Coinbax Core API

Users

Admin user management

View as Markdown

List all users

GET/usersBearer token

Retrieve a paginated list of all users across workspaces. **Permissions:** ADMIN or SUPER_ADMIN only

Query parameters

  • pageinteger
  • limitinteger
  • workspaceIdstring (uuid)

    Filter by workspace

  • roleenum

    Filter by role

    "admin" · "client"
  • statusenum

    Filter by status

    "active" · "inactive" · "suspended"
  • searchstring

    Search by name or email

Responses

200Users list retrieved successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataarray of User
      array of User
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

    • metaobject
      • Meta
        • timestampstring (date-time)required

          Response timestamp

        • requestIdstringrequired

          Unique request identifier for debugging

        • paginationPagination
          • pageintegerrequired

            Current page number (1-indexed)

          • limitintegerrequired

            Items per page

          • totalintegerrequired

            Total number of items

          • totalPagesintegerrequired

            Total number of pages

      • object
        • paginationPagination
          • pageintegerrequired

            Current page number (1-indexed)

          • limitintegerrequired

            Items per page

          • totalintegerrequired

            Total number of items

          • totalPagesintegerrequired

            Total number of pages

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": [
    {
      "id": "550e8400-e29b-41d4-a716-446655440000",
      "email": "admin@coinbax.com",
      "firstName": "Admin",
      "lastName": "User",
      "role": "ADMIN",
      "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
      "emailVerified": true,
      "avatarPath": "/uploads/avatars/user-123.png",
      "createdAt": "2026-01-15T10:00:00.000Z",
      "updatedAt": "2026-02-20T14:30:00.000Z"
    }
  ]
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden - insufficient permissions
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "FORBIDDEN",
    "message": "You do not have permission to access this resource",
    "statusCode": 403
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl https://core-staging.coinbax.com/api/v1/users \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users', {
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Create a new user

POST/usersBearer token

Create a new user account. **Permissions:** ADMIN or SUPER_ADMIN only

Request body

  • emailstring (email)required
  • passwordstringrequired
  • firstNamestring
  • lastNamestring
  • roleenumrequired"admin" · "client"
  • workspaceIdstring (uuid)

Responses

201User created successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataUser
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "admin@coinbax.com",
    "firstName": "Admin",
    "lastName": "User",
    "role": "ADMIN",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
    "emailVerified": true,
    "avatarPath": "/uploads/avatars/user-123.png",
    "createdAt": "2026-01-15T10:00:00.000Z",
    "updatedAt": "2026-02-20T14:30:00.000Z"
  }
}
400Bad request - validation error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Request validation failed",
    "statusCode": 400,
    "details": {
      "email": "Invalid email format"
    }
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden - insufficient permissions
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "FORBIDDEN",
    "message": "You do not have permission to access this resource",
    "statusCode": 403
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
409User with this email already exists
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Validation failed",
    "statusCode": 400,
    "details": {
      "field": "email",
      "reason": "Invalid email format"
    }
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl -X POST https://core-staging.coinbax.com/api/v1/users \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
  "email": "newuser@example.com",
  "password": "securePassword123",
  "firstName": "New",
  "lastName": "User",
  "role": "client",
  "workspaceId": "123e4567-e89b-12d3-a456-426614174000"
}'
const response = await fetch('https://core-staging.coinbax.com/api/v1/users', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    "email": "newuser@example.com",
    "password": "securePassword123",
    "firstName": "New",
    "lastName": "User",
    "role": "client",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000"
  }),
});
const result = await response.json();

Get current user profile

GET/users/meBearer token

Retrieve the authenticated user's full profile information including workspace.

Responses

200User profile retrieved successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataUser
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "admin@coinbax.com",
    "firstName": "Admin",
    "lastName": "User",
    "role": "ADMIN",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
    "emailVerified": true,
    "avatarPath": "/uploads/avatars/user-123.png",
    "createdAt": "2026-01-15T10:00:00.000Z",
    "updatedAt": "2026-02-20T14:30:00.000Z"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl https://core-staging.coinbax.com/api/v1/users/me \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/me', {
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Update current user profile

PUT/users/meBearer token

Update the authenticated user's profile information. Only firstName and lastName can be updated.

