Clarifications to the admin api documentation (#7647)

* Clarify how to authenticate * path params are not the same thing as query params * Fix documentation for `/_synapse/admin/v2/users/<user_id>`
2025-05-02 08:16:02 -04:00 · 2020-06-05 17:31:05 +01:00 · 2020-06-05 17:31:05 +01:00 · 1bc00fd76d
commit 1bc00fd76d
parent a0d2d81cf9
8 changed files with 126 additions and 89 deletions
--- a/docs/admin_api/user_admin_api.rst
+++ b/docs/admin_api/user_admin_api.rst
@ -1,11 +1,47 @@
 .. contents::

+Query User Account
+==================
+
+This API returns information about a specific user account.
+
+The api is::
+
+    GET /_synapse/admin/v2/users/<user_id>
+
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.
+
+It returns a JSON body like the following:
+
+.. code:: json
+
+    {
+        "displayname": "User",
+        "threepids": [
+            {
+                "medium": "email",
+                "address": "<user_mail_1>"
+            },
+            {
+                "medium": "email",
+                "address": "<user_mail_2>"
+            }
+        ],
+        "avatar_url": "<avatar_url>",
+        "admin": false,
+        "deactivated": false
+    }
+
+URL parameters:
+
+- ``user_id``: fully-qualified user id: for example, ``@user:server.com``.
+
 Create or modify Account
 ========================

 This API allows an administrator to create or modify a user account with a
-specific ``user_id``. Be aware that ``user_id`` is fully qualified: for example,
-``@user:server.com``.
+specific ``user_id``.

 This api is::

@ -33,19 +69,24 @@ with a body of:
        "deactivated": false
    }

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-Parameters:
+URL parameters:
+
+- ``user_id``: fully-qualified user id: for example, ``@user:server.com``.
+
+Body parameters:

 - ``password``, optional. If provided, the user's password is updated and all
  devices are logged out.
-  
+
 - ``displayname``, optional, defaults to the value of ``user_id``.

 - ``threepids``, optional, allows setting the third-party IDs (email, msisdn)
  belonging to a user.

- ``avatar_url``, optional, must be a 
+- ``avatar_url``, optional, must be a
  `MXC URI <https://matrix.org/docs/spec/client_server/r0.6.0#matrix-content-mxc-uris>`_.

 - ``admin``, optional, defaults to ``false``.
@ -63,7 +104,8 @@ The api is::

    GET /_synapse/admin/v2/users?from=0&limit=10&guests=false

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an `access_token` for a
+server admin: see `README.rst <README.rst>`_.

 The parameter ``from`` is optional but used for pagination, denoting the
 offset in the returned results. This should be treated as an opaque value and
@ -118,17 +160,17 @@ with ``from`` set to the value of ``next_token``. This will return a new page.
 If the endpoint does not return a ``next_token`` then there are no more users
 to paginate through.

-Query Account
-=============
+Query current sessions for a user
+=================================

-This API returns information about a specific user account.
+This API returns information about the active sessions for a specific user.

 The api is::

-    GET /_synapse/admin/v1/whois/<user_id> (deprecated)
-    GET /_synapse/admin/v2/users/<user_id>
+    GET /_synapse/admin/v1/whois/<user_id>

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

 It returns a JSON body like the following:

@ -181,9 +223,10 @@ with a body of:
        "erase": true
    }

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-The erase parameter is optional and defaults to 'false'.
+The erase parameter is optional and defaults to ``false``.
 An empty body may be passed for backwards compatibility.


@ -205,7 +248,8 @@ with a body of:
       "logout_devices": true,
   }

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

 The parameter ``new_password`` is required.
 The parameter ``logout_devices`` is optional and defaults to ``true``.
@ -218,7 +262,8 @@ The api is::

    GET /_synapse/admin/v1/users/<user_id>/admin

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

 A response body like the following is returned:

@ -246,7 +291,8 @@ with a body of:
        "admin": true
    }

-including an ``access_token`` of a server admin.
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.


