User Settings

The /api/v1/user/settings/* endpoints back the account-settings screens: profile and avatar, password and account emails, two-factor and WebAuthn security, active sessions, personal access and NATS tokens, and OAuth2 applications. All paths on this page are relative to the API root /api/v1 (for example, /user/settings/profile is https://<akp-host>/api/v1/user/settings/profile).

Unless noted otherwise:

  • Auth: Token — send Authorization: token <YOUR_TOKEN>.

Profile & avatar

GET /user/settings/profile

Get the authenticated user’s editable profile.

  • Auth: Token.

Response: 200 OK — a Profile object.

{
  "name": "someuser",
  "full_name": "Some User",
  "email": "user@example.com",
  "keep_email_private": false,
  "website": "",
  "location": "",
  "language": "en-US",
  "description": ""
}
FieldTypeDescription
namestringUsername.
full_namestringDisplay name.
emailstringPrimary email.
keep_email_privatebooleanHide email from public profile.
websitestringWebsite URL.
locationstringFree-form location.
languagestringPreferred UI language.
descriptionstringFree-form bio.

Verified: GET /user/settings/profile returned 200 against appscode on 2026-07-14.

POST /user/settings/profile

Update the authenticated user’s profile.

  • Auth: Token.

Request body: a Profile object (same fields as above).

Response: 200 OK — the updated Profile object.

GET /user/settings/avatar

Get the authenticated user’s avatar settings.

  • Auth: Token.

Response: 200 OK — an AvatarParams object.

{
  "source": "gravatar",
  "gravatar": "user@example.com",
  "federavatar": false
}
FieldTypeDescription
sourcestringAvatar source (e.g. gravatar, local).
gravatarstringGravatar email/hash.
federavatarbooleanWhether federated (libravatar) is enabled.

Verified: GET /user/settings/avatar returned 200 against appscode on 2026-07-14.

POST /user/settings/avatar

Update the authenticated user’s avatar.

  • Auth: Token.
  • Content type: multipart/form-data (AvatarParams), with an avatar file field for uploads plus the source, gravatar, and federavatar fields.

Response: 200 OK with no body.

POST /user/settings/avatar/delete

Delete the authenticated user’s avatar.

  • Auth: Token.

Response: 200 OK with no body.


Account: password, email, deletion

POST /user/settings/account/password

Update the authenticated user’s password.

  • Auth: Token.

Request body: UpdatePasswordParams.

{
  "old_password": "<current-password>",
  "password": "<new-password>",
  "retype": "<new-password>"
}
FieldTypeRequiredDescription
old_passwordstringyesCurrent password.
passwordstringyesNew password.
retypestringyesNew password, repeated for confirmation.

Response: 200 OK with no body.

GET /user/settings/account/email

Get the authenticated user’s email-address records. Returns the raw models.EmailAddress records, modeled as an array of opaque objects.

  • Auth: Token.

Response: 200 OK — an array of opaque email-address records.

Verified: the sibling GET /user/emails returned 200; this settings variant returns the same underlying records in raw form.

POST /user/settings/account/email

Add an email address, or make an existing one primary.

  • Auth: Token.

With ?_method=PRIMARY&id=<id>, marks the existing email with that ID as primary. Otherwise, adds the email supplied in the body.

Query parameters:

NameTypeRequiredDescription
_methodstringnoSet to PRIMARY to mark an existing email as primary.
idinteger (int64)noEmail address ID (used with _method=PRIMARY).

Request body: AddEmailParams.

{ "email": "user@example.com" }
FieldTypeRequiredDescription
emailstringyes (when adding)Email address to add.

Response: 200 OK (with or without a string body).

POST /user/settings/account/email/delete

Delete an email address.

  • Auth: Token.

Query parameters:

NameTypeRequiredDescription
idinteger (int64)noID of the email address to delete.

Response: 200 OK with no body.

POST /user/settings/account/delete

Delete the authenticated user’s account. Requires the current password and signs the user out on success.

  • Auth: Token.

Query parameters:

NameTypeRequiredDescription
passwordstringnoCurrent password, for confirmation.

Response: 200 OK — account deleted and user signed out.


Pagination preferences

GET /user/settings/pagination

Get the authenticated user’s per-UI pagination page-size settings.

  • Auth: Token.

Response: 200 OK — a Pagination object.

