mirror of
https://github.com/directus/directus.git
synced 2026-04-25 03:00:53 -04:00
0c54f5a9ef
* items semi complete
* updated items page to use snippet toggler and migrated endpoint docs to use it
* updated files page to use snippet toggler and migrated REST and GraphQL endpoint docs to it
* updated activity page to use snippet toggler and migrated REST and GraphQL endpoint doc to it
* updated collections page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* updated dashboards page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated extensions page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated fields page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated flows page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated folders page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated notifications page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated operations page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated panels page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated permissions page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated presets page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated relations page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated revisions page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated roles page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Made headlines consistant with the rest of the doc pages
* Updated server page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated settings page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated shares page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated translations page to use snippet togglers and migrated REST endpoint docs to them
* Updated users page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated utilities page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated webhooks page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated authentication page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* Updated Global Parameters page to use snippet togglers where there are adjacent REST and GraphQL Examples
* Added SDK code snippets to items page and made generic variables consistant
* Added SDK code snippets to files page and made generic variables consistant
* Few lang changes for files page
* Added SDK code snippets to activity page and made generic variables consistant
* Added SDK code snippets to collections page and made generic variables consistant
* Added SDK code snippets to dashboards page and made generic variables consistant
* removed query word from query parameter objects
* Added SDK code snippets to fields page and made generic variables consistant
* SnippetToggler border
* Used dynamic border color for snippettoggler heading
* Spacing top and bottom of snippet toggler in docs
* Removed extra HRs
* Remove manual TOC in query reference
* Small code styling change in items page
* Updated users page to use snippet togglers and migrated REST and GraphQL endpoint docs to them
* dashboards fixed up property names
* Small copy update on extensions page
* Updated keys in delete mult notifications REST
* Updated keys in operations
* Update keys in panel delete many
* Update keys in permissions
* Added quotes around generic example ID strings
* Added code formatting to final example in share public info
* Format files
* Refined sidebar
* Insert newline before ending template tags
* Fixed extra closing tags, causing an error, un users ref
* Text Formatting Users
* Put GQL related notes inside toggler
* Added SDK code snippets to flows page and made generic variables consistant
* Added SDK code snippets to folder page and made generic variables consistant
* fixing whitepsace for flows and folders page
* Consistent newlines in SnippetToggler usages
* Run prettier
* Fix 'alwaysDark' definition
* Home page snippet toggler style fixes
* Fix snippet toggler lang hover color in light mode
* Introduce different code theme for light mode
* Added SDK code snippets to notifications page and made generic variables consistant
* Switch to 'material-theme-lighter'
* Format file
* Fix tip
* Fix tip in sdk ref
* Consistent spacing for custom containers
* Added SDK code snippets to operations page and made generic variables consistant
* Lint & format code blocks
* Lint & format operations
* Added SDK code snippets to panels page and made generic variables consistant
* Added SDK code snippets to permissions page and made generic variables consistant
* Added SDK code snippets to presets page and made generic variables consistant
* Added SDK code snippets to relations page and made generic variables consistant
* Added SDK code snippets to revisions page and made generic variables consistant
* Added SDK code snippets to roles page and made generic variables consistant
* Added SDK code snippets to server page and made generic variables consistant
* Added SDK code snippets to settings page and made generic variables consistant
* app_url -> directus_project_url
* Omitted auth details in delete multiple files
* Added quotes to values in roles
* Upload a file snippets
