Returns all User resources.
GET/Users
This endpoint returns all User resources. There are attributes marked as 'returned only by request', such as roles, which must be provided as part of the attributes query parameter in order to be included in the response.
Request
Query Parameters
Allows for query filters according to RFC-7644, Section 3.4.2.2 - not all operations are supported.
Allows sorting the results by a resource's attributes.
Default value: ascending
Determines what order to sort results in.
Default value: 1
Determines the starting index of the result set.
Default value: 1000
Specifies the number of results per page.
A comma-separated list of attributes to return in the response. This query parameter supersedes excludedAttributes, so providing the same attribute(s) to both will result in the attribute(s) being returned.
A comma-separated list of attributes to exclude from the response. Some attributes cannot be excluded.
Responses
- 200
Returns all SCIM User resources.
- application/json
- application/scim+json
- Schema
- Example (from schema)
Schema
- Array [
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
- ]
Number of User resources returned
The starting index of the resource set list. Can be specified with startIndex query parameter.
SCIM Schema used for response.
Resources undefined[]
IdentityIQ id of the User.
Unique identifier for the User. Typically used to directly authenticate to the service provider. Each User MUST include a non-empty userName value. This identifier MUST be unique across the entire set of Users. Cannot be changed.
name
The components of the User’s real name. Providers may return just the full name as a single string in the formatted sub-attribute, or they MAY return just the individual component attributes using the other sub-attributes, or they MAY return both. If both variants are returned, they SHOULD be describing the same name, with the formatted name indicating how the component attributes should be combined.
The full name, including all middle names, titles, and suffixes as appropriate, formatted for display.
The family name of the User, or Last Name in most Western languages
The given name of the User, or First Name in most Western languages
The name of the User, suitable for display to end-users. The name should be the full name of the User being described.
The type of the User, identifying the relationship between the organization and the User.
A Boolean value indicating the User’s administrative status.
emails undefined[]
Email addresses for the user. The value SHOULD be canonicalized by the Service Provider, e.g., [email protected] instead of [email protected]. Canonical Type values of work, home, and other.
Type of email address (work, home, other).
Canonicalized email address.
A Boolean value indicating the primary e-mail address. The primary attribute value 'true' MUST appear no more than once.
urn:ietf:params:scim:schemas:sailpoint:1.0:User object
Additional attributes of the User.
accounts undefined[]
Simple representation of the Account (or Link) ResourceType.
The display name of the Account.
The id of the SCIM resource representing the Account.
The URI of the SCIM resource representing the Account.
entitlements undefined[]
Entitlements of the User. Returned in response only if requested using the 'attributes' query parameter.
The value of the Entitlement.
The display name of the Entitlement.
The type of Entitlement (Entitlement, Permission, etc.).
The name of the Application this Entitlement applies to.
The account this Entitlement was sourced from.
The URI of the SCIM resource representing the Entitlement.
roles undefined[]
Roles of the User. Returned only if requested. Returned in response only if requested using the 'attributes' query parameter.
The value of the Role.
The display name of the Role.
The type of Role (IT, Business, etc.).
Indicates how this Role was acquired. Assigned or Detected.
The name of the Application where this Role came from.
The name of the Account this Role was sourced from.
The URI of the SCIM resource representing the Role.
Capabilities assigned to this User.
Composite Risk Score of this User.
A Boolean value that determines if this User is a manager.
administrator
The Administrator of the RPA or Service Account. This attribute is only applicable if the User type is RPA/Bots or Service.
The display name of the Administrator of RPA user or Service account.
The id of the SCIM resource representing the Administrator of RPA user or Service account.
The URI of the SCIM resource representing the Administrator of RPA user or Service Account.
The software version of the RPA/Bots.
Employee id associated with this User.
Distinguished name for this User.
The region this User is assigned to.
regionOwner
The User who owns the region that this resource (User) belongs to.
Display name of the region owner.
The id of the region owner.
URI reference of the region owner resource.
The location this User is assigned to.
locationOwner object
The User who owns the location that this resource (User) belongs to.
Display name of the location owner.
The id of the location owner.
URI reference to the location owner resource.
Department this User is assigned to.
Cost centers this User is associated with.
Job title given to this User.
Datetime representation of the last refresh for this User.
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
Enterprise User Schema. Contains the manager of the User.
manager
Manager of the User.
Display name of the User's manager.
The id of the SCIM resource representing the User’s manager.
The URI of the SCIM resource representing the User’s manager.
meta
Metadata of the resource.
Datetime this resource was created.
The location of the resource.
Datetime the resource was last modified.
The version of the resource.
The SCIM resource type.
The schemas involved in the SCIM resource.