{
  "kubeDBUI": 0,
  "consoleUI": 0,
  "platformUI": 0
}
FieldTypeDescription
kubeDBUIinteger (int64)Page size for the KubeDB UI.
consoleUIinteger (int64)Page size for the console UI.
platformUIinteger (int64)Page size for the platform UI.

Verified: GET /user/settings/pagination returned 200 against appscode on 2026-07-14.

POST /user/settings/pagination

Update the authenticated user’s pagination settings.

  • Auth: Token.

Request body: a Pagination object (fields as above).

Response: 200 OK — the updated Pagination object.


Security: two-factor authentication

GET /user/settings/security/

Get the two-factor enrollment status.

  • Auth: Token.

Response: 200 OK — a TwoFAStatus object.

{ "twoFAEnrolled": false }

Verified: GET /user/settings/security/ returned 200 against appscode on 2026-07-14.

GET /user/settings/security/twofa/enroll

Begin two-factor enrollment: generate a TOTP secret and QR image.

  • Auth: Token.

Response: 200 OK — a Security object.

{
  "twoFASecret": "<totp-secret>",
  "twoFAImageURL": "data:image/png;base64,<...>"
}
FieldTypeDescription
twoFASecretstringTOTP secret to add to an authenticator app.
twoFAImageURLstringdata:image/png;base64 encoded QR code.

Verified: GET /user/settings/security/twofa/enroll returned 200 against appscode on 2026-07-14. (Secret redacted above.)

POST /user/settings/security/twofa/enroll

Complete two-factor enrollment by submitting a TOTP passcode.

  • Auth: Token.

Request body: TwoFactorAuthParams.

{ "passCode": "123456" }
FieldTypeRequiredDescription
passCodestringyesTOTP passcode from the authenticator app.

Response: 200 OK — a scratch token string (store it safely for account recovery).

POST /user/settings/security/twofa/regenerate_scratch

Regenerate the two-factor scratch (recovery) token.

  • Auth: Token.

Response: 200 OK — a new scratch token string.

POST /user/settings/security/twofa/disable

Disable two-factor authentication.

  • Auth: Token.

Response: 200 OK with no body.


Security: WebAuthn keys

GET /user/settings/security/webauthn/keys

List the authenticated user’s registered WebAuthn security keys.

  • Auth: Token.

Response: 200 OK — an array of WebAuthnSecurityKeys objects.

[
  { "ID": 1, "Name": "yubikey-5", "UID": 2 }
]
FieldTypeDescription
IDinteger (int64)Key ID.
NamestringUser-assigned key name.
UIDinteger (int64)Owning user ID.

Verified: GET /user/settings/security/webauthn/keys returned 200 against appscode on 2026-07-14.

POST /user/settings/security/webauthn/request_register

Begin WebAuthn registration; reserves a credential name and returns the WebAuthn credential-creation options.

  • Auth: Token.

Request body: WebauthnRegistrationOptions.

{ "name": "yubikey-5" }
FieldTypeRequiredDescription
namestringyesName for the new security key.

Response: 200 OK — the WebAuthn credential-creation options (an opaque, protocol-defined object passed to the browser’s WebAuthn API).

POST /user/settings/security/webauthn/register

Complete WebAuthn registration. Reads the security-key response (the authenticator’s attestation) from the request body.

  • Auth: Token.

Response: 201 Created — the created credential (an opaque, protocol-defined object).

DELETE /user/settings/security/webauthn/keys/{id}

Delete a WebAuthn security key.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)ID of the WebAuthn security key.

Response: 200 OK with no body; 404 if not found.


Security: sessions

GET /user/settings/security/sessions/

List the authenticated user’s active sessions.

  • Auth: Token.

Response: 200 OK — an array of SessionInfoAPIForm objects. Each embeds an opaque go-macaron session record plus the fields below.

[
  {
    "isActiveSession": true,
    "lastAccessedZonedTime": "2026-07-13T18:23:53Z",
    "lastAccessed": 1768329833
  }
]
FieldTypeDescription
isActiveSessionbooleanWhether this is the current session.
lastAccessedZonedTimestringLast access time (formatted).
lastAccessedinteger (int64)Last access time (Unix).

Verified: GET /user/settings/security/sessions/ returned 302 against appscode on 2026-07-14 — this endpoint relies on the web-console session cookie and redirects when called with a bare token.

DELETE /user/settings/security/sessions/{sid}/revoke

Revoke a session.

  • Auth: Token.

Path parameters:

NameTypeDescription
sidstringSession ID to revoke.