* Pluralization for upload/import files
* More files functions typos
* Added SDK code snippets to shares page (still missing createShare(s) as endpoint not functioning currently) and made generic variables consistant
* Added SDK code snippets to translations page (missing delete endponts because not working) and made generic variables consistant
* Added SDK code snippets to users page and made generic variables consistant
* Added SDK code snippets to webhooks page and made generic variables consistant
* Added SDK code snippets to utilites page (except cleaning cache, will be tested and added in later commit) and made generic variables consistant
* Added SDK code snippets to auth page (not login, refresh, and logout though due to errors)
* Added SDK code snippets for utilsExport and clearCache
* added github username be7DOTis to contributors
* Omit auth commands in updateComment
* utilsImport
* rename app_url generic value
* changed instances of updated*operation* to update*Operation*
* missed some 'updated' changse
* Added SDK Snippets to Query Parameters page
* Add section on file security
* added create(s)Shares SDK snippet to shares page
* added console.log to create snippets
* Added delete(s)Webhook SDK snippet to webhooks page
* Added SDK snippets to extensions page
* Added create/updateSingleton section to items page
* Links in files security
* Added SDK Snippets to Schema page
* Added GQL Generic examples to snippet togglers and removed snippet toggler from Login Using SSO Providers
* Added create(s)Presets SDK Snippets to presets page
* replaced fields query in generics snippets for a more generic
* replaced fields query in generics snippets for a more generic
* Use storage value only if valid choice
* Sync snippet togglers across page
* Update docs/reference/system/activity.md
* Update docs/reference/system/activity.md
* Update docs/reference/system/extensions.md
* Update docs/reference/system/revisions.md
* Update docs/reference/system/settings.md
* Update docs/reference/system/revisions.md
* Update docs/reference/system/settings.md
* Update docs/reference/system/activity.md
* Update docs/reference/system/roles.md
* Update docs/reference/system/roles.md
* Update docs/reference/system/roles.md
* Update docs/reference/system/roles.md
* Update docs/reference/system/schema.md
* Update docs/reference/system/server.md
* Update docs/reference/system/shares.md
* Replace all directus_project_url placeholders
* Revert "Sync snippet togglers across page"
This reverts commit 8b36f0d778.
* Update docs/reference/system/shares.md
* Update docs/reference/system/webhooks.md
* Clarify singleton section
* Consistent newlines between SnippetToggler templates
* Format files
* Remove console.log(result) statements from snippet
* Add examples for shares & users
Co-authored-by: Brainslug <tim@brainslug.nl>
* Fix hash GraphQL example
* Clarify update singleton section
* Add auth examples
Co-authored-by: Brainslug <tim@brainslug.nl>
* Final run on consistent newlines between SnippetToggler
* Switch to github themes
* The "Last One"
Co-authored-by: Brainslug <tim@brainslug.nl>
* The "Big One"
* Fix dead links
---------
Co-authored-by: Bevis Halsey-Perry <hi@be7.is>
Co-authored-by: Kevin Lewis <kvn@lws.io>
Co-authored-by: Pascal Jufer <pascal-jufer@bluewin.ch>
Co-authored-by: Brainslug <br41nslug@users.noreply.github.com>
Co-authored-by: rijkvanzanten <rijkvanzanten@me.com>
Co-authored-by: Brainslug <tim@brainslug.nl>
28 KiB
28 KiB
description, readTime, pageClass
| description | readTime | pageClass |
|---|---|---|
| REST and GraphQL API documentation on the Users collection in Directus. | 9 min read | page-reference |
Users
Directus Users are the individual accounts that let you authenticate into the API and App. Each user belongs to a Role which defines its granular Permissions. Learn more about Users.
The User Object
id uuid
Primary key of the user.
first_name string
First name of the user.
last_name string
Last name of the user.
email string
Email address of the user.
password hash
Password of the user.
location string
Location of the user.
title string
Title of the user.
description string
Description of the user.
tags array
Tags for the user.
avatar many-to-one
Avatar file. Many-to-one to files.
language string
Language the Admin App is rendered in. See our Crowdin page for all available languages and
translations.
theme string
One of auto, light, dark.
tfa_secret string
When TFA is enabled, this holds the secret key for it.
status string
Status of the user. One of draft, invited, active, suspended, archived.
role uuid
Role of the user. Many-to-one to roles.
token string
Static access token for the user.
last_access date
Last time the user accessed the API.
last_page string
Last page in the app the user used.
provider string
What auth provider was used to register this user.
external_identifier string
Primary key of the user in the third party authentication provider, if used.
auth_data json
Required data about the user as provided by the third party auth provider, if used.
email_notifications boolean
When this is enabled, the user will receive emails for notifications.
