Search Organization Users By Organization Id And Roles Search Term Using POST
Search all users who have at least one of the specified roles and/or resource.
Search by resource can be exact match or by resource starting with given term. At most one of the filters resource or resourceStartsWith may be provided.
For all users found by these search criteria the result contains all users roles, no matter if they are part of the search criteria or not.
To search by resource starting with given term provide resourceStartsWith.
If resource is empty then unscoped role assignments will be returned.
When role is provided and resource is null all role assignments will be returned.
When filterResults flag is true the result is filtered by search parameters from the request: resource, resourceStartsWith and roles names.
In this case the result contains just the roles that match the search criteria.
Paginated results - by default start index of results is 1 and default number of search results per page is 200.
Searching access restricted to Organization Owners, Read-only operators and Service Owners (for organizations that have access to the service).
Access Policy
| Role | User Accounts | Service Accounts (Client Credentials Applications) |
|---|---|---|
| Organization Admin | ✔️ | ✔️ |
| Organization Owner | ✔️ | ✔️ |
| Project Admin | ✔️ | ✔️ |
Unique identifier (GUID) of the organization.
Indicates if the response should be filtered by search parameters from the request: resource, resourceStartsWith and roles names (default: false).
"SearchUsersByRolesRequest Object"Indicates if the response should be expanded with the user profile (default: false).
Defines the roles properties which are used for search.
Resource to search for resource-scoped role assignments.
Resource to search for resource-scoped role assignments starting with given term. This field is deprecated. Consider using "resource" along with "searchType".
Defines the searching capability of the "resource" field value.
Maximum number to return in response. Default value is 200.
Start index for querying. Default value is 1.
The string to be searched within email or firstName or lastName or username.Max search length is 120 characters. If it contains space separated terms, then the searchTerm is matched against possible firstName and lastName combinations. This search term is case insensitive.
Indicates if the inherited roles in the response should indicate group information (default: false).
Indicates if the response should exclude the roles of the user (default: false).
OK
{
"itemsPerPage": 25,
"totalResults": 2000,
"startIndex": 5,
"results": [
{
"user": {
"firstName": "string",
"lastName": "string",
"userProfile": {
"locale": "string",
"language": "string",
"alternativeEmail": "string"
},
"userId": "string",
"email": "string",
"acct": "string",
"domain": "string",
"accessible": false,
"username": "string",
"idpId": "string"
},
"organizationRoles": [
{
"displayName": "string",
"name": "string",
"resource": "string",
"createdBy": "string",
"lastUpdatedDate": "string",
"expiresAt": 3609941597,
"groups": [
{
"domain": "string",
"displayName": "string",
"id": "string",
"ownerOrgId": "string",
"sharedOrgIds": [
"string"
],
"groupType": "string",
"usersCount": 0,
"description": "string"
}
],
"createdDate": "string",
"membershipType": "string",
"groupIds": [
"string"
],
"lastUpdatedBy": "string"
}
],
"serviceRoles": [
{
"serviceRoleNames": [
"string"
],
"serviceDefinitionId": "string",
"serviceRoles": [
{
"name": "string",
"resource": "string",
"createdBy": "string",
"lastUpdatedBy": "string",
"expiresAt": 3609941597,
"groups": [
{
"domain": "string",
"displayName": "string",
"id": "string",
"ownerOrgId": "string",
"sharedOrgIds": [
"string"
],
"groupType": "string",
"usersCount": 0,
"description": "string"
}
],
"createdDate": "string",
"membershipType": "string",
"groupIds": [
"string"
],
"lastUpdatedDate": "string"
}
]
}
],
"customRoles": [
{
"name": "string",
"resource": "string",
"createdBy": "string",
"lastUpdatedBy": "string",
"expiresAt": 3609941597,
"groups": [
{
"domain": "string",
"displayName": "string",
"id": "string",
"ownerOrgId": "string",
"sharedOrgIds": [
"string"
],
"groupType": "string",
"usersCount": 0,
"description": "string"
}
],
"createdDate": "string",
"membershipType": "string",
"groupIds": [
"string"
],
"lastUpdatedDate": "string"
}
],
"orgId": "string"
}
]
}Number of items per page.
Total number of results if available
Start index of the results.
Partial list of returned results.
At least one role search term must be specified
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
The user is not authorized to use the API
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
The user is forbidden to use the API
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
Organization with this identifier is not found.
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
The request could not be processed due to a conflict
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
The user has sent too many requests
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
An unexpected error has occurred while processing the request
"CspErrorResponse Object"cspErrorCode
message
errorCode
requestId
moduleCode
statusCode
curl -X POST -H 'Authorization: <value>' -H 'Content-Type: application/json' -d '[{}]' https://{api_host}/csp/gateway/am/api/orgs/{orgId}/users/search