The Admin Control System provides comprehensive management capabilities for user administration, platform analytics, sales & affiliate management, financial controls, and system administration.
All admin endpoints require authentication via JWT token and admin role.
Authorization: Bearer <jwt_token>
X-2FA-Token: <totp_token> # Required for sensitive operations
X-Impersonation-Token: <session_token> # For impersonation mode
X-Password-Confirmation: <password> # For sensitive operations
- admin: Super admin with full access
- moderator: Limited admin access (read-only for sensitive operations)
GET /api/admin/users/searchQuery Parameters:
email(optional): Filter by email (partial match)username(optional): Filter by username (partial match)registrationDateFrom(optional): Filter by registration dateregistrationDateTo(optional): Filter by registration datesubscriptionTier(optional): Filter by tier (free, starter, pro, enterprise)status(optional): Filter by status (active, suspended)page(optional): Page number (default: 1)limit(optional): Items per page (default: 20)sortBy(optional): Sort field (default: created_at)sortOrder(optional): Sort order (ASC, DESC, default: DESC)
Response:
{
"users": [
{
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"role": "user",
"subscription_tier": "pro",
"is_suspended": false,
"created_at": "2024-01-01T00:00:00Z"
}
],
"pagination": {
"page": 1,
"limit": 20,
"totalCount": 100,
"totalPages": 5
}
}GET /api/admin/users/:idResponse:
{
"user": {
"id": 1,
"email": "user@example.com",
"name": "John Doe",
"tier": "pro",
"subscription_status": "active",
"credit_balance": 100.0,
"is_suspended": false,
"suspension": null
}
}POST /api/admin/users/:id/suspendRequires: 2FA
Request Body:
{
"reason": "Violation of terms of service",
"notes": "Detailed explanation..."
}POST /api/admin/users/:id/activateRequires: 2FA
Request Body:
{
"reason": "Appeal accepted"
}GET /api/admin/users/:id/analytics?period=30dQuery Parameters:
period(optional): 7d, 30d, 90d (default: 30d)
Response:
{
"resourceMetrics": [
{
"metric_type": "cpu",
"total": 100.5,
"average": 3.5,
"unit": "hours",
"date": "2024-01-01"
}
],
"apiUsage": {
"total_requests": 1000,
"avg_response_time": 120.5,
"error_count": 10
},
"projects": {
"total_projects": 5
}
}POST /api/admin/users/:id/impersonateRequires: Super Admin, 2FA
Request Body:
{
"reason": "Support ticket #12345"
}Response:
{
"sessionToken": "abc123...",
"message": "Impersonation session started",
"expiresIn": "1 hour"
}POST /api/admin/users/:id/impersonate/endRequest Body:
{
"sessionToken": "abc123..."
}POST /api/admin/users/bulk/emailRequires: Super Admin, 2FA
Request Body:
{
"subject": "Important Update",
"body": "Email content...",
"template": "announcement",
"filters": {
"subscriptionTier": "pro",
"status": "active"
}
}POST /api/admin/users/bulk/creditsRequires: Super Admin, 2FA
Request Body:
{
"amount": 50.0,
"reason": "Promotional credit",
"userIds": [1, 2, 3]
}POST /api/admin/users/:id/subscription/overrideRequires: 2FA
Request Body:
{
"tier": "enterprise",
"amount": 99.0,
"reason": "Custom enterprise deal"
}GET /api/admin/analytics/active-usersResponse:
{
"activeUsers": 150,
"activeSessions": 200,
"concurrentDeployments": 45,
"activeProjects": 320,
"timestamp": "2024-01-01T12:00:00Z"
}GET /api/admin/analytics/revenue?period=12mResponse:
{
"mrr": "50000.00",
"arr": "600000.00",
"growthRate": "15.50",
"trends": [
{
"month": "2024-01-01",
"new_subscriptions": 25,
"revenue": "5000.00"
}
],
"subscriptionDistribution": [
{
"tier": "pro",
"count": 100,
"revenue": "30000.00"
}
],
"currency": "USD"
}GET /api/admin/analytics/churnResponse:
{
"monthlyChurn": [
{
"month": "2024-01-01",
"churned_users": 10,
"total_active": 500,
"churn_rate": "2.00"
}
],
"cancellationReasons": [
{
"cancellation_reason": "too_expensive",
"count": 15,
"percentage": "45.00"
}
],
"cohortAnalysis": [
{
"cohortMonth": "2024-01-01",
"users": 100,
"retainedUsers": 85,
"retentionRate": "85.00"
}