{
"id": "0bc7b36a-9ba9-4ce0-83f0-0a526f354e07",
"first_name": "Admin",
"last_name": "User",
"email": "admin@example.com",
"password": "**********",
"location": "New York City",
"title": "CTO",
"description": null,
"tags": null,
"avatar": null,
"language": "en-US",
"theme": "auto",
"tfa_secret": null,
"status": "active",
"role": "653925a9-970e-487a-bfc0-ab6c96affcdc",
"token": null,
"last_access": "2021-02-05T10:18:13-05:00",
"last_page": "/settings/roles/653925a9-970e-487a-bfc0-ab6c96affcdc"
}
List Users
List all users that exist in Directus.
Request
GET /users
SEARCH /users
POST /graphql/system
type Query {
users: [directus_users]
}
import { createDirectus } from '@directus/sdk';
import { rest, readUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readUsers({
fields: ['*'],
})
);
Query Parameters
Supports all global query parameters.
Response
An array of up to limit user objects. If no items are available, data will be an empty array.
Example
GET /users
SEARCH /users
query {
users {
first_name
last_name
email
}
}
import { createDirectus } from '@directus/sdk';
import { rest, readUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readUsers({
fields: ['*'],
})
);
Retrieve a User
List an existing user by primary key.
Request
GET /users/:id
POST /graphql/system
type Query {
users_by_id(id: ID!): directus_users
}
import { createDirectus } from '@directus/sdk';
import { rest, readUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readUser('user_id', {
fields: ['*'],
})
);
Query Parameters
Supports all global query parameters.
Response
Returns the requested user object.
Example
GET /users/72a1ce24-4748-47de-a05f-ce9af3033727
POST /graphql/system
query {
users_by_id(id: "72a1ce24-4748-47de-a05f-ce9af3033727") {
first_name
last_name
email
}
}
import { createDirectus } from '@directus/sdk';
import { rest, readUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readUser('0513b6e8-55f2-4ff5-906c-f1a29d7b983c', {
fields: ['*'],
})
);
Retrieve the Current User
Retrieve the currently authenticated user.
Request
GET /users/me
POST /graphql/system
type Query {
users_me: directus_users
}
import { createDirectus } from '@directus/sdk';
import { rest, readMe } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readMe({
fields: ['*'],
})
);
Query Parameters
Supports all global query parameters.
Response
Returns the user object for the currently authenticated user.
Example
GET /users/me
query {
users_me {
email
}
}
import { createDirectus } from '@directus/sdk';
import { rest, readMe } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
readMe({
fields: ['*'],
})
);
Update the Current User
Update the authenticated user.
Request
PATCH /users/me
{
"user_object_field": "value"
}
POST /graphql/system
type Mutation {
update_users_me(data: update_directus_users_input!): directus_users
}
import { createDirectus } from '@directus/sdk';
import { rest, updateMe } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateMe({
user_field: 'value',
})
);
Query Parameters
Supports all global query parameters.
Response
Returns the updated user object for the authenticated user.
Example
PATCH /users/me
{
"email": "new.email@example.com"
}
POST /graphql/system
mutation {
update_users_me(data: { email: "new.email@example.com" }) {
email
}
}
import { createDirectus } from '@directus/sdk';
import { rest, updateMe } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateMe({
email_notifications: false,
})
);
Create a User
Create a new user
Request
POST /users
{
"email": "user_email",
"password": "user_password",
"user_object_field": "value"
}
POST /graphql/system
type Mutation {
create_users_item(data: create_directus_users_input!): directus_users
}
import { createDirectus } from '@directus/sdk';
import { rest, createUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
createUser({
email: 'user_email',
password: 'user_password',
})
);
Query Parameters
Supports all global query parameters.
