Version 0.5.3  
Docs

Account API

Showing API references for integration, using code examples.


Switch Integration Platform

The Account service API is not avaliable using the Appwrite Server integration. Try accessing it from one of our other available platforms:

The account service allows you to authenticate and manage a user account. You can use the account service to update user information, retrieve the user sessions across different devices, and fetch the user security logs with his or her recent activity.

You can authenticate the user account by using multiple sign-in methods available. Once the user is authenticated, a new session object will be created to allow the user to access his or her private data and settings.

This service also exposes an endpoint to save and read the user preferences as a key-value object. This feature is handy if you want to allow extra customization in your app. Common usage for this feature may include saving the user preferred locale, timezone, or custom app theme. The usage of this feature is only limited only by your imagination.

Create Account

POST/account

Use this endpoint to allow a new user to register a new account in your project. After the user registration completes successfully, you can use the /account/verfication route to start verifying the user email address. To allow your new user to login to his new account, you need to create a new account session.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
email required string

User email.

password required string

User password.

name optional string

User name.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.create('email@example.com', 'password');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Create Account Session

POST/account/sessions

Allow the user to login into his account by providing a valid email and password combination. This route will create a new session for the user.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
email required string

User email.

password required string

User password.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.createSession('email@example.com', 'password');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Create Account Session with OAuth2

GET/account/sessions/oauth2/{provider}

Allow the user to login to his account using the OAuth2 provider of his choice. Each OAuth2 provider should be enabled from the Appwrite console first. Use the success and failure arguments to provide a redirect URL's back to your app when login is completed.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 50 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
provider required string

OAuth2 Provider. Currently, supported providers are: bitbucket, facebook, github, gitlab, google, microsoft, linkedin, slack, dropbox, salesforce, amazon, vk, discord, twitch, spotify, yahoo, yandex, twitter, paypal, bitly.

success required string

URL to redirect back to your app after a successful login attempt.

failure required string

URL to redirect back to your app after a failed login attempt.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let result = sdk.account.createOAuth2Session('bitbucket', 'https://example.com', 'https://example.com');
    
    console.log(result); // Resource URL
    

Get Account

GET/account

Get currently logged in user data as JSON object.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.get();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Get Account Preferences

GET/account/prefs

Get currently logged in user preferences as a key-value object.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.getPrefs();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Get Account Sessions

GET/account/sessions

Get currently logged in user list of active sessions across different devices.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.getSessions();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Get Account Logs

GET/account/logs

Get currently logged in user list of latest security activity logs. Each log returns user IP address, location and date and time of log.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.getLogs();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Update Account Name

PATCH/account/name

Update currently logged in user account name.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Arguments

Name Type Description
name required string

User name.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updateName('[NAME]');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Update Account Password

PATCH/account/password

Update currently logged in user password. For validation, user is required to pass the password twice.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Arguments

Name Type Description
password required string

New user password.

old-password required string

Old user password.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updatePassword('password', 'password');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Update Account Email

PATCH/account/email

Update currently logged in user account email address. After changing user address, user confirmation status is being reset and a new confirmation mail is sent. For security measures, user password is required to complete this request.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Arguments

Name Type Description
email required string

User email.

password required string

User password.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updateEmail('email@example.com', 'password');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Update Account Preferences

PATCH/account/prefs

Update currently logged in user account preferences. You can pass only the specific settings you wish to update.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Arguments

Name Type Description
prefs required object

Prefs key-value JSON object.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updatePrefs({});
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Delete Account

DELETE/account

Delete a currently logged in user account. Behind the scene, the user record is not deleted but permanently blocked from any access. This is done to avoid deleted accounts being overtaken by new users with the same email address. Any user-related resources like documents or storage files should be deleted separately.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.delete();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Delete Account Session

DELETE/account/sessions/{sessionId}

Use this endpoint to log out the currently logged in user from all his account sessions across all his different devices. When using the option id argument, only the session unique ID provider will be deleted.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Rate Limits

This endpoint is limited to 100 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
sessionId required string

Session unique ID. Use the string 'current' to delete the current device session.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.deleteSession('[SESSION_ID]');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Delete All Account Sessions

DELETE/account/sessions

Delete all sessions from the user account and remove any sessions cookies from the end client.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Rate Limits

This endpoint is limited to 100 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.deleteSessions();
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Create Password Recovery

POST/account/recovery

Sends the user an email with a temporary secret key for password reset. When the user clicks the confirmation link he is redirected back to your app password reset URL with the secret key and email address values attached to the URL query string. Use the query string params to submit a request to the PUT /account/recovery endpoint to complete the process.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
email required string

User email.

url required string

URL to redirect the user back to your app from the recovery email.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.createRecovery('email@example.com', 'https://example.com');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Complete Password Recovery

PUT/account/recovery

Use this endpoint to complete the user account password reset. Both the userId and secret arguments will be passed as query parameters to the redirect URL you have provided when sending your request to the POST /account/recovery endpoint.

Please note that in order to avoid a Redirect Attack the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
userId required string

User account UID address.

secret required string

Valid reset token.

password-a required string

New password.

password-b required string

New password again.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updateRecovery('[USER_ID]', '[SECRET]', 'password', 'password');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Create Email Verification

POST/account/verification

Use this endpoint to send a verification message to your user email address to confirm they are the valid owners of that address. Both the userId and secret arguments will be passed as query parameters to the URL you have provider to be attached to the verification email. The provided URL should redirect the user back for your app and allow you to complete the verification process by verifying both the userId and secret parameters. Learn more about how to complete the verification process.

Please note that in order to avoid a Redirect Attack the only valid redirect URLs are the ones from domains you have set when adding your platforms in the console interface.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "account" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
url required string

URL to redirect the user back to your app from the verification email.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.createVerification('https://example.com');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });

Complete Email Verification

PUT/account/verification

Use this endpoint to complete the user email verification process. Use both the userId and secret parameters that were attached to your app URL to verify the user email ownership. If confirmed this route will return a 200 status code.

Authentication

To access this route, init your SDK with your project unique ID and API Key secret token. Make sure your API Key is granted with access to the "public" permission scope.

Rate Limits

This endpoint is limited to 10 requests in every 60 minutes. We use rate limits to avoid service abuse by users and as a security practice. Learn more about rate limiting.

Arguments

Name Type Description
userId required string

User unique ID.

secret required string

Valid verification token.

Example Request
  • let sdk = new Appwrite();
    
    sdk
        .setProject('5df5acd0d48c2') // Your project ID
    ;
    
    let promise = sdk.account.updateVerification('[USER_ID]', '[SECRET]');
    
    promise.then(function (response) {
        console.log(response); // Success
    }, function (error) {
        console.log(error); // Failure
    });