Home Admin guide Platform API Methods for managing exchange users

Methods for managing exchange users

On this page:

GET[host]/back-api/backoffice/users	Get a user list
POST[host]/back-api/backoffice/user	Register a user on the exchange
GET[host]/back-api/backoffice/user/{userId}	Get user profile details
PATCH[host]/back-api/backoffice/user/{userId}	Update user details
PUT[host]/back-api/backoffice/user/{userId}/email	Change a user email
POST[host]/back-api/backoffice/user/{userId}/password	Change a user password
GET[host]/back-api/backoffice/roles/	Get a list of roles assigned to a user
POST[host]/back-api/backoffice/user/{userId}/role/{roleName}	Assign a user role
DELETE[host]/back-api/backoffice/user/{userId}/role/{roleName}	Revoke a user role
PUT[host]/back-api/backoffice/user/{userId}/enable2fa/	Enable two-factor authentication for a user
PUT[host]/back-api/backoffice/user/{userId}/disable2fa/	Disable two-factor authentication for a user
GET[host]/back-api/backoffice/user-card/{userId}/details	Get a user summary
GET[host]/back-api/backoffice/user-card/{userId}/transactions	Get a history of user orders
GET[host]/back-api/backoffice/user-card/{userId}/withdrawals	Get a history of user withdrawals
GET[host]/back-api/backoffice/user-card/{userId}/deposits	Get a history of user deposits
GET[host]/back-api/backoffice/user-card/{userId}/logins	Get a log of user sessions

Get a user list

Use this method to obtain a list of exchange users based on various criteria.

Request

Header parameters:

Authorization: Bearer <access_token>

Query parameters:

Search

The username or email (to return entries matching this string).

Type

The user category:

All
New
Verified
Unverified
Blocked
Admins
NoRoles

To obtain a list of users to which no roles are assigned, set this parameter to NoRoles. You can also set the Roles parameter to include users with specific roles.

Roles array

The user roles. To obtain a list of users to which no roles have been assigned, set the Type parameter to NoRoles.

Status string

The user profile status:

Active
Frozen
Terminated

DepositDateFrom string

The date after which a deposit was made by a user: YYYY-MM-DDThh:mm:ss.

Set the DepositDateTo parameter to specify the time range.

DepositDateTo string

The date before which a deposit was made by a user: YYYY-MM-DDThh:mm:ss.

Set the DepositDateFrom parameter to specify the time range.

DepositAmountFrom number

The minimum amount deposited by a user.

Set the DepositAmountTo parameter to specify the amount range.

DepositAmountTo number

The maximum amount deposited by a user.

Set the DepositAmountFrom parameter to specify the amount range.

TradingVolumeFrom number

The minimum volume traded by a user.

Set the TradingVolumeTo parameter to specify the volume range.

TradingVolumeTo number

The maximum volume traded by a user.

Set the TradingVolumeFrom parameter to specify the volume range.

ActivePeriodFrom string

The date starting from which a user has been active on the exchange: YYYY-MM-DDThh:mm:ss.

Set the `ActivePeriodTo parameter to specify the time range.

ActivePeriodTo string

The date ending at which a user has been active on the exchange: YYYY-MM-DDThh:mm:ss.

Set the ActivePeriodFrom parameter to specify the time range.

GET[host]/back-api/backoffice/users

GET /back-api/backoffice/users?Type=Active&Roles=Admin HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

isActive boolean

If true, the user profile is assigned the Active status, meaning that the user can log in to the exchange and interact with it.

isEmailConfirmed boolean

If true, the user email was confirmed.

isPhoneConfirmed boolean

If true, the user phone number was confirmed.

registrationDate string

The date and time of user registration.

canWithdraw boolean

If true, the user can withdraw funds.

canDeposit boolean

If true, the user can deposit funds.

status string

The current user profile status.

twoFactorEnabled boolean

If true, two-factor authentication is enabled for this user.

