# Modify Data ## User, Auth & Access Control
#APIDescription
1POST /api/logoutLogs out the current user, clears session and auth cookies, and returns a redirect URL.
2POST /api/createNewAccountCreates a new Akto account under the current user and initialises it with default agentic collections and settings.
3POST /api/goToAccountSwitches the active session context to a different account that the current user has access to.
4POST /api/updateUsernameAndOrganizationUpdates the current user's display name and, if the user is an ADMIN, the organisation name.
5POST /api/removeInvitationRemoves a pending invitation for the given email address. Only the invitation issuer or an ADMIN can remove invitations.
6POST /api/resetUserPasswordGenerates a password reset token for the specified user. Token is valid and can only be generated once every 2 hours.
7POST /api/createCustomRoleCreates a new custom role with specified base role, collection access, and feature permissions.
8POST /api/updateCustomRoleUpdates an existing custom role's base role, collection access, and feature permissions.
9POST /api/deleteCustomRoleDeletes a custom role by name. The role must not be assigned to any users or pending invites.
10POST /api/makeAdminUpdates the role of a user within the current account.
11POST /api/updateUserScopeRoleMappingUpdates the per-product-scope role mapping for a user, enabling fine-grained access control across product areas.
12POST /api/applyAccessTypeTriggers a background job to recalculate Agentic Component access types for all components based on current private CIDR and partner IP rules.
13POST /api/resetCollectionAccessTypesStarts a background job to reset access types for all Agentic Components across all collections.
14POST /api/addApiTokenCreates a new Agentic Request token of the specified utility type for the current user.
15POST /api/deleteApiTokenDeletes the specified Agentic Request token. Only the owning user can delete their own tokens.
16POST /api/saveSubscriptionSaves a web push notification subscription for the current user.
17POST /api/provisionSubscriptionCreates a billing checkout session via Stigg for the specified plan, and returns the checkout result.
18POST /api/refreshUsageDataForOrgTriggers a background job to recalculate and sync usage metrics for all accounts in the current organisation.
## POST /api/logout > POST request for endpoint /api/logout ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/logout":{"post":{"summary":"POST request for endpoint /api/logout","operationId":"/api/logout-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","description":"Optional redirect URL after logout.","properties":{"redirectUrl":{"type":"string","description":"URL to redirect to after logout."}}}}}},"responses":{"200":{"description":"Logout successful. Returns Auth0/SSO logout URL.","content":{"application/json":{"schema":{"type":"object","properties":{"logoutUrl":{"type":"string","description":"URL to redirect the user for completing logout (Auth0 or SSO)."}}}}}}}}}}} ``` ## POST /api/createNewAccount > POST request for endpoint /api/createNewAccount ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/createNewAccount":{"post":{"summary":"POST request for endpoint /api/createNewAccount","operationId":"/api/createNewAccount-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["newAccountName"],"properties":{"newAccountName":{"type":"string","description":"Display name for the new account."}}}}}},"responses":{"200":{"description":"Account created successfully. Session is updated with the new account context.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success; session cookies are updated."}}}}}}}}} ``` ## POST /api/goToAccount > POST request for endpoint /api/goToAccount ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/goToAccount":{"post":{"summary":"POST request for endpoint /api/goToAccount","operationId":"/api/goToAccount-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["newAccountId"],"properties":{"newAccountId":{"type":"integer","description":"Numeric ID of the account to switch to."}}}}}},"responses":{"200":{"description":"Session switched to the specified account. Session cookies are updated.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success; session cookies are updated."}}}}}}}}} ``` ## POST /api/updateUsernameAndOrganization > POST request for endpoint /api/updateUsernameAndOrganization ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/updateUsernameAndOrganization":{"post":{"summary":"POST request for endpoint /api/updateUsernameAndOrganization","operationId":"/api/updateUsernameAndOrganization-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["username"],"properties":{"username":{"type":"string","description":"New display name for the user. Max 24 characters. Allowed: alphanumeric, spaces, hyphens."},"organization":{"type":"string","description":"New organisation name (required for ADMIN users). Max 24 characters. Allowed: alphanumeric, spaces, dots, ampersand, hyphens."}}}}}},"responses":{"200":{"description":"Username (and organisation for admins) updated successfully.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/removeInvitation > POST request for endpoint /api/removeInvitation ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/removeInvitation":{"post":{"summary":"POST request for endpoint /api/removeInvitation","operationId":"/api/removeInvitation-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["email"],"properties":{"email":{"type":"string","format":"email","description":"Email address of the pending invitation to remove."