{
"totalResults": "18,",
"startIndex": 1,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"id": "c0b4568a4fe7458c434ee77d1fbt156b",
"userName": "Mock.User",
"name": {
"formatted": "Ms. Barbara J Jensen, III",
"familyName": "Jensen",
"givenName": "Barbara"
},
"displayName": "Barbara Jensen",
"userType": "employee",
"active": true,
"emails": [
{
"type": "work",
"value": "[email protected]",
"primary": "true"
}
],
"urn:ietf:params:scim:schemas:sailpoint:1.0:User": {
"accounts": [
{
"displayName": "Bob.Smith",
"value": "c0a7778b7ef71e79817ee74e6a1f0444",
"$ref": "http://localhost:8080/iiq/scim/v2/Accounts/c0a7778b7ef71e79817ee74e6a1f0444"
}
],
"entitlements": [
{
"value": "groupmbr",
"display": "HelpDesk",
"type": "Permission",
"application": "ADMockApp",
"accountName": "CN=Barbara Jensen,OU=Taipei,OU=Asia-Pacific,DC=example,DC=com",
"$ref": "http://localhost:8080/iiq/scim/v2/Entitlements/c0a7777a7f74744d817e74fc12362c67"
}
],
"roles": [
{
"value": "detectedRoles",
"display": "User - IT",
"type": "it",
"acquired": "Assigned",
"application": "Active_Directory",
"accountName": "CN=Barbara Jensen,OU=Taipei,OU=Asia-Pacific,DC=example,DC=com",
"$ref": "http://localhost:8080/iiq/scim/v2/Roles/c0a7777a7f74744d817e74fc12362c67"
}
],
"capabilities": "[\"SystemAdministrator\"]",
"riskScore": 125,
"isManager": false,
"administrator": {
"displayName": "Bob Smith",
"value": "c0a7777a7f74744d817e74fc12362c67O",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0a7777a7f74744d817e74fc12362c67"
},
"softwareVersion": "7.3",
"empId": "1b2a3c",
"dn": "cn=Bob Smith,ou=services",
"region": "Americas",
"regionOwner": {
"displayName": "Joe Smith",
"value": "c0b4568a4fe7458c434ee77d1fbt156b",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0b4568a4fe7458c434ee77d1fbt156b"
},
"location": "Singapore",
"locationOwner": {
"displayName": "Bob Smith",
"value": "c0a7778b7ef71e79817ee74e6a1f0444",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0a7778b7ef71e79817ee74e6a1f0444"
},
"Department": "Regional Operations",
"costcenter": [
"CC01",
"DD02"
],
"jobtitle": "Internal Audit Manager",
"lastRefresh": "2024-05-02T16:11:15.835Z"
},
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"manager": {
"displayName": "Bob Smith",
"value": "c7a7347a7fe71e69077ee75f5d1f1237",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c7a7347a7fe71e69077ee75f5d1f1237"
}
},
"meta": {
"created": "2022-02-11T01:34:04.074-05:00",
"location": "http://localhost:8080/iiq/scim/v2/Users/c0b4568a4fe7458c434ee77d1fbt156b",
"lastModified": "2022-02-11T01:08:45.866-05:00",
"version": "W\"1644561244074\"",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:sailpoint:1.0:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
]
}
]
}
- Schema
- Example (from schema)
Schema
- Array [
- Array [
- ]
- Array [
- ]
- Array [
- ]
- Array [
- ]
- ]
Number of User resources returned.
The starting index of the resource set list. Can be specified with startIndex query parameter.
SCIM Schema used for response.
Resources undefined[]
The SCIM resources returned for this endpoint.
IdentityIQ id of the User.
Unique identifier for the User. Typically used to directly authenticate to the service provider. Each User MUST include a non-empty userName value. This identifier MUST be unique across the entire set of Users. Cannot be changed.
name
The components of the User’s real name. Providers may return just the full name as a single string in the formatted sub-attribute, or they MAY return just the individual component attributes using the other sub-attributes, or they MAY return both. If both variants are returned, they SHOULD be describing the same name, with the formatted name indicating how the component attributes should be combined.
The full name, including all middle names, titles, and suffixes as appropriate, formatted for display.
The family name of the User, or Last Name in most Western languages
The given name of the User, or First Name in most Western languages
The name of the User, suitable for display to end-users. The name should be the full name of the User being described.
The type of the User, identifying the relationship between the organization and the User.
A Boolean value indicating the User’s administrative status.
emails undefined[]
Email addresses for the user. The value SHOULD be canonicalized by the Service Provider, e.g., [email protected] instead of [email protected]. Canonical Type values of work, home, and other.
Type of email address (work, home, other).
Canonicalized email address.
A Boolean value indicating the primary e-mail address. The primary attribute value 'true' MUST appear no more than once.
urn:ietf:params:scim:schemas:sailpoint:1.0:User object
Additional attributes of the User.
accounts undefined[]
Simple representation of the Account (or Link) ResourceType.
The display name of the Account.
The id of the SCIM resource representing the Account.
The URI of the SCIM resource representing the Account.
entitlements undefined[]
Entitlements of the User. Returned in response only if requested using the 'attributes' query parameter.
The value of the Entitlement.
The display name of the Entitlement.
The type of Entitlement (Entitlement, Permission, etc.).
The name of the Application this Entitlement applies to.
The account this Entitlement was sourced from.
The URI of the SCIM resource representing the Entitlement.
roles undefined[]
Roles of the User. Returned only if requested. Returned in response only if requested using the 'attributes' query parameter.