Response: 200 OK — the remaining array of SessionInfoAPIForm objects; 404 if the session is not found.


Security: linked accounts

List linked external (OAuth2/login-source) accounts.

  • Auth: Token.

Response: 200 OK — an array of AccountLink objects.

[
  {
    "loginSourceID": 3,
    "externalID": "<external-id>",
    "type": 6,
    "providerDisplayName": "GitHub",
    "isActived": true,
    "isSyncEnabled": false
  }
]
FieldTypeDescription
loginSourceIDinteger (int64)Login-source ID.
externalIDstringExternal account identifier.
typeintegerLogin-source type.
providerDisplayNamestringHuman-readable provider name.
isActivedbooleanWhether the link is active.
isSyncEnabledbooleanWhether group/attribute sync is enabled.

Verified: GET /user/settings/security/account_link returned 200 against appscode on 2026-07-14.

POST /user/settings/security/account_link

Remove a linked external account. (Despite the POST verb, this deletes the link.)

  • Auth: Token.

Request body: AccountLinkParams.

{
  "loginSourceID": 3,
  "externalID": "<external-id>"
}
FieldTypeRequiredDescription
loginSourceIDinteger (int64)yesLogin-source ID of the link.
externalIDstringyesExternal account identifier.

Response: 200 OK with no body.


Organizations

GET /user/settings/organizations

List the authenticated user’s organizations.

  • Auth: Token.

Response: 200 OK — an array of Organization objects (fields documented on the Public & Basic-auth User APIs page).

Verified: GET /user/settings/organizations returned 200 against appscode on 2026-07-14.

GET /user/settings/organizations/create

Check whether the authenticated user is allowed to create organizations.

  • Auth: Token.

Response: 200 OK if allowed; 403 if not.

Verified: GET /user/settings/organizations/create returned 200 against appscode on 2026-07-14 (this user may create organizations).

POST /user/settings/organizations/create

Create an organization.

  • Auth: Token.
  • Content type: multipart/form-data (CreateOrgParams).

Request body fields (CreateOrgParams):

FieldTypeRequiredDescription
orgNamestringyesOrganization slug.
orgFullNamestringnoDisplay name.
descriptionstringnoFree-form description.
websitestringnoWebsite URL.
locationstringnoFree-form location.
orgTypestringnoOrganization type.
rancherManagementClusterEndPointstringnoRancher management endpoint.
provideSyncTokenbooleannoWhether a Rancher sync token is supplied.
rancherSyncTokenobjectnoRancher access key pair.
visibilitystringnopublic, limited, or private.
source / avatar / gravatar / federavatarmixednoAvatar settings (with avatar as a file upload).

Response: 200 OK — an ApiResponseMessage ({ "message": "..." }), which may carry a note about Rancher sync.


Personal access tokens (settings)

GET /user/settings/tokens/access-tokens/

List the authenticated user’s personal access tokens.

  • Auth: Token.

Response: 200 OK — an array of SettingsAccessToken objects.

[
  {
    "id": 1,
    "uid": 2,
    "name": "ci-token",
    "tokenLastEight": "1a2b3c4d",
    "createdAt": 1768329833,
    "updatedAt": 1768329833,
    "hasRecentActivity": true,
    "hasUsed": true,
    "expDate": 0
  }
]
FieldTypeDescription
idinteger (int64)Token ID.
uidinteger (int64)Owning user ID.
namestringToken name.
tokenstringPlaintext token — returned only on creation.
tokenLastEightstringLast eight characters, for identification.
createdAt / updatedAtinteger (int64)Unix timestamps.
hasRecentActivitybooleanWhether the token was used recently.
hasUsedbooleanWhether the token has ever been used.
expDateinteger (int64)Expiry (Unix seconds); 0 means no expiry.

Verified: GET /user/settings/tokens/access-tokens/ returned 200 against appscode on 2026-07-14.

POST /user/settings/tokens/access-tokens/

Create a new personal access token.

  • Auth: Token.

Request body: NewAccessTokenParam.

{
  "name": "ci-token",
  "expTime": 0
}
FieldTypeRequiredDescription
namestringyesToken name.
expTimeinteger (int64)noUnix expiry timestamp; 0 means no expiry.

Response: 201 Created — a SettingsAccessToken. The plaintext value is returned in token only on this response.

POST /user/settings/tokens/access-tokens/delete-records

Bulk-delete access tokens by ID.

  • Auth: Token.