]
}GET /api/admin/analytics/resources?period=24hResponse:
{
"metrics": [
{
"metric_type": "cpu",
"time_bucket": "2024-01-01 12:00:00",
"total": 1000.5,
"average": 50.5,
"peak": 100.0,
"unit": "cores"
}
],
"containers": [
{
"status": "running",
"count": 150
}
],
"totalStorage": 5000.0,
"totalBandwidth": 10000.0
}GET /api/admin/analytics/templatesResponse:
{
"topTemplates": [
{
"name": "React + TypeScript",
"language": "javascript",
"framework": "react",
"usage_count": 500,
"project_count": 450
}
],
"languageDistribution": [
{
"language": "javascript",
"count": 1000,
"percentage": "45.00"
}
],
"frameworkDistribution": [
{
"framework": "react",
"count": 500,
"percentage": "50.00"
}
]
}GET /api/admin/analytics/geographyResponse:
{
"countries": [
{
"country_code": "US",
"country_name": "United States",
"user_count": 500,
"percentage": "50.00"
}
],
"regions": [
{
"region": "California",
"user_count": 200
}
],
"timezones": [
{
"timezone": "America/Los_Angeles",
"user_count": 150
}
]
}GET /api/admin/analytics/performance?period=24hResponse:
{
"apiPerformance": [
{
"endpoint": "/api/projects",
"request_count": 5000,
"avg_response_time": 120.5,
"p50_latency": 100.0,
"p95_latency": 250.0,
"p99_latency": 500.0,
"error_count": 10
}
],
"overall": {
"avg_p50": 100.0,
"avg_p95": 250.0,
"avg_p99": 500.0,
"avg_error_rate": 0.2
},
"databasePerformance": []
}GET /api/admin/analytics/summaryResponse:
{
"users": {
"total_users": 1000,
"new_users_30d": 50,
"active_users": 950
},
"projects": {
"total_projects": 5000,
"new_projects_30d": 250,
"running_projects": 150
},
"subscriptions": {
"total_subscriptions": 500,
"monthly_revenue": "50000.00"
},
"deployments": {
"total_deployments": 10000,
"deployments_24h": 150,
"avg_deployment_time": 120.5
},
"timestamp": "2024-01-01T12:00:00Z"
}POST /api/admin/affiliatesRequest Body:
{
"userId": 1,
"commissionType": "percentage",
"commissionValue": 20.0,
"tierConfig": {
"tiers": [
{ "threshold": 1000, "rate": 15 },
{ "threshold": 5000, "rate": 20 }
]
}
}GET /api/admin/affiliates?status=active&page=1&limit=20GET /api/admin/affiliates/:idResponse:
{
"affiliate": {
"id": 1,
"affiliate_code": "ABC12345",
"commission_type": "percentage",
"commission_value": 20.0,
"status": "active"
},
"stats": {
"total_referrals": 50,
"conversions": 25,
"total_revenue": "5000.00",
"total_commissions": "1000.00"
},
"recentReferrals": []
}PUT /api/admin/affiliates/:idRequest Body:
{
"commissionType": "tiered",
"commissionValue": 25.0,
"status": "active"
}POST /api/admin/affiliates/discount-codesRequest Body:
{
"code": "SUMMER2024",
"type": "percentage",
"value": 20.0,
"affiliateId": 1,
"usageLimit": 100,
"minPurchaseAmount": 50.0,
"applicableTiers": ["pro", "enterprise"],
"expiresAt": "2024-12-31T23:59:59Z"
}GET /api/admin/affiliates/discount-codes/list?isActive=trueGET /api/admin/affiliates/payouts?status=pendingPOST /api/admin/affiliates/payoutsRequires: 2FA
Request Body:
{
"affiliateId": 1,
"amount": 500.0,
"method": "stripe_connect",
"scheduledAt": "2024-01-15T00:00:00Z"
}POST /api/admin/affiliates/payouts/:id/processRequires: 2FA
Request Body:
{
"providerPayoutId": "po_abc123"
}GET /api/admin/affiliates/dashboardResponse:
{
"stats": {
"total_affiliates": 100,
"active_affiliates": 85,
"total_referrals": 500,
"total_conversions": 250,
"total_revenue": "50000.00",
"total_commissions_owed": "10000.00",
"total_commissions_paid": "8000.00"
},
"topPerformers": [],
"pendingPayouts": "2000.00"
}GET /api/admin/financial/reconciliation?startDate=2024-01-01&endDate=2024-01-31Response:
{
"platformRevenue": [
{
"total_revenue": "50000.00",
"transaction_count": 500,
"currency": "USD"
}
],
"refunds": [
{
"total_refunds": "1000.00",
"refund_count": 10,
"currency": "USD"
}
],
"subscriptionRevenue": [],
"period": {
"startDate": "2024-01-01",
"endDate": "2024-01-31"
}
}GET /api/admin/financial/subscriptions?status=active&tier=pro&page=1&limit=20POST /api/admin/financial/subscriptions/:id/upgradeRequires: 2FA
Request Body:
