Platform Users and MFA

Platform-wide user search, owner promotion, and MFA administration.

Updated May 10, 2026 Edit this page

Platform Users and MFA

Endpoints

Method Path Description
GET /api/platform/users List users
GET /api/platform/users/search Search by email or ID
GET /api/platform/users/:user_id Get a single user
GET /api/platform/users/:user_id/mfa/status Read MFA status
DELETE /api/platform/users/:user_id/mfa Force-disable MFA
POST /api/platform/owners Promote a platform owner
DELETE /api/platform/owners/:user_id Demote a platform owner

Example list response

{
  "users": [
    {
      "id": "user_123",
      "email": "user@example.com",
      "is_platform_owner": false,
      "created_at": "2026-05-10T08:00:00Z"
    }
  ],
  "total": 1
}

Example MFA status response

{
  "enabled": true,
  "has_backup_codes": true
}

Notes

  • All endpoints on this page require platform-owner access.
  • MFA metrics and suspicious-activity endpoints are documented on Platform Operations.