hasTradingApiKey boolean

If true, the user has API keys issued in the B2Core UI and is allowed to trade via API.

id string

The user identifier, in the GUID string format.

email string

The user email.

roles array

The roles assigned to a user.

nickname string

The username which identifies a user on the exchange.

country object

The country of registration:

id string: The country identifier.
name string: The country name.
code string: The country code.

lastSignInDate string

The date and time when a user has last been logged in to the system.

createdAt string

The date and time when a user profile was created.

firstName string

The user first name.

lastName string

The user last name.

countryId string

The country identifier.

location string

The current user location based on the IP address:

country string: The country name.
code string: The country code.

    RESPONSE EXAMPLE
  
{
  "filters": {
    "type": 0,
    "roles": ["Admin"]
  },
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 1
  },
  "data": [
    {
      "isActive": true,
      "isEmailConfirmed": true,
      "isPhoneConfirmed": true,
      "registrationDate": "2019-10-14T09:32:25.686736",
      "canWithdraw": false,
      "canDeposit": false,
      "status": "Active",
      "twoFactorEnabled": false,
      "hasTradingApiKey": false,
      "id": "8f3b7743-64ff-8c79-9d94-4c23d01e78df",
      "email": "admin@mailinator.com",
      "roles": [
        "Admin"
      ],
      "nickname": "8f3b7743-64ff-8c79-9d94-4c23d01e78df",
      "country": {
        "id": "USA",
        "name": "United States",
        "code": "US"
      },
      "lastSignInDate": "2020-02-19T14:00:22.545778",
      "createdAt": "2019-10-14T09:32:25.686736",
      "firstName": "Test",
      "lastName": "Test",
      "countryId": "USA",
      "location": {"country":"Russia","code":"RU"}
    }
  ]
}

Register a user on the exchange

Use this method to create a new user profile on the exchange.

Request

Header parameters:

Authorization: Bearer <access_token>

Body:

nickname string required: The username.
email string required: The email that a user needs to specify to log in.
password string required: The password that a user needs to specify to log in.

POST[host]/back-api/backoffice/user

POST /back-api/backoffice/user HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

{
  "nickname": "admin",
  "email": "admin@mail.com",
  "password": "C0m9l&xP@ssw0rd"
}

Response

id string: The user identifier, in the GUID string format.
email string: The user email (as specified in the request).
roles array: The roles assigned to a user. This value is empty for newly created user profiles.
nickname string: The username (as specified in the request).
createdAt string: The date and time when a user profile was created.

    RESPONSE EXAMPLE
  
{
  "id": "c8f521f5-9f34-44bc-9377-ec0c4786c333",
  "email": "admin@mail.com",
  "roles": [],
  "nickname": "admin",
  "createdAt": "2019-03-27T13:51:13.4039729Z"
}

Get user profile details

Use this method to obtain information about a specified user profile.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId

The user identifier, in the GUID string format.

When this parameter is not specified, the profile of the currently authorized user is returned.

GET[host]/back-api/backoffice/user/{userId}

GET /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

isActive boolean: If true, a user profile is assigned the Active status, meaning that the user can log in to the exchange and interact with it.
isEmailConfirmed boolean: If true, the user email was confirmed.
isPhoneConfirmed boolean: If true, the user phone number was confirmed.
registrationDate string: The date and time of user registration.
canWithdraw boolean: If true, the user can withdraw funds.
canDeposit boolean: If true, the user can deposit funds.
status string: The current user profile status.
twoFactorEnabled boolean: If true, two-factor authentication is enabled for this user.
hasTradingApiKey boolean: If true, the user has active API keys issued in the B2Core UI and is allowed to trade via API.
id string: The user identifier, in the GUID string format.
email string: The user email.
roles array: The roles assigned to a user.
nickname string: The username which identifies a user on the exchange.
lastSignInDate string: The date and time when a user has last been logged in to the system.
createdAt string: The date and time when a user profile was created.