}}}}}},"responses":{"200":{"description":"Invitation removed successfully.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/resetUserPassword > POST request for endpoint /api/resetUserPassword ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/resetUserPassword":{"post":{"summary":"POST request for endpoint /api/resetUserPassword","operationId":"/api/resetUserPassword-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["userEmail"],"properties":{"userEmail":{"type":"string","format":"email","description":"Email of the user whose password should be reset."}}}}}},"responses":{"200":{"description":"Password reset token generated.","content":{"application/json":{"schema":{"type":"object","properties":{"passwordResetToken":{"type":"string","description":"One-time password reset token to be sent to the user."}}}}}}}}}}} ``` ## POST /api/createCustomRole > POST request for endpoint /api/createCustomRole ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/createCustomRole":{"post":{"summary":"POST request for endpoint /api/createCustomRole","operationId":"/api/createCustomRole-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["roleName","baseRole"],"properties":{"roleName":{"type":"string","description":"Unique name for the role. Max 50 characters. Alphanumeric, hyphens, and underscores only."},"baseRole":{"type":"string","description":"Base role from which this custom role inherits. One of: ADMIN, MEMBER, GUEST."},"apiCollectionIds":{"type":"array","description":"List of API collection IDs this role has access to.","items":{"type":"integer"}},"defaultInviteRole":{"type":"boolean","description":"Whether this role is the default role assigned to new invites."},"allowedFeaturesForUser":{"type":"array","description":"List of feature keys enabled for users in this role.","items":{"type":"string"}}}}}}},"responses":{"200":{"description":"Custom role created successfully.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/updateCustomRole > POST request for endpoint /api/updateCustomRole ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/updateCustomRole":{"post":{"summary":"POST request for endpoint /api/updateCustomRole","operationId":"/api/updateCustomRole-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["roleName","baseRole"],"properties":{"roleName":{"type":"string","description":"Name of the existing custom role to update."},"baseRole":{"type":"string","description":"Updated base role. One of: ADMIN, MEMBER, GUEST."},"apiCollectionIds":{"type":"array","description":"Updated list of API collection IDs this role has access to.","items":{"type":"integer"}},"defaultInviteRole":{"type":"boolean","description":"Whether this role should become the default role for new invites."},"allowedFeaturesForUser":{"type":"array","description":"Updated list of feature keys enabled for users in this role.","items":{"type":"string"}}}}}}},"responses":{"200":{"description":"Custom role updated successfully.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/deleteCustomRole > POST request for endpoint /api/deleteCustomRole ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteCustomRole":{"post":{"summary":"POST request for endpoint /api/deleteCustomRole","operationId":"/api/deleteCustomRole-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["roleName"],"properties":{"roleName":{"type":"string","description":"Name of the custom role to delete."}}}}}},"responses":{"200":{"description":"Custom role deleted successfully.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/makeAdmin > POST request for endpoint /api/makeAdmin ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/makeAdmin":{"post":{"summary":"POST request for endpoint /api/makeAdmin","operationId":"/api/makeAdmin-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["email","userRole"],"properties":{"email":{"type":"string","format":"email","description":"Email address of the user whose role is to be updated."},"userRole":{"type":"string","description":"New role to assign to the user. Value is uppercased before processing."}}}}}},"responses":{"200":{"description":"User role updated and cache cleared.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/updateUserScopeRoleMapping > POST request for endpoint /api/updateUserScopeRoleMapping ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/updateUserScopeRoleMapping":{"post":{"summary":"POST request for endpoint /api/updateUserScopeRoleMapping","operationId":"/api/updateUserScopeRoleMapping-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["email","scopeRoleMapping"],"properties":{"email":{"type":"string","format":"email","description":"Email address of the user to update."},"scopeRoleMapping":{"type":"object","description":"Map of product scope to role. Valid scopes include API, ENDPOINT, etc. Use NO_ACCESS to revoke access for a scope.","additionalProperties":{"type":"string"}}}}}}},"responses":{"200":{"description":"Scope-role mapping updated and user cache cleared.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body on success."}}}}}}}}} ``` ## POST /api/applyAccessType > POST request for endpoint /api/applyAccessType ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/applyAccessType":{"post":{"summary":"POST request for endpoint /api/applyAccessType","operationId":"/api/applyAccessType-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","description":"No request body required. Configuration is read from AccountSettings (privateCidrList, partnerIpList)."