API Reference

Staff

Staff and moderation administration endpoints.

Lists role definitions, permissions, and assignment metadata for the role manager.

Authentication

Admin session.

Modes: logged-in user, API key

API key: staff:read

Permissions or Scopes

manage_role_definitions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/roles"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/roles', {
  method: 'GET',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.get('https://playroom.date/api/admin/roles', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "roles": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

GET /api/admin/roles

curl Equivalent

curl "https://playroom.date/api/admin/roles"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "roles": []
  },
  "error": null
}

Creates a role definition.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_role_definitions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
namebodyYesRole name, 2-50 characters.
levelbodyYesRole hierarchy level, 1-100.
colorbodyNoOptional hex color, for example #5865f2.
enforceWhitelistedRolesbodyNoWhether assignment is limited to whitelisted roles.
assignableRolesbodyNoRole IDs this role may assign.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X POST -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"name":"example-name","level":1,"color":"example-color","enforceWhitelistedRoles":true,"assignableRoles":[]}' "https://playroom.date/api/admin/roles"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/roles', {
  method: 'POST',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "name": "example-name",
    "level": 1,
    "color": "example-color",
    "enforceWhitelistedRoles": true,
    "assignableRoles": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.post('https://playroom.date/api/admin/roles', headers=headers, json={"name": "example-name", "level": 1, "color": "example-color", "enforceWhitelistedRoles": True, "assignableRoles": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

POST /api/admin/roles

Request Payload

{
  "name": "",
  "level": "",
  "assignableRoles": []
}

curl Equivalent

curl -X POST -H "Content-Type: application/json" -d '{"name":"","level":"","assignableRoles":[]}' "https://playroom.date/api/admin/roles"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Updates role metadata, hierarchy, assignable roles, or permissions.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_role_definitions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
roleIdbodyYesRole ID to update.
namebodyNoUpdated role name.
colorbodyNoUpdated hex color.
levelbodyNoUpdated role hierarchy level.
enforceWhitelistedRolesbodyNoWhether assignment is limited to whitelisted roles.
assignableRolesbodyNoRole IDs this role may assign.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X PUT -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"roleId":"role_id","name":"example-name","color":"example-color","level":1,"enforceWhitelistedRoles":true,"assignableRoles":[]}' "https://playroom.date/api/admin/roles"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/roles', {
  method: 'PUT',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "roleId": "role_id",
    "name": "example-name",
    "color": "example-color",
    "level": 1,
    "enforceWhitelistedRoles": true,
    "assignableRoles": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.put('https://playroom.date/api/admin/roles', headers=headers, json={"roleId": "role_id", "name": "example-name", "color": "example-color", "level": 1, "enforceWhitelistedRoles": True, "assignableRoles": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

PUT /api/admin/roles

Request Payload

{
  "roleId": "",
  "assignableRoles": []
}

curl Equivalent

curl -X PUT -H "Content-Type: application/json" -d '{"roleId":"","assignableRoles":[]}' "https://playroom.date/api/admin/roles"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Updates role ordering/hierarchy.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_role_definitions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
orderedRoleIdsbodyYesRole IDs in desired order.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X PATCH -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"orderedRoleIds":[]}' "https://playroom.date/api/admin/roles"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/roles', {
  method: 'PATCH',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "orderedRoleIds": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.patch('https://playroom.date/api/admin/roles', headers=headers, json={"orderedRoleIds": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "roles": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

PATCH /api/admin/roles

Request Payload

{
  "orderedRoleIds": []
}

curl Equivalent

curl -X PATCH -H "Content-Type: application/json" -d '{"orderedRoleIds":[]}' "https://playroom.date/api/admin/roles"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "roles": []
  },
  "error": null
}

Deletes a role definition when hierarchy rules allow it.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_role_definitions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
roleIdbodyYesRole ID to delete.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X DELETE -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"roleId":"role_id"}' "https://playroom.date/api/admin/roles"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/roles', {
  method: 'DELETE',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "roleId": "role_id"
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.delete('https://playroom.date/api/admin/roles', headers=headers, json={"roleId": "role_id"})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

DELETE /api/admin/roles

Request Payload

{
  "roleId": ""
}

curl Equivalent

curl -X DELETE -H "Content-Type: application/json" -d '{"roleId":""}' "https://playroom.date/api/admin/roles"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "role": []
  },
  "error": null
}

Lists permission definitions and dependencies.

Authentication

Admin session.