    RESPONSE EXAMPLE
  
{
  "data": {
    "isActive": true,
    "isEmailConfirmed": true,
    "isPhoneConfirmed": false,
    "registrationDate": "2021-04-21T15:33:45.247172Z",
    "canWithdraw": false,
    "canDeposit": false,
    "status": "Active",
    "twoFactorEnabled": false,
    "hasTradingApiKey": false,
    "id": "bbedc77f-d20b-11a2-3849-2bd518e6350d",
    "email": "test@mailinator.com",
    "roles": [
      "Support"
    ],
    "nickname": "Test",
    "lastSignInDate": "2021-04-21T15:33:46.2358Z",
    "createdAt": "2021-04-21T15:33:45.284624Z"
  }
}

Update user details

Use this method to update basic information about a user, as previously defined in the request body.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

Body:

userName string: The username.
firstName string: The user first name.
lastName string: The user last name.
middleName string: The user middle name.
countryId string: The user country.
comment string: The commentary to the profile update.

PATCH[host]/back-api/backoffice/user/{userId}

PATCH /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

{
  "firstNmae": "John",
  "lastName": "Doe"
}

Response

isActive boolean: If true, the user profile is assigned the Active status, meaning that the user can log in to the exchange and interact with it.
isEmailConfirmed boolean: If true, the user email was confirmed.
isPhoneConfirmed boolean: If true, the user phone number was confirmed.
registrationDate string: The date and time of user registration.
canWithdraw boolean: If true, the user can withdraw funds.
canDeposit boolean: If true, the user can deposit funds.
status string: The current user profile status.
twoFactorEnabled boolean: If true, two-factor authentication is enabled for this user.
id string: The user identifier, in the GUID string format.
email string: The user email.
nickname string: The username which identifies a user on the exchange.
createdAt string: The date and time when a user profile was created.

    RESPONSE EXAMPLE
  
{
  "isActive": true,
  "isEmailConfirmed": true,
  "isPhoneConfirmed": false,
  "registrationDate": "2020-03-19T14:49:13.36193",
  "canWithdraw": false,
  "canDeposit": false,
  "status": "Active",
  "twoFactorEnabled": false,
  "id": "a661b905-6856-475f-809c-8492729c9d6e",
  "email": "nickname@email.com",
  "nickname": "nickname",
  "createdAt": "2020-03-19T14:49:13.510214"
}

Change a user email

Use this method to update a user email that a user needs to specify to log in to the system.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

Body:

email string required: The new email address.

PUT[host]/back-api/backoffice/user/{userId}/email

PUT /back-api/backoffice/user/68e057fe-0aec-03db-20f8-5f811abf7da6/email HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

{
  "email": "new@email.mail"
}

Response

In case of success, HTTP code 200 is returned.

Change a user password

Use this method to update a user password that the user needs to specify to log in to the system.

Important

This operation can be performed only by users assigned the Admin role.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

Body:

password string required: The new user password.

POST[host]/back-api/backoffice/user/{userId}/password

POST /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d/password HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

{
  "password": "NewPassword!"
}

Response

In case of success, HTTP code 200 is returned.

Get a list of roles assigned to a user

Use this method to find out which roles are currently assigned to a specified user.

Request

Header parameters:

Authorization: Bearer <access_token>

GET[host]/back-api/backoffice/roles/

GET /back-api/backoffice/roles HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

name string: The role name.
normalizedName string: For internal use.

commissionType string: The commission settings associated with this role.

