Back to API Reference

Users API

Manage user profiles, preferences, subscription status, and user-specific resources.

---

Base URL 

https://app.datapublisher.io/api/users

---

Authentication

All endpoints require JWT authentication via Authorization: Bearer header.

---

Endpoints

Get User Profile

Retrieve the authenticated user's profile information.

Endpoint: GET /profile

Headers: 

Authorization: Bearer

Response (200 OK): 

{

  "id": "uuid",



  "username": "johndoe",



  "email": "john@example.com",



  "firstName": "John",



  "lastName": "Doe",



  "createdAt": "2026-01-15T10:30:00Z",



  "lastLoginAt": "2026-02-12T09:15:00Z"



}

---

Update User Profile

Update user profile information (name, email).

Endpoint: PUT /profile

Headers: 

Authorization: Bearer 

Content-Type: application/json

Request Body: 

{

  "firstName": "John",



  "lastName": "Doe",



  "email": "newemail@example.com"



}

Validation:

Response (200 OK): 

{

  "message": "Profile updated successfully",



  "user": {



    "Id": "uuid",



    "Username": "johndoe",



    "Email": "newemail@example.com",



    "FirstName": "John",



    "LastName": "Doe",



    "UpdatedAt": "2026-02-12T10:00:00Z"



  }



}

Error Responses:

400 Bad Request - Invalid data: 
{

  "errors": [



    {



      "msg": "Invalid email address",



      "param": "email",



      "location": "body"



    }



  ]



}

400 Bad Request - Email already in use: 
{

  "message": "Email already in use"



}

---

Get User Documents

List all documents associated with the user.

Endpoint: GET /documents

Headers: 

Authorization: Bearer

Response (200 OK): 

{

  "documents": [



    {



      "Id": "uuid",



      "DocumentId": "doc-uuid",



      "DocumentName": "Sales Report 2026",



      "CreatedAt": "2026-02-01T14:30:00Z",



      "UpdatedAt": "2026-02-10T16:45:00Z"



    },



    {



      "Id": "uuid",



      "DocumentId": "doc-uuid-2",



      "DocumentName": "Customer List",



      "CreatedAt": "2026-01-20T09:15:00Z",



      "UpdatedAt": "2026-02-05T11:20:00Z"



    }



  ]



}

---

Save Document

Create a new document entry for the user.

Endpoint: POST /documents

Headers: 

Authorization: Bearer 

Content-Type: application/json

Request Body: 

{

  "documentId": "optional-custom-id",



  "documentName": "Q1 Sales Report",



  "documentContent": "Optional content or metadata"



}

Validation:

Response (201 Created): 

{

  "message": "Document saved successfully",



  "document": {



    "Id": "uuid",



    "DocumentId": "optional-custom-id",



    "DocumentName": "Q1 Sales Report",



    "CreatedAt": "2026-02-12T10:30:00Z"



  }



}

---

Update Document

Update an existing document's name or content.

Endpoint: PUT /documents/:id

Headers: 

Authorization: Bearer 

Content-Type: application/json

Request Body: 

{

  "documentName": "Q1 Sales Report - Updated",



  "documentContent": "Updated content"



}

Validation:

Response (200 OK): 

{

  "message": "Document updated successfully",



  "document": {



    "Id": "uuid",



    "DocumentName": "Q1 Sales Report - Updated",



    "UpdatedAt": "2026-02-12T11:00:00Z"



  }



}

Error Responses:

404 Not Found - Document not found or doesn't belong to user: 
{

  "message": "Document not found"



}

---

Delete Document

Delete a user's document.

Endpoint: DELETE /documents/:id

Headers: 

Authorization: Bearer

Response (200 OK): 

{

  "message": "Document deleted successfully"



}

Error Responses:

404 Not Found: 
{

  "message": "Document not found"



}

---

Get Subscription Status

Retrieve current subscription details (trial or paid).

Endpoint: GET /subscription

Headers: 

Authorization: Bearer

Response (200 OK): 

{

  "subscriptionType": "trial",



  "subscriptionStatus": "active",



  "trialEndsAt": "2026-02-26T00:00:00Z",



  "daysRemaining": 14



}

OR for paid subscription: 

{

  "subscriptionType": "premium",



  "subscriptionStatus": "active",



  "subscriptionId": "sub_abc123",



  "nextBillingDate": "2026-03-12T00:00:00Z"



}

---

Update Password

Change the user's password.

