Gap
The IDP implements a self-service "user-rights trio" plus passkeys, but none of it is documented on the docs site. features/authentication.md covers how to log in (OIDC, Nostr, tokens) but nothing about managing an account afterward.
Undocumented features (all in src/idp/):
| Feature |
Endpoint(s) |
Source issue |
| Change password |
PUT /idp/credentials |
#351 |
| Backup / export pod |
GET /idp/account/export |
#353 |
| Delete account |
DELETE /idp/account (JSON) + GET/POST /idp/account/delete (browser) |
#352 |
| Passkeys (WebAuthn) |
POST /idp/passkey/register/*, POST /idp/passkey/login/* |
— |
| Delete account (operator CLI) |
jss account delete <username> [--purge] |
— |
Proposal
Add a new features/account-management.md page (slotted after Authentication in the sidebar) with a full API endpoint reference: method, path, auth requirement, request body, response shape, and failure modes for each. Cross-link from features/authentication.md and the features overview table.
Notable behaviors worth calling out:
- Change password and delete both require re-entering
currentPassword as a re-auth proof.
- Export streams a
tar.gz (application/x-tar+gzip) of the pod tree plus a manifest.json, and intentionally includes /private/privkey.jsonld when the pod was provisioned with keys (the "Credible Exit").
DELETE /idp/account is disabled in single-user mode (would brick the server); the operator uses the jss account delete CLI instead.
Gap
The IDP implements a self-service "user-rights trio" plus passkeys, but none of it is documented on the docs site.
features/authentication.mdcovers how to log in (OIDC, Nostr, tokens) but nothing about managing an account afterward.Undocumented features (all in
src/idp/):PUT /idp/credentialsGET /idp/account/exportDELETE /idp/account(JSON) +GET/POST /idp/account/delete(browser)POST /idp/passkey/register/*,POST /idp/passkey/login/*jss account delete <username> [--purge]Proposal
Add a new
features/account-management.mdpage (slotted after Authentication in the sidebar) with a full API endpoint reference: method, path, auth requirement, request body, response shape, and failure modes for each. Cross-link fromfeatures/authentication.mdand the features overview table.Notable behaviors worth calling out:
currentPasswordas a re-auth proof.tar.gz(application/x-tar+gzip) of the pod tree plus amanifest.json, and intentionally includes/private/privkey.jsonldwhen the pod was provisioned with keys (the "Credible Exit").DELETE /idp/accountis disabled in single-user mode (would brick the server); the operator uses thejss account deleteCLI instead.