Skip to main content

User Management API Overview

The User Management API in the CRM GraphQL API provides capabilities for managing user accounts, monitoring user activity, and facilitating communication with users. This API is designed for administrative use by authorized CRM personnel to oversee the user base.

Authentication and Authorization​

Access to the User Management API requires proper authentication with CRM credentials. Most endpoints are protected by role-based access control, requiring the CrmUserRole.BO (Back Office) role. This ensures that only authorized staff can access sensitive user information and perform administrative actions.

Available Operations​

The User Management API provides the following operations:

User Management​

Queries​

  • users: Get a paginated list of users with filtering capabilities
  • user: Get detailed information about a specific user by ID

Mutations​

  • blockUsers: Block multiple users by setting their status to BLOCKED
  • activeUsers: Activate multiple users by setting their status to ACTIVE

Chat Management​

Queries​

  • allChannels: Get a list of all chat channels in the system

Mutations​

  • createOrUpdateChannel: Create a new chat channel or update an existing one
  • deleteChannels: Delete multiple chat channels
  • sendMessageToChannel: Send a message to a specified chat channel
  • setRoleToUsersOnChat: Update a user's role in the chat system

Data Models​

The API returns the following key data models:

UserBoModel​

The main model containing user information:

type UserBoModel {
  id: ID!
  username: String
  email: String
  createdAt: DateTime!
  updatedAt: DateTime!
  avatar: String
  phoneNumber: String
  isEmailVerified: Boolean!
  emailVerifiedAt: DateTime
  chatRole: ChatRole
  status: UserStatus
  sessions: UserSessionsBoResponse!
  referrerToUsersBySignUp(limit: Int, offset: Int, order: OrderDirection, orderBy: String, filter: UsersFilterInput): UsersPaginationBoResponse
  overlapIPUsers: [UserBoModel!]!
  # ... many additional fields
}

SessionBoModel​

Contains information about a user session:

type SessionBoModel {
  id: ID!
  sessionId: String!
  deviceName: String
  deviceType: DeviceType
  browser: String
  operatingSystem: String
  ipAddress: IpAddress
  country: String
  region: String
  city: String
  isActive: Boolean!
  createdAt: DateTime!
  updatedAt: DateTime!
  lastActiveAt: DateTime
  fingerprint: String
  mfaVerified: Boolean
  user: UserBoModel
}

ChatStreamChannelsBoResponse​

Contains information about a chat channel:

type ChatStreamChannelsBoResponse {
  id: String!
  cid: String!
  type: String!
  name: String!
  avatar: String
}

Pagination​

All list queries support pagination with the following parameters:

  • limit: Maximum number of items to return (default: 10)
  • offset: Number of items to skip (default: 0)
  • order: Sort order, either ASC or DESC (default: ASC)
  • orderBy: Field to sort by (default depends on the entity)

Paginated responses include:

type UsersPaginationBoResponse {
  data: [UserBoModel!]!
  count: Int!
  limit: Int!
  offset: Int!
}

Filtering​

User queries support filtering with the following parameters:

input UsersFilterInput {
  query: String
  email: String
  # Additional filter fields
}

Error Handling​

The API follows standard GraphQL error handling patterns. Errors will be returned in the errors array of the GraphQL response.

Security Considerations​

  • All sensitive user information is only accessible to authorized CRM personnel
  • Some fields, like email addresses, are only accessible through specific resolvers with proper authorization
  • User filtering and search capabilities are carefully controlled to prevent data exposure
  • All administrative actions are logged for audit purposes