Modes: logged-in user, API key

API key: staff:read

Permissions or Scopes

manage_permissions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/permissions"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/permissions', {
  method: 'GET',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.get('https://playroom.date/api/admin/permissions', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "permissions": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

GET /api/admin/permissions

curl Equivalent

curl "https://playroom.date/api/admin/permissions"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "permissions": []
  },
  "error": null
}

Replaces a role permission set after dependency validation.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_permissions

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
roleIdbodyYesRole ID to update.
permissionsbodyYesComplete permission list for the role.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X PUT -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"roleId":"role_id","permissions":[]}' "https://playroom.date/api/admin/permissions"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/permissions', {
  method: 'PUT',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "roleId": "role_id",
    "permissions": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.put('https://playroom.date/api/admin/permissions', headers=headers, json={"roleId": "role_id", "permissions": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "permissions": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

PUT /api/admin/permissions

Request Payload

{
  "roleId": "",
  "permissions": []
}

curl Equivalent

curl -X PUT -H "Content-Type: application/json" -d '{"roleId":"","permissions":[]}' "https://playroom.date/api/admin/permissions"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "permissions": []
  },
  "error": null
}

Lists configured communities and caller moderation access.

Authentication

Admin session.

Modes: logged-in user, API key

API key: staff:read

Permissions or Scopes

manage_communities or assigned community access

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/communities"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/communities', {
  method: 'GET',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.get('https://playroom.date/api/admin/communities', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "communities": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

GET /api/admin/communities

curl Equivalent

curl "https://playroom.date/api/admin/communities"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "communities": []
  },
  "error": null
}

Creates a community and its role/user access rules.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_communities

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
namebodyYesCommunity name.
iconUrlbodyNoOptional icon URL.
isDefaultbodyNoWhether this is the default community.
allowedRoleIdsbodyNoAllowed role IDs.
allowedUserIdsbodyNoAllowed user IDs.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X POST -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"name":"example-name","iconUrl":"example-iconUrl","isDefault":true,"allowedRoleIds":[],"allowedUserIds":[]}' "https://playroom.date/api/admin/communities"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/communities', {
  method: 'POST',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "name": "example-name",
    "iconUrl": "example-iconUrl",
    "isDefault": true,
    "allowedRoleIds": [],
    "allowedUserIds": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.post('https://playroom.date/api/admin/communities', headers=headers, json={"name": "example-name", "iconUrl": "example-iconUrl", "isDefault": True, "allowedRoleIds": [], "allowedUserIds": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

POST /api/admin/communities

Request Payload

{
  "name": "",
  "allowedRoleIds": [],
  "allowedUserIds": []
}

curl Equivalent

curl -X POST -H "Content-Type: application/json" -d '{"name":"","allowedRoleIds":[],"allowedUserIds":[]}' "https://playroom.date/api/admin/communities"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Updates community metadata and allowlists.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_communities

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
idbodyYesCommunity ID to update.
namebodyYesCommunity name.
iconUrlbodyNoOptional icon URL.
isDefaultbodyNoWhether this is the default community.
allowedRoleIdsbodyNoAllowed role IDs.
allowedUserIdsbodyNoAllowed user IDs.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X PUT -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"id":"resource_id","name":"example-name","iconUrl":"example-iconUrl","isDefault":true,"allowedRoleIds":[],"allowedUserIds":[]}' "https://playroom.date/api/admin/communities"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/communities', {
  method: 'PUT',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "id": "resource_id",
    "name": "example-name",
    "iconUrl": "example-iconUrl",
    "isDefault": true,
    "allowedRoleIds": [],
    "allowedUserIds": []
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.put('https://playroom.date/api/admin/communities', headers=headers, json={"id": "resource_id", "name": "example-name", "iconUrl": "example-iconUrl", "isDefault": True, "allowedRoleIds": [], "allowedUserIds": []})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

PUT /api/admin/communities

Request Payload

{
  "id": "",
  "name": "",
  "allowedRoleIds": [],
  "allowedUserIds": []
}

curl Equivalent

curl -X PUT -H "Content-Type: application/json" -d '{"id":"","name":"","allowedRoleIds":[],"allowedUserIds":[]}' "https://playroom.date/api/admin/communities"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Deletes a community configuration when allowed.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_communities

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
idbodyYesCommunity ID to delete.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X DELETE -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"id":"resource_id"}' "https://playroom.date/api/admin/communities"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/communities', {
  method: 'DELETE',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "id": "resource_id"
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.delete('https://playroom.date/api/admin/communities', headers=headers, json={"id": "resource_id"})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

DELETE /api/admin/communities

Request Payload

{
  "id": ""
}

curl Equivalent

curl -X DELETE -H "Content-Type: application/json" -d '{"id":""}' "https://playroom.date/api/admin/communities"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "community": []
  },
  "error": null
}

Rebuilds suspected-alt clusters from stored identity signals.

Authentication

Admin session + CSRF or actor-linked API key.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

manage_settings

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X POST -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/recompute-alts"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/recompute-alts', {
  method: 'POST',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.post('https://playroom.date/api/admin/recompute-alts', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "alts": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

POST /api/admin/recompute-alts

curl Equivalent

curl -X POST "https://playroom.date/api/admin/recompute-alts"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "alts": []
  },
  "error": null
}

Sets or resets a user password from the admin panel.

