User API

Users who have can_access_user_api permission (which can be activated for a user by TrialGrid Ltd staff on request) have access to the user API endpoints which can be used to list and modify user records in the TrialGrid system.

The API only provides access to users in the same Organization as the user making the request. You cannot update users who belong to other Organizations.

Reading user information

The API provides a number of endpoints for listing Urls, Projects, Project Roles and users. See the API documentation for more information.

Writing user information

The API provides endpoints for updating user information.

Important

A user with can_access_user_api has access to ALL users within their Organization and can use the endpoints described here to modify users. It is similar to Admin role in Medidata Rave.

/api/v2/user_project_invite/email/

This endpoint takes a JSON payload containing the user email address and the names of the url, project and project role to be assigned to the user. This endpoint is exactly the same as using the invite user functionality from the Project Team page.

If the user does not exist then they will be created and the system will send the user an invite.

If the user already exists in the system but has not yet claimed their account then they will be sent another invite.

If the user already exists in the system and has an active account they will be sent an email notification that they have been invited to this Project.

If the user exists and has previously claimed their account but the account is inactive then their account will be re-activated so that they can log in but their password will be changed to a random string. They will be notified that their account has been reactivated and that they must change their password before they can log in via email. The user should use the forgot password functionality to reset their password if they are using standard authentication - if the user is activated for Single Sign On (SSO) then they will be able to log in immediately via SSO.

/api/v2/deactivate_user/email/

This endpoint takes a JSON payload containing the user email address. It will:

  • Remove all Project Roles from the user

  • Remove the user from all URLs in the TrialGrid system

  • Remove the user as owner from any Project where they are set as owner

  • Deactivate the user so they cannot log in

Note that you cannot deactivate a user who does not belong to your organization.

/api/v2/remove_user_from_project/email/

This endpoint takes a JSON payload containing the user email address and the names of the url and project the user should be removed from. It will remove the user Project Role from that Project (if any) but does not remove the user from being the owner of the project if they are set as the owner. It also does not remove them from the URL so they may have ongoing read-only access to the Project if it is set to allow it via the "All users in URL can view" setting.

See the API documentation for more information.