User profile and account management endpoints. All require
Authorization: Bearer <ACCESS_TOKEN>.
Get Profile
GET
/api/v2/users/me
Returns the authenticated user's full profile including their API tokens and credit balance.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Successful Response (200 OK):
{
"user": {
"id": "uuid-here",
"email": "[email protected]",
"role": "user",
"status": "active",
"plan": "free",
"username": "myusername",
"firstName": "Jane",
"lastName": "Doe",
"createdAt": "2025-01-01T00:00:00.000Z"
},
"tokens": [
{
"id": "token-uuid",
"name": "My Token",
"token_prefix": "mcp_a3f8e2b1",
"permissions": ["encode","decode"],
"is_revoked": false,
"expires_at": null,
"last_used_at": "2026-03-30T10:00:00.000Z",
"created_at": "2025-06-01T00:00:00.000Z"
}
],
"credits": {
"balance": 450
}
}
Example cURL:
curl https://textwatermarking.com/api/v2/users/me \
-H "Authorization: Bearer <ACCESS_TOKEN>"
Update Profile
PUT
/api/v2/users/me
Updates the authenticated user's profile fields. Only include the fields you want to change.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Request Body: (all fields optional)
{
"username": "newusername",
"firstName": "Jane",
"lastName": "Smith"
}
Successful Response (200 OK):
{
"message": "Profile updated successfully.",
"user": {
"id": "uuid-here",
"username": "newusername",
"firstName": "Jane",
"lastName": "Smith"
}
}
Example cURL:
curl -X PUT https://textwatermarking.com/api/v2/users/me \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-H "Content-Type: application/json" \
-d '{"username": "newusername", "firstName": "Jane"}'
Change Password
PUT
/api/v2/users/password
Changes the authenticated user's password. Requires the current password for verification.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Request Body:
{
"currentPassword": "OldPassword123!",
"newPassword": "NewPassword456!"
}
Successful Response (200 OK):
{
"message": "Password changed successfully."
}
Example cURL:
curl -X PUT https://textwatermarking.com/api/v2/users/password \
-H "Authorization: Bearer <ACCESS_TOKEN>" \
-H "Content-Type: application/json" \
-d '{"currentPassword": "OldPassword123!", "newPassword": "NewPassword456!"}'
Get Credits
GET
/api/v2/users/credits
Returns the authenticated user's current credit balance, plan, and subscription renewal date.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Successful Response (200 OK):
{
"balance": 450,
"plan": "starter",
"subscription_status": "active",
"renews_at": "2026-04-30T00:00:00.000Z"
}
Example cURL:
curl https://textwatermarking.com/api/v2/users/credits \
-H "Authorization: Bearer <ACCESS_TOKEN>"
List API Tokens
GET
/api/v2/users/tokens
Returns all API tokens belonging to the authenticated user. The raw token value is never returned here — it is only shown once upon creation.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Successful Response (200 OK):
{
"tokens": [
{
"id": "token-uuid",
"name": "Production Key",
"token_prefix": "mcp_a3f8e2b1",
"permissions": ["encode", "decode"],
"is_revoked": false,
"expires_at": null,
"last_used_at": "2026-03-30T10:00:00.000Z",
"created_at": "2025-06-01T00:00:00.000Z"
}
]
}
Example cURL:
curl https://textwatermarking.com/api/v2/users/tokens \
-H "Authorization: Bearer <ACCESS_TOKEN>"
Delete API Token
DELETE
/api/v2/users/tokens/:tokenId
Revokes and deletes the specified API token. The token immediately stops working for watermark operations.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Path Parameters:
tokenId (string, required): The UUID of the API token to delete.
Successful Response (200 OK):
{
"message": "Token deleted successfully."
}
Example cURL:
curl -X DELETE https://textwatermarking.com/api/v2/users/tokens/token-uuid \
-H "Authorization: Bearer <ACCESS_TOKEN>"
Verify JWT Token
GET
/api/v2/users/verify
Checks whether the provided JWT access token is valid. Useful for client-side session validation.
Headers:
Authorization: Bearer <ACCESS_TOKEN>
Successful Response (200 OK):
{
"valid": true,
"userId": "uuid-here",
"role": "user"
}
Example cURL:
curl https://textwatermarking.com/api/v2/users/verify \
-H "Authorization: Bearer <ACCESS_TOKEN>"