Account API
The Account service allows you to authenticate and manage a user account. You can use the account service to update user information, retrieve the user sessions across different devices, and fetch the user security logs with his or her recent activity.
You can authenticate the user account by using multiple sign-in methods available. Once the user is authenticated, a new session object will be created to allow the user to access his or her private data and settings.
This service also exposes an endpoint to save and read the user preferences as a key-value object. This feature is handy if you want to allow extra customization in your app. Common usage for this feature may include saving the user preferred locale, timezone, or custom app theme.
- Create Account
- Create Account Session
- Create Account Session with OAuth2
- Get Account
- Get Account Preferences
- Get Account Sessions
- Get Account Logs
- Update Account Name
- Update Account Password
- Update Account Email
- Update Account Preferences
- Delete Account
- Delete Account Session
- Delete All Account Sessions
- Create Password Recovery
- Complete Password Recovery
- Create Email Verification
- Complete Email Verification
Create Account
Use this endpoint to allow a new user to register a new account in your project. After the user registration completes successfully, you can use the /account/verfication route to start verifying the user email address. To allow your new user to login to his new account, you need to create a new account session.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per IP address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| required | string | User email. | |
| password | required | string | User password. Must be between 6 to 32 chars. |
| name | optional | string | User name. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.create('email@example.com', 'password'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.create( email: 'email@example.com', password: 'password', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Create Account Session
Allow the user to login into his account by providing a valid email and password combination. This route will create a new session for the user.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per email address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| required | string | User email. | |
| password | required | string | User password. Must be between 6 to 32 chars. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.createSession('email@example.com', 'password'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.createSession( email: 'email@example.com', password: 'password', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Create Account Session with OAuth2
Allow the user to login to his account using the OAuth2 provider of his choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.
Rate Limits
This endpoint is limited to 50 requests in every 60 minutes per IP address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| provider | required | string | OAuth2 Provider. Currently, supported providers are: amazon, apple, bitbucket, bitly, box, discord, dropbox, facebook, github, gitlab, google, linkedin, microsoft, paypal, paypalSandbox, salesforce, slack, spotify, twitch, vk, yahoo, yandex. |
| success | optional | string | URL to redirect back to your app after a successful login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an open redirect attack against your project API. |
| failure | optional | string | URL to redirect back to your app after a failed login attempt. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an open redirect attack against your project API. |
| scopes | optional | array | A list of custom OAuth2 scopes. Check each provider internal docs for a list of supported scopes. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; // Go to OAuth provider login page sdk.account.createOAuth2Session('amazon'); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.createOAuth2Session( provider: 'amazon', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.get(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.get(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.getPrefs(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.getPrefs(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Get Account Sessions
Get currently logged in user list of active sessions across different devices.
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.getSessions(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.getSessions(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Get Account Logs
Get currently logged in user list of latest security activity logs. Each log returns user IP address, location and date and time of log.
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.getLogs(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.getLogs(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updateName('[NAME]'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updateName( name: '[NAME]', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Update Account Password
Update currently logged in user password. For validation, user is required to pass the password twice.
Request
| Name | Type | Description | |
| password | required | string | New user password. Must be between 6 to 32 chars. |
| oldPassword | required | string | Old user password. Must be between 6 to 32 chars. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updatePassword('password', 'password'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updatePassword( password: 'password', oldPassword: 'password', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Update Account Email
Update currently logged in user account email address. After changing user address, user confirmation status is being reset and a new confirmation mail is sent. For security measures, user password is required to complete this request.
Request
| Name | Type | Description | |
| required | string | User email. | |
| password | required | string | User password. Must be between 6 to 32 chars. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updateEmail('email@example.com', 'password'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updateEmail( email: 'email@example.com', password: 'password', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Update Account Preferences
Update currently logged in user account preferences. You can pass only the specific settings you wish to update.
Request
| Name | Type | Description | |
| prefs | required | object | Prefs key-value JSON object. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updatePrefs({}); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updatePrefs( prefs: {}, ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Delete Account
Delete a currently logged in user account. Behind the scene, the user record is not deleted but permanently blocked from any access. This is done to avoid deleted accounts being overtaken by new users with the same email address. Any user-related resources like documents or storage files should be deleted separately.
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.delete(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.delete(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Delete Account Session
Use this endpoint to log out the currently logged in user from all his account sessions across all his different devices. When using the option id argument, only the session unique ID provider will be deleted.
Rate Limits
This endpoint is limited to 100 requests in every 60 minutes per IP address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| sessionId | required | string | Session unique ID. Use the string 'current' to delete the current device session. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.deleteSession('[SESSION_ID]'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.deleteSession( sessionId: '[SESSION_ID]', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Delete All Account Sessions
Delete all sessions from the user account and remove any sessions cookies from the end client.
Rate Limits
This endpoint is limited to 100 requests in every 60 minutes per IP address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.deleteSessions(); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.deleteSessions(); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Create Password Recovery
Sends the user an email with a temporary secret key for password reset. When the user clicks the confirmation link he is redirected back to your app password reset URL with the secret key and email address values attached to the URL query string. Use the query string params to submit a request to the PUT /account/recovery endpoint to complete the process.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per email address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| required | string | User email. | |
| url | required | string | URL to redirect the user back to your app from the recovery email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an open redirect attack against your project API. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.createRecovery('email@example.com', 'https://example.com'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.createRecovery( email: 'email@example.com', url: 'https://example.com', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Complete Password Recovery
Use this endpoint to complete the user account password reset. Both the userId and secret arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the POST /account/recovery endpoint.
Please note that in order to avoid a Redirect Attack the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per user account. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| userId | required | string | User account UID address. |
| secret | required | string | Valid reset token. |
| password | required | string | New password. Must be between 6 to 32 chars. |
| passwordAgain | required | string | New password again. Must be between 6 to 32 chars. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updateRecovery('[USER_ID]', '[SECRET]', 'password', 'password'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updateRecovery( userId: '[USER_ID]', secret: '[SECRET]', password: 'password', passwordAgain: 'password', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Create Email Verification
Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the userId and secret arguments will be passed as query parameters to the URL you have provided to be attached to the verification email. The provided URL should redirect the user back to your app and allow you to complete the verification process by verifying both the userId and secret parameters. Learn more about how to complete the verification process.
Please note that in order to avoid a Redirect Attack, the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per email address. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| url | required | string | URL to redirect the user back to your app from the verification email. Only URLs from hostnames in your project platform list are allowed. This requirement helps to prevent an open redirect attack against your project API. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.createVerification('https://example.com'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.createVerification( url: 'https://example.com', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }
Complete Email Verification
Use this endpoint to complete the user email verification process. Use both the userId and secret parameters that were attached to your app URL to verify the user email ownership. If confirmed this route will return a 200 status code.
Rate Limits
This endpoint is limited to 10 requests in every 60 minutes per user account. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.
Request
| Name | Type | Description | |
| userId | required | string | User unique ID. |
| secret | required | string | Valid verification token. |
-
let sdk = new Appwrite(); sdk .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; let promise = sdk.account.updateVerification('[USER_ID]', '[SECRET]'); promise.then(function (response) { console.log(response); // Success }, function (error) { console.log(error); // Failure }); -
import 'package:appwrite/appwrite.dart'; void main() { // Init SDK Client client = Client(); Account account = Account(client); client .setEndpoint('https://[HOSTNAME_OR_IP]/v1') // Your API Endpoint .setProject('5df5acd0d48c2') // Your project ID ; Future result = account.updateVerification( userId: '[USER_ID]', secret: '[SECRET]', ); result .then((response) { print(response); }).catchError((error) { print(error.response); }); }