Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  1. Fotoware Alto
    • 11.14 Schreckhorn
    • Terminology
    • Solutions
    • User Guide - Deutsch
    • User Guide - English
    • API Changelog
  2. Fotoware Veloz
    • Managing users and groups
    • Configuring archives
    • Configuring workflows
    • Configuring site behavior
    • Navigating and searching to find your assets
    • Working with your assets
    • Editing asset metadata
    • Uploading files
    • Version Control in Fotoware
    • Albums - Creating and sharing collections
    • Placing assets in a CMS
    • Working with the Fotoware Pro interface
    • Using the Fotoware plugins
    • Consent management
    • User guide to FotoWeb for iPad (Legacy)
    • Picture conferencing with FotoWeb Screens (Legacy)
    • What's what in Fotoware
    • GDPR
    • Fotoware Veloz releases
    • Activity Exports
    • Fotoware Example Workflows
  3. Fotostation
    • Getting started with Fotostation
    • Viewing, selecting and sorting files
    • Managing your assets with archives
    • Adding metadata to assets
    • Searching for assets
    • Working with your assets
    • Version Control in Fotostation
    • Automating tasks with Actions
    • Configuring metadata fields and editors
    • Configuring Fotostation
    • Configuring Fotostation for multi-user environments
    • Troubleshooting Fotostation
  4. Fotoware Flow
    • What is Flow?
    • Getting started
    • Flow dictionary
  5. Fotoware On-Premises
    • Getting started
    • Index Manager
    • FotoWeb
    • Color Factory
    • Connect
    • Operations Center Guide
  6. Integrations and APIs
    • The Fotoware API
    • Creating integrations using embeddable widgets
    • Authorizing applications using OAuth
    • Auto-tagging
    • FotoWeb Drag and Drop export
    • Integration using webhooks
    • Optimizely and Episerver plugin documentation
    • User Interface Integrations
  7. Fotoware Mobile
    • User guide for Fotoware Mobile for iPhone and Android
    • User guide to FotoWeb for iPad (Legacy)
    • User guide to FotoWeb for iPhone and Android (Legacy)

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Support

Table of Contents

MIME Type Part of ... Example Attributes Methods GET PATCH DELETE Remarks
  • Home
  • Integrations and APIs
  • The Fotoware API
  • Users and Groups

User Representation

This article describes the JSON format that represents a user in the Users and Groups API. This is the application/vnd.fotoware.user+json media type. It is also used as part of the user list representation.

12. May 2025

Elaine Foley

Table of Contents

MIME Type Part of ... Example Attributes Methods GET PATCH DELETE Remarks

MIME Type 

application/vnd.fotoware.user+json

Part of ... 

  • User List

Example 

01

02

03

04

05

06

07

08

09

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

{

href: "/fotoweb/users/wyle.e.coyote@acme.com",

username: "wyle.e.coyote@acme.com",

description: "...",

created: "2015-09-01T11:04:00Z",

modified: "2015-09-01T11:04:00Z",

registered: "2015-09-01T11:04:00Z", // can be null

account: {

allowPasswordChange: true | false,
authenticationProvider: "password|PROVIDER_ID", // can be null

externalIDs: [

{provider: "PROVIDER1": id: "ID1"},

{provider: "PROVIDER2": id: "ID2"},

...

],

expires: "2015-09-01T11:04:00Z", // can be null

isEnabled: true | false,

lastLoginDate: "2015-09-01T11:04:00Z", // can be null

},

address: {

email: "coyote@acme.com",

title: "...",

firstName: "...",

initial: "...",

lastName: "...",

organization: "A.C.M.E.",

profession: "villain",

businessType: "...",

streetAddress: ["ADDRESS1", "ADDRESS2", ...],

city: "...",

state: "...",

zipCode: "...",

country: "...",

phone: "...",

fax: "...",

homepage: "..."

},

license: { // can be null

level: "standard|plus|pro",

mode: "named|concurrent"

},

commerce: {

category: "",

accountID: "",

paymentMethod: "",

discount: 0

},

permissions: {

isAdministrator: true | false

},

propertyBag: [

{key: "KEY1", value: "VALUE1"},

{key: "KEY2", value: "VALUE2"},

...

],

memberships: [

{group: {"/fotoweb/groups/Everyone", ...}, direct: true},

{group: {"/fotoweb/groups/Registered%20Users", ...}, direct: true},

{group: {"/fotoweb/groups/Sales", ...}, direct: true},

{group: {"/fotoweb/groups/Employees", ...}, direct: false},

...

