Gophish supports having multiple user accounts. Each of these accounts are separate, with their own campaigns, landing pages, templates, etc.
Each user account in Gophish is assigned a role. These are global roles that describe the user's permissions within Gophish.
At the time of this writing, there are two roles:
A non-administrative user role. Users with this role can create objects and launch campaigns.
An administrative user. Users with this role can manage system-wide settings as well as other user accounts within Gophish.
Users have the following format:
{
id : int64
username : string
role : Role
modified_date : string(datetime)
}
Each Role has the following format:
{
name : string
slug : string
description : string
}
GET https://localhost:3333/api/users/
Returns a list of all user accounts in Gophish.
GET https://localhost:3333/api/users/:id
Returns a user with the given ID.
Path Parameters
POST https://localhost:3333/api/users/
Creates a new user.
The role slug to use for the account
The password to set for the account
The username for the account
PUT https://localhost:3333/api/users/:id
Modifies a user account. This can be used to change the role, reset the password, or change the username.
Path Parameters
The role slug to use for the account
The password to set for the account
The username for the account
DELETE https://localhost:3333/api/users/:id
Deletes a user, as well as every object (landing page, template, etc.) and campaign they've created.
Path Parameters
Returns a 404 error if no user is found with the provided ID.