Endpoint: PUT /password

Headers: 

Authorization: Bearer 

Content-Type: application/json

Request Body: 

{

  "currentPassword": "oldpassword123",



  "newPassword": "newpassword456"



}

Validation:

Response (200 OK): 

{

  "message": "Password updated successfully"



}

Error Responses:

400 Bad Request - Invalid password: 
{

  "message": "Current password is incorrect"



}

400 Bad Request - Weak password: 
{

  "message": "New password must be at least 8 characters and contain uppercase, lowercase, and numbers"



}

---

Get User Statistics

Get user-specific statistics (documents, campaigns, data files count).

Endpoint: GET /stats

Headers: 

Authorization: Bearer

Response (200 OK): 

{

  "totalDocuments": 15,



  "totalCampaigns": 8,



  "totalDataFiles": 12,



  "totalEmailsSent": 1250,



  "storageUsed": "45.3 MB",



  "storageLimit": "1 GB"



}

---

Rate Limiting

---

Common Error Codes

| Status Code | Description |

|-------------|-------------|

| 400 | Invalid request data or validation error |

| 401 | Unauthorized - missing or invalid JWT token |

| 404 | User or resource not found |

| 409 | Conflict - email already in use |

| 429 | Too many requests - rate limit exceeded |

| 500 | Internal server error |

---

Usage Examples

JavaScript (Fetch API) 

// Get user profile

const profile = await fetch('https://app.datapublisher.io/api/users/profile', {



  headers: {



    'Authorization': Bearer ${jwtToken}



  }



});



const userData = await profile.json();



console.log(userData);




// Update profile



const updateResponse = await fetch('https://app.datapublisher.io/api/users/profile', {



  method: 'PUT',



  headers: {



    'Authorization': Bearer ${jwtToken},



    'Content-Type': 'application/json'



  },



  body: JSON.stringify({



    firstName: 'Jane',



    lastName: 'Smith',



    email: 'jane.smith@example.com'



  })



});



const result = await updateResponse.json();



console.log(result.message);

Python (requests) 

import requests


API_URL = 'https://app.datapublisher.io/api/users'



headers = {'Authorization': f'Bearer {jwt_token}'}




Get profile



response = requests.get(f'{API_URL}/profile', headers=headers)



profile = response.json()



print(profile)




Update profile



update_data = {



    'firstName': 'Jane',



    'lastName': 'Smith',



    'email': 'jane.smith@example.com'



}



response = requests.put(f'{API_URL}/profile', json=update_data, headers=headers)



result = response.json()



print(result['message'])

cURL 

Get user profile



curl -X GET https://app.datapublisher.io/api/users/profile \



  -H "Authorization: Bearer YOUR_JWT_TOKEN"




Update profile



curl -X PUT https://app.datapublisher.io/api/users/profile \



  -H "Authorization: Bearer YOUR_JWT_TOKEN" \



  -H "Content-Type: application/json" \



  -d '{



    "firstName": "Jane",



    "lastName": "Smith",



    "email": "jane.smith@example.com"



  }'




Get subscription status



curl -X GET https://app.datapublisher.io/api/users/subscription \



  -H "Authorization: Bearer YOUR_JWT_TOKEN"

---

Security Notes

  • Email Updates: Changing email requires verification that new email is not already in use
  • Password Updates: Current password must be verified before allowing password change
  • Session Management: JWT tokens expire after 7 days
  • Profile Sanitization: All text inputs are sanitized to prevent XSS attacks
  • Rate Limiting: Aggressive rate limiting on authentication-related endpoints

    • ---

    Best Practices

  • Cache Profile Data: Cache user profile data client-side to reduce API calls
  • Handle 401 Errors: Implement token refresh or re-authentication flow
  • Validate Client-Side: Validate email/password format before API calls
  • Progressive Updates: Only send fields that changed in PUT requests
  • Error Handling: Always handle network errors and display user-friendly messages

    • ---

    Related Documentation