User Management
User Management
Manage your pharmacy team — add staff members, assign roles, and control access permissions. Keep your operations secure with role-based access.
List Provider Users
View all users associated with your pharmacy.
# Get all team membersgetProviderProfiles()Response:
{ "users": [ { "id": "USER-123", "name": "Dr. Sarah Johnson", "email": "sarah@greencrosspharmacy.com", "phone": "+2348012345678", "role": "admin", "permissions": ["all"], "status": "active", "lastLogin": "2026-04-18T08:30:00Z", "createdAt": "2025-01-15T10:00:00Z" }, { "id": "USER-124", "name": "Michael Adeyemi", "email": "michael@greencrosspharmacy.com", "phone": "+2348098765432", "role": "pharmacist", "permissions": ["orders", "customers", "formulary"], "status": "active", "lastLogin": "2026-04-18T09:15:00Z", "createdAt": "2025-03-20T11:00:00Z" }, { "id": "USER-125", "name": "Grace Okonkwo", "email": "grace@greencrosspharmacy.com", "phone": "+2348055555555", "role": "staff", "permissions": ["orders", "customers"], "status": "active", "lastLogin": "2026-04-17T16:45:00Z", "createdAt": "2025-06-10T09:30:00Z" } ], "total": 5, "roles": { "admin": 1, "pharmacist": 2, "staff": 2 }}Create New User
Add a new team member to your pharmacy.
# Create new staff accountcreateProviderUser({ name: "Emmanuel Chukwu", email: "emmanuel@greencrosspharmacy.com", phone: "+2348077777777", role: "pharmacist", branchId: "BR-123"})Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
name | string | Yes | Full name |
email | string | Yes | Email address |
phone | string | Yes | Phone number |
role | string | Yes | User role (see below) |
branchId | string | No | Assigned branch |
Response:
{ "success": true, "userId": "USER-126", "message": "User created successfully", "tempPassword": "TempPass123!", "inviteSent": true, "createdAt": "2026-04-18T14:00:00Z"}User Roles
| Role | Permissions | Best For |
|---|---|---|
admin | Full access | Pharmacy owners, managers |
pharmacist | Orders, customers, formulary | Licensed pharmacists |
staff | Orders, customers | Sales assistants |
accountant | Analytics, wallet, reports | Finance team |
viewer | Read-only access | Auditors, consultants |
Update User
Modify user details or change roles.
# Update user informationupdateProviderUser({ userId: "USER-124", role: "admin", branchId: "BR-124", status: "active"})Deactivate User
Disable a user’s access without deleting their account.
# Deactivate user accountdeactivateProviderUser({ userId: "USER-125", reason: "Employment ended"})Reactivate User
Re-enable a deactivated user.
# Reactivate user accountreactivateProviderUser({ userId: "USER-125"})Delete User
Permanently remove a user from your pharmacy.
# Delete user accountdeleteProviderUser({ userId: "USER-125", transferDataTo: "USER-123" // optional: transfer orders/data})Reset Password
Reset a user’s password.
# Reset user passwordresetProviderUserPassword({ userId: "USER-124", notifyUser: true})Response:
{ "success": true, "tempPassword": "NewTemp456!", "userNotified": true}Custom Permissions
Assign specific permissions beyond role defaults:
# Set custom permissionssetProviderUserPermissions({ userId: "USER-124", permissions: [ "orders", "customers", "formulary", "analytics:read" ]})Available Permissions:
| Permission | Description |
|---|---|
all | Full system access |
orders | Create, view, update orders |
customers | Manage customer records |
formulary | Manage product catalog |
analytics:read | View reports (read-only) |
analytics:write | Create and export reports |
wallet | View and manage finances |
users | Manage team members |
settings | Change pharmacy settings |
Activity Logs
Track user actions for audit purposes.
# Get user activity logsgetProviderUserActivity({ userId: "USER-124", startDate: "2026-04-01", endDate: "2026-04-30"})Response:
{ "activities": [ { "action": "order_created", "details": "Created order ORD-789 for customer CUST-123", "timestamp": "2026-04-18T10:30:00Z", "ip": "192.168.1.100" }, { "action": "customer_updated", "details": "Updated customer CUST-124 phone number", "timestamp": "2026-04-18T09:15:00Z", "ip": "192.168.1.100" } ]}Example: Team Management
# Step 1: View current teamgetProviderProfiles()# → Shows all users and their roles
# Step 2: Add new pharmacistcreateProviderUser({ name: "Emmanuel Chukwu", email: "emmanuel@greencrosspharmacy.com", phone: "+2348077777777", role: "pharmacist", branchId: "BR-123"})# → User created with temp password
# Step 3: Update permissionssetProviderUserPermissions({ userId: "USER-126", permissions: ["orders", "customers", "formulary", "analytics:read"]})
# Step 4: Check activitygetProviderUserActivity({ userId: "USER-126", startDate: "2026-04-01" })# → Shows user's actionsSecurity Best Practices
- Principle of least privilege — Give minimum necessary permissions
- Regular audits — Review user access quarterly
- Strong passwords — Require complex passwords
- Two-factor authentication — Enable 2FA for admin users
- Deactivate promptly — Remove access when staff leave