Authentication

Admin session + CSRF or actor-linked API key.

Modes: logged-in user, API key

API key: users:write

Permissions or Scopes

set_password

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
userIdbodyYesUser ID.
newPasswordbodyYesNew password, at least 8 characters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X POST -H "Authorization: Bearer prapi_your_key" -H "Content-Type: application/json" -d '{"userId":"user_id","newPassword":"password123"}' "https://playroom.date/api/admin/users/set-password"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/users/set-password', {
  method: 'POST',
  headers: {
    "Authorization": "Bearer prapi_your_key",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({
    "userId": "user_id",
    "newPassword": "password123"
  }),
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.post('https://playroom.date/api/admin/users/set-password', headers=headers, json={"userId": "user_id", "newPassword": "password123"})
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "user": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

POST /api/admin/users/set-password

Request Payload

{
  "userId": "",
  "newPassword": ""
}

curl Equivalent

curl -X POST -H "Content-Type: application/json" -d '{"userId":"","newPassword":""}' "https://playroom.date/api/admin/users/set-password"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "user": []
  },
  "error": null
}

Lists soft-deleted or restored accounts with pagination and search.

Authentication

Admin session.

Modes: logged-in user, API key

API key: staff:read

Permissions or Scopes

view_users

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
pagequeryNoPage number for paginated results.
pageSizequeryNoRequested page size where supported by the endpoint.
searchqueryNoUsername, email, account ID, or deletion reason search.
statusqueryNosoft_deleted or restored.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/removed-accounts"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/removed-accounts', {
  method: 'GET',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.get('https://playroom.date/api/admin/removed-accounts', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "users": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

Request

GET /api/admin/removed-accounts?page=1&pageSize=20

curl Equivalent

curl "https://playroom.date/api/admin/removed-accounts?page=1&pageSize=20"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "users": []
  },
  "error": null
}

Restores a retained soft-deleted account.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

delete_users

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X PATCH -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/removed-accounts"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/removed-accounts', {
  method: 'PATCH',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.patch('https://playroom.date/api/admin/removed-accounts', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "user": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

PATCH /api/admin/removed-accounts

curl Equivalent

curl -X PATCH "https://playroom.date/api/admin/removed-accounts"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "user": []
  },
  "error": null
}

Permanently erases a soft-deleted account after explicit confirmation.

Authentication

Admin session + CSRF.

Modes: logged-in user, API key

API key: staff:write

Permissions or Scopes

delete_users

Request Headers

HeaderValueDescription
Cookiesession=<session_cookie>Session cookie set by the login flow.
x-csrf-token<csrfToken>Required for mutating session-authenticated requests.
Content-Typeapplication/jsonRequired when sending a JSON body.
AuthorizationBearer prapi_your_keyPreferred API-key header. Never send API keys in URLs.
x-api-keyprapi_your_keyAlternative API-key header.
x-api-tokenprapi_your_keyLegacy API-key header kept for backward compatibility.

Parameters

NameInRequiredDescription
No path, query, or body parameters.

Validation

  • Request parameters and JSON payloads are validated server-side.
  • Mutating session-authenticated requests require CSRF validation.
  • Permission checks run before privileged data is returned or modified.

Errors

400 Invalid input, missing parameters, or validation failure.

401 Authentication is missing or invalid.

403 The authenticated principal lacks the required permission or scope.

404 The requested resource was not found.

500 Unexpected server error.

Rate Limits

No endpoint-specific public rate limit is documented. Authentication and abuse controls still apply.

Examples and Try It

Request examples, sample output, and the live tester below apply only to this endpoint.

cURL

curl -X DELETE -H "Authorization: Bearer prapi_your_key" "https://playroom.date/api/admin/removed-accounts"

JavaScript / TypeScript

const response = await fetch('https://playroom.date/api/admin/removed-accounts', {
  method: 'DELETE',
  headers: {
    "Authorization": "Bearer prapi_your_key"
  },
});
const data = await response.json();

Python

import requests

headers = {"Authorization": "Bearer prapi_your_key"}
response = requests.delete('https://playroom.date/api/admin/removed-accounts', headers=headers)
print(response.json())

Example Output

{
  "success": true,
  "data": {
    "deletion": []
  },
  "error": null
}

Try It

Checking sign-in state...

Auth: No authentication

This request has no editable path, query, or body fields.

Request

DELETE /api/admin/removed-accounts

curl Equivalent

curl -X DELETE "https://playroom.date/api/admin/removed-accounts"
Sample Response

Sample Response Body

{
  "success": true,
  "data": {
    "deletion": []
  },
  "error": null
}