Vaulx user management is split into two groups. TheDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/noelzappy/vaulx/llms.txt
Use this file to discover all available pages before exploring further.
/admin/users endpoints are restricted to administrators and control the full lifecycle of user accounts — creation, role changes, and activation status. The /profile endpoints are available to every authenticated user and cover self-service display name updates and password changes.
List all users
GET /admin/users
Renders the HTML admin users page showing every account registered in the system, regardless of active status.
Authentication: admin only. Non-admin requests receive a 403 HTML error page.
Response fields per user row
Unique user identifier.
The user’s email address (unique, used for login).
Display name shown in the UI and audit log.
One of
viewer, editor, or admin.Whether the account is currently active. Deactivated users cannot log in.
Human-readable account creation date.
Create user
POST /admin/users
Creates a new Vaulx user account. On success, redirects to /admin/users.
Authentication: admin only.
Content-Type: application/x-www-form-urlencoded
Email address for the new account. Must be unique across all users.
Display name for the new user.
Initial role for the account. Must be one of
viewer, editor, or admin.Plain-text password. The server bcrypt-hashes the value before storage; the plain-text password is never persisted.
- 302 Redirect to
/admin/userson success. - 409 Conflict if the email address is already registered.
- 400 Bad Request if any field is missing or if
roleis not a valid value.
Passwords are hashed with
bcrypt.DefaultCost before being written to users.password_hash. The plain-text value is discarded immediately after hashing.Update user
PATCH /admin/users/{userID}
Updates the role and/or active status of an existing user. Both fields are optional — send only the fields you want to change. Returns 200 OK on success plus an HX-Trigger toast.
Authentication: admin only.
The UUID of the user account to update.
New role for the user. Must be
viewer, editor, or admin. Omit to leave the role unchanged."true" to activate the account, "false" to deactivate it. Omit to leave the status unchanged.- 200 OK with
HX-Triggerheader:{"showToast":{"message":"User updated","type":"success"}}. - 400 Bad Request if an invalid role value is supplied.
- 500 Internal Server Error if the database update fails.
View profile
GET /profile
Renders the authenticated user’s profile page, which includes forms to update their display name and change their password.
Authentication: any authenticated user.
Pass a success query parameter to display a confirmation banner after a redirect:
?success= | Banner text |
|---|---|
name | Display name updated. |
password | Password updated successfully. |
Update display name
POST /profile
Updates the authenticated user’s display name. Refreshes the session cookie immediately so the sidebar reflects the new name without requiring a re-login.
Authentication: any authenticated user.
Content-Type: application/x-www-form-urlencoded
The new display name. Must be non-empty and at most 100 characters. Whitespace is trimmed from both ends before validation.
- 303 See Other redirect to
/profile?success=nameon success. - 400 Bad Request (re-renders profile page with error) if
nameis empty or exceeds 100 characters. - Writes a
profile.name_updatedentry to the audit log.
Change password
POST /profile/password
Updates the authenticated user’s password after verifying the current one.
Authentication: any authenticated user.
Content-Type: application/x-www-form-urlencoded
The user’s existing plain-text password, used to verify identity before the change is applied.
The desired new password. Must be at least 8 characters.
Must exactly match
new_password. The server compares the two values and rejects the request if they differ.- 303 See Other redirect to
/profile?success=passwordon success. - 400 Bad Request (re-renders profile page) if
new_passwordandconfirm_passworddo not match, or ifnew_passwordis fewer than 8 characters. - 403 Forbidden if the account has been deactivated by an admin.
- 400 Bad Request (re-renders with error) if
current_passworddoes not match the stored bcrypt hash. - Writes a
profile.password_updatedentry to the audit log.