The User Profile Management endpoints cover account identity, beta-gate free-tier setup, audit activity, and the per-user encrypted vault. Use these endpoints to inspect or update profiles, audit recent API calls, manage free-tier provisioning during the beta, or store arbitrary key-value secrets scoped to a realm.
Retrieve a user profile by ID. Admins can view any user; regular users can only view their own profile. This endpoint works even for banned users (read-only access).
Name In Type Required Description idpath string Yes User ID to retrieve
"message" : " User retrieved successfully " ,
"id" : " 507f1f77bcf86cd799439011 " ,
"email" : " john.doe@example.com " ,
"created_at" : " 2024-12-01T10:00:00.000Z " ,
"updated_at" : " 2025-01-15T10:30:00.000Z "
"message" : " Invalid ID format "
Error Code Title Description Resolution INVALID_ID_FORMATInvalid ID format The provided ID must be a 24-character hexadecimal string Ensure the ID is exactly 24 characters long and contains only hexadecimal characters (0-9, a-f)
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token TOKEN_EXPIREDAuthentication token expired The provided authentication token has expired Obtain a new token by logging in again or refreshing your session
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access ACCOUNT_BANNEDAccount banned Your account has been banned and cannot access this resource Contact support for information about your account status
"message" : " User not found "
Error Code Title Description Resolution USER_NOT_FOUNDUser not found The requested user does not exist or has been deleted Verify the user ID is correct
const user = await client . api . users . get ( { id: " 507f1f77bcf86cd799439011 " } );
Update a user profile. Regular users can update their own alias and password (with current_password verification). Admins can update any user and set is_admin/is_banned flags.
Name In Type Required Description idpath string Yes User ID to update
Field Type Required Description aliasstring No New display name/alias (1–100 chars). public_keystring No ED25519 public key (exactly 64 hexadecimal characters). Used for cryptographic identity and verification. metadataobject No Custom metadata object for storing additional user information. Can include nested objects. passwordstring No New password. Must be at least 12 characters, 3 of 4 character classes. Requires current_password for verification. current_passwordstring No Current password. Required when setting a new password for verification (8–128 chars). is_adminboolean No Admin status (admin-only field). Grants full system access. is_bannedboolean No Ban status (admin-only field). Admin users cannot be banned.
"message" : " User updated successfully " ,
"id" : " 507f1f77bcf86cd799439011 " ,
"email" : " john.doe@example.com " ,
"public_key" : " a1b2c3d4e5f6789012345678901234567890abcdefabcdefabcdefabcdef1234 " ,
"created_at" : " 2024-12-01T10:00:00.000Z " ,
"updated_at" : " 2025-01-15T14:45:00.000Z "
"message" : " Validation failed "
Error Code Title Description Resolution VALIDATION_ERRORInvalid input parameters One or more request parameters failed validation Check the error message for specific field requirements and correct your input INVALID_ID_FORMATInvalid ID format The provided ID must be a 24-character hexadecimal string Ensure the ID is exactly 24 characters long and contains only hexadecimal characters (0-9, a-f) INVALID_PUBLIC_KEY_FORMATInvalid public key format Public key must be exactly 64 hexadecimal characters (ED25519 format) Provide a valid ED25519 public key as a 64-character hexadecimal string WEAK_PASSWORDPassword does not meet requirements Password must be at least 12 characters, 3 of 4 character classes Choose a password with at least 12 characters, 3 of 4 character classes CURRENT_PASSWORD_REQUIREDCurrent password required You must provide your current password to set a new password Include the current_password field in your request CURRENT_PASSWORD_INCORRECTCurrent password incorrect The provided current password does not match your account password Verify your current password and try again
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token TOKEN_EXPIREDAuthentication token expired The provided authentication token has expired Obtain a new token by logging in again or refreshing your session
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access ACCOUNT_BANNEDAccount banned Your account has been banned and cannot access this resource Contact support for information about your account status CANNOT_BAN_ADMINCannot ban admin users Admin users cannot be banned for security reasons Remove admin privileges before banning this user CANNOT_MODIFY_OTHER_USERCannot modify other user Regular users can only modify their own profile You can only update your own profile, or request admin access
"message" : " User not found "
Error Code Title Description Resolution USER_NOT_FOUNDUser not found The requested user does not exist or has been deleted Verify the user ID is correct
const updated = await client . api . users . update ( {
id: " 507f1f77bcf86cd799439011 " ,
data: { alias: " John Smith " }
Return the account’s free-tier / beta-gate status, including whether the gate is enabled, whether this account is unlocked, whether it already owns a free server, and (advisory, point-in-time) why a claim is currently blocked. This endpoint never attempts a claim.
This endpoint takes no parameters.