Request Body
A partial user object.
email and password are required to authenticate with the default authentication provider.
Response
Returns the user object for the created user.
Example
POST /users
{
"email": "another@example.com",
"password": "d1r3ctu5",
"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
}
POST /graphql/system
mutation {
create_users_item(
data: {
email: "another@example.com"
password: "d1r3ctu5"
role: { id: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7", name: "Public", admin_access: false, enforce_tfa: false }
}
) {
email
role
}
}
::: tip
Please note that if you include the Role in the create_users_items call it will be treated as an Upsert and not only
as adding a relationship. So make sure the ID exists, and the other parameters match the existing role, otherwise it
could be modified by the user call.
:::
import { createDirectus } from '@directus/sdk';
import { rest, createUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
createUser({
email: 'hi@email.com',
password: 'qwerty123',
})
);
Create Multiple Users
Create multiple new users
Request
POST /users
[
{
"email": "user_email",
"password": "user_password",
"user_object_field": "value"
},
{
"email": "user_email",
"password": "user_password",
"user_object_field": "value"
}
]
POST /graphql/system
type Mutation {
create_users_items(data: [create_directus_users_input!]!): [directus_users]
}
import { createDirectus } from '@directus/sdk';
import { rest, createUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
createUsers([
{
email: 'user_email',
password: 'user_password',
},
{
email: 'user_email',
password: 'user_password',
},
])
);
Query Parameters
Supports all global query parameters.
Request Body
An array of partial user objects.
email and password are required.
Response
Returns the user objects for the created users.
Example
POST /users
[
{
"email": "admin@example.com",
"password": "p455w0rd",
"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
},
{
"email": "another@example.com",
"password": "d1r3ctu5",
"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
}
]
POST /graphql/system
mutation {
create_users_items(
data: [
{
email: "admin@example.com"
password: "p455w0rd"
role: { id: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7", name: "Public", admin_access: false, enforce_tfa: false }
}
{
email: "another@example.com"
password: "d1r3ctu5"
role: { id: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7", name: "Public", admin_access: false, enforce_tfa: false }
}
]
) {
email
role
}
}
::: tip
Please note that if you include the Role in the create_users_items call it will be treated as an Upsert and not only
as adding a relationship. So make sure the ID exists, and the other parameters match the existing role, otherwise it
could be modified by the user call.
:::
import { createDirectus } from '@directus/sdk';
import { rest, createUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
createUsers([
{
email: 'hello@email.com',
password: 'qwerty123',
},
{
email: 'person@email.com',
password: 'QwErTy1994',
},
])
);
Update a User
Update an existing user.
Request
PATCH /users/72a1ce24-4748-47de-a05f-ce9af3033727
{
"user_object_field": "value"
}
POST /graphql/system
type Mutation {
update_users_item(id: ID!, data: update_directus_users_input!): directus_users
}
import { createDirectus } from '@directus/sdk';
import { rest, updateUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateUser('user_id', {
user_fiels: 'value',
})
);
Query Parameters
Supports all global query parameters.
Request Body
A partial user object.
Response
Returns the user object for the updated user.
Example
PATCH /users/72a1ce24-4748-47de-a05f-ce9af3033727
{
"title": "CTO"
}
POST /graphql/system
mutation {
update_users_item(id: "72a1ce24-4748-47de-a05f-ce9af3033727", data: { title: "CTO" }) {
first_name
last_name
}
}
import { createDirectus } from '@directus/sdk';
import { rest, updateUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateUser('e41605bd-f9bc-4c9c-b09d-3ccb7b137fbb', {
email_notifications: false,
})
);
Update Multiple Users
Update multiple existing users.
Request
PATCH /users
{
"keys": ["user_1_key", "user_2_key"],
"data": {
"user_object_field": "value"
}
}
POST /graphql/system
type Mutation {
update_users_items(ids: [ID!]!, data: update_directus_users_input!): [directus_users]
}
import { createDirectus } from '@directus/sdk';
import { rest, updateUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateUsers(['user_1_id', 'user_2_id'], {
user_field: 'value',
})
);
Query Parameters
Supports all global query parameters.
