userIdstringRequired

The ID of a user

Header parameters

x-m2-organization-idstringOptional

The ID of an organization

Responses

204

The ID of the user to be deleted

application/json

4XX

HTTP error message

application/json

delete

/users/{userId}/

DELETE /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*

{
  "userId": "text"
}

Fetch the requesting user's account

get

Retrieves and returns the entire account information for the user making the request.

Authorizations

x-api-keystringRequired

Header parameters

x-m2-organization-idstringOptional

The ID of an organization

Responses

200

The response to querying a user's account information.

application/json

4XX

HTTP error message

application/json

get

/users/current/

GET /api/accounts/users/current/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*

{
  "name": "text",
  "pictureUrl": "text",
  "email": "text",
  "emailVerified": true,
  "evmLinkedWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "evmWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "emailDomain": "text",
  "isGuest": true,
  "tenantId": "text",
  "organizationId": "text"
}

PreviousAPI Reference NextEvents

Last updated 9 days ago

Was this helpful?

Get the user authentication data

Create a new user account

Generate a custom token for a user

Refresh token

Sign in with custom token

Fetch a user's account

Update the user account data

Remove a user's account

Fetch the requesting user's account