"message" : " Free-tier status retrieved " ,
"has_free_server" : false ,
"claim_blocked_reason" : " invite_required "
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"error" : " Too Many Requests " ,
"message" : " Rate limit exceeded "
Error Code Title Description Resolution RATE_LIMIT_EXCEEDEDRate limit exceeded You have exceeded the rate limit for this endpoint Wait before making additional requests, or upgrade your plan for higher limits
const status = await client . api . users . getFreeTierStatus ();
Redeem a single-use invite code to unlock free-tier server claiming during the beta, then immediately provision a free server. Idempotent if already unlocked. No-op (no code consumed) when the beta gate is disabled.
This endpoint takes no parameters.
Field Type Required Description codestring Yes The invite code (case/format-insensitive). 1–64 characters.
"message" : " Invite code redeemed. Your free server is being prepared. " ,
"claim_blocked_reason" : " none " ,
"server" : { "id" : " 507f1f77bcf86cd799439099 " },
"project" : { "id" : " 507f1f77bcf86cd799439098 " },
"message" : " This invite code is invalid, expired, or already used. "
Error Code Title Description Resolution VALIDATION_ERRORInvalid input parameters One or more request parameters failed validation Check the error message for specific field requirements and correct your input INVALID_INVITE_CODEInvalid invite code The submitted invite code could not be redeemed because it is unknown, already used, disabled, or expired Check the code for typos, or request a new invite code from an administrator
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
"error" : " Too Many Requests " ,
"message" : " Rate limit exceeded "
Error Code Title Description Resolution RATE_LIMIT_EXCEEDEDRate limit exceeded You have exceeded the rate limit for this endpoint Wait before making additional requests, or upgrade your plan for higher limits
const result = await client . api . users . redeemInviteCode ( {
data: { code: " HOODY-7Q4K-9F2M-3B8T-XR5W-2HKD-1 " }
Manually claim a free-tier server and create the default project and container. Idempotent — safe to call if already provisioned.
This endpoint takes no parameters.
Field Type Required Description regionstring No Optional preferred region override. Lowercase letters, digits, and hyphens; max 50 chars.
"server" : { "id" : " 507f1f77bcf86cd799439099 " },
"project" : { "id" : " 507f1f77bcf86cd799439098 " },
"message" : " An invite code is required to claim your free server during the beta. "
Error Code Title Description Resolution FREE_TIER_INVITE_REQUIREDInvite code required The beta access gate is enabled and this account has not been unlocked, so it cannot claim a free server yet Redeem your invite code at POST /api/v1/users/me/redeem-invite, or ask an administrator to validate your account by email INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
const result = await client . api . users . retrySetup ( {
data: { region: " us-east-1 " }
Retrieve activity logs for the authenticated user with optional filtering by date range, HTTP method, status code, or realm.
Name In Type Required Description pagequery integer No Page number. Default: 1. limitquery integer No Results per page. Default: 50. start_datequery string No Filter logs after this date. end_datequery string No Filter logs before this date. errors_onlyquery string No Show only errors (status ≥ 400). Literal values: true, false. min_statusquery integer No Minimum status code. max_statusquery integer No Maximum status code. methodquery string No Filter by HTTP method. Literal values: GET, POST, PUT, PATCH, DELETE. realm_idquery string No Filter by realm ID.
"message" : " Activity logs retrieved successfully " ,
"id" : " 1a9c3592695c087a8f35ceae " ,
"user_id" : " 507f1f77bcf86cd799439011 " ,
"realm_id" : " 507f1f77bcf86cd799439011 " ,
"path" : " /api/v1/projects " ,
"ip_address" : " 192.168.1.1 " ,
"user_agent" : " Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) " ,
"created_at" : " 2025-11-18T20:00:00Z "
const logs = await client . api . activity . listIterator ( {
Retrieve storage usage statistics for activity logs, including total size, record count, oldest/newest record timestamps, and retention period.
This endpoint takes no parameters.
"message" : " Activity stats retrieved successfully " ,
"total_size_bytes" : 1048576 ,
"oldest_record" : " 2025-10-18T20:00:00Z " ,
"newest_record" : " 2025-11-18T20:00:00Z " ,
const stats = await client . api . activity . getStats ();
The user vault stores arbitrary key-value pairs scoped to a realm. Total size limits are enforced globally across all realms, while key listings and per-realm counts are scoped to the current realm.
List all keys in your encrypted vault with metadata (key names, sizes, timestamps). Values are not included — use GET /vault/keys/:key to retrieve individual values.
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase.
"message" : " Vault keys retrieved successfully " ,
"key" : " my-encrypted-notes " ,
"realm_id" : " 507f1f77bcf86cd799439011 " ,
"created_at" : " 2025-11-14T18:00:00.000Z " ,
"updated_at" : " 2025-11-14T18:15:00.000Z "
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
const keys = await client . api . vault . listIterator ( {
realm_id: " 507f1f77bcf86cd799439011 "
Retrieve a specific key-value pair from your encrypted vault by key name.
