List ZITADEL Permissions

POST 
/users/:userId/memberships/_search

Show all the permissions the user has in ZITADEL (ZITADEL Manager).

Request

Path Parameters

userId stringrequired

list limitations and ordering

Header Parameters

x-zitadel-orgid string

The default is always the organization of the requesting user. If you like to get the result of another organization include the header. Make sure the user has permission to access the requested data.

application/json

Body

required

query

object

Object unspecific list filters like offset, limit and asc/desc.

offset uint64

limit int64

Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.

asc boolean

default is descending

queries

object[]

Array [

orgQuery

object

orgId string

projectQuery

object

projectId string

projectGrantQuery

object

projectGrantId string

iamQuery

object

iam boolean

]

application/grpc

Body

required

query

object

Object unspecific list filters like offset, limit and asc/desc.

offset uint64

limit int64

Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.

asc boolean

default is descending

queries

object[]

Array [

orgQuery

object

orgId string

projectQuery

object

projectId string

projectGrantQuery

object

projectGrantId string

iamQuery

object

iam boolean

]

application/grpc-web+proto

Body

required

query

object

Object unspecific list filters like offset, limit and asc/desc.

offset uint64

limit int64

Maximum amount of events returned. The default is set to 1000 in https://github.com/zitadel/zitadel/blob/new-eventstore/cmd/zitadel/startup.yaml. If the limit exceeds the maximum configured ZITADEL will throw an error. If no limit is present the default is taken.

asc boolean

default is descending

queries

object[]

Array [

orgQuery

object

orgId string

projectQuery

object

projectId string

projectGrantQuery

object

projectGrantId string

iamQuery

object

iam boolean

]

Responses

200

A successful response.

application/json

Schema

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

userId string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

roles string[]

displayName string

display name of the user

iam boolean

one of type use iam, org id, project id or project grant id

orgId string

one of type use iam, org id, project id or project grant id

projectId string

one of type use iam, org id, project id or project grant id

projectGrantId string

one of type use iam, org id, project id or project grant id

]

Example (from schema)

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.065Z"
  },
  "result": [
    {
      "userId": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.065Z",
        "changeDate": "2024-11-15T21:46:16.065Z",
        "resourceOwner": "69629023906488334"
      },
      "roles": [
        "IAM_OWNER"
      ],
      "displayName": "Gigi Giraffe",
      "iam": true,
      "orgId": "string",
      "projectId": "string",
      "projectGrantId": "string"
    }
  ]
}

application/grpc

Schema

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

userId string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

roles string[]

displayName string

display name of the user

iam boolean

one of type use iam, org id, project id or project grant id

orgId string

one of type use iam, org id, project id or project grant id

projectId string

one of type use iam, org id, project id or project grant id

projectGrantId string

one of type use iam, org id, project id or project grant id

]

Example (from schema)

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.065Z"
  },
  "result": [
    {
      "userId": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.065Z",
        "changeDate": "2024-11-15T21:46:16.065Z",
        "resourceOwner": "69629023906488334"
      },
      "roles": [
        "IAM_OWNER"
      ],
      "displayName": "Gigi Giraffe",
      "iam": true,
      "orgId": "string",
      "projectId": "string",
      "projectGrantId": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

details

object

totalResult uint64

processedSequence uint64

viewTimestamp date-time

the last time the view got updated

result

object[]

Array [

userId string

details

object

sequence uint64

on read: the sequence of the last event reduced by the projection

on manipulation: the timestamp of the event(s) added by the manipulation

creationDate date-time

on read: the timestamp of the first event of the object

on create: the timestamp of the event(s) added by the manipulation

changeDate date-time

on read: the timestamp of the last event reduced by the projection

on manipulation: the

resourceOwner resource_owner is the organization an object belongs to (string)

roles string[]

displayName string

display name of the user

iam boolean

one of type use iam, org id, project id or project grant id

orgId string

one of type use iam, org id, project id or project grant id

projectId string

one of type use iam, org id, project id or project grant id

projectGrantId string

one of type use iam, org id, project id or project grant id

]

Example (from schema)

{
  "details": {
    "totalResult": "2",
    "processedSequence": "267831",
    "viewTimestamp": "2024-11-15T21:46:16.066Z"
  },
  "result": [
    {
      "userId": "69629023906488334",
      "details": {
        "sequence": "2",
        "creationDate": "2024-11-15T21:46:16.066Z",
        "changeDate": "2024-11-15T21:46:16.066Z",
        "resourceOwner": "69629023906488334"
      },
      "roles": [
        "IAM_OWNER"
      ],
      "displayName": "Gigi Giraffe",
      "iam": true,
      "orgId": "string",
      "projectId": "string",
      "projectGrantId": "string"
    }
  ]
}

default

An unexpected error response.

application/json

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

application/grpc-web+proto

Schema

Schema

code int32
message string

details

object[]

Array [

@type string

]

Example (from schema)

{
  "code": 0,
  "message": "string",
  "details": [
    {
      "@type": "string"
    }
  ]
}

Loading...