Users
For instructions on how to authenticate to use this endpoint, see API overview.
Endpoints
GET | |
POST | |
GET | |
DELETE | |
POST | |
POST | |
POST | |
POST | |
POST | |
GET |
Retrieve users integrations slack linkable workspaces
Return Slack workspaces in the user's organizations that they have not yet linked. The settings UI uses this list to decide whether to show a "Link my Slack account" button (non-empty list) and what to offer in the picker when several are connectable.
Required API key scopes
user:readPath parameters
- uuidstring
Response
Example request
GET /api /users /:uuid /integrations /slack /linkable_workspacesExample response
Status 200
Retrieve users integrations slack linkable workspaces
Return Slack workspaces in the user's organizations that they have not yet linked. The settings UI uses this list to decide whether to show a "Link my Slack account" button (non-empty list) and what to offer in the picker when several are connectable.
Required API key scopes
user:readPath parameters
- uuidstring
Response
Example request
GET /api /users /:uuid /integrations /slack /linkable_workspacesExample response
Status 200
Create users integrations slack start
Mint a Sign-in-with-Slack invite URL initiated from settings, without
Slack-DM context. The returned URL takes the user through PostHog login
(already satisfied here), then to Slack OAuth, then back to our callback
which writes the UserIntegration row.
Without body params, falls back to the user's current_team and that
team's first Slack Integration — works when there's exactly one
linkable workspace. With team_id + slack_team_id, links against
the exact pair (what the frontend uses when a picker is shown).
Refuses if the target team has no matching Slack workspace, if the feature flag is off for the workspace, or if the user is already linked to it.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- team_idintegernull
- slack_team_idstringnull
Response
Example request
POST /api /users /:uuid /integrations /slack /startExample response
Status 200
Create users integrations slack start
Mint a Sign-in-with-Slack invite URL initiated from settings, without
Slack-DM context. The returned URL takes the user through PostHog login
(already satisfied here), then to Slack OAuth, then back to our callback
which writes the UserIntegration row.
Without body params, falls back to the user's current_team and that
team's first Slack Integration — works when there's exactly one
linkable workspace. With team_id + slack_team_id, links against
the exact pair (what the frontend uses when a picker is shown).
Refuses if the target team has no matching Slack workspace, if the feature flag is off for the workspace, or if the user is already linked to it.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- team_idintegernull
- slack_team_idstringnull
Response
Example request
POST /api /users /:uuid /integrations /slack /startExample response
Status 200
List all users login sessions
List the cookie-auth login sessions for the current user. Self-only — never another user.
Path parameters
- uuidstring
Query parameters
- emailstring
- is_staffboolean
Example request
GET /api /users /:uuid /login_sessionsExample response
Status 200
List all users login sessions
List the cookie-auth login sessions for the current user. Self-only — never another user.
Path parameters
- uuidstring
Query parameters
- emailstring
- is_staffboolean
Example request
GET /api /users /:uuid /login_sessionsExample response
Status 200
Delete users login sessions
Revoke a single login session belonging to the current user. Self-only.
Requires recent auth (TimeSensitiveActionPermission) so a stolen cookie can't weaponize revocation, and is blocked while impersonating via ImpersonationBlockedPathsMiddleware.
Path parameters
- session_idstring
- uuidstring
Example request
DELETE /api /users /:uuid /login_sessions /:session_idExample response
Status 204 Login session revoked.
Delete users login sessions
Revoke a single login session belonging to the current user. Self-only.
Requires recent auth (TimeSensitiveActionPermission) so a stolen cookie can't weaponize revocation, and is blocked while impersonating via ImpersonationBlockedPathsMiddleware.
Path parameters
- session_idstring
- uuidstring
Example request
DELETE /api /users /:uuid /login_sessions /:session_idExample response
Status 204 Login session revoked.
Create users login sessions revoke others
Revoke every login session for the current user except the one making this request. Self-only.
Requires recent auth (TimeSensitiveActionPermission) so a stolen cookie can't weaponize the "log out everywhere else" lock-out, and is blocked while impersonating.
Path parameters
- uuidstring
Response
Example request
POST /api /users /:uuid /login_sessions /revoke_othersExample response
Status 200
Create users login sessions revoke others
Revoke every login session for the current user except the one making this request. Self-only.
