Users
API Reference for ProcessMaker Users API
Display a listing of the resource.
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Query parameters
statusstring · enumOptionalPossible values:
ACTIVE or INACTIVE
filterstringOptional
Filter results by string. Searches First Name, Last Name, Email and Username.
order_bystringOptional
Field to order results by
order_directionstring · enumOptionalDefault:
ascPossible values: per_pageintegerOptionalDefault:
10includestringOptionalDefault:
Include data from related models in payload. Comma separated list.
""exclude_idsstringOptionalDefault:
Comma separated list of IDs to exclude from the response
""Responses
200
list of users
application/json
get
/usersGET /api/1.0/users HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
200
list of users
{
"data": [
{
"email": "name@gmail.com",
"firstname": "text",
"lastname": "text",
"username": "text",
"password": "text",
"address": "text",
"city": "text",
"state": "text",
"postal": "text",
"country": "text",
"phone": "text",
"fax": "text",
"cell": "text",
"title": "text",
"timezone": "text",
"datetime_format": "text",
"language": "text",
"is_administrator": true,
"expires_at": "text",
"loggedin_at": "text",
"remember_token": "text",
"status": "ACTIVE",
"fullname": "text",
"avatar": "text",
"media": [
{
"id": 1,
"model_id": 1,
"model_type": "text",
"collection_name": "text",
"name": "text",
"file_name": "text",
"mime_type": "text",
"disk": "text",
"size": 1,
"manipulations": {},
"custom_properties": {},
"responsive_images": {},
"order_column": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
}
],
"birthdate": "2025-11-30",
"delegation_user_id": "text",
"manager_id": "text",
"meta": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"force_change_password": true,
"id": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"deleted_at": "2025-11-30T06:17:03.935Z"
}
],
"meta": {
"filter": "text",
"sort_by": "text",
"sort_order": "asc",
"count": 1,
"total_pages": 1,
"current_page": 1,
"form": 1,
"last_page": 1,
"path": "text",
"per_page": 1,
"to": 1,
"total": 1
}
}Store a newly created resource in storage.
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
emailstring · emailOptional
The attributes that are mass assignable.
firstnamestringOptional
lastnamestringOptional
usernamestringOptional
passwordstringOptional
addressstringOptional
citystringOptional
statestringOptional
postalstringOptional
countrystringOptional
phonestringOptional
faxstringOptional
cellstringOptional
titlestringOptional
timezonestringOptional
datetime_formatstringOptional
languagestringOptional
is_administratorbooleanOptional
expires_atstringOptional
loggedin_atstringOptional
remember_tokenstringOptional
statusstring · enumOptionalPossible values:
fullnamestringOptional
avatarstringOptional
mediaall of[]Optional
and
birthdatestring · dateOptional
delegation_user_idstring · idOptional
manager_idstring · idOptional
force_change_passwordbooleanOptional
Responses
201
success
application/json
422
Unprocessable Entity
application/json
post
/usersPOST /api/1.0/users HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 899
{
"email": "name@gmail.com",
"firstname": "text",
"lastname": "text",
"username": "text",
"password": "text",
"address": "text",
"city": "text",
"state": "text",
"postal": "text",
"country": "text",
"phone": "text",
"fax": "text",
"cell": "text",
"title": "text",
"timezone": "text",
"datetime_format": "text",
"language": "text",
"is_administrator": true,
"expires_at": "text",
"loggedin_at": "text",
"remember_token": "text",
"status": "ACTIVE",
"fullname": "text",
"avatar": "text",
"media": [
{
"id": 1,
"model_id": 1,
"model_type": "text",
"collection_name": "text",
"name": "text",
"file_name": "text",
"mime_type": "text",
"disk": "text",
"size": 1,
"manipulations": {},
"custom_properties": {},
"responsive_images": {},
"order_column": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
}
],
"birthdate": "2025-11-30",
"delegation_user_id": "text",
"manager_id": "text",
"meta": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"force_change_password": true
}{
"email": "name@gmail.com",
"firstname": "text",
"lastname": "text",
"username": "text",
"password": "text",
"address": "text",
"city": "text",
"state": "text",
"postal": "text",
"country": "text",
"phone": "text",
"fax": "text",
"cell": "text",
"title": "text",
"timezone": "text",
"datetime_format": "text",
"language": "text",
"is_administrator": true,
"expires_at": "text",
"loggedin_at": "text",
"remember_token": "text",
"status": "ACTIVE",
"fullname": "text",
"avatar": "text",
"media": [
{
"id": 1,
"model_id": 1,
"model_type": "text",
"collection_name": "text",
"name": "text",
"file_name": "text",
"mime_type": "text",
"disk": "text",
"size": 1,
"manipulations": {},
"custom_properties": {},
"responsive_images": {},
"order_column": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
}
],
"birthdate": "2025-11-30",
"delegation_user_id": "text",
"manager_id": "text",
"meta": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"force_change_password": true,
"id": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"deleted_at": "2025-11-30T06:17:03.935Z"
}Display the specified resource.
