Skip to main content
GET
/
admin
/
users
List Users
curl --request GET \
  --url https://auth.nullpass.xyz/api/admin/users \
  --header 'Authorization: Bearer <token>'
{
  "users": [
    {
      "id": "<string>",
      "email": "jsmith@example.com",
      "username": "<string>",
      "displayName": "<string>",
      "avatar": "<string>",
      "twoFactorEnabled": true,
      "createdAt": "2023-11-07T05:31:56Z"
    }
  ],
  "pagination": {
    "page": 123,
    "limit": 123,
    "totalCount": 123,
    "totalPages": 123,
    "hasMore": true
  }
}

Endpoint

GET /api/admin/users

Overview

Retrieves a paginated list of all users. Requires admin access via DROP service accessFlags or INTERNAL_SECRET.

Request

Requires authentication via Bearer token (with admin privileges) or x-internal-secret header.

Query Parameters

page
number
default:"1"
Page number (1-indexed)
limit
number
default:"50"
Maximum number of users to return per page

Response

users
array
Array of user objects
pagination
object
Pagination information

Authentication

Admin Access via DROP Service

User must have DROP service entitlement with:
  • accessFlags.isNullDropTeam: true
  • accessFlags.nullDropTeamRole: "founder" or "dev"

Internal Secret

Alternatively, use x-internal-secret header with INTERNAL_SECRET value.

Status Codes

200
OK
Success
401
Unauthorized
Missing or invalid authentication
403
Forbidden
Admin access required

Example Request

curl -X GET "https://auth.nullpass.xyz/api/admin/users?page=1&limit=20" \
  -H "Authorization: Bearer YOUR_TOKEN"

Example Response

{
  "users": [
    {
      "id": "clx1234567890",
      "email": "user@example.com",
      "displayName": "User Name",
      "avatar": "clx1234567890/avatar_1234567890.jpg",
      "createdAt": "2024-01-01T00:00:00.000Z",
      "updatedAt": "2024-01-02T00:00:00.000Z",
      "serviceAccess": {
        "tier": "premium",
        "isPremium": true,
        "accessFlags": {
          "isNullDropTeam": false
        },
        "metadata": {},
        "customStorageLimit": null,
        "customApiKeyLimit": null
      }
    }
  ],
  "pagination": {
    "page": 1,
    "limit": 20,
    "totalCount": 1000,
    "totalPages": 50,
    "hasMore": true
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

page
integer
default:1
limit
integer
default:50

Response

200 - application/json

List of users

users
object[]
pagination
object