    RESPONSE EXAMPLE
  
{
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 4944
  },
  "data": [
    {
      "name": "Vip",
      "normalizedName": "VIP",
      "commissionType": "Vip"
    },
    {
      "name": "User",
      "normalizedName": "USER",
      "commissionType": "NoCommission"
    }
  ]
}

Assign a user role

Use this method to assign a new role to a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId required

The user identifier, in the GUID string format.

roleName required

The name of a newly assigned role:

Vip
Hedging
User
Demo
Trader
Market-Maker
NoCommission
Support
Admin
Bot

POST[host]/back-api/backoffice/user/{userId}/role/{roleName}

POST /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d/role/Trader HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

In case of success, HTTP code 200 is returned.

Revoke a user role

Use this method to revoke a role previously assigned to a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId required

The user identifier, in the GUID string format.

roleName required

The name of a role to be revoked:

Vip
Hedging
User
Demo
Trader
Market-Maker
NoCommission
Support
Admin
Bot

DELETE[host]/back-api/backoffice/user/{userId}/role/{roleName}

DELETE /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d/role/Trader HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

In case of success, HTTP code 200 is returned.

Enable two-factor authentication for a user

Use this method to enable two-factor authentication for a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

PUT[host]/back-api/backoffice/user/{userId}/enable2fa/

PUT /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d/enable2fa HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

In case of success, HTTP code 200 is returned.

Disable two-factor authentication for a user

Use this method to disable two-factor authentication for a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

PUT[host]/back-api/backoffice/user/{userId}/disable2fa/

PUT /back-api/backoffice/user/bbedc77f-d20b-11a2-3849-2bd518e6350d/disable2fa HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

In case of success, HTTP code 200 is returned.

Get a user summary

Use this method to obtain basic information about a user, including the username and email.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

GET[host]/back-api/backoffice/user-card/{userId}/details

GET /back-api/backoffice/user-card/6d759436-8a00-a1df-a1e8-16624e9be7e2/details HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

userId string: The user identifier, in the GUID string format.
nickname string: The username.
email string: The user email.
registration-date string: The date and time of user registration.

    RESPONSE EXAMPLE
  
{
  "user_id": "0c0319d1-8f3c-1875-a112-42ce529a781a",
  "nickname": "0c0319d1-8f3c-1875-a112-42ce529a781a",
  "email": "copycat@mailinator.com",
  "registration-date": "2019-10-14T13:10:26.511307"
}

Get a history of user orders

Use this method to obtain a list of orders placed by a specified user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

GET[host]/back-api/backoffice/user-card/{userId}/transactions

GET /back-api/backoffice/user-card/68e057fe-0aec-03db-20f8-5f811abf7da6/transactions HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

id number: The order identifier.
creationDate string: The date and time when an order was placed.
instrument string: The currency pair identifier (such as btc_usdt): {baseAsset}_{quoteAsset}.
side number: The order side: buy (0) or sell (1).
category string: Always Order.
price number: The order price.
amount :type:` number`: The order amount, in the base asset.
fee number: The fee charged for the order.
percent number: For internal use: always 0.
total number: The order amount, in the quote asset.

    RESPONSE EXAMPLE
  
{
  "filters": {},
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 4944
  },
  "data": [
    {
      "id": -144115188075841741,
      "creationDate": "2019-10-14T13:28:01.740126Z",
      "instrument": "xrp_usdt",
      "side": 0,
      "category": "Order",
      "price": 0.28834,
      "amount": 24956.0,
      "fee": 0.0,
      "percent": 0.0,
      "total": 7195.813040
    }
  ]
}

Get a history of user withdrawals

Use this method to obtain a history of withdrawal transfers made by a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

GET[host]/back-api/backoffice/user-card/{userId}/withdrawals

GET /back-api/backoffice/user-card/68e057fe-0aec-03db-20f8-5f811abf7da6/withdrawals HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

id number

The transfer identifier.

accountId number

The user account identifier.

assetId string

The asset identifier.

transferId string

The transfer identifier.

version number

For internal use.

type number

Always 1, indicating a withdrawal transfer.

amount number

The amount withdrawn.

comment string

The commentary to the transfer.

createdAt string

The date and time when the transaction was made.

updatedAt string

The date and time when the transaction status has last been updated.

status number

The transaction status:

0 — awaiting confirmation (the withdrawal request is sent and awaits confirmation)
2 — completed (transfer processing is complete, this is a final state)
3 — failed (transfer processing failed, this is a final state)
5 — cancelled (transfer is cancelled, this is a final state)

fee number

The transfer processing fee.

data string

For internal use.

errorMessage string

In case of an error, the error description.

