Admin API

Endpoints for managing users, teams, skills, and organization settings.

Organization Settings

Get Settings

GET/api/admin/settingsAuth: Session

Get organization settings (Admin only).

Response (200):

json

{
  "organization": {
    "id": "uuid",
    "name": "Acme Corp",
    "slug": "acme-corp",
    "timezone": "America/New_York",
    "settings": {
      "serviceLevelTarget": 80,
      "serviceLevelThreshold": 20
    }
  }
}

Update Settings

PUT/api/admin/settingsAuth: Session

Update organization settings (Admin only).

Request Body:

json

{
  "name": "Acme Corporation",
  "timezone": "America/Chicago",
  "settings": {
    "serviceLevelTarget": 85,
    "serviceLevelThreshold": 20
  }
}

User Management

List Users

GET/api/admin/usersAuth: Session

List all users in the organization (Admin only).

Query Parameters:

Parameter	Type	Required	Description
`status`	string	Optional	Filter: "active", "inactive"
`role`	string	Optional	Filter: "admin", "supervisor", "agent"
`teamId`	string	Optional	Filter by team
`search`	string	Optional	Search by name or email

Response (200):

json

{
  "users": [
    {
      "id": "uuid",
      "email": "john@example.com",
      "firstName": "John",
      "lastName": "Doe",
      "role": "agent",
      "status": "active",
      "employee": {
        "id": "uuid",
        "employeeNumber": "EMP001",
        "teamName": "Sales"
      }
    }
  ]
}

Create User

POST/api/admin/usersAuth: Session

Create a new user (Admin only).

Request Body:

json

{
  "email": "jane@example.com",
  "firstName": "Jane",
  "lastName": "Smith",
  "role": "agent",
  "password": "optional-password",
  "employee": {
    "employeeNumber": "EMP002",
    "teamId": "uuid",
    "employmentType": "full_time",
    "weeklyHoursTarget": 40
  }
}

Update User

PUT/api/admin/users/:idAuth: Session

Update a user (Admin only).

Deactivate User

DELETE/api/admin/users/:idAuth: Session

Deactivate a user (soft delete, Admin only).

Team Management

List Teams

GET/api/admin/teamsAuth: Session

Get all teams.

Query Parameters:

Parameter	Type	Required	Description
`includeMembers`	boolean	Optional	Include team member list

Response (200):

json

{
  "teams": [
    {
      "id": "uuid",
      "name": "Sales Team",
      "supervisorId": "uuid",
      "supervisorName": "John Manager",
      "memberCount": 12
    }
  ]
}

Create Team

POST/api/admin/teamsAuth: Session

Create a new team (Admin only).

Request Body:

json

{
  "name": "Support Team",
  "supervisorId": "uuid",
  "parentTeamId": null
}

Skill Management

List Skills

GET/api/admin/skillsAuth: Session

Get all skills.

Query Parameters:

Parameter	Type	Required	Description
`category`	string	Optional	Filter by category

Response (200):

json

{
  "skills": [
    {
      "id": "uuid",
      "name": "Billing",
      "description": "Handle billing inquiries",
      "category": "technical",
      "proficiencyLevels": ["beginner", "intermediate", "advanced", "expert"]
    }
  ]
}

Create Skill

POST/api/admin/skillsAuth: Session

Create a skill (Admin only).

Request Body:

json

{
  "name": "Technical Support",
  "description": "Handle technical issues",
  "category": "technical",
  "proficiencyLevels": ["beginner", "intermediate", "advanced", "expert"]
}

Assign Skill to Employee

POST/api/admin/skills/assignmentsAuth: Session

Assign a skill to an employee.

Request Body:

json

{
  "employeeId": "uuid",
  "skillId": "uuid",
  "proficiencyLevel": "expert"
}

API Key Management

List API Keys

GET/api/admin/api-keysAuth: Session

List API keys (masked, Admin only).

Response (200):

json

{
  "apiKeys": [
    {
      "id": "uuid",
      "name": "ACD Integration",
      "keyPreview": "nwfm_...abc",
      "permissions": ["import:agent-states"],
      "status": "active",
      "lastUsedAt": "2026-01-29T10:00:00Z",
      "createdAt": "2026-01-01T00:00:00Z"
    }
  ]
}

Create API Key

POST/api/admin/api-keysAuth: Session

Create an API key (Admin only).

Request Body:

json

{
  "name": "ACD Integration",
  "permissions": ["import:agent-states", "import:historical"]
}

The full API key is only shown once in the response. Store it securely.

Response (201):

json

{
  "success": true,
  "apiKey": {
    "id": "uuid",
    "name": "ACD Integration",
    "key": "nwfm_abc123xyz789..."
  }
}

Revoke API Key

PATCH/api/admin/api-keys/:idAuth: Session

Revoke an API key.

Request Body:

json

{
  "action": "revoke"
}

Audit Logs

GET/api/admin/audit-logsAuth: Session

Get audit logs (Admin only).

Query Parameters:

Parameter	Type	Required	Description
`limit`	number	Optional	Max results (default 50)
`offset`	number	Optional	Pagination offset
`action`	string	Optional	Filter by action type

Response (200):

json

{
  "logs": [
    {
      "id": "uuid",
      "userId": "uuid",
      "userName": "John Admin",
      "action": "user.created",
      "details": { "email": "new@example.com" },
      "ipAddress": "192.168.1.1",
      "createdAt": "2026-01-29T10:00:00Z"
    }
  ],
  "total": 1250
}