Request body

  • firstNamestring
  • lastNamestring

Responses

200Profile updated successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataUser
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "admin@coinbax.com",
    "firstName": "Admin",
    "lastName": "User",
    "role": "ADMIN",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
    "emailVerified": true,
    "avatarPath": "/uploads/avatars/user-123.png",
    "createdAt": "2026-01-15T10:00:00.000Z",
    "updatedAt": "2026-02-20T14:30:00.000Z"
  }
}
400Bad request - validation error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Request validation failed",
    "statusCode": 400,
    "details": {
      "email": "Invalid email format"
    }
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl -X PUT https://core-staging.coinbax.com/api/v1/users/me \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
  "firstName": "Updated",
  "lastName": "Name"
}'
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/me', {
  method: 'PUT',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    "firstName": "Updated",
    "lastName": "Name"
  }),
});
const result = await response.json();

Get user by ID

GET/users/{id}Bearer token

Retrieve a user by their unique identifier. **Permissions:** ADMIN or SUPER_ADMIN only

Path parameters

  • idstring (uuid)required

Responses

200User found
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataUser
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "admin@coinbax.com",
    "firstName": "Admin",
    "lastName": "User",
    "role": "ADMIN",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
    "emailVerified": true,
    "avatarPath": "/uploads/avatars/user-123.png",
    "createdAt": "2026-01-15T10:00:00.000Z",
    "updatedAt": "2026-02-20T14:30:00.000Z"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden - insufficient permissions
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "FORBIDDEN",
    "message": "You do not have permission to access this resource",
    "statusCode": 403
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
404Resource not found
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "NOT_FOUND",
    "message": "Resource not found",
    "statusCode": 404
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl https://core-staging.coinbax.com/api/v1/users/<id> \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/<id>', {
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Update user

PUT/users/{id}Bearer token

Update user details. **Permissions:** ADMIN or SUPER_ADMIN only

Path parameters

  • idstring (uuid)required

Request body

  • emailstring (email)
  • passwordstring
  • firstNamestring
  • lastNamestring
  • roleenum"admin" · "client"
  • statusenum"active" · "inactive" · "suspended"
  • workspaceIdstring (uuid)

Responses

200User updated successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataUser
      • idstring (uuid)required

        User unique identifier

      • emailstring (email)required

        User's email address

      • firstNamestring

        User's first name

      • lastNamestring

        User's last name

      • roleenumrequired"SUPER_ADMIN" · "ADMIN" · "CLIENT"

        User's role

      • workspaceIdstring (uuid)

        Associated workspace ID

      • emailVerifiedboolean

        Whether email is verified

      • avatarPathstring

        Path to user avatar image

      • createdAtstring (date-time)

        Account creation timestamp

      • updatedAtstring (date-time)

        Last update timestamp

{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "id": "550e8400-e29b-41d4-a716-446655440000",
    "email": "admin@coinbax.com",
    "firstName": "Admin",
    "lastName": "User",
    "role": "ADMIN",
    "workspaceId": "123e4567-e89b-12d3-a456-426614174000",
    "emailVerified": true,
    "avatarPath": "/uploads/avatars/user-123.png",
    "createdAt": "2026-01-15T10:00:00.000Z",
    "updatedAt": "2026-02-20T14:30:00.000Z"
  }
}
400Bad request - validation error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "VALIDATION_ERROR",
    "message": "Request validation failed",
    "statusCode": 400,
    "details": {
      "email": "Invalid email format"
    }
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden - insufficient permissions
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "FORBIDDEN",
    "message": "You do not have permission to access this resource",
    "statusCode": 403
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
404Resource not found
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "NOT_FOUND",
    "message": "Resource not found",
    "statusCode": 404
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl -X PUT https://core-staging.coinbax.com/api/v1/users/<id> \
  -H "Authorization: Bearer $ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
  "email": "developer@example.com",
  "password": "string",
  "firstName": "string",
  "lastName": "string",
  "role": "admin",
  "status": "active",
  "workspaceId": "9f8b7c6d-5e4f-4a3b-2c1d-0e9f8a7b6c5d"
}'
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/<id>', {
  method: 'PUT',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
    'Content-Type': 'application/json',
  },
  body: JSON.stringify({
    "email": "developer@example.com",
    "password": "string",
    "firstName": "string",
    "lastName": "string",
    "role": "admin",
    "status": "active",
    "workspaceId": "9f8b7c6d-5e4f-4a3b-2c1d-0e9f8a7b6c5d"
  }),
});
const result = await response.json();

