Admin API reference

Admin API Reference (2026-01-08)
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude
Connect to Cursor
Install MCP server on Cursor
Connect to VS Code
Install MCP server on VS Code

The Zephr Admin API provides RESTful access to all Zephr functionality. It is designed for server-side integrations. All requests must be signed as described in HMAC Request Signing and Key Pairs.

The Admin API uses a base URL with the following format: https://{tenantId}.api.zephr.com

Note: If you have multiple tenants, the current tenant ID is shown in a blue box in the top right of the Admin Console. If you have a single site, you can find the tenant ID by navigating to your site domains. To do this, select Sites from the Delivery menu, select your site, and then click the Site Domains button. The tenant ID is the first part of the domain. For example, if the domain is news-paper.cdn.zephr.com, the tenant ID is news.

Download OpenAPI description

index.json

index.yaml

Servers

Mock server

https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api

https://{tenantId}.api.zephr.com

Account User

Contains operations on the Account User resource.

Operations

Admin User

Contains operations on the Admin User resource.

Operations

Create an admin user

Request

Creates a new admin user.

Security

ZephrHmacHttp

Bodyapplication/json

identifiersobjectrequired

Example: {"email_address":"joe.blow@company.com"}

identifiers.email_addressstring

Example: "joe.blow@company.com"

validatorsobject

Example: {"password":"mysecurepassword123"}

curl -i -X POST \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "identifiers": {
      "email_address": "joe.blow@company.com"
    },
    "validators": {
      "password": "mysecurepassword123"
    }
  }'

Responses

Created

Bodyapplication/json

user_idstring

Example: "b859f5dd-8184-4d01-8bf9-e3e771f68a62"

messagestring

Example: "Admin user created successfully"

uristring

Example: "http://company.com/v3/admin/users/b859f5dd-8184-4d01-8bf9-e3e771f68a62"

Response

application/json

{
  "user_id": "b859f5dd-8184-4d01-8bf9-e3e771f68a62",
  "message": "Admin user created successfully",
  "uri": "http://company.com/v3/admin/users/b859f5dd-8184-4d01-8bf9-e3e771f68a62"
}

Log in to an admin user account

Request

Logs in to an admin user account.

Security

ZephrHmacHttp

Bodyapplication/json

identifiersobjectrequired

Example: {"email_address":"joe.blow@company.com"}

identifiers.email_addressstring

Example: "joe.blow@company.com"

validatorsobjectrequired

Example: {"password":"mysecurepassword123"}

validators.passwordstring

Example: "mysecurepassword123"

validators.use_ssoboolean

When this is present there should be no identifiers in the body. The user is identified through a blaize_session cookie.

curl -i -X POST \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/login \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "identifiers": {
      "email_address": "joe.blow@company.com"
    },
    "validators": {
      "password": "mysecurepassword123"
    }
  }'

Responses

Bodyapplication/json

cookiestring

Example: "blaize_admin_session=..."

messagestring

Example: "Login successful"

Response

application/json

{
  "cookie": "blaize_admin_session=...",
  "message": "Login successful"
}

Log out of the admin user account

Request

Logs out of the admin user account.

Security

ZephrHmacHttp

Headers

blaize-admin-sessionstring

e.g. (string)

Example: (string)

curl -i -X POST \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/logout \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>' \
  -H 'blaize-admin-session: (string)'

Responses

Bodyapplication/json

messagestring

Example: "Session deleted"

Response

application/json

{
  "message": "Session deleted"
}

Issue a key pair

Request

Issues a new key pair for the admin user.

Security

ZephrHmacHttp

Path

user_idstringrequired

Unique User Identifier

curl -i -X POST \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users/{user_id}/keypairs' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Created

Bodyapplication/json

secret_keystring

Example: "secret key..."

messagestring

Example: "Keypair created: you will not be able to recover the secret, so take note of it"

access_keystring

Example: "access key..."

Response

application/json

{
  "access_key": "access key...",
  "secret_key": "secret key...",
  "message": "Keypair created: you will not be able to recover the secret, so take note of it"
}

List access keys

Request

Retrieves a list of access keys for the admin user.

