API Managed Users

  • Updated on Jun 12, 2025
  • 1 minute(s) read
Prev Next
In Beta

This feature is in beta for select customers. Contact your CSM for more information. 

API Managed Users is a feature that allows external systems to create, view, and update user information in Restaurant365 (R365) using the Public API. This functionality is ideal for organizations who need to integrate R365 user data into their own systems and manage user records programmatically.

Key Functionality

API Access allows developers to:

  • View existing users (User GET)

    • Returns existing users and includes their general information, user roles, report roles, and location access.

  • View existing User Roles (User Role GET)

    • Returns existing User Roles and their IDs, but does not include the assigned permissions.

  • View existing Report Roles (Report Role GET)

    • Returns existing Report Roles and their IDs, but does not include the assigned reports.

  • Update existing users (User PATCH)

    • Updates existing users including updates to their general information, user roles, report roles and location access.

  • Create new users (User POST)

    • Creates new user records and sets the values for their general information, user roles, report roles and location access.

Setup Requirements

To manage users via API, the following must be in place:

  • API access and authentication to R365 Public API.

  • User creation and update requests must include:

    • Username

    • Email

    • Default Location (as a GUID)

    • Assigned User Role ID

  • For reporting access, appropriate reporting roles must be assigned.

  • Developers must implement paging for large datasets and avoid overloading the system with frequent or overly broad queries.

API Behavior Notes

  • If a user has allLocationAccess = true, location details will not be returned in the user data.

  • If allReportsAcess = true, report role details will not be returned.

  • When no external locations are assigned, the externallocations array will be omitted (not returned as empty).

    • External locations only apply to corporate brand owners who use Brand Manager and are linked to franchisee instances.

      This field is not applicable to organizations outside of this configuration.

  • Duplicate users (email or username match) will result in a conflict error (409).

  • Invalid or missing data (e.g., malformed email, missing roles) will return appropriate validation errors.

Brand Considerations

For corporate brand instances using Brand Manager, the ManagedByBrand value is automatically assigned based on the brand linked to the instance. This ensures all API-created users are correctly associated and managed under their brand.