Accounts

The Accounts service allows you to manage user accounts registered within your organization, including creation, updates, and access control.

Get the user authentication data

get

Retrieves and returns the account information for the authenticated user.

A user ID or email must be provided as a query parameter.

Authorizations
Query parameters
userIdstringOptional

The user ID to fetch the auth account details for

emailstringOptional

The email to fetch the auth account details for

Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Responses
200
The response to querying a user's account information. We return an array which will be empty if no user is found, and may contain multiple entries if the query parameter is an email.
application/json
get
GET /api/accounts/auth/user/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Accept: */*
200

The response to querying a user's account information. We return an array which will be empty if no user is found, and may contain multiple entries if the query parameter is an email.

[
  {
    "uid": "text",
    "emailVerified": true,
    "email": "text",
    "displayName": "text",
    "photoURL": "text",
    "providerData": [
      {
        "providerId": "text",
        "uid": "text",
        "email": "text",
        "displayName": "text",
        "photoURL": "text",
        "phoneNumber": "text"
      }
    ]
  }
]

Create a new user account

post

Creates a new user account in the authentication system. A custom user ID can be provided.

Authorizations
Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for creating a new auth user

uidstringOptional

The user ID to use for this new user. If not specified, one will be created.

displayNamestringOptional

Optional for user creation, but required for streaming access

emailstringOptional
emailVerifiedbooleanOptional
photoURLstringOptional
Responses
200
The information of the created user
application/json
post
POST /api/accounts/auth/user/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 89

{
  "uid": "text",
  "displayName": "text",
  "email": "text",
  "emailVerified": true,
  "photoURL": "text"
}
200

The information of the created user

{
  "uid": "text",
  "emailVerified": true,
  "email": "text",
  "displayName": "text",
  "photoURL": "text",
  "providerData": [
    {
      "providerId": "text",
      "uid": "text",
      "email": "text",
      "displayName": "text",
      "photoURL": "text",
      "phoneNumber": "text"
    }
  ]
}

Generate a custom token for a user

post

Generate a custom token for a user that can be used to authenticate.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations
Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for generating a custom token

userIdstringRequired

The user ID to generate a custom token for

Responses
200
The response to generating a custom token
application/json
post
POST /api/accounts/token/generate/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "userId": "text"
}
200

The response to generating a custom token

{
  "token": "text"
}

Refresh token

post

Returns a new ID token and refresh token for the given user.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations
Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for refreshing a token

refreshTokenstringRequired
Responses
200
The response to refreshing a token
application/json
post
POST /api/accounts/token/refresh/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 23

{
  "refreshToken": "text"
}
200

The response to refreshing a token

{
  "idToken": "text",
  "refreshToken": "text",
  "expiresIn": "text",
  "userId": "text"
}

Sign in with custom token

post

The endpoint signs in or signs up a user by exchanging a custom Auth token for an ID token and a refresh token.

Requires "*" permission on the organization and its children, and the "allowUserTokenManagement" flag to be enabled on the organization.

Authorizations
Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Body

The request body for signing in with a custom token

tokenstringRequired

The custom token to sign in with

Responses
200
The response to generating a custom token
application/json
post
POST /api/accounts/token/signin/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 16

{
  "token": "text"
}
200

The response to generating a custom token

{
  "idToken": "text",
  "refreshToken": "text",
  "expiresIn": "text",
  "isNewUser": true
}

Fetch a user's account

get

Retrieves and returns the account information for the specified user. An email address and wallet address will only be returned if the user has verified them.

This API can be called by the user themselves, the Unreal server, or any user with read permissions on the organization's user profiles.

Authorizations
Path parameters
userIdstringRequired

The user ID to fetch the account for

Header parameters
x-m2-organization-idstringOptional

The ID of an organization

Responses
200
The response to querying a user's account information
application/json
get
GET /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*
200

The response to querying a user's account information

{
  "evmLinkedWallet": "text",
  "email": "text",
  "isGuest": true
}

Update the user account data

patch

Updates the account information for the authenticated user.

Authorizations
Path parameters
userIdstringRequired
Header parameters
x-m2-organization-idstringRequired

The ID of an organization

Body
any ofOptional

The parameters required to patch a user's account information. At least one of email or emailVerified must be provided.

or
Responses
200
The information of the patched user
application/json
Responseall of

The information of the patched user

and
any ofOptional
or
objectOptional
patch
PATCH /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
x-m2-organization-id: text
Content-Type: application/json
Accept: */*
Content-Length: 37

{
  "email": "text",
  "emailVerified": true
}
200

The information of the patched user

{
  "name": "text",
  "pictureUrl": "text",
  "email": "text",
  "emailVerified": true,
  "evmLinkedWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "evmWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "emailDomain": "text",
  "isGuest": true,
  "tenantId": "text",
  "organizationId": "text"
}

Remove a user's account

delete

Removes the account information for the specified user.

This API can be called by any user with all permissions to an organization or a user who has the highest level of permissions if no organization is provided.

Authorizations
Path parameters
userIdstringRequired

The ID of a user

Header parameters
x-m2-organization-idstringOptional

The ID of an organization

Responses
204
The ID of the user to be deleted
application/json
delete
DELETE /api/accounts/users/{userId}/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*
{
  "userId": "text"
}

Fetch the requesting user's account

get

Retrieves and returns the entire account information for the user making the request.

Authorizations
Header parameters
x-m2-organization-idstringOptional

The ID of an organization

Responses
200
The response to querying a user's account information.
application/json
Responseall of

The response to querying a user's account information.

and
any ofOptional
or
objectOptional
get
GET /api/accounts/users/current/ HTTP/1.1
Host: your-organization-id.m2worlds.io
x-api-key: YOUR_API_KEY
Accept: */*
{
  "name": "text",
  "pictureUrl": "text",
  "email": "text",
  "emailVerified": true,
  "evmLinkedWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "evmWallet": {
    "nonce": "text",
    "address": "text",
    "verified": true
  },
  "emailDomain": "text",
  "isGuest": true,
  "tenantId": "text",
  "organizationId": "text"
}

Last updated

Was this helpful?