Skip to content

Administer ​

Accessing and Using the Admin Panel ​

The Admin Panel is a web-based interface designed to help administrators or web application owners manage user accounts within their application. It provides intuitive tools for creating, editing, and deleting user accounts managed by AuthCompanion.

Accessing the Admin Panel ​

  • URL:
    By default, the Admin Panel is available at /admin/.
    For local development, you can access it at:
    http://localhost:3002/admin/login
    (Replace 3002 with your configured port, if different. The port is set in your .env file.)

Administrator Login ​

  • Initial Credentials:
    When you first start the AuthCompanion server, an admin user is automatically created.
  • Finding Credentials:
    The default admin email and password are stored in a file specified by the ADMIN_KEY_PATH variable in your .env file.
    Example:
    ADMIN_KEY_PATH=./adminkey
    Open this file to retrieve your admin login details. Keep these credentials secure.

About the Admin Panel ​

  • The Admin Panel is built using Vue 3 and deployed as a Single Page Application (SPA).
  • It is served directly from the AuthCompanion server; no separate deployment is necessary.
  • All user management actions performed in the Admin Panel are powered by the Admin API

Key Features ​

  • User Creation: Add new users to your application.
  • User Editing: Update user details, roles, or permissions.
  • User Deletion: Remove user accounts as needed.
  • Secure Access: Only authenticated administrators can access the panel.

Tip: If you forget your admin credentials, you can reset or regenerate them by updating the file at ADMIN_KEY_PATH and restarting the server.


Overview of Admin API Endpoints ​

The Admin Panel uses AuthCompanion's Admin API for all privileged user management operations. Below is an overview of the available admin endpoints:

EndpointMethodSummaryDescription
/v1/admin/loginPOSTLogin Admins and receive Access TokenLog in to the admin portal and obtain a JWT for API access.
/v1/admin/token/refreshPOSTRefresh Admin Access TokenRefresh the admin access token using a valid refresh token.
/v1/admin/logout/{uuid}DELETELogout Admin from Admin PortalLog out the admin user and clear session cookies.
/v1/admin/usersPOSTCreate User AccountsCreate a new user account as an admin.
/v1/admin/usersGETList User AccountsRetrieve a paginated list of user accounts.
/v1/admin/users/{uuid}PATCHUpdate User AccountsUpdate details for a specific user account.
/v1/admin/users/{uuid}DELETEDelete User AccountsDelete a user account by UUID.

Endpoint Details ​

  • Authentication:
    All endpoints require a valid admin JWT (bearerAuth) except for /v1/admin/login.

  • User Management:

    • Create User:
      POST /v1/admin/users
      Body: user details (name, email, password, etc.)
    • List Users:
      GET /v1/admin/users
      Query params: pagination and search (e.g., by email)
    • Update User:
      PATCH /v1/admin/users/{uuid}
      Body: fields to update for the user
    • Delete User:
      DELETE /v1/admin/users/{uuid}
      Path param: user UUID
  • Admin Session Management:

    • Login:
      POST /v1/admin/login
      Body: admin email and password, returns JWT
    • Token Refresh:
      POST /v1/admin/token/refresh
      Body: refresh token, returns new access token
    • Logout:
      DELETE /v1/admin/logout/{uuid}
      Path param: admin user UUID