API Reference — User Access
Endpoint untuk mengelola User, Role, dan Permission RBAC di Lenz Dashboard.
← Kembali ke User Access
Panduan operator: menambah User, membuat Role, mengatur Permission.
Otentikasi
Cara memperoleh dan menggunakan Bearer token JWT.
Semua endpoint memerlukan header Authorization: Bearer <token>. Basis URL mengikuti variabel lingkungan VITE_API_URL yang dikonfigurasi pada instalasi Lenz. Jika Anda belum punya token, lihat halaman Otentikasi.
Endpoint manajemen User memerlukan permission manage_users, sedangkan endpoint manajemen Role memerlukan permission manage_roles. Akun dengan is_superadmin: true memiliki akses penuh ke semua endpoint secara otomatis.
Manajemen User
Endpoint untuk membuat, membaca, memperbarui, dan menghapus akun User. Semua endpoint menggunakan prefix /api/manage-users.
Authorization
bearerAuth In: header
Query Parameters
Nomor halaman, dimulai dari 1
1Jumlah data per halaman
10Pencarian berdasarkan nama, username, atau email
""Filter User dengan last_seen >= nilai ini (ISO 8601)
date-timeFilter User dengan last_seen <= nilai ini (ISO 8601)
date-timeID instance pada mode federation (opsional)
Response Body
application/json
curl -X GET "https://lenz.example.com/api/manage-users"{ "ok": true, "message": "success", "results": { "limit": 10, "current_page": 1, "total_data": 3, "total_page": 1, "users": [ { "id": 1, "email": "admin@example.com", "username": "admin", "fullname": "Administrator", "avatar": "avatar-1.webp", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "role_name": "Super Admin", "site_id": [], "permissions": { "core": { "*": "*" } }, "created_by": 1, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2026-04-30T08:00:00Z", "last_seen": "2026-04-30T07:55:00Z" } ] }}Authorization
bearerAuth In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://lenz.example.com/api/manage-users" \ -H "Content-Type: application/json" \ -d '{ "email": "operator@example.com", "username": "operator01", "fullname": "Operator CCTV", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "password": "rahasia123", "re_password": "rahasia123" }'{ "ok": true, "message": "User created successfully", "user": { "id": 7, "email": "operator@example.com", "username": "operator01", "fullname": "Operator CCTV", "avatar": "avatar-3.webp", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "role_name": "Operator", "site_id": [ 12, 49 ], "permissions": { "core": { "12": "*", "49": "*" } }, "created_by": 1, "created_at": "2026-04-30T09:00:00Z", "updated_at": "2026-04-30T09:00:00Z", "last_seen": null }}Authorization
bearerAuth In: header
Path Parameters
ID numerik User
Response Body
application/json
curl -X GET "https://lenz.example.com/api/manage-users/0"{ "ok": true, "message": "success", "user": { "id": 7, "email": "operator@example.com", "username": "operator01", "fullname": "Operator CCTV", "avatar": "avatar-3.webp", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "role_name": "Operator", "site_id": [ 12 ], "site_list": [ { "id": 12, "name": "Gedung A", "created_at": "2025-03-01T00:00:00Z" } ], "permissions": { "core": { "12": "*" } }, "created_by": 1, "created_at": "2026-04-30T09:00:00Z", "updated_at": "2026-04-30T09:00:00Z", "last_seen": "2026-04-30T10:30:00Z" }}Authorization
bearerAuth In: header
Path Parameters
ID numerik User
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X PUT "https://lenz.example.com/api/manage-users/0" \ -H "Content-Type: application/json" \ -d '{}'{ "ok": true, "message": "User updated successfully", "user": { "id": 7, "email": "operator.baru@example.com", "username": "operator01", "fullname": "Operator Senior", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "role_name": "Operator", "site_id": [ 12, 49 ], "created_at": "2026-04-30T09:00:00Z", "updated_at": "2026-04-30T11:00:00Z" }}Authorization
bearerAuth In: header
Path Parameters
ID numerik User
Response Body
application/json
curl -X DELETE "https://lenz.example.com/api/manage-users/0"{ "ok": true, "message": "User deleted successfully"}Password & Aktivitas User
Endpoint untuk mengganti kata sandi dan memperbarui status keaktifan User.
Authorization
bearerAuth In: header
Path Parameters
ID numerik User
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X PUT "https://lenz.example.com/api/manage-users/0/change-password" \ -H "Content-Type: application/json" \ -d '{ "password": "kataSandiBaruKuat", "re_password": "kataSandiBaruKuat" }'{ "ok": true, "message": "Password changed successfully"}curl -X PATCH "https://lenz.example.com/api/manage-users/last-seen"{ "ok": true, "message": "last seen updated"}Manajemen Role
Endpoint untuk membuat, membaca, memperbarui, dan menghapus Role beserta matriks Permission-nya. Semua endpoint menggunakan prefix /api/roles.