Request Body
keys Required
Array of primary keys of the users you'd like to update.
data Required
Any of the user object's properties.
Response
Returns the user objects for the updated users.
Example
PATCH /users
{
"keys": ["72a1ce24-4748-47de-a05f-ce9af3033727", "9c3d75a8-7a5f-41a4-be0a-1488fd974511"],
"data": {
"title": "CTO"
}
}
POST /graphql/system
mutation {
update_users_items(
ids: ["72a1ce24-4748-47de-a05f-ce9af3033727", "9c3d75a8-7a5f-41a4-be0a-1488fd974511"]
data: { title: "CTO" }
) {
first_name
last_name
}
}
import { createDirectus } from '@directus/sdk';
import { rest, updateUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
updateUsers(['e41605bd-f9bc-4c9c-b09d-3ccb7b137fbb', '5ec6ee0a-62ad-460d-a91e-fed63e3d804c'], {
email_notifications: false,
})
);
Delete a User
Delete an existing user.
Request
DELETE /users/:id
POST /graphql/system
type Mutation {
delete_users_item(id: ID!): delete_one
}
import { createDirectus } from '@directus/sdk';
import { rest, deleteUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(deleteUser('user_id'));
Response
Empty body.
Example
DELETE /users/72a1ce24-4748-47de-a05f-ce9af3033727
POST /graphql/system
mutation {
delete_users_item(id: "72a1ce24-4748-47de-a05f-ce9af3033727") {
id
}
}
import { createDirectus } from '@directus/sdk';
import { rest, deleteUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(deleteUser('965749ad-e5e4-4e38-aa91-25a252b8ccd9'));
Delete Multiple Users
Delete multiple existing users.
Request
DELETE /users
["user_1_key", "user_2_key"]
POST /graphql/system
type Mutation {
delete_users_items(ids: [ID!]!): delete_many
}
import { createDirectus } from '@directus/sdk';
import { rest, deleteUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(deleteUsers(['user_1_id', 'user_2_id']));
Request Body
An array of user primary keys
Response
Empty body.
Example
DELETE /users
["653925a9-970e-487a-bfc0-ab6c96affcdc", "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"]
mutation {
delete_users_items(ids: ["72a1ce24-4748-47de-a05f-ce9af3033727", "9c3d75a8-7a5f-41a4-be0a-1488fd974511"]) {
ids
}
}
import { createDirectus } from '@directus/sdk';
import { rest, deleteUsers } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(
deleteUsers(['e41605bd-f9bc-4c9c-b09d-3ccb7b137fbb', '5ec6ee0a-62ad-460d-a91e-fed63e3d804c'])
);
Invite a new User
Invite a new user by email.
Request
POST /users/invite
{
"email": "invited_user_email",
"role": "invited_user_role"
}
POST /graphql/system
type Mutation {
users_invite(email: String!, role: String!, invite_url: String): Boolean
}
import { createDirectus } from '@directus/sdk';
import { rest, disableTwoFactor } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(disableTwoFactor('otp'));
Request Body
email Required
User email to invite.
role Required
Role of the new user.
invite_url
Provide a custom invite url which the link in the email will lead to. The invite token will be passed as a parameter.
Note: You need to configure the
USER_INVITE_URL_ALLOW_LIST environment variable to enable this feature.
Response
Empty body.
Example
POST /users/invite
{
"email": "another@example.com",
"role": "c86c2761-65d3-43c3-897f-6f74ad6a5bd7"
}
POST /graphql/system
mutation {
users_invite(email: "another@example.com", role: "c86c2761-65d3-43c3-897f-6f74ad6a5bd7")
}
import { createDirectus } from '@directus/sdk';
import { rest, inviteUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(inviteUser('invited_user_email', 'invited_user_role'));
Accept User Invite
Accept your invite. The invite user endpoint sends the email a link to the Admin App.
