# User Management
Gophish supports having multiple user accounts. Each of these accounts are separate, with their own campaigns, landing pages, templates, etc.
Each user account in Gophish is assigned a **role**. These are global roles that describe the user's permissions within Gophish.
At the time of this writing, there are two roles:
| Role | Slug | **Description** |
| ----- | ------- | --------------------------------------------------------------------------------------------------------------------------- |
| User | `user` | A non-administrative user role. Users with this role can create objects and launch campaigns. |
| Admin | `admin` | An administrative user. Users with this role can manage system-wide settings as well as other user accounts within Gophish. |
Users have the following format:
```
{
id : int64
username : string
role : Role
modified_date : string(datetime)
}
```
Each Role has the following format:
```
{
name : string
slug : string
description : string
}
```
## Get Users
`GET` `https://localhost:3333/api/users/`
Returns a list of all user accounts in Gophish.
#### Headers
| Name | Type | Description |
| ------------- | ------ | --------------- |
| Authorization | string | A valid API key |
{% tabs %}
{% tab title="200 " %}
```javascript
[
{
"id": 1,
"username": "admin",
"role": {
"slug": "admin",
"name": "Admin",
"description": "System administrator with full permissions"
}
}
]
```
{% endtab %}
{% endtabs %}
## Get User
`GET` `https://localhost:3333/api/users/:id`
Returns a user with the given ID.
#### Path Parameters
| Name | Type | Description |
| ---- | ------- | ----------- |
| id | integer | The user ID |
#### Headers
| Name | Type | Description |
| ------------- | ------ | --------------- |
| Authorization | string | A valid API key |
{% tabs %}
{% tab title="200 " %}
```javascript
[
{
"id": 1,
"username": "admin",
"role": {
"slug": "admin",
"name": "Admin",
"description": "System administrator with full permissions"
}
}
]
```
{% endtab %}
{% tab title="404 " %}
```javascript
{
"message": "User not found",
"success": false,
"data": null
}
```
{% endtab %}
{% endtabs %}
## Create User
`POST` `https://localhost:3333/api/users/`
Creates a new user.
#### Headers
| Name | Type | Description |
| ------------- | ------ | ----------- |
| Authorization | string | |
#### Request Body
| Name | Type | Description |
| -------- | ------ | ------------------------------------ |
| role | string | The role slug to use for the account |
| password | string | The password to set for the account |
| username | string | The username for the account |
{% tabs %}
{% tab title="200 " %}
```javascript
{
"id": 2,
"username": "exampleuser",
"role": {
"slug": "user",
"name": "User",
"description": "User role with edit access to objects and campaigns"
}
```
{% endtab %}
{% tab title="400 If an invalid request is provided, an error will be returned with the following format" %}
```javascript
{
"message": "Username already taken",
"success": false,
"data": null
}
```
{% endtab %}
{% endtabs %}
## Modify User
`PUT` `https://localhost:3333/api/users/:id`
Modifies a user account. This can be used to change the role, reset the password, or change the username.
#### Path Parameters
| Name | Type | Description |
| ---- | ------ | ----------- |
| id | string | The user ID |
#### Headers
| Name | Type | Description |
| ------------- | ------ | --------------- |
| Authorization | string | A valid API key |
#### Request Body
| Name | Type | Description |
| -------- | ------ | ------------------------------------ |
| role | string | The role slug to use for the account |
| password | string | The password to set for the account |
| username | string | The username for the account |
{% tabs %}
{% tab title="200 " %}
```javascript
{
"id": 2,
"username": "exampleuser",
"role": {
"slug": "user",
"name": "User",
"description": "User role with edit access to objects and campaigns"
}
```
{% endtab %}
{% tab title="400 If an invalid request is provided, an error will be returned in the following format:" %}
```javascript
{
"message": "Username already taken",
"success": false,
"data": null
}
```
{% endtab %}
{% tab title="404 " %}
```javascript
{
"message": "User not found",
"success": false,
"data": null
}
```
{% endtab %}
{% endtabs %}
## Delete User
`DELETE` `https://localhost:3333/api/users/:id`
Deletes a user, as well as every object (landing page, template, etc.) and campaign they've created.
#### Path Parameters
| Name | Type | Description |
| ---- | ------ | ----------- |
| id | string | The user ID |
#### Headers
| Name | Type | Description |
| ------------- | ------ | --------------- |
| Authorization | string | A valid API key |
{% tabs %}
{% tab title="200 " %}
```javascript
{
"message": "User deleted Successfully!",
"success": true,
"data": null
}
```
{% endtab %}
{% tab title="404 " %}
```javascript
{
"message": "User not found",
"success": false,
"data": null
}
```
{% endtab %}
{% endtabs %}
Returns a 404 error if no user is found with the provided ID.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.getgophish.com/api-documentation/user-management.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.