# Users Endpoint
## Get All Users
`GET` `https://accountable.pixelninja.dev/:token/users`
This will fetch an array of ALL users in the database. It is good for searching for users and should be cached to save re-fetching due to the ratelimit being 3 per 10 seconds. The cached version should be cleared when you change any value.
#### Path Parameters
| Name | Type | Description |
| ----- | ------ | ----------------------- |
| token | string | This is your API token. |
{% tabs %}
{% tab title="200 A successful response will include all users in the database and look like this:" %}
```c
[{
"username": "admin",
"uuid": "3ae74cfd-3174-49e2-ab99-1310bb89fa67",
"password": "$2b$12$O1l14ukIqsL8S/0L1E2IsOYtfvkgtS2H7oJYfKcuMMZVlRSAEnakO",
"accessToken": "M2FlNzRjZmQtMzE3NC00OWUyLWFiOTktMTMxMGJiODlmYTY3.MTYxNjAxODY1MTAyNw.exyGGW61aV04V4GcFUXRIpS1mIqeiSpl",
"passwordLastChanged": 1616018651027,
"createdAt": 1616018651027,
"permissions": 0,
"customAttributes": {},
"2fa": {
"enabled": true,
"enabledAt": 1616154804936,
"token": "HBBWWLRYN4WF4YZDGVYWKWRVMFRXQ5JYO4UVIS25KBFVW52WGAXA",
"mfaToken": "AYIspPs91RUYdabk9WdZvKO3lA9v2MTS"
},
"scopes": {
"key": "",
"permissions": [],
"timeout": 0
}
}, {
"username": "Example user",
"uuid": "333394e3-4330-4d35-95bb-7e3433aff320",
"password": "$2b$12$T9f6EnnE7dtTP/hYjZIwVOXh09LuOIGCXmedjqjEkOZLRXCtww7SS",
"accessToken": "MzMzMzk0ZTMtNDMzMC00ZDM1LTk1YmItN2UzNDMzYWZmMzIw.MTYxNjQ1MDk0OTAwMg.LPmobKhyza2Q8Hc5G2mESGQXNj19g99a",
"passwordLastChanged": 1616450949002,
"createdAt": 1616450949002,
"permissions": 0,
"customAttributes": {},
"2fa": {
"enabled": false
},
"scopes": {
"key": "",
"permissions": [],
"timeout": 0
}
}]
```
{% endtab %}
{% tab title="400 The provided token was invalid." %}
```c
{ "code": 400, "message": "Bad request" }
```
{% endtab %}
{% endtabs %}
## Create user account
`POST` `https://accountable.pixelninja.dev/:token/users`
This will create a new user account with the details provided. You can use this endpoint up to 4 times per 10 seconds - if you needing to create more than this, try a queue system where requests will wait till the time has reset.
#### Path Parameters
| Name | Type | Description |
| ----- | ------ | ----------------------- |
| token | string | This is your API token. |
#### Request Body
| Name | Type | Description |
| ----------- | ------- | -------------------------------------------------- |
| username | string | This is the username of the user you are creating. |
| password | string | This is the password of the user you are creating. |
| permissions | integer | This is a permission integer between 1-1024. |
{% tabs %}
{% tab title="200 The user was created successfully. Returns the user object for token assignment." %}
```c
{
"username": "Example user 1",
"uuid": "333394e3-4330-4d35-95bb-7e3433aff320",
"password": "$2b$12$T9f6EnnE7dtTP/hYjZIwVOXh09LuOIGCXmedjqjEkOZLRXCtww7SS",
"accessToken": "MzMzMzk0ZTMtNDMzMC00ZDM1LTk1YmItN2UzNDMzYWZmMzIw.MTYxNjQ1MDk0OTAwMg.LPmobKhyza2Q8Hc5G2mESGQXNj19g99a",
"passwordLastChanged": 1616450949002,
"createdAt": 1616450949002,
"permissions": 0,
"customAttributes": {},
"2fa": {
"enabled": false
},
"scopes": {
"key": "",
"permissions": [],
"timeout": 0
}
}
```
{% endtab %}
{% tab title="400 Either the token was incorrect or the username/password was not valid." %}
```c
{ "code": 400, "message": "Bad request" }
```
{% endtab %}
{% tab title="507 You have hit the maximum amount of users allowed by your token. Reach out to support to increase the limit." %}
```c
{ "code": 507, "message": "Out of storage"}
```
{% endtab %}
{% endtabs %}
{% hint style="danger" %}
Passwords should be protected before sending. We use BCrypt with multiple salting rounds but hashing/encrypting is still recommended on your server.
{% endhint %}
{% hint style="warning" %}
We don't check for duplicate usernames yet. If you don't want duplicates, ensure to check first!
{% endhint %}
{% hint style="info" %}
Encoding usernames can be useful if you allow special characters.
{% endhint %}