User Management API

A REST API for managing users with WAF protection.

Endpoints

• GET /api/users - List all users
• GET /api/users/:id - Get user details
• DELETE /api/users/:id/lock - Remove lock from user (BLOCKED by WAF)
• GET /api/flag - Get flag (only available after admin lock is removed)

WAF Rules

The DELETE HTTP method is blocked by the Web Application Firewall.