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
ID of user to return
Responses
200
Successfully found the process
application/json
Responseall of
404
Not Found
application/json
get
/users/{user_id}GET /api/1.0/users/{user_id} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
{
"email": "name@gmail.com",
"firstname": "text",
"lastname": "text",
"username": "text",
"password": "text",
"address": "text",
"city": "text",
"state": "text",
"postal": "text",
"country": "text",
"phone": "text",
"fax": "text",
"cell": "text",
"title": "text",
"timezone": "text",
"datetime_format": "text",
"language": "text",
"is_administrator": true,
"expires_at": "text",
"loggedin_at": "text",
"remember_token": "text",
"status": "ACTIVE",
"fullname": "text",
"avatar": "text",
"media": [
{
"id": 1,
"model_id": 1,
"model_type": "text",
"collection_name": "text",
"name": "text",
"file_name": "text",
"mime_type": "text",
"disk": "text",
"size": 1,
"manipulations": {},
"custom_properties": {},
"responsive_images": {},
"order_column": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
}
],
"birthdate": "2025-11-30",
"delegation_user_id": "text",
"manager_id": "text",
"meta": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"force_change_password": true,
"id": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"deleted_at": "2025-11-30T06:17:03.935Z"
}Update a user
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
ID of user to return
Body
emailstring · emailOptional
The attributes that are mass assignable.
firstnamestringOptional
lastnamestringOptional
usernamestringOptional
passwordstringOptional
addressstringOptional
citystringOptional
statestringOptional
postalstringOptional
countrystringOptional
phonestringOptional
faxstringOptional
cellstringOptional
titlestringOptional
timezonestringOptional
datetime_formatstringOptional
languagestringOptional
is_administratorbooleanOptional
expires_atstringOptional
loggedin_atstringOptional
remember_tokenstringOptional
statusstring · enumOptionalPossible values:
fullnamestringOptional
avatarstringOptional
mediaall of[]Optional
and
birthdatestring · dateOptional
delegation_user_idstring · idOptional
manager_idstring · idOptional
force_change_passwordbooleanOptional
Responses
204
success
404
Not Found
application/json
422
Unprocessable Entity
application/json
put
/users/{user_id}PUT /api/1.0/users/{user_id} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 899
{
"email": "name@gmail.com",
"firstname": "text",
"lastname": "text",
"username": "text",
"password": "text",
"address": "text",
"city": "text",
"state": "text",
"postal": "text",
"country": "text",
"phone": "text",
"fax": "text",
"cell": "text",
"title": "text",
"timezone": "text",
"datetime_format": "text",
"language": "text",
"is_administrator": true,
"expires_at": "text",
"loggedin_at": "text",
"remember_token": "text",
"status": "ACTIVE",
"fullname": "text",
"avatar": "text",
"media": [
{
"id": 1,
"model_id": 1,
"model_type": "text",
"collection_name": "text",
"name": "text",
"file_name": "text",
"mime_type": "text",
"disk": "text",
"size": 1,
"manipulations": {},
"custom_properties": {},
"responsive_images": {},
"order_column": 1,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
}
],
"birthdate": "2025-11-30",
"delegation_user_id": "text",
"manager_id": "text",
"meta": {
"ANY_ADDITIONAL_PROPERTY": "anything"
},
"force_change_password": true
}No content
Delete a user
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
ID of user to delete
Responses
204
success
404
Not Found
application/json
delete
/users/{user_id}DELETE /api/1.0/users/{user_id} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
No content
Update a user's groups
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
ID of user
Body
groupsinteger[]OptionalExample:
1Responses
204
success
put
/users/{user_id}/groupsPUT /api/1.0/users/{user_id}/groups HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14
{
"groups": [
1
]
}204
success
No content
Reverses the soft delete of a user
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body
usernamestringOptional
Username to restore
Responses
200
success
No content
put
/users/restorePUT /api/1.0/users/restore HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 19
{
"username": "text"
}200
success
No content
Display listing of access tokens for the specified user.