Security

ZephrHmacHttp

Path

user_idstringrequired

Unique User Identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users/{user_id}/keypairs' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/jsonArray [

access_keystring

Example: "access key..."

]

Response

application/json

[
  {
    "access_key": "access key..."
  }
]

Revoke a keypair

Request

Revokes a keypair.

Security

ZephrHmacHttp

Path

user_idstringrequired

Unique User identifier

access_keystringrequired

Access Key identifier

curl -i -X DELETE \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users/{user_id}/keypairs/{access_key}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json

messagestring

Example: "Keypair revoked"

Response

application/json

{
  "message": "Keypair revoked"
}

List user roles

Request

Retrieves the user roles an admin user is assigned.

Security

ZephrHmacHttp

Path

user_idstringrequired

Unique User identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users/{user_id}/roles' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/jsonArray [

emailstring

Example: "admin@company.com"

rolestring

Example: "role..."

]

Response

application/json

[
  {
    "email": "admin@company.com",
    "role": "role..."
  }
]

List user roles by tenant

Request

Retrieves the admin user's roles by tenant.

Security

ZephrHmacHttp

Path

user_idstringrequired

Unique User identifier

tenantstringrequired

Tenant identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/users/{user_id}/roles/{tenant}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/jsonArray [

emailstring

Example: "admin@company.com"

rolestring

Example: "role..."

]

Response

application/json

[
  {
    "email": "admin@company.com",
    "role": "role..."
  }
]

Create admin user roles

Request

Creates admin user roles.

Security

ZephrHmacHttp

Bodyapplication/json

emailstringrequired

Example: "admin@company.com"

rolestringrequired

Example: "role..."

curl -i -X POST \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/roles \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "admin@company.com",
    "role": "role..."
  }'

Responses

Created

Bodyapplication/json

messagestring

Example: "Admin role created successfully"

Response

application/json

{
  "message": "Admin role created successfully"
}

List admin user roles

Request

Retrieves the admin user roles by tenant.

Security

ZephrHmacHttp

curl -i -X GET \
  https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/roles \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/jsonArray [

emailstring

Example: "admin@company.com"

rolestring

Example: "role..."

role_idstring

]

Response

application/json

[
  {
    "role_id": "0123456789ABCD",
    "email": "admin@company.com",
    "role": "role..."
  }
]

Update an admin user role

Request

Updates an admin user role by ID.

Security

ZephrHmacHttp

Path

role_idstringrequired

Unique Role identifier

Bodyapplication/json

emailstringrequired

Example: "admin@company.com"

rolestringrequired

Example: "role..."

curl -i -X PUT \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/roles/{role_id}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "email": "admin@company.com",
    "role": "role..."
  }'

Responses

Bodyapplication/json

messagestring

Example: "Admin role updated successfully"

Response

application/json

{
  "message": "Admin role updated successfully"
}

Retrieve an admin user role

Request

Retrieves an admin user role.

Security

ZephrHmacHttp

Path

role_idstringrequired

Unique Role identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/roles/{role_id}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json

emailstring

Example: "admin@company.com"

rolestring

Example: "role..."

role_idstring

Response

application/json

{
  "role_id": "0123456789ABCD",
  "email": "admin@company.com",
  "role": "role..."
}

Delete an admin user role

Request

Deletes an admin user role.

Security

ZephrHmacHttp

Path

role_idstringrequired

Unique Role identifier

curl -i -X DELETE \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/roles/{role_id}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json

messagestring

Example: "Admin role deleted successfully"

Response

application/json

{
  "message": "Admin role deleted successfully"
}

Retrieve an admin user by session ID

Request

Retrieves an admin user by session ID.

Security

ZephrHmacHttp

Path

blaize_admin_session_idstringrequired

Admin User Session identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/v3/admin/sessions/{blaize_admin_session_id}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json

user_idstring

Example: "123456789ABCD"

Response

application/json

{
  "user_id": "123456789ABCD"
}

Bundle

Contains operations on the Bundle resource.