Requires recent auth (TimeSensitiveActionPermission) so a stolen cookie can't weaponize the "log out everywhere else" lock-out, and is blocked while impersonating.
Path parameters
- uuidstring
Response
Example request
POST /api /users /:uuid /login_sessions /revoke_othersExample response
Status 200
Create users onboarding skip
Mark the current user as having exited onboarding with a non-delegated reason. Idempotent: the skip timestamp is only set on the first successful call.
Callers wanting to delegate setup to a teammate must use the dedicated /organizations/{id}/invites/delegate/ endpoint, which atomically creates the invite and sets reason="delegated". This endpoint rejects that reason so state can't be faked without a real invite.
Path parameters
- uuidstring
Request parameters
- reason
- step_at_skipstring
Response
Example request
POST /api /users /:uuid /onboarding /skipExample response
Status 200
Create users onboarding skip
Mark the current user as having exited onboarding with a non-delegated reason. Idempotent: the skip timestamp is only set on the first successful call.
Callers wanting to delegate setup to a teammate must use the dedicated /organizations/{id}/invites/delegate/ endpoint, which atomically creates the invite and sets reason="delegated". This endpoint rejects that reason so state can't be faked without a real invite.
Path parameters
- uuidstring
Request parameters
- reason
- step_at_skipstring
Response
Example request
POST /api /users /:uuid /onboarding /skipExample response
Status 200
Create users push tokens
Idempotent upsert: if the (user, token) pair already exists, platform and last_seen_at are refreshed. Otherwise a new row is created.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- tokenstring
- platform
Response
Example request
POST /api /users /:uuid /push_tokensExample response
Status 200 Token was registered or refreshed.
Create users push tokens
Idempotent upsert: if the (user, token) pair already exists, platform and last_seen_at are refreshed. Otherwise a new row is created.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- tokenstring
- platform
Response
Example request
POST /api /users /:uuid /push_tokensExample response
Status 200 Token was registered or refreshed.
Create users push tokens unregister
Delete the row matching (user, token). Returns 204 even if no row matches so the mobile client can call this unconditionally when the user opts out.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- tokenstring
Example request
POST /api /users /:uuid /push_tokens /unregisterExample response
Status 204 Token removed (or never existed).
Create users push tokens unregister
Delete the row matching (user, token). Returns 204 even if no row matches so the mobile client can call this unconditionally when the user opts out.
Required API key scopes
user:writePath parameters
- uuidstring
Request parameters
- tokenstring
Example request
POST /api /users /:uuid /push_tokens /unregisterExample response
Status 204 Token removed (or never existed).
Create users scene personalisation
Path parameters
- uuidstring
Request parameters
- first_namestring
- last_namestring
- emailstring
- notification_settingsobject
- anonymize_databooleannull
- allow_impersonationbooleannull
- toolbar_mode
- is_staffboolean
- set_current_organizationstring
- set_current_teamstring
- passwordstring
- current_passwordstring
- events_column_config
- has_seen_product_intro_for
- theme_mode
- hedgehog_config
- allow_sidebar_suggestionsbooleannull
- shortcut_position
- role_at_organization
- passkeys_enabled_for_2fabooleannull
- hide_mcp_hintsboolean
Example request
POST /api /users /:uuid /scene_personalisationExample response
Status 200 No response body
Create users scene personalisation
Path parameters
- uuidstring
Request parameters
- first_namestring
- last_namestring
- emailstring
- notification_settingsobject
- anonymize_databooleannull
- allow_impersonationbooleannull
- toolbar_mode
- is_staffboolean
- set_current_organizationstring
- set_current_teamstring
- passwordstring
- current_passwordstring
- events_column_config
- has_seen_product_intro_for
- theme_mode
- hedgehog_config
- allow_sidebar_suggestionsbooleannull
- shortcut_position
- role_at_organization
- passkeys_enabled_for_2fabooleannull
- hide_mcp_hintsboolean
Example request
POST /api /users /:uuid /scene_personalisationExample response
Status 200 No response body
Retrieve users start 2fa setup
Path parameters
- uuidstring
Example request
GET /api /users /:uuid /start_2fa_setupExample response
Status 200 No response body
Retrieve users start 2fa setup
Path parameters
- uuidstring
Example request
GET /api /users /:uuid /start_2fa_setup