Users
Directus Users are the individual accounts that let you authenticate into the API and App. Each user belongs to a Role which defines its granular Permissions. Learn more about Users.
The User Object
id uuid
Primary key of the user.
first_name string
First name of the user.
last_name string
Last name of the user.
email string
Email address of the user.
password hash
Password of the user.
location string
Location of the user.
title string
Title of the user.
description string
Description of the user.
tags array
Tags for the user.
avatar many-to-one
Avatar file. Many-to-one to files.
language string
Language the Admin App is rendered in. See our Crowdin page for all available languages and translations.
appearance string
One of auto, light, dark.
theme_light string
Theme to use in light mode.
theme_dark string
Theme to use in dark mode.
theme_light_overrides json
Customization for light theme in use.
theme_dark_overrides json
Customization for dark theme in use.
tfa_secret string
When TFA is enabled, this holds the secret key for it.
status string
Status of the user. One of draft, invited, active, suspended, archived.
role uuid
Role of the user. Many-to-one to roles.
token string
Static access token for the user.
last_access date
Last time the user accessed the API.
last_page string
Last page in the app the user used.
provider string
What auth provider was used to register this user.
external_identifier string
Primary key of the user in the third party authentication provider, if used.
auth_data json
Required data about the user as provided by the third party auth provider, if used.
email_notifications boolean
When this is enabled, the user will receive emails for notifications.
{
"id": "0bc7b36a-9ba9-4ce0-83f0-0a526f354e07",
"first_name": "Admin",
"last_name": "User",
"email": "admin@example.com",
"password": "**********",
"location": "New York City",
"title": "CTO",
"description": null,
"tags": null,
"avatar": null,
"language": "en-US",
"appearance": "auto",
"tfa_secret": null,
"status": "active",
"role": "653925a9-970e-487a-bfc0-ab6c96affcdc",
"token": null,
"last_access": "2021-02-05T10:18:13-05:00",
"last_page": "/settings/roles/653925a9-970e-487a-bfc0-ab6c96affcdc"
}{
"id": "0bc7b36a-9ba9-4ce0-83f0-0a526f354e07",
"first_name": "Admin",
"last_name": "User",
"email": "admin@example.com",
"password": "**********",
"location": "New York City",
"title": "CTO",
"description": null,
"tags": null,
"avatar": null,
"language": "en-US",
"appearance": "auto",
"tfa_secret": null,
"status": "active",
"role": "653925a9-970e-487a-bfc0-ab6c96affcdc",
"token": null,
"last_access": "2021-02-05T10:18:13-05:00",
"last_page": "/settings/roles/653925a9-970e-487a-bfc0-ab6c96affcdc"
}List Users
List all users that exist in Directus.
Request
Query Parameters
Supports all global query parameters.
Response
An array of up to limit user objects. If no items are available, data will be an empty array.
Example
Retrieve a User
List an existing user by primary key.
Request
Query Parameters
Supports all global query parameters.
Response
Returns the requested user object.
Example
Retrieve the Current User
Retrieve the currently authenticated user.
Request
Query Parameters
Supports all global query parameters.
Response
Returns the user object for the currently authenticated user.
Example
Update the Current User
Update the authenticated user.
Request
Query Parameters
Supports all global query parameters.
Response
Returns the updated user object for the authenticated user.
Example
Create a User
Create a new user
Request
Query Parameters
Supports all global query parameters.
Request Body
A partial user object.
email and password are required to authenticate with the default authentication provider.
Response
Returns the user object for the created user.
Example
Create Multiple Users
Create multiple new users
Request
Query Parameters
Supports all global query parameters.
Request Body
An array of partial user objects.
email and password are required.
Response
Returns the user objects for the created users.
Example
Update a User
Update an existing user.
Request
Query Parameters
Supports all global query parameters.
Request Body
A partial user object.
Response
Returns the user object for the updated user.
Example
Update Multiple Users
Update multiple existing users.
Request
Query Parameters
Supports all global query parameters.
Request Body
keys Required
Array of primary keys of the users you'd like to update.
data Required
Any of the user object's properties.
Response
Returns the user objects for the updated users.
Example
Delete a User
Delete an existing user.
Request
Response
Empty body.
Example
Delete Multiple Users
Delete multiple existing users.
Request
Request Body
An array of user primary keys
Response
Empty body.
Example
Invite a new User
Invite a new user by email.
Request
Request Body
email Required
User email to invite.
role Required
Role of the new user.
invite_url
Provide a custom invite url which the link in the email will lead to. The invite token will be passed as a parameter.
Note: You need to configure the USER_INVITE_URL_ALLOW_LIST environment variable to enable this feature.
Response
Empty body.
Example
Accept User Invite
Accept your invite. The invite user endpoint sends the email a link to the Admin App.
This link includes a token, which is then used to activate the invited user.
Request
Request Body
token Required
Accept invite token.
password Required
Password for the user.
Response
Empty body.
Example
Generate Two-Factor Authentication Secret
Generates a secret and returns the URL to be used in an authenticator app.
Request
Request Body
password Required
The user's password.
Response
secret string
OTP secret to be saved in the authenticator app.
otpauth_url stringotpauth:// formatted URL. Can be rendered as QR code and used in most authenticator apps.
Example
Enable Two-Factor Authentication
Adds a TFA secret to the user account.
Request
Request Body
secret Required
The TFA secret from tfa/generate.
otp Required
OTP generated with the secret, to recheck if the user has a correct TFA setup
Response
Empty response.
Example
Disable Two-Factor Authentication
Disables two-factor authentication by removing the OTP secret from the user.
Request
Request Body
otp Required
One-time password generated by the authenticator app.
Response
Empty response.