The CRM Users API manages user accounts and profiles. This is an admin-only API.
Edge Function: crm-users-api
Base URL: https://bgbavxtjlbvgplozizxu.supabase.co/functions/v1/crm-users-api
All requests require authentication via Supabase Auth:
Authorization: Bearer <supabase_access_token>
⚠️ Admin Only - Only users with the Admin role can access this API.
Get a paginated list of all users with their profiles and credits.
Method: GET
Path: /
Query Parameters:
limit (optional): Number of records to return (default: 1000)offset (optional): Number of records to skip (default: 0)Response:
{
data: Array<{
id: string, // Profile ID
user_id: string, // Auth user ID
email: string,
role_id: string,
subscription_tier: string, // 'free', 'pro', 'enterprise'
status: string, // 'active', 'inactive', 'suspended'
credits: number, // Current credit balance
created_at: string,
roles: {
id: string,
name: string,
level: number
}
}>,
count: number
}
Example:
const response = await fetch(
`${API_BASE}/crm-users-api?limit=100&offset=0`,
{
headers: {
'Authorization': `Bearer ${session.access_token}`
}
}
);
Get detailed information about a specific user.
Method: GET
Path: /{userId}
Response:
{
data: {
id: string,
user_id: string,
role_id: string,
subscription_tier: string,
status: string,
created_at: string,
updated_at: string,
roles: {
name: string,
level: number,
description: string
}
}
}
Update user profile information.
Method: PATCH
Path: /{userId}
Request:
{
role_id?: string,
subscription_tier?: 'free' | 'pro' | 'enterprise',
status?: 'active' | 'inactive' | 'suspended'
}
Response:
{
data: {
id: string,
user_id: string,
role_id: string,
subscription_tier: string,
status: string,
updated_at: string
}
}
Example:
const response = await fetch(
`${API_BASE}/crm-users-api/${userId}`,
{
method: 'PATCH',
headers: {
'Authorization': `Bearer ${session.access_token}`,
'Content-Type': 'application/json'
},
body: JSON.stringify({
subscription_tier: 'pro',
status: 'active'
})
}
);
Delete a user account (soft delete - marks as inactive).
Method: DELETE
Path: /{userId}
Response:
{
message: 'User deleted successfully'
}
⚠️ Warning: This operation cannot be undone. The user will be marked as inactive and will lose access to the platform.
The system supports the following roles:
| Role | Level | Description |
|---|---|---|
| Admin | 100 | Full system access |
| Manager | 75 | CRM and user management |
| Factory | 50 | Factory operations |
| Member | 25 | Standard user access |
| Viewer | 10 | Read-only access |
| Tier | Description |
|---|---|
| free | Free tier with limited features |
| pro | Professional tier with advanced features |
| enterprise | Enterprise tier with full features |
All errors return a standard format:
{
error: string // Error message
}
Common Error Codes:
401 - Unauthorized (missing or invalid token)403 - Forbidden (admin access required)404 - User not found400 - Bad request (validation error)500 - Internal server error