Skip to content

User & account API

Everything about the signed-in user and the account they belong to. All endpoints need a bearer token (JWT or API key).

Quick stats

http
GET /api/user/stats

A small dashboard summary - how many of each resource you're running:

json
{ "pods": 3, "domains": 2, "networks": 1, "firewalls": 1 }

Get your profile

http
GET /api/user/profile

Returns your user record:

json
{
  "id": "...",
  "username": "alice",
  "firstName": "Alice",
  "lastName": "Smith",
  "email": "alice@example.com",
  "accountRole": "owner",
  "isActive": true,
  "isVerified": true,
  "lastLogin": "..."
}

Get the account

http
GET /api/user/account

Account-level details: name, available credit, contact fields, and your resource limits:

json
{
  "id": "...",
  "name": "Alice's projects",
  "credit": 42.50,
  "email": "billing@example.com",
  "phone": "+1 555 0100",
  "address": "123 Main St",
  "taxNumber": "GB123456789",
  "maxPods": 5,
  "maxDomains": 10,
  "maxNetworks": 10,
  "maxFirewalls": 10,
  "maxEmails": 0,
  "maxSnapshotsPerPod": 5,
  "maxBackupsPerPod": 5
}

The max* fields are read-only. They show the ceilings on your account, and there is no customer endpoint to raise them - see Account limits. The numbers above are typical defaults for a fresh account (maxEmails stays 0 until email hosting is enabled on request); check your own account for the real ones.

Change your password

http
POST /api/user/change-password
json
{
  "currentPassword": "supersecret",
  "password": "newsecret",
  "passwordConfirm": "newsecret"
}

Returns 204 No Content. Changing your password signs out every session - including the one that made this call - so log in again with the new password.

Update your profile

http
PUT /api/user/profile
json
{ "firstName": "Alice", "lastName": "Jones" }

Returns the updated user.

Change your email

http
PUT /api/user/email
json
{ "email": "new@example.com", "currentPassword": "supersecret" }

We ask for your current password because an email change is sensitive. The new address has to be verified again - and until you click the verification link, calls under /api return 403. Watch for the email. Returns the updated user.

Update account contact details

http
PUT /api/user/account
json
{
  "name": "Alice's projects",
  "email": "billing@example.com",
  "phone": "+1 555 0100",
  "address": "123 Main St",
  "taxNumber": "GB123456789"
}

These details show up on your invoices. This endpoint deliberately can not touch your resource limits - there is no self-service way to raise your own ceilings here. Returns the updated account.

Alert webhook

http
PUT /api/user/alert-webhook
json
{ "url": "https://example.com/hooks/microapps" }

Where we POST account alerts, such as a low-credit warning. One URL per account.

Alert thresholds

http
PUT /api/user/alert-thresholds
json
{ "lowCreditThreshold": 5.0, "monthlySpendThreshold": 50.0 }

These are alerts only. When your credit drops below lowCreditThreshold, or your month's usage crosses monthlySpendThreshold, we let you know (by email, and via your webhook if you set one). They never auto-charge a card or cap anything - MicroApps is prepaid, so nothing is billed unless you top up first.

Example

bash
curl https://cloud-api.microapps.io/api/user/account \
  -H "Authorization: Bearer $TOKEN"

Built for the long tail.