user_api
Security covered
The User API module provides a comprehensive REST API for managing user accounts in Drupal, offering enhanced functionality beyond core user operations.
Key Features
- Advanced user registration endpoint with improved capabilities compared to core
- Endpoints to set (change) or unset user password
- Endpoints to cancel the user account
- Endpoints to change the email address
- High Security due to requiring a external verification factor in API request for modifying operations
Available Endpoints
- /user-api/register - Enhanced user account creation
- /user-api/register/resend-email - Resend the registration email
- /user-api/set-password/init - Send set password email
- /user-api/set-password - Set the password if verified
- /user-api/cancel-account/init - Send the cancel account email
- /user-api/cancel-account - Cancel the account if verified
- /user-api/set-email/init - Send a confirmation email to new email. Optionally sends notification to existing email.
- /user-api/set-email - Change the email address if verified
- /user-api/unset-password/init - Send email of password removal
- /user-api/unset-password - Remove password from account if verified
Integration
Seamlessly integrates with the Verification API module to ensure secure handling of sensitive account operations through external factors, like Link in E-Mail, Magic-Code, etc.