The value of the Role.
The display name of the Role.
The type of Role (IT, Business, etc.).
Indicates how this Role was acquired. Assigned or Detected.
The name of the Application where this Role came from.
The name of the Account this Role was sourced from.
The URI of the SCIM resource representing the Role.
Capabilities assigned to this User.
Composite Risk Score of this User.
A Boolean value that determines if this User is a manager.
administrator
The Administrator of the RPA or Service Account. This attribute is only applicable if the User type is RPA/Bots or Service.
The display name of the Administrator of RPA user or Service account.
The id of the SCIM resource representing the Administrator of RPA user or Service account.
The URI of the SCIM resource representing the Administrator of RPA user or Service Account.
The software version of the RPA/Bots.
Employee id associated with this User.
Distinguished name for this User.
The region this User is assigned to.
regionOwner
The User who owns the region that this resource (User) belongs to.
Display name of the region owner.
The id of the region owner.
URI reference of the region owner resource.
The location this User is assigned to.
locationOwner object
The User who owns the location that this resource (User) belongs to.
Display name of the location owner.
The id of the location owner.
URI reference to the location owner resource.
Department this User is assigned to.
Cost centers this User is associated with.
Job title given to this User.
Datetime representation of the last refresh for this User.
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
Enterprise User Schema. Contains the manager of the User.
manager
Manager of the User.
Display name of the User's manager.
The id of the SCIM resource representing the User’s manager.
The URI of the SCIM resource representing the User’s manager.
meta
Metadata of the resource.
Datetime this resource was created.
The location of the resource.
Datetime the resource was last modified.
The version of the resource.
The SCIM resource type.
The schemas involved in the SCIM resource.
{
"totalResults": "1500,",
"startIndex": 1,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"id": "c0b4568a4fe7458c434ee77d1fbt156b",
"userName": "Mock.User",
"name": {
"formatted": "Ms. Barbara J Jensen, III",
"familyName": "Jensen",
"givenName": "Barbara"
},
"displayName": "Barbara Jensen",
"userType": "employee",
"active": true,
"emails": [
{
"type": "work",
"value": "[email protected]",
"primary": "true"
}
],
"urn:ietf:params:scim:schemas:sailpoint:1.0:User": {
"accounts": [
{
"displayName": "Bob.Smith",
"value": "c0a7778b7ef71e79817ee74e6a1f0444",
"$ref": "http://localhost:8080/iiq/scim/v2/Accounts/c0a7778b7ef71e79817ee74e6a1f0444"
}
],
"entitlements": [
{
"value": "groupmbr",
"display": "HelpDesk",
"type": "Permission",
"application": "ADMockApp",
"accountName": "CN=Barbara Jensen,OU=Taipei,OU=Asia-Pacific,DC=example,DC=com",
"$ref": "http://localhost:8080/iiq/scim/v2/Entitlements/c0a7777a7f74744d817e74fc12362c67"
}
],
"roles": [
{
"value": "detectedRoles",
"display": "User - IT",
"type": "it",
"acquired": "Assigned",
"application": "Active_Directory",
"accountName": "CN=Barbara Jensen,OU=Taipei,OU=Asia-Pacific,DC=example,DC=com",
"$ref": "http://localhost:8080/iiq/scim/v2/Roles/c0a7777a7f74744d817e74fc12362c67"
}
],
"capabilities": "[\"SystemAdministrator\"]",
"riskScore": 125,
"isManager": false,
"administrator": {
"displayName": "Bob Smith",
"value": "c0a7777a7f74744d817e74fc12362c67O",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0a7777a7f74744d817e74fc12362c67"
},
"softwareVersion": "7.3",
"empId": "1b2a3c",
"dn": "cn=Bob Smith,ou=services",
"region": "Americas",
"regionOwner": {
"displayName": "Joe Smith",
"value": "c0b4568a4fe7458c434ee77d1fbt156b",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0b4568a4fe7458c434ee77d1fbt156b"
},
"location": "Singapore",
"locationOwner": {
"displayName": "Bob Smith",
"value": "c0a7778b7ef71e79817ee74e6a1f0444",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c0a7778b7ef71e79817ee74e6a1f0444"
},
"Department": "Regional Operations",
"costcenter": [
"CC01",
"DD02"
],
"jobtitle": "Internal Audit Manager",
"lastRefresh": "2024-05-02T16:11:15.836Z"
},
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"manager": {
"displayName": "Bob Smith",
"value": "c7a7347a7fe71e69077ee75f5d1f1237",
"$ref": "http://localhost:8080/iiq/scim/v2/Users/c7a7347a7fe71e69077ee75f5d1f1237"
}
},
"meta": {
"created": "2022-02-11T01:34:04.074-05:00",
"location": "http://localhost:8080/iiq/scim/v2/Users/c0b4568a4fe7458c434ee77d1fbt156b",
"lastModified": "2022-02-11T01:08:45.866-05:00",
"version": "W\"1644561244074\"",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:sailpoint:1.0:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
]
}
]
}