# User Admin

## List Users

 - [POST /accountmanager.fetchusers](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchusers.md): Retrieves a list of users.

>Information:
>If the authenticated user does not have the explicit USER_FETCH permission, the fields are reduced to a minimum.

## Change a User Password

 - [POST /accountmanager.changepassword/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.changepassword-userid.md): Changes a specified user's password. The authenticated user needs the ADMIN (including USERADMIN) permissions to perform this action. To change your own password, use the /accountmanager.changepassword endpoint instead.

## Change a Current User Password

 - [POST /accountmanager.changepassword](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.changepassword.md): Changes an authenticated user's password.

## Assign a User to a User Group

 - [POST /accountmanager.assigngroup/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assigngroup-userid.md): Assigns a User Group to the specified user.

## List User's User Groups

 - [POST /accountmanager.fetchgroups/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchgroups-userid.md): Returns a list of user group objects that are assigned to the specified user.

## List User's Roles

 - [POST /accountmanager.fetchroles/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchroles-userid.md): Returns a list of role objects that are assigned to the specified user.
Avaialble for the following roles:
- ADMIN (General Admin)
- USERADMIN (Administer Users)
- SUPPORT (Investigate for Support)
- USERAUDIT (View Audits and Users)
- PLASMA (Adminster Plasma)

## List User's Business Roles

 - [POST /accountmanager.fetchbusinessroles/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchbusinessroles-userid.md): Returns a list of business role objects that are assigned to the specified user.

## List Roles of the Business Role

 - [POST /accountmanager.fetchroles/BR/{businessroleId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchroles-br-businessroleid.md): Returns all user roles that the specified  business role is assigned to.

## List Groups of the Business Role

 - [POST /accountmanager.fetchgroups/BR/{businessroleId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.fetchgroups-br-businessroleid.md): Returns all user groups that the specified business role is assigned to.

## Delete a Business Role

 - [POST /accountmanager.deletebusinessrole](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.deletebusinessrole.md): Deletes a Business Role. The general datasource /delete operation (/delete/BR) should NOT be used for Business Role object as this special command (/accountmanager.deletebusinessrole) also performs a cleanup of related objects (objects that have this business role assigned).

## Copy Roles

 - [POST /accountmanager.copyroles](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.copyroles.md): Copies roles from the existing user to other users.

## Generate a JWT Token

 - [POST /accountmanager.getjsonwebtoken](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.getjsonwebtoken.md): Generates and returns a non-expiring JSON Web Token for the authenticated user. Allows to restrict the scope of the token by a list of permissions. Used for integration purposes.

>Information:
>The request header must contain real credentials (i.e. not just a session cookie).

## Generate a JWT Token (time limited)

 - [POST /accountmanager.getjsonwebtoken/{minutes}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.getjsonwebtoken-minutes.md): Generates and returns an expiring JSON Web Token for the authenticated user. Used for integration purposes.


>Information:
>The request header must contain real credentials (i.e. not just a session cookie).

## Assign a Role to Users

 - [POST /accountmanager.assignrole](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assignrole.md): Assigns a role to multiple users.

## Assign a User Group to Users

 - [POST /accountmanager.assigngroup](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assigngroup.md): Assigns a group to multiple users.

## Assign a Role to a User

 - [POST /accountmanager.assignrole/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assignrole-userid.md): Assigns a role to a user.

## Assign a Business Role to a User

 - [POST /accountmanager.assignbusinessrole/{userId}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assignbusinessrole-userid.md): Assigns a business role to a user.

## Assign a Business Role

 - [POST /accountmanager.assignbusinessrole](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assignbusinessrole.md): Assigns a business role to multiple users.

## Delete a User Group

 - [POST /accountmanager.deletegroup](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.deletegroup.md): Deletes a User Group. The general datasource /delete operation should NOT be used for the User Group object as this special command (/accountmanager.deletegroup) also performs a cleanup of related objects (objects that have this business role assigned).

## Copy a User

 - [POST /accountmanager.copyuser/{userid}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.copyuser-userid.md): Creates a copy of a selected user (including role and user group assignments). First name, last name, email and password are NOT copied (as they typically are different anyway).

## Assign a Role to a Business Role

 - [POST /accountmanager.assignrole/BR/businessroleId](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assignrole-br-businessroleid.md): Assigns a role to a business role.

## Assign a Group to a Business Role

 - [POST /accountmanager.assigngroup/BR/businessroleId](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.assigngroup-br-businessroleid.md): Assigns a group to a business role.

## Get a One Time Token

 - [POST /accountmanager.getonetimetoken](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.getonetimetoken.md): Generates a one time auth token (for the authenticated user). The token can be, for example,  sent via a URL GET parameter.

## Add a User

 - [POST /add/U](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-add-u.md): Creates a new user.

## Update a User

 - [POST /update/U](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-update-u.md): Updates details of the specified user.
>Information: Note that Update a User should not be used for role or group assignments. For these operations, use APIs such as Assign a Business Role to a User or Assign a User Group to Users.

## Delete a User

 - [POST /delete/U](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-delete-u.md): Deletes a specified user.

## Get a User Audit Report

 - [POST /accountmanager.audit/{TypeCode}/{id}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/user-admin/post-accountmanager.audit-typecode.md): Retrieves a report based on user roles, user groups, and business roles.

## Generate a JWT Token

 - [POST /accountmanager.getjsonwebtoken](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/authentication/post-accountmanager.getjsonwebtoken.md): Generates and returns a non-expiring JSON Web Token for the authenticated user. Allows to restrict the scope of the token by a list of permissions. Used for integration purposes.

>Information:
>The request header must contain real credentials (i.e. not just a session cookie).

## Generate a JWT Token (time limited)

 - [POST /accountmanager.getjsonwebtoken/{minutes}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/authentication/post-accountmanager.getjsonwebtoken-minutes.md): Generates and returns an expiring JSON Web Token for the authenticated user. Used for integration purposes.


>Information:
>The request header must contain real credentials (i.e. not just a session cookie).

## Get a One Time Token

 - [POST /accountmanager.getonetimetoken](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/authentication/post-accountmanager.getonetimetoken.md): Generates a one time auth token (for the authenticated user). The token can be, for example,  sent via a URL GET parameter.

## Get a User Audit Report

 - [POST /accountmanager.audit/{TypeCode}/{id}](https://api.pricefx.com/openapi/reference/pricefx-server_openapi/logs/post-accountmanager.audit-typecode.md): Retrieves a report based on user roles, user groups, and business roles.