Accounts API

Authentication

Endpoint

Method

Permission

Description

/api/v1/auth/login/

POST

Any

Obtain JWT access + refresh tokens. Body: {phone, password}

/api/v1/auth/refresh/

POST

Any

Refresh access token. Body: {refresh}

/api/v1/auth/me/

GET

Authenticated

Get current user profile with role, zone, team memberships

Users

Endpoint

Method

Permission

Description

/api/v1/users/

GET

central_ops

List users. Filters: role, zone, is_available, search

/api/v1/users/

POST

central_ops

Create user. Body: {username, phone, email, role, zone, password}

/api/v1/users/{id}/

GET

central_ops, self

Get user detail with team memberships

/api/v1/users/{id}/

PATCH

central_ops, self (limited)

Update user. Self can update: phone, email. Central Ops can update: role, zone, is_available

Teams

Endpoint

Method

Permission

Description

/api/v1/teams/

GET

central_ops, field_team

List teams. Filters: zone, team_type, is_active

/api/v1/teams/

POST

central_ops

Create team. Body: {name, zone, team_type}

/api/v1/teams/{id}/

GET

central_ops, field_team (own)

Get team detail with members

/api/v1/teams/{id}/

PATCH

central_ops

Update team details

/api/v1/teams/{id}/

DELETE

central_ops

Deactivate team (soft delete)

/api/v1/teams/{id}/members/

GET

central_ops, field_team (own)

List team members

/api/v1/teams/{id}/members/

POST

central_ops

Add member. Body: {user, role_in_team}

/api/v1/teams/{id}/members/{user_id}/

DELETE

central_ops

Remove member from team

Zones

Endpoint

Method

Permission

Description

/api/v1/zones/

GET

Authenticated

List active zones. Filters: state, is_active

/api/v1/zones/

POST

central_ops

Create zone. Body: {name, state}

/api/v1/zones/{id}/

PATCH

central_ops

Update zone (name, state, is_active)