Secure API for complete user administration. CRUD operations, role-based model, JWT authentication and bcrypt hashing — everything for secure access control to monitoring and web interfaces.
Why centralized user management is essential
Without a unified system, it's unclear who has access to monitoring and databases. Everyone creates their own accounts.
Storing passwords without hashing is a direct path to system compromise in case of database leak.
All users have the same rights. Impossible to separate administrators, managers and viewers.
Who created the user? When did they last login? Who changed the role? Without a system — no answers.
Employee left — need to manually find all their accounts across all systems. Often forgotten.
Weak passwords, duplicate usernames, invalid emails — without validation the database fills with garbage.
Complete user management cycle through a single API
Create new users with full validation and secure password hashing.
Get list of all users with complete data, sorted by creation date.
Modify any user fields, including secure password change and roles.
Permanently delete user from the system with operation confirmation.
Three access levels for different user types
Full access to all system functions. Can manage users, settings and data.
Extended access for managers. Can view data and manage content.
Basic view-only access. Can see dashboards and reports without editing.
Multi-layer access protection
Authentication via JSON Web Token. Every request is checked for token presence and validity.
Passwords are stored as bcrypt hashes using PostgreSQL crypt() and gen_salt('bf') functions.
All user management operations require admin role. HTTP 403 for unauthorized requests.
Username check (min. 3 chars, lowercase), password (min. 6 chars), email and other field validation.
Username uniqueness guaranteed at database level. Impossible to create two identical users.
All actions are logged: creation, modification, deletion of users with timestamps.
8 fields for a complete profile
Single entry point for all web interfaces
Access control for AI agent monitoring dashboards, dialog statistics and analytics.
Access management for the web interface of AI knowledge base vector editing.
Access to Bitrix24, KommoCRM and other CRM system integration settings.
Email system settings management, templates and follow-up campaigns.
Access to GDPR functions: data export, deletion, audit reports for regulators.
AI self-learning system management: improvement approval, validation settings.
Why a unified user management system
One API for access management to all web interfaces and monitoring systems.
Create, modify, block user — all through a single API request.
JWT + bcrypt + role checking — three levels of protection against unauthorized access.
When created, when logged in, who changed — complete history for each user.
REST API easily integrates with any web interface or external system.
Data stored in reliable PostgreSQL with indexes, constraints and UUID keys.
Key system parameters