Admin Endpoints
These endpoints require the caller to have admin or superadmin role. Regular users receive 403 Forbidden.
Role Modelβ
| Role | Capabilities |
|---|---|
superadmin | Full access β can promote/demote other admins |
admin | Manage issues, approve/deny reopen requests, manage user roles |
power_user | Create, vote, comment, flag issues (verified badge) |
user | Create, vote, comment (default for new signups) |
viewer | Read-only β applied to barred users |
PATCH /users/:userId/roleβ
Update a user's role. Setting a user to viewer effectively bars them from creating issues, voting, or commenting.
Auth required: Yes β admin or superadmin
Request bodyβ
{ "role": "power_user" }
| Field | Type | Values |
|---|---|---|
role | string | superadmin | admin | power_user | user | viewer |
Response 200 OKβ
{
"success": true,
"data": {
"userId": "u3",
"name": "Amit Patel",
"email": "amit@gmail.com",
"role": "power_user",
"updatedAt": "2026-03-02T10:00:00Z"
}
}
Errorsβ
| Status | Cause |
|---|---|
| 400 | Invalid role value |
| 403 | Caller is not admin/superadmin |
| 404 | User not found |
GET /admin/reopen-requestsβ
List all pending reopen requests across all issues. Useful for the admin queue UI.
Auth required: Yes β admin or superadmin
Query parametersβ
| Parameter | Type | Default | Description |
|---|---|---|---|
limit | integer | 20 | 1β100 results per page |
lastKey | string | Pagination cursor |
Response 200 OKβ
{
"success": true,
"data": {
"count": 2,
"items": [
{
"requestId": "req-7f3a",
"issueId": "ISS-001",
"issueTitle": "Pothole on MG Road",
"userId": "u2",
"userName": "Priya Nair",
"reason": "The fix did not hold after rain.",
"at": "2026-03-02T12:00:00Z",
"status": "pending"
}
],
"nextKey": null
}
}
GET /admin/usersβ
Paginated list of all registered users. Returned fields are scoped to avoid leaking sensitive data.
Auth required: Yes β admin or superadmin
Query parametersβ
| Parameter | Type | Default | Description |
|---|---|---|---|
limit | integer | 50 | 1β100 |
lastKey | string | Pagination cursor |
Response 200 OKβ
{
"success": true,
"data": {
"count": 3,
"items": [
{
"userId": "u1",
"name": "Rahul Sharma",
"email": "rahul@gmail.com",
"role": "admin",
"avatar": "RS",
"createdAt": "2024-01-01T00:00:00Z",
"lastSeen": "2026-03-02T09:00:00Z"
}
],
"nextKey": null
}
}
Related: Resolution reviewβ
Admins use PATCH /issues/:id/reopen-request/:reqId to approve or deny reopen requests. See the Resolution Flow reference for full details.