Select the tab

List users

Copy current article URL Share via email

This article (PDF) Whole documentation (PDF)

Relative path: /v1/users

Retrieves a list of users, optionally filtered by certain criteria defined in the user filter.

Base URL for Europe, Germany, United States and Canada regions:

https://eu.user-management.eset.systems

https://de.user-management.eset.systems

https://us.user-management.eset.systems

https://ca.user-management.eset.systems

Query parameters

Name	Type	Description
activeProduct.autoActivated	boolean	If `true`, the product was activated automatically. That is, the product was activated because it is automatically activated for all the users within some user's group or user's tenant.
activeProduct.autoActivationDetails.base	string	Base, on which the product has been automatically activated for the user. For example, some products are activated based on automation at the level of the user's tenant. •PRODUCT_AUTO_ACTIVATION_BASE_UNSPECIFIED: fallback •PRODUCT_AUTO_ACTIVATION_BASE_TENANT: The product is activated for this user because automatic activation was enabled on the user's tenant. •PRODUCT_AUTO_ACTIVATION_BASE_USER_GROUP: The product is activated for this user because automatic activation was enabled on some of the user's groups.
activeProduct.autoActivationDetails.userGroupUuid	string	Reference to the [user group]. It is only meaningful if the base is equal to the USER GROUP. type: UserGroup
activeProduct.subscriptionUuid	string	Reference to the [subscription] used for product activation. type: subscription_management.v1.Subscription
activeProduct.unitPoolUuid	string	Reference to the [unit pool] used for product activation. Unit pools contain units available for product activation. type: unit_management.v1.UnitPool
activeProduct.id	integer	Identifier of the governed resource. It can be seen as the value of the item in enumerated type. It can be derived from the name by some algorithm, such as CRC32.
activeProduct.name	string	Name of the governed item. It can be seen as the name of the enumeration item, with `id` being its numerical value. Note: Not to be confused with `display_name`, which is purposed for UI.
cloudOfficeTenantReference	string	Filtering based on the user's cloud office tenant reference. If filled, only the users of the given `cloud office tenant reference` will be included in the response. An exact match is required. If `null` or empty, users of any or none `cloud office tenant` will be included in the response.
displayName	string	Filtering based on the user's display name. If filled, only the users containing the given `display name` (at least partially) will be included in the response. If `null` or empty, users with any `display name` will be included in the response.
email	string	Filtering based on the user's email. If filled, only the users containing the given `email` (at least partially) within the `primary email address` or `proxy email addresses` will be included in the response. If `null` or empty, users with any `email address` will be included in the response.
hasCloudOfficeMsLicense	boolean	If `true`, include only users with an associated Microsoft (MS) cloud office license. If `false`, include only users without associated Microsoft (MS) cloud office license. If `null`, this filter does not apply at all.
protectionStatus	string	Filtering based on the user's protection status. If not-null or non-zero, only the users with the given `protection status` will be included in the response. Otherwise, users with any `protection status` will be returned. •PROTECTION_STATUS_UNSPECIFIED: fallback •PROTECTION_STATUS_UNPROTECTED: Status where selected asset is not protected by enabled ESET protection features. •PROTECTION_STATUS_PENDING: Status where asset is not protected by enabled protection features yet, the protection is in pending state. The protection features are setting up. •PROTECTION_STATUS_PARTIALLY_PROTECTED: Status where asset is protected by enabled protection features, with some complications, that require the attention. •PROTECTION_STATUS_FULLY_PROTECTED: Status where asset is fully protected by enabled ESET protection features.
userGroupUuid	string	Filtering based on the user's group. If `null` or empty, users from any user group will be included in the response. type: UserGroup
pageSize	integer	Limit for pagination purposes. If unspecified or 0, the default value is 50. The maximum value is 1000; values above 1000 will be coerced to 1000. Info: For more information, refer to Paginating Requests in APIs or Design Patterns: Pagination
pageToken	string	Page token of the current page. If not given or "", the first page is returned. Info: For more information, refer to Paginating Requests in APIs or Design Patterns: Pagination

