User API Reference
The User API enables you to create, delete, and list representations of users.
API endpoint
In the request header, set Host
to the following, depending on the region of your organization: https://api.amazonalexa.com
.
Authentication
Each API request must have an authorization header whose value is the access token retrieved from Login with Amazon (LWA).
Operations
The User API includes the following operations.
Operation | HTTP Method and URI |
---|---|
| |
| |
|
Create user
Creates a user in the specified organization.
This operation is available in the following countries.
Healthcare | Hospitality | Senior Living | Core |
---|---|---|---|
None |
US, CA |
US, CA |
US, CA |
Request
To create a user, you make a POST
request to the /v1/auth/users
resource.
Request header example
POST /v1/auth/users HTTP/1.1
Host: api.amazonalexa.com
Content-Type: application/json
Authorization: Bearer {access token}
Request header parameters
Parameter | Description | Type | Required |
---|---|---|---|
|
String |
Yes |
Request body example
{
"organizationId": "amzn1.alexa.org.did.exampleId"
}
Request body parameters
Parameter | Description | Type | Required |
---|---|---|---|
|
ID of the organization to which to add the user. The format of the organization ID is |
String |
Yes |
Response
A successful response returns HTTP 201.
Response body example
The following example shows the body of a successful response.
{
"userId": "amzn1.alexa.org.user.did.ABCGHLLKJKJHGHGHJ",
"accessToken": "Atza|ABCDEFGHIJKLMNOPQRSTUVWXYZ",
"refreshToken": "Atzr|ABCDEFGHIJKLMNOPQRSTUVWXYZ"
}
Response body parameters
Parameter | Description | Type |
---|---|---|
|
ID of the added user. |
String |
|
Token that represents the added user. You use this token for subsequent API calls. |
String |
|
Refresh Token represents the added user. You use this token for refreshing the access token. |
String |
HTTP status codes
Status | Description |
---|---|
|
User created successfully. |
|
Caller isn't part of the specified organization. |
|
Invalid organization ID. |
|
Authorization token is invalid, expired, or doesn't have access to the resource. |
|
Caller doesn't have permission to perform the operation. |
|
Caller has exceeded the permitted rate limit (specified number of requests per unit of time). |
|
Server has encountered an error. |
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
List users
Lists the users of the specified organization.
This operation is available in the following countries.
Healthcare | Hospitality | Senior Living | Core |
---|---|---|---|
None |
US, CA |
US, CA |
US, CA |
Request
To list users, you make a GET request to the /v1/auth/users
resource.
Request header example
GET /v1/auth/users?organizationId={organizationId}&maxResults={maxResults}&nextToken={nextToken} HTTP/1.1
Host: api.amazonalexa.com
Content-Type: application/json
Authorization: Bearer {access token}
Request header parameters
Parameter | Description | Type | Required |
---|---|---|---|
|
String |
Yes | |
|
ID of the organization to which to list the users. The format of the organization ID is |
String |
Yes |
|
Maximum number of results to return in the response body. This value must be greater than zero and less than or equal to 10. The default value is 10. For details, see Handling Pagination in Query Results. |
Number |
No |
|
Token to retrieve a specific page of the paginated results. If this token isn't present, the response contains the first page of results. For details, see Handling Pagination in Query Results. |
String |
No |
Request body example
The request has no body.
Request body parameters
The request has no body.
Response
A successful response returns HTTP 200, along with a list of users.
Response body example
The following example shows the body of a successful response.
{
"results": [
{
"userId": "amzn1.alexa.org.user.did.12345EXAMPLE"
}
],
"paginationContext": {
"nextToken": null
}
}
Response body parameters
Parameter | Description | Type |
---|---|---|
|
List of users returned in response to the query. |
Array |
|
The ID of the retrieved user. The format of the user ID is |
String |
|
Token to retrieve additional results if the results are paginated and there are more results. |
String |
HTTP status codes
Status | Description |
---|---|
| Successfully got the list of users for the specified organization ID. |
|
Caller isn't part of the specified organization. |
|
Invalid organization ID. |
|
Pagination token is invalid. |
|
Authorization token is invalid, expired, or doesn't have access to the resource. |
|
Caller doesn't have permission to perform the operation. |
|
User has exceeded the permitted rate limit (specified number of requests per unit of time). |
|
Server has encountered an error. |
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
Delete user
Removes the specified user.
This operation is available in the following countries.
Healthcare | Hospitality | Senior Living | Core |
---|---|---|---|
None |
US, CA |
US, CA |
US, CA |
Request
To remove a user, you make a DELETE
request to the /v1/auth/users/{userId}
resource.
Request header example
DELETE /v1/auth/users/{userId} HTTP/1.1
Host: api.amazonalexa.com
Content-Type: application/json
Authorization: Bearer {access token}
Request header parameters
Parameter | Description | Type | Required |
---|---|---|---|
|
String |
Yes | |
|
ID for the user to remove. The format of the user ID is |
String |
Yes |
Request body example
The request has no body.
Response
A successful response returns HTTP 204.
Response body example
The response has no body.
HTTP status codes
Status | Description |
---|---|
|
User deleted successfully. |
|
Caller isn't part of the specified organization. |
|
Authorization token is invalid, expired, or doesn't have access to the resource. |
|
Caller doesn't have permission to perform the operation. |
|
User isn't found. |
|
User has exceeded the permitted rate limit (specified number of requests per unit of time). |
|
Server has encountered an error. |
|
Server is down for maintenance, overloaded, or otherwise unavailable to handle the incoming request. |
Related topics
Last updated: Nov 28, 2023