 User devices
@ -256,17 +302,14 @@ List all devices
 ----------------
 Gets information about all devices for a specific ``user_id``.

-**Usage**
+The API is::

-A standard request to query the devices of an user:
+  GET /_synapse/admin/v2/users/<user_id>/devices

-::
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-    GET /_synapse/admin/v2/users/<user_id>/devices
-
-    {}
-
-Response:
+A response body like the following is returned:

 .. code:: json

@ -291,11 +334,13 @@ Response:

 **Parameters**

-The following query parameters are available:
+The following parameters should be set in the URL:

 - ``user_id`` - fully qualified: for example, ``@user:server.com``.

-The following fields are possible in the JSON response body:
+**Response**
+
+The following fields are returned in the JSON response body:

 - ``devices`` - An array of objects, each containing information about a device.
  Device objects contain the following fields:
@ -314,11 +359,7 @@ Delete multiple devices
 Deletes the given devices for a specific ``user_id``, and invalidates
 any access token associated with them.

-**Usage**
-
-A standard request to delete devices:
-
-::
+The API is::

    POST /_synapse/admin/v2/users/<user_id>/delete_devices

@ -329,16 +370,14 @@ A standard request to delete devices:
      ],
    }

+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-Response:
-
-.. code:: json
-
-    {}
+An empty JSON dict is returned.

 **Parameters**

-The following query parameters are available:
+The following parameters should be set in the URL:

 - ``user_id`` - fully qualified: for example, ``@user:server.com``.

@ -350,18 +389,14 @@ Show a device
 ---------------
 Gets information on a single device, by ``device_id`` for a specific ``user_id``.

-**Usage**
-
-A standard request to get a device:
-
-::
+The API is::

    GET /_synapse/admin/v2/users/<user_id>/devices/<device_id>

-    {}
+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-
-Response:
+A response body like the following is returned:

 .. code:: json

@ -375,12 +410,14 @@ Response:

 **Parameters**

-The following query parameters are available:
+The following parameters should be set in the URL:

 - ``user_id`` - fully qualified: for example, ``@user:server.com``.
 - ``device_id`` - The device to retrieve.

-The following fields are possible in the JSON response body:
+**Response**
+
+The following fields are returned in the JSON response body:

 - ``device_id`` - Identifier of device.
 - ``display_name`` - Display name set by the user for this device.
@ -395,11 +432,7 @@ Update a device
 ---------------
 Updates the metadata on the given ``device_id`` for a specific ``user_id``.

-**Usage**
-
-A standard request to update a device:
-
-::
+The API is::

    PUT /_synapse/admin/v2/users/<user_id>/devices/<device_id>

@ -407,16 +440,14 @@ A standard request to update a device:
      "display_name": "My other phone"
    }

+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-Response:
-
-.. code:: json
-
-    {}
+An empty JSON dict is returned.

 **Parameters**

-The following query parameters are available:
+The following parameters should be set in the URL:

 - ``user_id`` - fully qualified: for example, ``@user:server.com``.
 - ``device_id`` - The device to update.
@ -431,26 +462,20 @@ Delete a device
 Deletes the given ``device_id`` for a specific ``user_id``,
 and invalidates any access token associated with it.

-**Usage**
-
-A standard request for delete a device:
-
-::
+The API is::

    DELETE /_synapse/admin/v2/users/<user_id>/devices/<device_id>

    {}

+To use it, you will need to authenticate by providing an ``access_token`` for a
+server admin: see `README.rst <README.rst>`_.

-Response:
-
-.. code:: json
-
-    {}
+An empty JSON dict is returned.

 **Parameters**

-The following query parameters are available:
+The following parameters should be set in the URL:

 - ``user_id`` - fully qualified: for example, ``@user:server.com``.
 - ``device_id`` - The device to delete.