protect unlock api endpoint
All checks were successful
continuous-integration/drone/push Build is passing
All checks were successful
continuous-integration/drone/push Build is passing
This commit is contained in:
10
README.md
10
README.md
@@ -62,7 +62,7 @@ WantedBy=multi-user.target
|
||||
## API
|
||||
|
||||
### Unlock
|
||||
POST `/api/unlock`
|
||||
POST `/api/admin/unlock`
|
||||
|
||||
Data
|
||||
```
|
||||
@@ -71,11 +71,13 @@ Data
|
||||
}
|
||||
```
|
||||
|
||||
If the SECRETS_KEY environment variable is not defined, this API call to unlock stored secrets must be performed after initial startup of SMT. Storing/retrieval of secrets will not succeed until this API call has been made.
|
||||
If the SECRETS_KEY environment variable is not defined, this API call to unlock stored secrets must be performed after initial startup of SMT. Storing/retrieval of secrets will not succeed until this API call has been made.
|
||||
|
||||
This API call can only be made once after the service has started. Subsequent calls will receive an error until the service is restarted.
|
||||
|
||||
### User Operations
|
||||
|
||||
#### Register
|
||||
#### Register User
|
||||
POST `/api/admin/user/register`
|
||||
|
||||
Data
|
||||
@@ -89,7 +91,7 @@ Data
|
||||
|
||||
This operation can only be performed by a user with a role that is admin enabled. There are 3 built in roles, which can be viewed via the `/api/admin/roles` endpoint.
|
||||
|
||||
#### Remove Users
|
||||
#### Remove User
|
||||
POST `/api/admin/user/delete`
|
||||
|
||||
Data
|
||||
|
||||
Reference in New Issue
Block a user