    RESPONSE EXAMPLE
  
{
  "filters": {},
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 1
  },
  "data": [
    {
      "id": 32,
      "accountId": 2,
      "assetId": "eth",
      "transferId": "2",
      "version": 148155,
      "type": 1,
      "amount": 10.1,
      "comment": "Money withdrawal",
      "createdAt": "2019-10-16T14:10:28.078428",
      "updatedAt": "2019-10-16T14:10:28.078428",
      "status": 2,
      "fee": 0.0,
      "data": "{}",
      "errorMessage": ""
    }
  ]
}

Get a history of user deposits

Use this method to obtain a list of deposit transfers made by a user.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

GET[host]/back-api/backoffice/user-card/{userId}/deposits

GET /back-api/backoffice/user-card/68e057fe-0aec-03db-20f8-5f811abf7da6/deposits HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

id number

The transfer identifier.

accountId number

The user account identifier.

assetId string

The asset identifier.

transferId string

The transfer identifier.

version number

For internal use.

type number

Always 0, indicating a deposit transfer.

amount number

The amount deposited.

comment string

The commentary to the transfer.

createdAt string

The date and time when the transaction was made.

updatedAt string

The date and time when the transaction status has last been updated.

status number

The transaction status:

1 — pending (the deposit request is sent and awaits confirmation)
2 — completed (transfer processing is complete, this is a final state)
3 — failed (transfer processing failed, this is a final state)
5 — cancelled (transfer is cancelled, this is a final state)

fee number

The transfer processing fee.

data string

For internal use.

errorMessage string

In case of an error, the error description.

    RESPONSE EXAMPLE
  
{
  "filters": {},
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 1
  },
  "data": [
    {
      "id": 31,
      "accountId": 2,
      "assetId": "eth",
      "transferId": "1",
      "version": 148154,
      "type": 0,
      "amount": 10.1,
      "comment": "Money deposit",
      "createdAt": "2019-10-16T14:10:17.633274",
      "updatedAt": "2019-10-16T14:10:17.633274",
      "status": 2,
      "fee": 0.0,
      "data": "{}",
      "errorMessage": ""
    }
  ]
}

Get a log of user sessions

Use this method to find out when and from which location a user has logged in.

Request

Header parameters:

Authorization: Bearer <access_token>

Path parameters:

userId: The user identifier, in the GUID string format.

GET[host]/back-api/backoffice/user-card/{userId}/logins

GET /back-api/backoffice/user-card/68e057fe-0aec-03db-20f8-5f811abf7da6/logins HTTP/1.1
Host: host.name
Authorization: Bearer akvmn34egjidg0jifgjdg0djg34g

Response

id number

The session identifier.

userId string

The user identifier.

loginDate string

The date and time when a user was logged in, in conversion to your local time.

ip string

The user IP address.

with2FA boolean

If true, two-factor authentication was used to log in.

location object

The user location based on the IP address:

country string: The country name.
code string: The country code.

    RESPONSE EXAMPLE
  
{
  "filters": {},
  "paging": {
    "page": 1,
    "per_page": 15,
    "total": 11
  },
  "data": [
    {
      "id": 2,
      "userId": "0c0319d1-8f3c-1875-a112-42ce529a781a",
      "loginDate": "2019-10-14T13:11:00.578425Z",
      "ip": "172.19.0.12",
      "with2FA": false,
      "location": {"country":"Uganda","code":"UU"}
    }
  ]
}