.do
Api

User API

REST API reference for user.do - A person who interacts with the system, performs tasks, makes decisions, and owns or operates businesses.

User API

A person who interacts with the system, performs tasks, makes decisions, and owns or operates businesses.

Endpoint

POST https://api.do/user

Authentication

All API requests require authentication:

curl https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json"

Request

Headers

Authorization: Bearer YOUR_API_KEY
Content-Type: application/json
X-Request-ID: unique-request-id (optional)

Request Body

{
  "operation": "user",
  "parameters": {
    // Operation-specific parameters
  },
  "options": {
    "timeout": 30000,
    "retries": 3
  }
}

Response

Success Response

{
  "success": true,
  "data": {
    // Response data
  },
  "meta": {
    "requestId": "req_123",
    "timestamp": "2025-01-01T12:00:00Z",
    "duration": 145
  }
}

Error Response

{
  "success": false,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Invalid parameters",
    "details": {
      // Error details
    }
  },
  "meta": {
    "requestId": "req_123",
    "timestamp": "2025-01-01T12:00:00Z"
  }
}

Operations

create

Create a new user account with profile information.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "create",
    "parameters": {}
  }'

update

Modify user profile, settings, or permissions.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "update",
    "parameters": {}
  }'

delete

Permanently remove the user account.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "delete",
    "parameters": {}
  }'

authenticate

Verify user identity and credentials.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "authenticate",
    "parameters": {}
  }'

authorize

Check if user has permission for a specific action.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "authorize",
    "parameters": {}
  }'

suspend

Temporarily disable the user account.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "suspend",
    "parameters": {}
  }'

activate

Enable a suspended or inactive user account.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "activate",
    "parameters": {}
  }'

invite

Send invitation to join the system or organization.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "invite",
    "parameters": {}
  }'

assign

Assign user to a role, team, or business.

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "assign",
    "parameters": {}
  }'

Examples

cURL

curl -X POST https://api.do/user \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "operation": "user",
    "parameters": {}
  }'

JavaScript/TypeScript

const response = await fetch('https://api.do/user', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer YOUR_API_KEY',
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    operation: 'user',
    parameters: {},
  }),
})

const data = await response.json()

Python

import requests

response = requests.post(
    'https://api.do/user',
    headers={
        'Authorization': 'Bearer YOUR_API_KEY',
        'Content-Type': 'application/json',
    },
    json={
        'operation': 'user',
        'parameters': {}
    }
)

data = response.json()

Rate Limiting

X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 999
X-RateLimit-Reset: 1609459200

Status Codes

  • 200 OK - Success
  • 400 Bad Request - Invalid request
  • 401 Unauthorized - Missing/invalid API key
  • 403 Forbidden - Insufficient permissions
  • 404 Not Found - Resource not found
  • 429 Too Many Requests - Rate limit exceeded
  • 500 Internal Server Error - Server error
  • 503 Service Unavailable - Service temporarily unavailable

Error Codes

  • VALIDATION_ERROR - Invalid parameters
  • AUTHENTICATION_ERROR - Invalid API key
  • AUTHORIZATION_ERROR - Insufficient permissions
  • NOT_FOUND - Resource not found
  • RATE_LIMIT_EXCEEDED - Too many requests
  • TIMEOUT - Operation timeout
  • INTERNAL_ERROR - Server error

Webhooks

Subscribe to events:

curl -X POST https://api.do/webhooks \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "url": "https://your-app.com/webhook",
    "events": ["user.created", "user.updated", "user.deleted", "user.authenticated", "user.authorized", "user.suspended", "user.activated", "user.invited", "user.assigned"]
  }'

Best Practices

  1. API Keys - Store securely, never commit to git
  2. Error Handling - Handle all error codes gracefully
  3. Retries - Implement exponential backoff
  4. Rate Limiting - Respect rate limits
  5. Idempotency - Use X-Idempotency-Key header
  6. Logging - Log requests for debugging

On this page

User APIEndpointAuthenticationRequestHeadersRequest BodyResponseSuccess ResponseError ResponseOperationscreateupdatedeleteauthenticateauthorizesuspendactivateinviteassignExamplescURLJavaScript/TypeScriptPythonRate LimitingStatus CodesError CodesWebhooksBest PracticesRelated