This link includes a token, which is then used to activate the invited user.
Request
POST /users/invisponse/accept
{
"token": "invite_token",
"password": "user_password"
}
POST /graphql/system
type Mutation {
users_invite_accept(token: String!, password: String!): Boolean
}
import { createDirectus } from '@directus/sdk';
import { rest, inviteUser } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(inviteUser('another@example.com', 'c86c2761-65d3-43c3-897f-6f74ad6a5bd7'));
Request Body
token Required
Accept invite token.
password Required
Password for the user.
Response
Empty body.
Example
POST /users/invite/accept
{
"token": "eyJh...KmUk",
"password": "d1r3ctu5"
}
mutation {
users_invite_accept(token: "eyJh...KmUk", password: "d1r3ctu5")
}
import { createDirectus } from '@directus/sdk';
import { rest, acceptUserInvite } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(acceptUserInvite('invite_token', 'user_password'));
Generate Two-Factor Authentication Secret
Generates a secret and returns the URL to be used in an authenticator app.
Request
POST /users/me/tfa/generate
{
"password": "user_password"
}
POST /graphql/system
type Mutation {
users_me_tfa_generate(password: String!): users_me_tfa_generate_data
}
import { createDirectus } from '@directus/sdk';
import { rest, acceptUserInvite } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(acceptUserInvite('eyJh...KmUk', 'd1r3ctu5'));
Request Body
password Required
The user's password.
Response
secret string
OTP secret to be saved in the authenticator app.
otpauth_url string
otpauth:// formatted URL. Can be rendered as QR code and used in most authenticator apps.
Example
POST /users/me/tfa/generate
{
"password": "d1r3ctu5"
}
POST /graphql/system
mutation {
users_me_tfa_generate(password: "d1r3ctu5") {
secret
otpauth_url
}
}
import { createDirectus } from '@directus/sdk';
import { rest, generateTwoFactorSecret } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(generateTwoFactorSecret('user_password'));
Enable Two-Factor Authentication
Adds a TFA secret to the user account.
Request
POST /users/me/tfa/enable
{
"otp": "One Time Password",
"secret": "Two-Factor_Authorization_secret"
}
POST /graphql/system
type Mutation {
users_me_tfa_enable(otp: String!, secret: String!): Boolean
}
import { createDirectus } from '@directus/sdk';
import { rest, generateTwoFactorSecret } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(generateTwoFactorSecret('d1r3ctu5'));
Request Body
secret Required
The TFA secret from tfa/generate.
otp Required
OTP generated with the secret, to recheck if the user has a correct TFA setup
Response
Empty response.
Example
POST /users/me/tfa/enable
{
"otp": "123456",
"secret": "3CtiutsNBmY3szHE"
}
POST /graphql/system
mutation {
users_me_tfa_enable(otp: "123456", secret: "3CtiutsNBmY3szHE")
}
import { createDirectus } from '@directus/sdk';
import { rest, enableTwoFactor } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(enableTwoFactor('secret', 'otp'));
Disable Two-Factor Authentication
Disables two-factor authentication by removing the OTP secret from the user.
Request
POST /users/me/tfa/disable
{
"otp": "One-time password"
}
POST /graphql/system
type Mutation {
users_me_tfa_disable(otp: String!): Boolean
}
import { createDirectus } from '@directus/sdk';
import { rest, enableTwoFactor } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(enableTwoFactor('3CtiutsNBmY3szHE', '123456'));
Request Body
otp Required
One-time password generated by the authenticator app.
Response
Empty response.
Example
POST /users/me/tfa/disable
{
"otp": "859014"
}
POST /graphql/system
mutation {
users_me_tfa_disable(otp: "591763")
}
import { createDirectus } from '@directus/sdk';
import { rest, disableTwoFactor } from '@directus/sdk/rest';
const client = createDirectus('https://directus.example.com').with(rest());
const result = await client.request(disableTwoFactor('591763'));