{
"newTier": "enterprise",
"newAmount": 199.0,
"reason": "Custom enterprise deal"
}POST /api/admin/financial/subscriptions/:id/cancelRequires: 2FA
Request Body:
{
"reason": "User request",
"immediate": true
}POST /api/admin/financial/subscriptions/:id/pauseRequires: 2FA
Request Body:
{
"pauseStartsAt": "2024-02-01T00:00:00Z",
"pauseEndsAt": "2024-03-01T00:00:00Z"
}GET /api/admin/financial/refunds?status=pending&page=1&limit=20POST /api/admin/financial/refundsRequires: 2FA
Request Body:
{
"userId": 1,
"invoiceId": 100,
"amount": 50.0,
"type": "partial",
"reason": "service_issue",
"reasonDetails": "Downtime on 2024-01-15"
}POST /api/admin/financial/refunds/:id/processRequires: 2FA
Request Body:
{
"providerRefundId": "re_abc123"
}GET /api/admin/financial/tax-configPOST /api/admin/financial/tax-configRequires: 2FA
Request Body:
{
"countryCode": "US",
"stateCode": "CA",
"taxType": "sales_tax",
"rate": 8.5,
"effectiveFrom": "2024-01-01",
"effectiveTo": "2024-12-31"
}GET /api/admin/financial/payment-retryPOST /api/admin/financial/payment-retry/:userId/triggerRequires: 2FA
GET /api/admin/system/health?period=1hResponse:
{
"aggregated": [
{
"server_id": "web-01",
"avg_cpu": 45.5,
"max_cpu": 80.0,
"avg_memory": 60.0,
"max_memory": 85.0,
"avg_disk": 50.0,
"status": "healthy"
}
],
"latest": []
}GET /api/admin/system/database-poolResponse:
{
"pool": {
"totalConnections": 20,
"idleConnections": 15,
"waitingClients": 0
},
"performance": {
"total_queries": 10000,
"avg_response_time": 50.5,
"max_response_time": 500.0
}
}GET /api/admin/system/containers?period=1hResponse:
{
"pods": [
{
"status": "Running",
"count": 50,
"avg_cpu": 45.5,
"avg_memory": 60.0
}
],
"nodes": [],
"topRestarts": []
}GET /api/admin/system/deployment-queue?status=pendingPOST /api/admin/system/deployment-queue/:id/retryPOST /api/admin/system/deployment-queue/:id/cancelGET /api/admin/system/announcements?isActive=truePOST /api/admin/system/announcementsRequires: Super Admin
Request Body:
{
"title": "Scheduled Maintenance",
"message": "We will be performing maintenance on...",
"type": "maintenance",
"severity": "high",
"displayLocations": ["dashboard", "editor"],
"startsAt": "2024-01-15T00:00:00Z",
"endsAt": "2024-01-15T04:00:00Z"
}PUT /api/admin/system/announcements/:idRequires: Super Admin
GET /api/admin/system/feature-flagsPOST /api/admin/system/feature-flagsRequires: Super Admin, 2FA
Request Body:
{
"name": "new_editor",
"description": "New code editor with AI features",
"isEnabled": false,
"rolloutPercentage": 10,
"targetSegments": ["pro", "enterprise"],
"metadata": {}
}PUT /api/admin/system/feature-flags/:idRequires: Super Admin, 2FA
Request Body:
{
"isEnabled": true,
"rolloutPercentage": 50,
"changeReason": "Gradual rollout to 50%"
}GET /api/admin/system/rate-limitsPOST /api/admin/system/rate-limitsRequires: Super Admin, 2FA
Request Body:
{
"userId": 1,
"limitType": "user",
"requestsPerMinute": 100,
"requestsPerHour": 5000,
"requestsPerDay": 100000
}POST /api/admin/system/cdn/purgeRequires: Super Admin, 2FA
Request Body:
{
"operationType": "purge_url",
"targetPattern": "/static/*",
"urls": ["https://cdn.example.com/static/app.js"]
}All endpoints may return the following error responses:
{
"error": "Authentication required"
}{
"error": "Admin access required"
}{
"error": "Resource not found"
}{
"error": "Rate limit exceeded",
"retryAfter": 60
}{
"error": "Failed to process request"
}Configure allowed IP addresses for admin access in environment variables:
ADMIN_ALLOWED_IPS=192.168.1.1,10.0.0.1
Sensitive operations (marked with Requires: 2FA) require a valid TOTP token:
X-2FA-Token: 123456All admin actions are automatically logged with:
- User ID
- Action performed
- Resource affected
- IP address
- Timestamp
- Success/failure status
Admin sessions automatically timeout after 30 minutes of inactivity.
Default rate limits for admin endpoints:
- 100 requests per minute
- 5000 requests per hour
Higher limits can be configured per admin user.