Users

The admin users page is the main platform-level moderation surface for accounts.

It provides:

global search by name, ID, or email
role display
verification status display
impersonate action
ban and unban actions
delete action

What The List Returns

GET /api/admin/users is a paginated platform-admin endpoint.

It supports:

search
limit
offset

The current implementation searches these fields:

user name
user ID
email

Results are ordered by newest users first.

Moderation Actions

The current admin actions are:

impersonate user
ban user
unban user
delete user

These actions go through a shared admin-action helper, which means they all:

require platform_admin
validate the target route param
write an audit log

Guardrails

The shipped template blocks two obvious mistakes:

you cannot ban yourself
you cannot delete yourself

Impersonation also has a basic safety check:

you cannot impersonate an unverified user

Ban actions also support optional metadata such as:

banReason
banExpiresIn

What The UI Exposes

The users table shows:

avatar
name and ID
email
raw role string
banned or unverified status
created time

That gives platform admins enough context for basic moderation without jumping directly into the database.

Impersonation Behavior

The admin users page can also start an impersonation session for a target user.

In practice, that means a platform admin can jump into the product as that user to reproduce account-specific issues without asking for screenshots or raw database access first.

The normal flow is:

find the user in the admin users table
start impersonation from the row actions
land in the dashboard as that user
use the impersonation banner in the dashboard shell as the visual reminder that you are not in your own session

This is an operational tool, not a casual support shortcut. Use it when you need to verify permissions, broken states, missing data, or onboarding issues from the user’s point of view.