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
User id
Query parameters
per_pageintegerOptionalDefault:
10Responses
200
List of tokens.
application/json
get
/users/{user_id}/tokensGET /api/1.0/users/{user_id}/tokens HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
200
List of tokens.
{
"data": [
{
"id": "text",
"user_id": 1,
"client_id": 1,
"name": "text",
"scopes": {},
"revoked": true,
"client": {
"id": 1,
"user_id": 1,
"name": "text",
"provider": "text",
"redirect": "text",
"personal_access_client": true,
"password_client": true,
"revoked": true,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
},
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"expires_at": "2025-11-30T06:17:03.935Z"
}
],
"meta": {
"filter": "text",
"sort_by": "text",
"sort_order": "asc",
"count": 1,
"total_pages": 1,
"current_page": 1,
"form": 1,
"last_page": 1,
"path": "text",
"per_page": 1,
"to": 1,
"total": 1
}
}Create a new personal access token for the user.
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
User id
Body
namestringOptional
Responses
201
New token instance
application/json
post
/users/{user_id}/tokensPOST /api/1.0/users/{user_id}/tokens HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 15
{
"name": "text"
}201
New token instance
{
"id": "text",
"user_id": 1,
"client_id": 1,
"name": "text",
"scopes": {},
"revoked": true,
"client": {
"id": 1,
"user_id": 1,
"name": "text",
"provider": "text",
"redirect": "text",
"personal_access_client": true,
"password_client": true,
"revoked": true,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
},
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"expires_at": "2025-11-30T06:17:03.935Z"
}Show a personal access token for the user
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
ID of user
token_idstringRequired
ID of token to return
Responses
200
Successfully found the token
application/json
get
/users/{user_id}/tokens/{token_id}GET /api/1.0/users/{user_id}/tokens/{token_id} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
200
Successfully found the token
{
"id": "text",
"user_id": 1,
"client_id": 1,
"name": "text",
"scopes": {},
"revoked": true,
"client": {
"id": 1,
"user_id": 1,
"name": "text",
"provider": "text",
"redirect": "text",
"personal_access_client": true,
"password_client": true,
"revoked": true,
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z"
},
"created_at": "2025-11-30T06:17:03.935Z",
"updated_at": "2025-11-30T06:17:03.935Z",
"expires_at": "2025-11-30T06:17:03.935Z"
}Delete the given token for a user
Authorizations
OAuth2authorizationCodeRequiredAuthorization URL: Token URL: Refresh URL:
Laravel passport oauth2 security.
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Path parameters
user_idintegerRequired
User ID
token_idstringRequired
Token ID
Responses
204
success
delete
/users/{user_id}/tokens/{token_id}DELETE /api/1.0/users/{user_id}/tokens/{token_id} HTTP/1.1
Host:
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*
204
success
No content
Last updated