Users

All endpoints require Bearer token authentication.

GET /users/me

Returns the current authenticated user.

Response:

{
  "id": 1,
  "email": "user@example.com",
  "username": "janedoe",
  "first_name": "Jane",
  "last_name": "Doe",
  "organizationId": 1,
  "roles": ["user", "admin"]
}

PATCH /users/me

Update your profile.

Body:

{
  "first_name": "Jane",
  "last_name": "Doe"
}

GET /users/me/organizations

List all organizations you belong to.

Response:

[
  {
    "id": 1,
    "userId": 1,
    "organizationId": 1,
    "role": "admin",
    "joinedAt": "2026-03-31T00:00:00.000Z",
    "organization": {
      "id": 1,
      "name": "Acme Inc",
      "slug": "acme-inc"
    }
  }
]

PATCH /users/me/active-org

Switch your active organization. Returns new JWT tokens.

Body:

{
  "organizationId": 2
}

Response:

{
  "access_token": "eyJ...",
  "refresh_token": "eyJ..."
}

GET /users

List all users in your organization. Requires Admin role.

PUT /users/:id

Update a user. Requires Admin role. User must be in your organization.

DELETE /users/:id

Delete a user. Requires Admin role. User must be in your organization.