aboutsummaryrefslogtreecommitdiff

title: Supported admin APIs parent: Administration nav_order: 4 permalink: /administration/adminapi


{% include deprecation.html %}

Supported admin APIs

Dendrite supports, at present, a very small number of endpoints that allow admin users to perform administrative functions. Please note that there is no API stability guarantee on these endpoints at present — they may change shape without warning.

More endpoints will be added in the future.

Endpoints may be used directly through curl:

curl --header "Authorization: Bearer <access_token>" -X <POST|GET|PUT> <Endpoint URI> -d '<Request Body Contents>'

An access_token can be obtained through most Element-based matrix clients by going to Settings -> Help & About -> Advanced -> Access Token. Be aware that an access_token allows a client to perform actions as an user and should be kept secret.

The user must be an administrator in the userapi_accounts table in order to use these endpoints.

Existing user accounts can be set to administrative accounts by changing account_type to 3 in userapi_accounts

UPDATE userapi_accounts SET account_type = 3 WHERE localpart = '$localpart';

Where $localpart is the username only (e.g. alice).

POST /_dendrite/admin/evacuateRoom/{roomID}

This endpoint will instruct Dendrite to part all local users from the given roomID in the URL. It may take some time to complete. A JSON body will be returned containing the user IDs of all affected users.

If the room has an alias set (e.g. is published), the room's ID will not be visible in the URL, but it can be found as the room's "internal ID" in Element Web (Settings -> Advanced)

POST /_dendrite/admin/evacuateUser/{userID}

This endpoint will instruct Dendrite to part the given local userID in the URL from all rooms which they are currently joined. A JSON body will be returned containing the room IDs of all affected rooms.

POST /_dendrite/admin/resetPassword/{userID}

Reset the password of a local user.

If logout_devices is set to true, all access_tokens will be invalidated, resulting in the potential loss of encrypted messages

Request body format:

{
    "password": "new_password_here",
    "logout_devices": false
}

GET /_dendrite/admin/fulltext/reindex

This endpoint instructs Dendrite to reindex all searchable events (m.room.message, m.room.topic and m.room.name). An empty JSON body will be returned immediately. Indexing is done in the background, the server logs every 1000 events (or below) when they are being indexed. Once reindexing is done, you'll see something along the lines Indexed 69586 events in 53.68223182s in your debug logs.

POST /_dendrite/admin/refreshDevices/{userID}

This endpoint instructs Dendrite to immediately query /devices/{userID} on a federated server. An empty JSON body will be returned on success, updating all locally stored user devices/keys. This can be used to possibly resolve E2EE issues, where the remote user can't decrypt messages.

POST /_dendrite/admin/purgeRoom/{roomID}

This endpoint instructs Dendrite to remove the given room from its database. It does NOT remove media files. Depending on the size of the room, this may take a while. Will return an empty JSON once other components were instructed to delete the room.

POST /_synapse/admin/v1/send_server_notice

Request body format:

{
    "user_id": "@target_user:server_name",
    "content": {
       "msgtype": "m.text",
       "body": "This is my message"
    }
}

Send a server notice to a specific user. See the Matrix Spec for additional details on server notice behaviour. If successfully sent, the API will return the following response:

{
     "event_id": "<event_id>"
}

GET /_synapse/admin/v1/register

Shared secret registration — please see the user creation page for guidance on configuring and using this endpoint.

GET /_matrix/client/v3/admin/whois/{userId}

From the Matrix Spec. Gets information about a particular user. userId is the full user ID (e.g. @alice:domain.com)