Request body: AccessTokenIdList.

{ "tokenIDs": [1, 2, 3] }
FieldTypeRequiredDescription
tokenIDsarray of integer (int64)yesIDs of tokens to delete.

Response: 200 OK — a message describing how many records were deleted ({ "message": "..." }).

DELETE /user/settings/tokens/access-tokens/{id}

Delete a single access token.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)ID of the access token to delete.

Response: 200 OK with no body; 404 if not found.


NATS tokens (settings)

GET /user/settings/tokens/nats-tokens/

List the authenticated user’s NATS user-type tokens (returned as an array of opaque NATS token-account objects).

  • Auth: Token.

Response: 200 OK — an array of opaque objects.

Verified: GET /user/settings/tokens/nats-tokens/ returned 200 against appscode on 2026-07-14.

POST /user/settings/tokens/nats-tokens/{id}/revoke/

Revoke a NATS user-type token.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)ID of the NATS token to revoke.

Response: 200 OK with no body; 404 if not found.


OAuth2 applications

GET /user/settings/applications/oauth2

List the authenticated user’s OAuth2 applications.

  • Auth: Token.

Response: 200 OK — an array of OAuth2Application objects.

[
  {
    "id": 1,
    "uid": 2,
    "name": "my-app",
    "clientId": "<client-id>",
    "redirectURIs": ["https://app.example.com/callback"],
    "createdAt": 1768329833,
    "updatedAt": 1768329833
  }
]
FieldTypeDescription
idinteger (int64)Application ID.
uidinteger (int64)Owning user ID.
namestringApplication name.
clientIdstringOAuth2 client ID.
clientSecretstringPlaintext secret — returned only on create/regenerate.
clientSecretHashstringStored secret hash.
redirectURIsarray of stringAllowed redirect URIs.
logostringLogo URL.
createdAt / updatedAtinteger (int64)Unix timestamps.

Verified: GET /user/settings/applications/oauth2 returned 200 against appscode on 2026-07-14.

POST /user/settings/applications/oauth2

Create an OAuth2 application.

  • Auth: Token.

Request body: OAuth2ApplicationParams.

{
  "name": "my-app",
  "redirectUri": "https://app.example.com/callback"
}
FieldTypeRequiredDescription
namestringyesApplication name.
redirectUristringyesRedirect URI.
logofilenoLogo file (multipart, on update).

Response: 200 OK — the created OAuth2Application, including the plaintext clientSecret (shown only on this response).

GET /user/settings/applications/oauth2/{id}

Get a single OAuth2 application.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)Application ID.

Response: 200 OK — an OAuth2Application; 404 if not found.

PUT /user/settings/applications/oauth2/{id}

Update an OAuth2 application.

  • Auth: Token.
  • Content type: multipart/form-data (OAuth2ApplicationParams, which may include a logo file).

Path parameters:

NameTypeDescription
idinteger (int64)Application ID.

Response: 200 OK — the updated OAuth2Application.

DELETE /user/settings/applications/oauth2/{id}

Delete an OAuth2 application.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)Application ID.

Response: 200 OK with no body; 404 if not found.

POST /user/settings/applications/oauth2/{id}/regenerate_secret

Regenerate an OAuth2 application’s client secret.

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)Application ID.

Response: 200 OK — the new client-secret string.

POST /user/settings/applications/oauth2/{id}/revoke

Revoke an OAuth2 grant. Here {id} is the grant ID (not the application ID).

  • Auth: Token.

Path parameters:

NameTypeDescription
idinteger (int64)ID of the OAuth2 grant to revoke.

Response: 200 OK with no body.

GET /user/settings/applications/oauth2/grants

List the authenticated user’s OAuth2 grants (authorizations the user has given to applications).

  • Auth: Token.

Response: 200 OK — an array of OAuth2Grant objects.

[
  {
    "id": 1,
    "userId": 2,
    "applicationId": 1,
    "applicationName": "my-app",
    "counter": 4,
    "createdAt": 1768329833,
    "updatedAt": 1768329833
  }
]
FieldTypeDescription
idinteger (int64)Grant ID.
userIdinteger (int64)Granting user ID.
applicationIdinteger (int64)Application ID.
applicationNamestringApplication name.
logostringApplication logo URL.
counterinteger (int64)Usage counter.
createdAt / updatedAtinteger (int64)Unix timestamps.

Verified: GET /user/settings/applications/oauth2/grants returned 200 against appscode on 2026-07-14.