Better Auth in Rust

Admin

User management, banning, impersonation, and role management for administrators.

The AdminPlugin provides administrative endpoints for user management. All endpoints require an authenticated session with the admin role.

Setup

use better_auth::plugins::AdminPlugin;

let auth = BetterAuth::new(config)
    .database(database)
    .plugin(AdminPlugin::new())
    .build()
    .await?;

Configuration

use better_auth::plugins::admin::AdminConfig;

let auth = BetterAuth::new(config)
    .database(database)
    .plugin(
        AdminPlugin::new()
            .admin_role("admin")
            .default_user_role("user")
            .allow_ban_admin(false)
            .default_page_limit(100)
            .max_page_limit(500)
    )
    .build()
    .await?;
OptionTypeDefaultDescription
admin_roleString"admin"Role required to access admin endpoints
default_user_roleString"user"Default role for newly created users
allow_ban_adminboolfalseWhether admins can ban other admins
default_page_limitusize100Default users per page in list
max_page_limitusize500Maximum users per page

API Endpoints

The Admin plugin exposes 13 endpoints. All require admin role authentication. For full request/response details, see the OpenAPI Reference.

User Management

EndpointMethodDescription
/admin/create-userPOSTCreate a new user
/admin/list-usersGETList users with pagination, search, and filtering
/admin/set-rolePOSTSet a user's role
/admin/set-user-passwordPOSTReset a user's password
/admin/remove-userPOSTPermanently delete a user

Ban Management

EndpointMethodDescription
/admin/ban-userPOSTBan a user (optional reason and duration)
/admin/unban-userPOSTUnban a user

Impersonation

EndpointMethodDescription
/admin/impersonate-userPOSTCreate a session as another user
/admin/stop-impersonatingPOSTEnd impersonation, return to admin session

Session Management

EndpointMethodDescription
/admin/list-user-sessionsPOSTList all sessions for a user
/admin/revoke-user-sessionPOSTRevoke a single session
/admin/revoke-user-sessionsPOSTRevoke all sessions for a user

Permissions

EndpointMethodDescription
/admin/has-permissionPOSTCheck if current user has a permission

Errors

StatusCondition
401Not authenticated
403User does not have the admin role
404Target user not found
409Email already exists (create user)

Organization

Multi-tenancy with organizations, members, invitations, and RBAC.

API Key

Create, manage, and validate API keys with rate limiting and usage tracking.

On this page

SetupConfigurationAPI EndpointsUser ManagementBan ManagementImpersonationSession ManagementPermissionsErrors