Responses

Display Schema+Headers instead of an Example or vice-versa

Code	Description and Example	Description, Schema and Headers
200	Successful response. Response example { "users": [ { "activeProductIds": [ 0 ], "cloudOffice": { "hasMsLicense": true, "tenantReference": "string" }, "department": "string", "displayName": "string", "identities": [ { "createTime": "string", "providerReference": "string", "providerReferenceFormat": "IDENTITY_REFERENCE_FORMAT_UNSPECIFIED", "providerType": "IDENTITY_PROVIDER_TYPE_UNSPECIFIED", "updateTime": "string", "userName": "string" } ], "jobTitle": "string", "officeLocation": "string", "phoneNumbers": [ "string" ], "primaryEmailAddress": "string", "protectionStatus": "PROTECTION_STATUS_UNSPECIFIED", "proxyEmailAddresses": [ "string" ], "userGroupUuids": [ "string" ], "uuid": "string" } ], "nextPageToken": "string", "totalSize": 0 }	Successful response. Response schema { "$ref": "v1ListUsersResponse", "users": [ { "$ref": "v1User", "description": "Representation of a real physical person in the system. Each user can authenticate through one or more identities provided by various Identity Providers (for example, Active Directory, Google, Microsoft, ISP logins). These identities are linked to a single user. A user can: - Have multiple linked identities - Belong to one or more accounts - Access multiple systems through associated accounts Example: A user signs in using their corporate Microsoft account and their personal Gmail account. Both identities map to the same user, allowing seamless switching between organizational and personal contexts.", "activeProductIds": [ { "type": "integer", "format": "int64" } ], "cloudOffice": { "$ref": "v1CloudOfficeUser", "description": "Details of the user related to their cloud office (for example, Microsoft Office 365 or Google Workspace) origin.", "hasMsLicense": { "type": "boolean", "description": "For a user imported from Microsoft Office 365, true if the user has assigned Microsoft licenses. Info: Projection of assigned licenses from Graph API." }, "tenantReference": { "type": "string", "description": "Reference to the cloud office tenant from where the user originates. The format might differ depending on the origin (for example, Microsoft Office 365 uses predominantly UUID, whereas Google Workspace uses a random string)." } }, "department": { "type": "string", "description": "The department to which the user belongs. It can be used for organizational categorization and role-based access control." }, "displayName": { "type": "string", "description": "The name of the user displayed in address books. Usually, it is a full name, a combination of the first name, middle and last names. Validation: - required - max length 255 Example: John Doe" }, "identities": [ { "$ref": "v1Identity", "description": "Represents an identity used to sign in to a user account. Each user can have multiple identities, such as Active Directory (AD), internet service provider (ISP) identity, or identities provided by Google, Facebook, Microsoft, and so on. These identities enable the user to sign in to the user accounts. It helps manage and track these different identities, ensuring seamless authentication and authorization across various platforms and services. Identity is managed by the Identity Provider, where the identity can also be verified (that is, authenticated).", "createTime": { "type": "string", "description": "Date and time when the identity was created. Empty if the timestamp is unknown.", "format": "date-time" }, "providerReference": { "type": "string", "description": "The identifier used by the identity provider for the user. Example: user123@company.com" }, "providerReferenceFormat": { "$ref": "v1IdentityReferenceFormat", "type": "string", "description": "Possible formats of user references. IDENTITY_REFERENCE_FORMAT_UNSPECIFIED: fallback IDENTITY_REFERENCE_FORMAT_EMAIL_ADDRES: User identity reference (login) is an email address. IDENTITY_REFERENCE_FORMAT_USER_NAME: User identity reference (login) is a username. IDENTITY_REFERENCE_FORMAT_USER_PRINCIPAL_NAME: User identity reference (login) is in Universal principal name (UPN) format. IDENTITY_REFERENCE_FORMAT_PHONE_NUMBER: User identity reference (login) is a telephone number. IDENTITY_REFERENCE_FORMAT_FEDERATED: A unique identifier for a user from a provider that can be in any format chosen by the provider.", "default": "IDENTITY_REFERENCE_FORMAT_UNSPECIFIED", "enum": [ "IDENTITY_REFERENCE_FORMAT_UNSPECIFIED", "IDENTITY_REFERENCE_FORMAT_EMAIL_ADDRES", "IDENTITY_REFERENCE_FORMAT_USER_NAME", "IDENTITY_REFERENCE_FORMAT_USER_PRINCIPAL_NAME", "IDENTITY_REFERENCE_FORMAT_PHONE_NUMBER", "IDENTITY_REFERENCE_FORMAT_FEDERATED" ] }, "providerType": { "$ref": "v1IdentityProviderType", "title": "Identity