Operations

Cache Configurations

Contains operations on the Cache Configurations resource.

Operations

Cache Management

Cache Mangement.

Operations

Company

Actions on resource Company.

Operations

Component Library

Actions on resource Library Component.

Operations

Configuration

Blaize tenant configuration.

Operations

Credit

Actions on resource Credit.

Operations

Decision Engine

Operations

Email Templates

Actions on email templates.

Operations

Entitlement

Actions on resource Entitlement.

Operations

Feature Rules

Actions on resource Feature Rules.

Note: - Note: The APIs mentioned in this section support legacy Feature Rules only. Feature Rules created through the Admin Console (V4 Features) are stored in a different system and are not accessible through these APIs.

Operations

Form

Actions on resource Form.

Operations

Gifts

Operations

Grants

Actions on resource Grant.

Operations

Meter

Actions on resource Meter.

Operations

Products

Actions on resource Product.

Operations

Request Rules

Actions on resource Request Rules.

Operations

Session

Actions on resource Session.

Operations

Static Items

Actions on resource Static Item.

Operations

Third Party Authentication

Contains operations for the OAuth 2.0 Authorization Code Flow Token Exchange.

Operations

User Export

Operations

User Schema

Actions on resource User Schema.

Operations

Users

Contains operations on the User resource. Important: The Attributes object contains the custom-defined attributes for a user.

Operations

V4 Session

Actions on resource Session.

Operations

Webhook

Actions on resource Webhook.

Operations

Account

Actions on resource Account.

Operations

Health Check

Actions on Health checks.

Operations

System Resources

Actions on system resources.

Operations

External Templates

External Templates.

Accounts

Operations

Request Rules Version

Operations

Fetch external template

Request

Fetch External Template

Security

ZephrHmacHttp

Path

templateConfigIdstringrequired

Unique External Template identifier

curl -i -X GET \
  'https://developer.zuora.com/_mock/zephr-api-reference/zephr-admin-api/zephr/public/template-components/v1/template-components/{templateConfigId}' \
  -H 'Authorization: ZEPHR-HMAC-* <YOUR_TOKEN_HERE>'

Responses

Bodyapplication/json

string

Response

application/json

[
  "The template the-value::!"
]

Pages

Operations

Subscription

Operations

Admin API Reference (2026-01-08)CopyCopy for LLMCopy page as Markdown for LLMsView as MarkdownOpen this page as MarkdownOpen in ChatGPTGet insights from ChatGPTOpen in ClaudeGet insights from ClaudeConnect to CursorInstall MCP server on CursorConnect to VS CodeInstall MCP server on VS Code

Account User

Admin User

Create an admin user

RequestExpand all

Responses

Was this helpful?

Log in to an admin user account

RequestExpand all

Responses

Was this helpful?

Log out of the admin user account

Request

Responses

Was this helpful?

Issue a key pair

Request

Responses

Was this helpful?

List access keys

Request

Responses

Was this helpful?

Revoke a keypair

Request

Responses

Was this helpful?

List user roles

Request

Responses

Was this helpful?

List user roles by tenant

Request

Responses

Was this helpful?

Create admin user roles

Request

Responses

Was this helpful?

List admin user roles

Request

Responses

Was this helpful?

Update an admin user role

Request

Responses

Was this helpful?

Retrieve an admin user role

Request

Responses

Was this helpful?

Delete an admin user role

Request

Responses

Was this helpful?

Retrieve an admin user by session ID

Request

Responses

Was this helpful?

Bundle

Cache Configurations

Cache Management

Company

Component Library

Configuration

Credit

Decision Engine

Email Templates

Entitlement

Feature Rules

Form

Gifts

Grants

Meter

Products

Request Rules

Session

Static Items

Third Party Authentication

User Export

Admin API Reference (2026-01-08)
Copy for LLM
Copy page as Markdown for LLMs
View as Markdown
Open this page as Markdown
Open in ChatGPT
Get insights from ChatGPT
Open in Claude
Get insights from Claude
Connect to Cursor
Install MCP server on Cursor
Connect to VS Code
Install MCP server on VS Code

Request

Request