User Authentication & Management API
User Management Documentation
Overview
This set of endpoints provides user management functionality including session management, user creation, updating, deletion, and retrieval. All endpoints require a Blaze Team Advanced or White Labeling subscription.
Base URL
https://us-central1-querycomposer.cloudfunctions.net
Authentication
- All endpoints require a valid API key
- Must have an active Blaze Team Advanced or White Labeling subscription
- API keys should be kept secure and never exposed in client-side code
Request Formats
All endpoints accept either GET or POST requests. Parameters can be passed as URL parameters for both methods, or as a JSON body for POST requests.
Get User Session Link
Generate a login session link for a specified user.
Endpoint Path
/user_authentication_api
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
api_key | Yes | string | Your API authentication key |
user_email | Yes | string | Email address of the user |
hide_sidebar | No | boolean | When true, hides the sidebar (only show the chat page). Default is false. Only works for non-technical users |
Example Requests
Using URL Parameters:
GET https://us-central1-querycomposer.cloudfunctions.net/user_authentication_api?user_email=user@example.com&api_key=your_api_key_here&hide_sidebar=true
Using JSON Body:
POST https://us-central1-querycomposer.cloudfunctions.net/user_authentication_api
Content-Type: application/json
{
"api_key": "your_api_key_here",
"user_email": "user@example.com",
"hide_sidebar": true
}
Create New User
Creates a new user in your team with specified database access.
Endpoint Path
/user_creation_api
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
api_key | Yes | string | Your API authentication key |
Yes | string | Email address for the new user | |
database_id | Yes | string | ID of the database to grant initial access |
role | No | string | User's role/job description. Default: "No job description provided" |
simplified_mode | No | boolean | Enable simplified mode. Default: false |
technical | No | boolean | Technical user flag. Default: false |
To get a database_id for a given database, open the Sharing & Permissions dialog

Example Requests
Using URL Parameters:
GET https://us-central1-querycomposer.cloudfunctions.net/user_creation_api?api_key=your_api_key_here&email=newuser@example.com&database_id=db123&role=Developer&simplified_mode=false&technical=true
Using JSON Body:
POST https://us-central1-querycomposer.cloudfunctions.net/user_creation_api
Content-Type: application/json
{
"api_key": "your_api_key_here",
"email": "newuser@example.com",
"database_id": "db123",
"role": "Developer",
"simplified_mode": false,
"technical": true
}
Update User
Updates an existing user's information and database access permissions.
Endpoint Path
/user_update_api
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
api_key | Yes | string | Your API authentication key |
Yes | string | Current email address of the user | |
new_email | No | string | New email address for the user |
role | No | string | Updated role/job description |
simplified_mode | No | boolean | Update simplified mode setting |
technical | No | boolean | Update technical user flag |
database_access | No | object | Database access permissions object |
Database Access Object Format
{
"database_id_1": "view",
"database_id_2": "edit",
"database_id_3": null // Removes access
}
Valid permission levels:
- "view": Read-only access
- "edit": Read and write access
- null: Remove access
Example Requests
Using URL Parameters:
GET https://us-central1-querycomposer.cloudfunctions.net/user_update_api?api_key=your_api_key_here&email=user@example.com&role=Senior+Developer&database_access={"db123":"view","db456":"edit","db789":null}
Using JSON Body:
POST https://us-central1-querycomposer.cloudfunctions.net/user_update_api
Content-Type: application/json
{
"api_key": "your_api_key_here",
"email": "user@example.com",
"role": "Senior Developer",
"database_access": {
"db123": "view",
"db456": "edit",
"db789": null
}
}
Delete User
Removes a user from your team and queues them for deletion.
Endpoint Path
/user_deletion_api
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
api_key | Yes | string | Your API authentication key |
Yes | string | Email address of the user to delete |
Example Requests
Using URL Parameters:
GET https://us-central1-querycomposer.cloudfunctions.net/user_deletion_api?api_key=your_api_key_here&email=user@example.com
Using JSON Body:
POST https://us-central1-querycomposer.cloudfunctions.net/user_deletion_api
Content-Type: application/json
{
"api_key": "your_api_key_here",
"email": "user@example.com"
}
List All Users
Retrieves a list of all users in your team with their roles and settings.
Endpoint Path
/user_retrieval_api
Parameters
Parameter | Required | Type | Description |
---|---|---|---|
api_key | Yes | string | Your API authentication key |
Example Requests
Using URL Parameters:
GET https://us-central1-querycomposer.cloudfunctions.net/user_retrieval_api?api_key=your_api_key_here
Using JSON Body:
POST https://us-central1-querycomposer.cloudfunctions.net/user_retrieval_api
Content-Type: application/json
{
"api_key": "your_api_key_here"
}
Response Format
{
"users": [
{
"email": "user@example.com",
"role": "Developer",
"technical": true,
"simplified_mode": false,
"database_access": {
"db123": "view",
"db456": "edit"
}
}
]
}
Common Response Codes
Status Code | Description |
---|---|
200 | Success |
400 | Bad Request (e.g., invalid database permission level) |
401 | Invalid or missing API key |
402 | Insufficient subscription (requires Blaze Team Advanced or White Labeling) |
403 | User not in team |
404 | User or database not found |
409 | User already exists (for creation) |
422 | Missing required parameter |
500 | Server error |
Security Best Practices
Always use HTTPS for requests
Keep API keys secure and never expose them in client-side code
Use a separate API key for each application or service
Regularly rotate API keys
Monitor API usage for unusual patterns
Review database access permissions regularly
Rate Limits and Quotas
Please contact support for information about rate limits and usage quotas for your subscription level.
Updated on: 22/01/2025
Thank you!