}}}},"responses":{"200":{"description":"Background access-type calculation job started.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body; processing happens asynchronously."}}}}}}}}} ``` ## POST /api/resetCollectionAccessTypes > POST request for endpoint /api/resetCollectionAccessTypes ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/resetCollectionAccessTypes":{"post":{"summary":"POST request for endpoint /api/resetCollectionAccessTypes","operationId":"/api/resetCollectionAccessTypes-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","description":"No request body required."}}}},"responses":{"200":{"description":"Background reset job started.","content":{"application/json":{"schema":{"type":"object","properties":{"response":{"type":"object","properties":{"started":{"type":"boolean","description":"Always true when the job was successfully enqueued."},"message":{"type":"string","description":"Human-readable status message."}}}}}}}}}}}}} ``` ## POST /api/addApiToken > POST request for endpoint /api/addApiToken ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/addApiToken":{"post":{"summary":"POST request for endpoint /api/addApiToken","operationId":"/api/addApiToken-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["tokenUtility"],"properties":{"tokenUtility":{"type":"string","description":"Type of API token to create. One of: BURP, CICD, EXTERNAL_API."}}}}}},"responses":{"200":{"description":"API token created. Returns the newly created token in a list.","content":{"application/json":{"schema":{"type":"object","properties":{"apiTokenList":{"type":"array","description":"List containing the newly created ApiToken object.","items":{"type":"object","properties":{"id":{"type":"integer"},"key":{"type":"string","description":"40-character random API key."},"utility":{"type":"string"},"userId":{"type":"integer"}}}}}}}}}}}}}} ``` ## POST /api/deleteApiToken > POST request for endpoint /api/deleteApiToken ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteApiToken":{"post":{"summary":"POST request for endpoint /api/deleteApiToken","operationId":"/api/deleteApiToken-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["apiTokenId"],"properties":{"apiTokenId":{"type":"integer","description":"ID of the API token to delete."}}}}}},"responses":{"200":{"description":"Returns whether the token was successfully deleted.","content":{"application/json":{"schema":{"type":"object","properties":{"apiTokenDeleted":{"type":"boolean","description":"True if the token was found and deleted, false otherwise."}}}}}}}}}}} ``` ## POST /api/saveSubscription > POST request for endpoint /api/saveSubscription ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/saveSubscription":{"post":{"summary":"POST request for endpoint /api/saveSubscription","operationId":"/api/saveSubscription-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["subscription"],"properties":{"subscription":{"type":"object","description":"Web push subscription object (PushSubscription from the browser Push API).","properties":{"endpoint":{"type":"string"},"keys":{"type":"object","properties":{"p256dh":{"type":"string"},"auth":{"type":"string"}}}}}}}}}},"responses":{"200":{"description":"Subscription saved successfully.","content":{"application/json":{"schema":{"type":"object","properties":{"subscription":{"type":"object","description":"Confirmation object.","properties":{"complete":{"type":"boolean"}}}}}}}}}}}}} ``` ## POST /api/provisionSubscription > POST request for endpoint /api/provisionSubscription ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/provisionSubscription":{"post":{"summary":"POST request for endpoint /api/provisionSubscription","operationId":"/api/provisionSubscription-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["customerId","planId","billingPeriod","successUrl","cancelUrl"],"properties":{"customerId":{"type":"string","description":"Stigg customer ID for the organisation."},"planId":{"type":"string","description":"Identifier of the billing plan to subscribe to."},"billingPeriod":{"type":"string","description":"Billing period for the subscription. One of: monthly, annual."},"successUrl":{"type":"string","description":"URL to redirect to after successful checkout."},"cancelUrl":{"type":"string","description":"URL to redirect to if the user cancels checkout."}}}}}},"responses":{"200":{"description":"Checkout session created. Returns the result from the billing service.","content":{"application/json":{"schema":{"type":"object","properties":{"checkoutResult":{"type":"object","description":"Checkout session details returned by the Stigg billing service.","properties":{"checkoutUrl":{"type":"string"},"status":{"type":"string"}}}}}}}}}}}}} ``` ## POST /api/refreshUsageDataForOrg > POST request for endpoint /api/refreshUsageDataForOrg ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/refreshUsageDataForOrg":{"post":{"summary":"POST request for endpoint /api/refreshUsageDataForOrg","operationId":"/api/refreshUsageDataForOrg-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","description":"No request body required."}}}},"responses":{"200":{"description":"Background usage refresh job enqueued.","content":{"application/json":{"schema":{"type":"object","description":"Empty response body; processing happens asynchronously."}}}}}}}}} ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ai-security-docs.akto.io/api-reference/user-management/modify-data.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.