SCS Smart City Docs

Appearance

Users API

The Users API provides user management, role assignment, and access control.

Overview

ProcedureTypeAuthDescription
users.getAllQueryAdminGet all users
users.getByIdQueryYesGet user by ID
users.createMutationAdminCreate new user
users.updateMutationYesUpdate user
users.changePasswordMutationYesChange own password
users.resetPasswordMutationAdminReset user password
users.deleteMutationAdminDelete user
users.getProfileQueryYesGet current user
users.approveUserMutationAdminApprove pending user
users.declineUserMutationAdminDecline user
users.getRolesQueryAdminGet available roles

User Roles

typescript
enum Role {
  SUPER_ADMIN = "SUPER_ADMIN",  // Full system access
  ADMIN = "ADMIN",              // Administration access
  OPERATOR = "OPERATOR",        // Operational access
  VIEWER = "VIEWER"             // Read-only access
}

Procedures

users.getAll

Get all users (admin only).

Type: Query Auth Required: Admin

Input

typescript
{
  skip?: number;           // Default: 0
  take?: number;           // Default: 50, max: 100
  search?: string;         // Search in name/email
  role?: Role;             // Filter by role
  isActive?: boolean;      // Filter by active status
  sortBy?: "firstName" | "lastName" | "email" | "role" | "createdAt" | "lastLogin";
  sortOrder?: "asc" | "desc";
}

Response

typescript
{
  users: Array<{
    id: string;
    email: string;
    firstName: string;
    lastName: string;
    role: string;
    isActive: boolean;
    lastLogin: string | null;
    createdAt: string;
    updatedAt: string;
  }>;
  total: number;
  pageCount: number;
}

Example

bash
curl -X GET "https://api.itms.solutions/trpc/users.getAll" \
  -H "Authorization: Bearer YOUR_ADMIN_TOKEN"

users.getById

Get user by ID. Users can view their own profile, admins can view any.

Type: Query Auth Required: Yes

Input

typescript
{
  id: string;
}

users.create

Create a new user (admin only).

Type: Mutation Auth Required: Admin

Input

typescript
{
  email: string;           // Valid email
  password: string;        // Min 8 characters
  firstName: string;       // Min 2 characters
  lastName: string;        // Min 2 characters
  role?: Role;             // Default: VIEWER
}

Response

typescript
{
  id: string;
  email: string;
  firstName: string;
  lastName: string;
  role: string;
  isActive: boolean;
  createdAt: string;
  updatedAt: string;
}

Example

bash
curl -X POST "https://api.itms.solutions/trpc/users.create" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_ADMIN_TOKEN" \
  -d '{
    "json": {
      "email": "operator@example.com",
      "password": "SecurePass123!",
      "firstName": "John",
      "lastName": "Operator",
      "role": "OPERATOR"
    }
  }'

users.update

Update user. Users can update their own profile, admins can update any.

Type: Mutation Auth Required: Yes

Input

typescript
{
  id: string;              // Required
  email?: string;
  firstName?: string;
  lastName?: string;
  role?: Role;             // Admin only
  isActive?: boolean;      // Admin only
}

users.changePassword

Change current user's password.

Type: Mutation Auth Required: Yes

Input

typescript
{
  currentPassword: string;
  newPassword: string;     // Min 8 characters
}

Response

typescript
{
  success: boolean;
}

users.resetPassword

Reset a user's password (admin only).

Type: Mutation Auth Required: Admin

Input

typescript
{
  id: string;
  newPassword: string;     // Min 8 characters
}

users.delete

Delete a user (admin only). Cannot delete yourself.

Type: Mutation Auth Required: Admin

Input

typescript
{
  id: string;
}

users.getProfile

Get current authenticated user's profile.

Type: Query Auth Required: Yes

Response

typescript
{
  id: string;
  email: string;
  firstName: string;
  lastName: string;
  role: string;
  isActive: boolean;
  lastLogin: string | null;
  createdAt: string;
  updatedAt: string;
}

users.approveUser

Approve a pending user (admin only).

Type: Mutation Auth Required: Admin

Input

typescript
{
  id: string;
}

users.declineUser

Decline/deactivate a user (admin only).

Type: Mutation Auth Required: Admin

Input

typescript
{
  id: string;
}

users.getRoles

Get available roles with user counts (admin only).

Type: Query Auth Required: Admin

Response

typescript
Array<{
  id: string;              // Role ID
  name: string;            // Display name
  description: string;     // Role description
  userCount: number;       // Users with this role
  isSystem: boolean;       // System-defined role
  createdAt: string;
}>

Role Permissions

PermissionSUPER_ADMINADMINOPERATORVIEWER
View DashboardYesYesYesYes
View AnalyticsYesYesYesYes
Export AnalyticsYesYesYesNo
View EventsYesYesYesYes
Create EventsYesYesYesNo
Edit EventsYesYesYesNo
Delete EventsYesYesNoNo
View SensorsYesYesYesYes
Add SensorsYesYesNoNo
Edit SensorsYesYesYesNo
Delete SensorsYesYesNoNo
View UsersYesYesYesYes
Create UsersYesYesNoNo
Edit UsersYesYesNoNo
Delete UsersYesYesNoNo
Manage RolesYesYesNoNo
View SettingsYesYesYesYes
Edit SettingsYesYesNoNo
System BackupYesYesNoNo

Password Requirements

  • Minimum 8 characters
  • Stored using bcrypt with 10 salt rounds
  • Never transmitted or stored in plain text

SCS Smart City - Traffic, Gateway, Camera, and NVR Platform

Copyright © 2026 ITMS Solutions