# Users The Users API enables businesses to programmatically retrieve and manage members within their organization, including paginated user listings and detailed individual profiles with role and activity data. ## List users in the organization > Returns a paginated list of users belonging to the organization. Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"UserPageResponse":{"title":"UserPageResponse","type":"object","properties":{"content":{"type":"array","description":"List of users","items":{"$ref":"#/components/schemas/UserResponse"}},"totalElements":{"type":"integer","description":"Total number of users"},"totalPages":{"type":"integer","description":"Total number of pages"},"size":{"type":"integer","description":"Page size"},"number":{"type":"integer","description":"Current page number (0-based)"}}},"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users":{"get":{"tags":["Users"],"summary":"List users in the organization","description":"Returns a paginated list of users belonging to the organization. Requires `can_manage_users` permission.","operationId":"list-users","parameters":[{"name":"page","in":"query","description":"Page number (0-based)","required":false,"schema":{"type":"integer","default":0}},{"name":"size","in":"query","description":"Page size (default 20)","required":false,"schema":{"type":"integer","default":20}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserPageResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Get user details > Returns details of a single user in the organization. Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}":{"get":{"tags":["Users"],"summary":"Get user details","description":"Returns details of a single user in the organization. Requires `can_manage_users` permission.","operationId":"view-user","parameters":[{"name":"userId","in":"path","description":"Identifier of the user","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Update user profile > Updates the profile (first name, last name, title) of a user. Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"UpdateUserProfileRequest":{"title":"UpdateUserProfileRequest","type":"object","properties":{"firstName":{"type":"string","nullable":true,"description":"First name of the user"},"lastName":{"type":"string","nullable":true,"description":"Last name of the user"},"title":{"type":"string","nullable":true,"description":"Job title of the user"}}},"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}/profile":{"put":{"tags":["Users"],"summary":"Update user profile","description":"Updates the profile (first name, last name, title) of a user. Requires `can_manage_users` permission.","operationId":"update-user-profile","parameters":[{"name":"userId","in":"path","description":"Identifier of the user","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UpdateUserProfileRequest"}}},"required":true},"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Update user role in organization > Updates the organization-level role assigned to a user. Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"UpdateUserRoleRequest":{"title":"UpdateUserRoleRequest","required":["roleId"],"type":"object","properties":{"roleId":{"type":"string","format":"uuid","description":"Identifier of the new role to assign"}}},"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}/role":{"put":{"tags":["Users"],"summary":"Update user role in organization","description":"Updates the organization-level role assigned to a user. Requires `can_manage_users` permission.","operationId":"update-user-role","parameters":[{"name":"userId","in":"path","description":"Identifier of the user","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/UpdateUserRoleRequest"}}},"required":true},"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Terminate user > Deactivates a user in the organization (sets status to \`TERMINATED\`). Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}/terminate":{"post":{"tags":["Users"],"summary":"Terminate user","description":"Deactivates a user in the organization (sets status to `TERMINATED`). Requires `can_manage_users` permission.","operationId":"terminate-user","parameters":[{"name":"userId","in":"path","description":"Identifier of the user to terminate","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Reinstate user > Reinstates a previously terminated user in the organization. Requires \`can\_manage\_users\` permission. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"ReinstatementRequest":{"title":"ReinstatementRequest","required":["roleId"],"type":"object","properties":{"roleId":{"type":"string","format":"uuid","description":"Identifier of the role to assign upon reinstatement"}}},"UserResponse":{"title":"UserResponse","required":["id","email","roleId","profile","createdDateTime"],"type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the user"},"email":{"type":"string","description":"Email address of the user"},"idpId":{"type":"string","format":"uuid","nullable":true,"description":"Identifier in the identity provider (Cognito)"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"profile":{"$ref":"#/components/schemas/UserProfileResponse","description":"Profile details of the user"},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the user was created"}}},"UserProfileResponse":{"title":"UserProfileResponse","type":"object","properties":{"id":{"type":"string","format":"uuid","description":"Unique identifier of the profile"},"firstName":{"type":"string","nullable":true,"description":"First name"},"lastName":{"type":"string","nullable":true,"description":"Last name"},"title":{"type":"string","nullable":true,"description":"Job title"},"organizationId":{"type":"string","format":"uuid","description":"Identifier of the organization"},"roleId":{"type":"string","format":"uuid","description":"Identifier of the organization role"},"status":{"type":"string","description":"Current status of the user","enum":["ACTIVE","INACTIVE","TERMINATED","FORGOTTEN","REMOVED"]},"createdDateTime":{"type":"string","format":"date-time","description":"Timestamp when the profile was created"},"lastSignedInAt":{"type":"string","format":"date-time","nullable":true,"description":"Timestamp of last sign-in"}}},"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}/reinstate":{"post":{"tags":["Users"],"summary":"Reinstate user","description":"Reinstates a previously terminated user in the organization. Requires `can_manage_users` permission.","operationId":"reinstate-user","parameters":[{"name":"userId","in":"path","description":"Identifier of the user to reinstate","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/ReinstatementRequest"}}},"required":true},"responses":{"200":{"description":"200","headers":{"Content-Type":{"description":"Content type of the response","style":"simple","explode":false,"schema":{"type":"string"}}},"content":{"application/json;charset=UTF-8":{"schema":{"$ref":"#/components/schemas/UserResponse"}}}},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` ## Reset MFA for a user > Resets multi-factor authentication for the specified user. Requires \`can\_reset\_2fa\` permission on the organization. ```json {"openapi":"3.0.1","info":{"title":"TransactionLink API","version":"v3"},"servers":[{"url":"https://api.transactionlink.io","description":"Production"}],"security":[{"organizationToken":[]}],"components":{"securitySchemes":{"organizationToken":{"type":"apiKey","in":"header","name":"Authorization","description":"Organization API token (tot_) — preferred authentication method. Pass the token directly without Bearer prefix."}},"schemas":{"ErrorResponse":{"required":["errors","fingerprint"],"type":"object","properties":{"fingerprint":{"type":"string","description":"Unique identifier for this error instance"},"errors":{"type":"array","description":"List of error details","items":{"required":["code","message"],"properties":{"code":{"type":"string","description":"Error code representing the type of error"},"message":{"type":"string","description":"Error message providing more details about the error"}}}}}}}},"paths":{"/organizations/users/{userId}/reset-mfa":{"post":{"tags":["Organization"],"summary":"Reset MFA for a user","description":"Resets multi-factor authentication for the specified user. Requires `can_reset_2fa` permission on the organization.","operationId":"reset-mfa","parameters":[{"name":"userId","in":"path","description":"Identifier of the user whose MFA should be reset","required":true,"style":"simple","explode":false,"schema":{"type":"string","format":"uuid"}},{"name":"Authorization","in":"header","description":"Organization token (`tot_`). Pass the token directly without Bearer prefix.","required":true,"style":"simple","explode":false,"schema":{"type":"string"}}],"responses":{"202":{"description":"Accepted – MFA reset request accepted"},"400":{"description":"Bad Request – invalid request parameters","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"401":{"description":"Unauthorized – JWT token missing or invalid","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"403":{"description":"Forbidden – insufficient permissions","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"404":{"description":"Not Found – resource does not exist","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}},"500":{"description":"Internal Server Error – unexpected server error","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ErrorResponse"}}}}}}}}} ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.transactionlink.io/docs/transactionlink-api/api-reference/users.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.