User by ID
GET/v2/users/:userId
Returns the full user object (human or machine) including the profile, email, etc..
Request​
Path Parameters
User ID of the user you like to get.
Responses​
- 200
- 403
- 404
- default
OK
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
Unique identifier of the user.
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
Username of the user, which can be globally unique or unique on organization level.
Possible usable login names for the user.
Preferred login name of the user.
profile
object
Profile information of the user.
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
avatar URL of the user
email
object
Email of the user, if defined.
Possible values: non-empty
and <= 200 characters
phone
object
Phone of the user, if defined.
Possible values: <= 200 characters
User is required to change the used password on the next login.
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.672Z",
"resourceOwner": "69629023906488334"
},
"user": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.672Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"profile": {
"givenName": "Minnie",
"familyName": "Mouse",
"nickName": "Mini",
"displayName": "Minnie Mouse",
"preferredLanguage": "en",
"gender": "GENDER_FEMALE",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "mini@mouse.com",
"isVerified": true
},
"phone": {
"phone": "+41791234567",
"isVerified": true
},
"passwordChangeRequired": true,
"passwordChanged": "2024-12-23T07:03:23.673Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
Unique identifier of the user.
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
Username of the user, which can be globally unique or unique on organization level.
Possible usable login names for the user.
Preferred login name of the user.
profile
object
Profile information of the user.
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
avatar URL of the user
email
object
Email of the user, if defined.
Possible values: non-empty
and <= 200 characters
phone
object
Phone of the user, if defined.
Possible values: <= 200 characters
User is required to change the used password on the next login.
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.674Z",
"resourceOwner": "69629023906488334"
},
"user": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.675Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"profile": {
"givenName": "Minnie",
"familyName": "Mouse",
"nickName": "Mini",
"displayName": "Minnie Mouse",
"preferredLanguage": "en",
"gender": "GENDER_FEMALE",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "mini@mouse.com",
"isVerified": true
},
"phone": {
"phone": "+41791234567",
"isVerified": true
},
"passwordChangeRequired": true,
"passwordChanged": "2024-12-23T07:03:23.675Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
- Schema
- Example (from schema)
Schema
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
Unique identifier of the user.
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
Username of the user, which can be globally unique or unique on organization level.
Possible usable login names for the user.
Preferred login name of the user.
profile
object
Profile information of the user.
Possible values: non-empty
and <= 200 characters
Possible values: non-empty
and <= 200 characters
Possible values: <= 200 characters
Possible values: <= 200 characters
Possible values: <= 10 characters
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
avatar URL of the user
email
object
Email of the user, if defined.
Possible values: non-empty
and <= 200 characters
phone
object
Phone of the user, if defined.
Possible values: <= 200 characters
User is required to change the used password on the next login.
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.676Z",
"resourceOwner": "69629023906488334"
},
"user": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"details": {
"sequence": "2",
"changeDate": "2024-12-23T07:03:23.676Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"state": "USER_STATE_UNSPECIFIED",
"username": "minnie-mouse",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"profile": {
"givenName": "Minnie",
"familyName": "Mouse",
"nickName": "Mini",
"displayName": "Minnie Mouse",
"preferredLanguage": "en",
"gender": "GENDER_FEMALE",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "mini@mouse.com",
"isVerified": true
},
"phone": {
"phone": "+41791234567",
"isVerified": true
},
"passwordChangeRequired": true,
"passwordChanged": "2024-12-23T07:03:23.676Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
Returned when the user does not have permission to access the resource.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
Returned when the resource does not exist.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}