]

}

Attributes 

Name Type Description
href

URL (string),

links to User

 URL of the user resource. This URL can be used for requesting the user representation of the user, for updating or deleting the user and for adding or removing the user to and from groups.
username string Unique username of the user, which is used for logging in.
description string Description of the user (free-form, human-readable string)
created date (string) Date and time when user was created
modified date (string) Date and time when user was last modified (identical to created if user was never modified; never null)
registered date (string) or null Date and time when user registered (null if user did not self-register)
account.allowPasswordChange bool true if user can change password, false otherwise.
account.authenticationProvider string or null

The authentication provider for this user. Can be one of the following:

null if the user does not need authentication

"password" if the user is authenticated by FotoWeb itself

ID of an authentication provider if a custom authentication provider is used
account.externalIDs array of objects IDs of this user in external systems linked to FotoWeb through custom authentication providers. Each user can be linked to exactly one ID per distinct authentication provider.
account.externalIDs.provider string ID of the authentication provider
account.externalIDs.id string ID of the user in the external system. For example, this could be an ActiveDirectory security identifier.
account.expires date (string) or null Date and time when user expires or null if user never expires
account.isEnabled bool true if user is enabled (not locked out), false otherwise
account.lastLoginDate date (string) or null Date and time of last login or null if user never logged in
address.email email address (string) Email address of the user
address.title string Title of the user (e.g., "Dr.")
address.firstName string First (given) name of the user
address.initial string Middle initial or middle name of the user
address.lastName string Last name of the user
address.organization string Name of organization the user belongs to
address.profession string Profession of the user
address.businessType string Type of business of the user's organization
address.streetAddress array of strings Street address of the user. This is an array, where each element is a string that represents one address line.
address.city string City of the user
address.state string State or province of the user
address.zipCode string ZIP code of the user
address.country string Country of the user
address.phone string Phone number of the user
address.fax string Fax number of the user (in case you believe that fax machines and REST APIs can coexist at the same time)
address.homepage URL (string) Home page of the user
license object or null License of the user. This is null if the user does not have a valid license.
license.level string

License level of the user. Can be "standard", "plus" or "pro".

For more information, see User Types.
license.mode string

License concurrency mode of the user. Can be one of the following:

"named": The user is licensed as a named user and can always access FotoWeb.

"concurrent": The user is licensed as a concurrent user and can access FotoWeb only if there are no more concurrent users of the same type accessing the system as the system has been licensed for.
commerce.category string Customer category. This is a free-form string.
commerce.accountID string Customer account ID. This is a free-form string.
commerce.paymentMethod string Customer payment method. This is a free-form string.
commerce.discount number Customer discount
permissions.isAdministrator bool true if user is an administrative user, false otherwise
propertyBag array of objects List of custom attributes assigned to the user. Each attribute is a free-form key/value pair.
propertyBag.key string Key of the attribute. Must be unique within the property bag of the user.
propertyBag.value string Value of the attribute. This is a free-form string.
memberships array of objects List of groups that the user is directly or indirectly a member of
memberships.group object (Group) Complete information about the group
memberships.direct bool true if the user is a direct member of the group, false otherwise

Methods 

The following HTTP verbs are allowed on users:

GET 

GET url
Accept: application/vnd.fotoware.user+json

Read user information. Returns the representation described above.

PATCH

PATCH url
Content-Type: application/vnd.fotoware.user+json
{...}

Update user information. Accepts the representation described above, but fields can be omitted. Fields that are defined in the request body will not be modified. Some fields MUST NOT be defined. See the Remarks section for details.

If successful, the server sends one of the following responses:

204 No Content

if the username was not changed or

201 Created
Location: new_url

if the username was changed. Then, new_url is the new URL of the user, and the old URL is no longer valid and will return 404.

DELETE 

DELETE url

Deletes the user.

If successful, the server sends the following response:

204 No Content

The URL of the user is no longer valid and will return 404.

Remarks 

In a request to create a new user or update an existing user, the following fields cannot be set explicitly and MUST NOT be defined in the request body:

  • href
  • created
  • modified
  • registered
  • account.lastLoginDate
  • memberships.direct (not allowed when creating a user; only direct memberships can be specified)
  • memberships (not allowed when updating a user; memberships cannot be changed in a user update request)

Every user is a member of the "Everyone" group, and every user, except "Guest", is a member of the "Registered Users" group. Both of these built-in groups are listed in the memberships array.

 
 
client advocacy customer involvement

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • Users
  • Roles
  • Role Permissions (User Rights)
eco-lighthouse-miljøfyrtårn

Company

  • About us
  • Resellers
  • Careers
  • Contact us

Help & support

  • Support center
  • Consultancy
  • Tech partners
  • Fotostation
  • System status

Trust Center

  • Legal
  • Security
  • Sustainability & ESG

Locations

Fotoware AS (HQ)
Tollbugata 35
0157 OSLO
Norway
FotoWare Switzerland AG
Industriestrasse 25
5033 Buchs (AG)
Switzerland

Copyright 2025 Fotoware All rights reserved.

  • Terms of service
  • Privacy policy
  • Cookie policy

Knowledge Base Software powered by Helpjuice

Expand