The UserStore API is organized around REST. The API uses HTTP authentication and HTTP verbs. It also returns errors with HTTP response codes. JSON is returned with all responses from the API.

API Endpoint


The UserStore API is authenticated by providing your secret API key in the request. You'll find your secret key in the configuration page of your application dashboard. Your API key has data privileges so make sure to keep them secret.

The REST API authenticates with HTTP Basic Auth. Use the secret API key as your Basic Auth username. You do not need to provide a password. You will need to authenticate for all requests. All API requests must be made over HTTPS.

To use your secret API key, pass it into the UserStore module upon instantiation. The Node.js library will use this request for each request.

Install via NPM
npm install userstore
curl \
   -u SECRET_KEY: \
var userstore = require('userstore')(SECRET_KEY);

HTTP Status Codes

200 OK: The request was successful

400 Bad Request: The request was invalid or missing information. See response body for more details and request documentation

401 Unauthorized: The API/Secret key is missing or invalid

402 Request Failed: The app is either configured incorrectly or disabled

403 Forbidden: The request was forbidden given authorization or lack of authorization

404 Not Found: The resource could not be found

429 Too Many Requests: You have made too many requests in the last hour.

500 Internal Server Error: The server encountered an error while processing your request and failed

502 Gateway Error: The load balancer or web server processing your request. Please try the request again

503 Service Unavailable: The service is temporarily unavailable. Please try the request again

Validation Errors

Validation errors will return a HTTP 400 Bad Request status code. In the response object, there will be a "error" property set to "validation_error" and a "validation_error" property containing a list of errors indicating which validation rule was not satisfied. The list of rules are:

required: The parameter is required

valid_email: THe parameter provided must be a valid email address

min_length[INT]: The parameter must have a minimum length of INT

max_length[INT]: The parameter must have a maximum length of INT

matches[ANOTHER_PARAMETER]: The parameter value much match the parameter value of ANOTHER_PARAMETER

cant_match[ANOTHER_PARAMETER]: The parameter value can not match the parameter value of ANOTHER_PARAMETER

valid_characters: The parameter must have valid characters

appropriate: The parameter provided must not contain appropriate words or symbols

uncommon_password: The parameter must not be one of the most commonly hacked passwords

Validation Error Example