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase. keypath string Yes Vault key name (alphanumeric, dots, underscores, hyphens).
"message" : " Vault key retrieved successfully " ,
"key" : " my-encrypted-notes " ,
"realm_id" : " 507f1f77bcf86cd799439011 " ,
"value" : " { \" notes \" : \" My important notes \" , \" encrypted \" : true} " ,
"created_at" : " 2025-11-14T18:00:00.000Z " ,
"updated_at" : " 2025-11-14T18:15:00.000Z "
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
"message" : " Vault key not found. "
Error Code Title Description Resolution VAULT_KEY_NOT_FOUNDVault Key Not Found The specified key does not exist in your vault. Verify the key name is correct.
const entry = await client . api . vault . get ( {
key: " my-encrypted-notes " ,
realm_id: " 507f1f77bcf86cd799439011 "
Create or update a key-value pair in your personal encrypted vault. Values can be any UTF-8 string (JSON, encrypted data, plain text).
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase. keypath string Yes Vault key name (alphanumeric, dots, underscores, hyphens).
Field Type Required Description valuestring Yes Value to store. Any UTF-8 string (JSON, encrypted data, plain text). Counts toward vault storage limit. metadataobject No Optional JSON metadata (max 256KB). Useful for content-type, filename, upload date, etc. Counts toward vault storage limit.
"message" : " Vault key updated successfully " ,
"key" : " my-encrypted-notes " ,
"realm_id" : " 507f1f77bcf86cd799439011 " ,
"value" : " { \" notes \" : \" My important notes \" , \" encrypted \" : true} " ,
"created_at" : " 2025-11-14T18:00:00.000Z " ,
"updated_at" : " 2025-11-14T18:15:00.000Z "
"message" : " Vault key created successfully " ,
"key" : " my-encrypted-notes " ,
"realm_id" : " 507f1f77bcf86cd799439011 " ,
"value" : " { \" notes \" : \" My important notes \" , \" encrypted \" : true} " ,
"created_at" : " 2025-11-14T18:00:00.000Z " ,
"updated_at" : " 2025-11-14T18:00:00.000Z "
"message" : " Validation failed "
Error Code Title Description Resolution VALIDATION_ERRORInvalid input parameters One or more request parameters failed validation Check the error message for specific field requirements and correct your input
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
"error" : " Payload Too Large " ,
"message" : " Vault storage limit exceeded. "
Error Code Title Description Resolution VAULT_LIMIT_EXCEEDEDVault Storage Limit Exceeded The operation would exceed your vault storage limit. Delete existing keys to free up space or contact support to increase your limit.
await client . api . vault . set ({
realm_id: " 507f1f77bcf86cd799439011 " ,
data: { value: " { \" key \" : \" secret \" } " }
Permanently delete a key-value pair from your encrypted vault. This action cannot be undone.
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase. keypath string Yes Vault key name (alphanumeric, dots, underscores, hyphens).
"message" : " Vault key deleted successfully "
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
"message" : " Vault key not found. "
Error Code Title Description Resolution VAULT_KEY_NOT_FOUNDVault Key Not Found The specified key does not exist in your vault. Verify the key name is correct.
await client . api . vault . delete ({
realm_id: " 507f1f77bcf86cd799439011 "
Retrieve statistics about your vault usage. total_keys and total_size_bytes are scoped to the current realm. limit_mb, remaining_mb, and used_percentage reflect global vault usage across all realms.
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase.
"message" : " Vault statistics retrieved successfully " ,
"total_size_bytes" : 10240 ,
"total_size_mb" : 0.009766 ,
"remaining_mb" : 49.990234
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
const stats = await client . api . vault . getStats ( {
realm_id: " 507f1f77bcf86cd799439011 "
Permanently delete ALL keys and values from your encrypted vault. This action cannot be undone.
Name In Type Required Description realm_idquery string No Target a specific realm (24-char hex). When omitted and not on a realm subdomain, defaults to global scope (realm_id = ""). Case-insensitive — uppercase is normalized to lowercase.
"message" : " Vault cleared successfully " ,
"message" : " Authentication token required "
Error Code Title Description Resolution MISSING_TOKENAuthentication token missing No authentication token was provided in the request Include a valid JWT token in the Authorization header as Bearer <token> INVALID_TOKENInvalid authentication token The provided authentication token is malformed or invalid Obtain a new token by logging in again or using a valid auth token
"message" : " Insufficient permissions "
Error Code Title Description Resolution INSUFFICIENT_PERMISSIONSInsufficient permissions You do not have the required permissions to perform this action Contact the resource owner or administrator to request access
await client . api . vault . clear ({
realm_id: " 507f1f77bcf86cd799439011 "