Authorization
bearerAuth In: header
Query Parameters
Nomor halaman
1Jumlah data per halaman
10Pencarian berdasarkan nama Role
""ID instance pada mode federation (opsional)
Response Body
application/json
curl -X GET "https://lenz.example.com/api/roles"{ "ok": true, "message": "success", "results": { "limit": 10, "current_page": 1, "total_data": 2, "total_page": 1, "roles": [ { "id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "name": "Operator CCTV", "is_superadmin": false, "is_default": false, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-06-01T00:00:00Z", "users": [ { "id": 7, "email": "operator@example.com", "username": "operator01", "fullname": "Operator CCTV", "avatar": "avatar-3.webp", "created_at": "2026-04-30T09:00:00Z" } ] } ] }}Authorization
bearerAuth In: header
Request Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X POST "https://lenz.example.com/api/roles" \ -H "Content-Type: application/json" \ -d '{ "name": "Operator CCTV", "default_homepage": "/events", "permissions": [ { "resource_name": "streams", "can_create": false, "can_read": true, "can_update": false, "can_delete": false }, { "resource_name": "events", "can_create": false, "can_read": true, "can_update": false, "can_delete": false }, { "resource_name": "alert_history", "can_create": false, "can_read": true, "can_update": false, "can_delete": false } ] }'{ "ok": true, "message": "Role created successfully", "results": { "role": { "id": "b2345678-90ab-cdef-1234-567890abcdef", "name": "Operator CCTV", "is_default": false, "is_superadmin": false, "is_internal": false, "default_homepage": "/events", "created_by": 1, "created_at": "2026-04-30T09:00:00Z", "updated_at": "2026-04-30T09:00:00Z", "deleted_at": null }, "permissions": [ { "id": "c3456789-01ab-cdef-2345-678901abcdef", "role_id": "b2345678-90ab-cdef-1234-567890abcdef", "resource_name": "streams", "can_create": false, "can_read": true, "can_update": false, "can_delete": false, "created_at": "2026-04-30T09:00:00Z", "updated_at": "2026-04-30T09:00:00Z" } ] }}Authorization
bearerAuth In: header
Path Parameters
UUID Role
uuidResponse Body
application/json
curl -X GET "https://lenz.example.com/api/roles/497f6eca-6276-4993-bfeb-53cbbbba6f08"{ "ok": true, "message": "success", "results": { "role": { "id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "name": "Operator CCTV", "is_default": false, "is_superadmin": false, "is_internal": false, "default_homepage": "/events", "created_by": 1, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-06-01T00:00:00Z", "deleted_at": null }, "permissions": [ { "id": "c3456789-01ab-cdef-2345-678901abcdef", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "resource_name": "streams", "can_create": false, "can_read": true, "can_update": false, "can_delete": false, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-01T00:00:00Z" }, { "id": "d4567890-12ab-cdef-3456-789012abcdef", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "resource_name": "events", "can_create": false, "can_read": true, "can_update": false, "can_delete": false, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-01T00:00:00Z" } ] }}Authorization
bearerAuth In: header
Path Parameters
UUID Role
uuidRequest Body
application/json
TypeScript Definitions
Use the request body type in TypeScript.
Response Body
application/json
curl -X PUT "https://lenz.example.com/api/roles/497f6eca-6276-4993-bfeb-53cbbbba6f08" \ -H "Content-Type: application/json" \ -d '{ "name": "Operator CCTV Senior", "default_homepage": "/streams", "permissions": [ { "resource_name": "streams", "can_create": false, "can_read": true, "can_update": false, "can_delete": false } ] }'{ "ok": true, "message": "Role updated successfully"}Authorization
bearerAuth In: header
Path Parameters
UUID Role
uuidResponse Body
application/json
curl -X DELETE "https://lenz.example.com/api/roles/497f6eca-6276-4993-bfeb-53cbbbba6f08"{ "ok": true, "message": "Role deleted successfully"}Ekspor & Akun
Endpoint untuk mengekspor data Role ke CSV dan mengambil Role serta Permission milik akun yang sedang login.
Authorization
bearerAuth In: header
Query Parameters
Filter nama Role
Mode ekspor (opsional)
Response Body
text/csv
curl -X GET "https://lenz.example.com/api/roles/export""string"curl -X GET "https://lenz.example.com/api/account/role"{ "ok": true, "message": "success", "role": { "role": { "id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "name": "Operator CCTV", "is_default": false, "is_superadmin": false, "is_internal": false, "default_homepage": "/events", "created_by": 1, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-06-01T00:00:00Z", "deleted_at": null }, "permissions": [ { "id": "c3456789-01ab-cdef-2345-678901abcdef", "role_id": "ace2d8e4-e3b2-49b9-8f46-6cc1ae96eed1", "resource_name": "streams", "can_create": false, "can_read": true, "can_update": false, "can_delete": false, "created_at": "2025-01-01T00:00:00Z", "updated_at": "2025-01-01T00:00:00Z" } ] }}User Access
Kelola User, Role, dan Permission dalam satu tempat — tambah anggota tim, tentukan hak akses berbasis Role, dan kendalikan siapa dapat melakukan apa di Lenz Dashboard.
Audit Logs
Rekam jejak aktivitas sistem secara menyeluruh — lacak siapa yang melakukan apa, kapan, dan dari mana, untuk kebutuhan compliance, keamanan, dan investigasi internal.