Api

Set a user's password (user:manage, or the user themselves)

Authorization

AdminSession

chimely_admin<token>

Server-side admin session cookie, set by POST /admin/api/login.

In: cookie

Path Parameters

user_id*string

Admin user TypeID (adm_…).

Request Body

application/json

TypeScript Definitions

Use the request body type in TypeScript.

password*string

Response Body

`application/json`

curl -X POST "https://example.com/admin/api/users/string/password" \  -H "Content-Type: application/json" \  -d '{    "password": "string"  }'

Empty

{
  "error": {
    "code": "invalid_request",
    "message": "string"
  }
}

Empty

{
  "error": {
    "code": "invalid_request",
    "message": "string"
  }
}

{
  "error": {
    "code": "invalid_request",
    "message": "string"
  }
}

Begin a subscriber-HMAC rotation (current → previous) POST

Generates a new current secret and moves the existing one into the previous slot. During the overlap BOTH secrets verify live `<Inbox />` sessions (auth checks current then previous), so rotation is zero-downtime. Complete the rotation to clear the previous slot once every customer backend has switched.

Update an admin user's name, role, or disabled state PATCH

Set a user's password (user:manage, or the user themselves)

Authorization

Path Parameters

Request Body

Response Body

204

400application/json

401

403application/json

404application/json

`application/json`

`application/json`

`application/json`