Delete user

DELETE/users/{id}Bearer token

Permanently delete a user. **Permissions:** ADMIN or SUPER_ADMIN only

Path parameters

  • idstring (uuid)required

Responses

200User deleted successfully
  • SuccessResponse
    • successenumrequiredtrue

      Always true for successful responses

    • dataobjectrequired

      Response data (structure varies by endpoint)

    • metaMetarequired
      • timestampstring (date-time)required

        Response timestamp

      • requestIdstringrequired

        Unique request identifier for debugging

      • paginationPagination
        • pageintegerrequired

          Current page number (1-indexed)

        • limitintegerrequired

          Items per page

        • totalintegerrequired

          Total number of items

        • totalPagesintegerrequired

          Total number of pages

  • object
    • dataobject
      • messagestring
{
  "success": true,
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000",
    "pagination": {
      "page": 1,
      "limit": 20,
      "total": 150,
      "totalPages": 8
    }
  },
  "data": {
    "message": "User deleted successfully"
  }
}
401Unauthorized - missing or invalid authentication
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Authentication required",
    "statusCode": 401
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
403Forbidden - insufficient permissions
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "FORBIDDEN",
    "message": "You do not have permission to access this resource",
    "statusCode": 403
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
404Resource not found
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "NOT_FOUND",
    "message": "Resource not found",
    "statusCode": 404
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
500Internal server error
  • successenumrequiredfalse

    Always false for error responses

  • dataobject

    Always null for error responses

    object

    Always null for error responses

  • errorErrorrequired
    • codestringrequired

      Machine-readable error code

    • messagestringrequired

      Human-readable error message

    • statusCodeintegerrequired

      HTTP status code

    • detailsobject

      Additional error details (optional)

      object

      Additional error details (optional)

  • metaMetarequired
    • timestampstring (date-time)required

      Response timestamp

    • requestIdstringrequired

      Unique request identifier for debugging

    • paginationPagination
      • pageintegerrequired

        Current page number (1-indexed)

      • limitintegerrequired

        Items per page

      • totalintegerrequired

        Total number of items

      • totalPagesintegerrequired

        Total number of pages

{
  "success": false,
  "data": null,
  "error": {
    "code": "INTERNAL_ERROR",
    "message": "An unexpected error occurred",
    "statusCode": 500
  },
  "meta": {
    "timestamp": "2026-02-24T12:00:00.000Z",
    "requestId": "550e8400-e29b-41d4-a716-446655440000"
  }
}
curl -X DELETE https://core-staging.coinbax.com/api/v1/users/<id> \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/<id>', {
  method: 'DELETE',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Upload user avatar

POST/users/me/avatarBearer token

Responses

200Uploaded

Response follows the unified success / data / meta / error envelope.

curl -X POST https://core-staging.coinbax.com/api/v1/users/me/avatar \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/me/avatar', {
  method: 'POST',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Delete user avatar

DELETE/users/me/avatarBearer token

Responses

204Deleted

Response follows the unified success / data / meta / error envelope.

curl -X DELETE https://core-staging.coinbax.com/api/v1/users/me/avatar \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/me/avatar', {
  method: 'DELETE',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Update password

PATCH/users/me/passwordBearer token

Responses

200Updated

Response follows the unified success / data / meta / error envelope.

curl -X PATCH https://core-staging.coinbax.com/api/v1/users/me/password \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/me/password', {
  method: 'PATCH',
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();

Get user audit logs

GET/users/{id}/audit-logsBearer token

Path parameters

  • idstring (uuid)required

Responses

200Retrieved

Response follows the unified success / data / meta / error envelope.

curl https://core-staging.coinbax.com/api/v1/users/<id>/audit-logs \
  -H "Authorization: Bearer $ACCESS_TOKEN"
const response = await fetch('https://core-staging.coinbax.com/api/v1/users/<id>/audit-logs', {
  headers: {
    'Authorization': `Bearer ${process.env.ACCESS_TOKEN}`,
  },
});
const result = await response.json();