providers that can be used for authentication", "type": "string", "description": "IDENTITY_PROVIDER_TYPE_UNSPECIFIED: fallback IDENTITY_PROVIDER_TYPE_MICROSOFT: Represents Microsoft Entra ID (former Azure Active Directory, or Azure AD) as an identity provider for enterprise authentication. IDENTITY_PROVIDER_TYPE_GOOGLE: Represents Google as an identity provider for authentication via Google accounts. IDENTITY_PROVIDER_TYPE_FACEBOOK: Represents Facebook as an identity provider for authentication via Facebook accounts. IDENTITY_PROVIDER_TYPE_LOCAL: Represents a local provider that manages identities and authentication within the application's scope.", "default": "IDENTITY_PROVIDER_TYPE_UNSPECIFIED", "enum": [ "IDENTITY_PROVIDER_TYPE_UNSPECIFIED", "IDENTITY_PROVIDER_TYPE_MICROSOFT", "IDENTITY_PROVIDER_TYPE_GOOGLE", "IDENTITY_PROVIDER_TYPE_FACEBOOK", "IDENTITY_PROVIDER_TYPE_LOCAL" ] }, "updateTime": { "type": "string", "description": "Date and time when the identity was last updated. Empty if the timestamp is unknown.", "format": "date-time" }, "userName": { "type": "string", "description": "User name as a form of identity reference. Derived from provider reference if the provider reference format is suitable. Examples: - system\user - name.surname - login@somedomain.com Info: Inspired by: Setting Username Formats" } } ], "jobTitle": { "type": "string", "description": "The job title of a user representing their specific role or position within an organization or context. This attribute defines the user's job function and helps identify their responsibilities and role within the system." }, "officeLocation": { "type": "string", "description": "The physical office location or workplace of a user representing the physical location or environment where the user is typically working or sitting while using the system. This can include an office, remote work location, or any other place relevant to the user's work activities." }, "phoneNumbers": [ { "type": "string" } ], "primaryEmailAddress": { "type": "string", "description": "The SMTP address for the user, for example, jeff@contoso.com. Changes to this property update the user's proxyAddresses collection to include the value as an SMTP address. This property cannot contain accent characters. Validation: - valid email address format - max length 255 Example: john.doe@example.com" }, "protectionStatus": { "$ref": "v1ProtectionStatus", "type": "string", "description": "Aggregated status of protection, per context of specific asset. PROTECTION_STATUS_UNSPECIFIED: fallback PROTECTION_STATUS_UNPROTECTED: Status where selected asset is not protected by enabled ESET protection features. PROTECTION_STATUS_PENDING: Status where asset is not protected by enabled protection features yet, the protection is in pending state. The protection features are setting up. PROTECTION_STATUS_PARTIALLY_PROTECTED: Status where asset is protected by enabled protection features, with some complications, that require the attention. PROTECTION_STATUS_FULLY_PROTECTED: Status where asset is fully protected by enabled ESET protection features.", "default": "PROTECTION_STATUS_UNSPECIFIED", "enum": [ "PROTECTION_STATUS_UNSPECIFIED", "PROTECTION_STATUS_UNPROTECTED", "PROTECTION_STATUS_PENDING", "PROTECTION_STATUS_PARTIALLY_PROTECTED", "PROTECTION_STATUS_FULLY_PROTECTED" ] }, "proxyEmailAddresses": [ { "type": "string" } ], "userGroupUuids": [ { "type": "string" } ], "uuid": { "type": "string", "description": "Unique identifier of the entity. Must be collision-free - two identifiers created anywhere in the world must not collide within entity parent scope. Unless a member of aggregate, the entity scope is always global. Although most of the times compliant with RFC 4122: A Universally Unique IDentifier (UUID) URN Namespace, do not rely on it being a RFC UUID. Treat it as an opaque identifier. RFC UUID can be recognized by being formatted according to the template xxxxxxxx-xxxx-Mxxx-Nxxx-xxxxxxxxxxxx, as explained on Wikipedia. UUID is used for referencing an entity, even across domains. Example: '123e4567-e89b-12d3-a456-426614174000'" } } ], "nextPageToken": { "type": "string", "description": "Page token of the next page. Empty or '' for the last page. Info: For more information, refer to Paginating Requests in APIs or Design Patterns: Pagination" }, "totalSize": { "type": "integer", "description": "The total count of items in the list irrespective of pagination. Info: One of the standard fields Page_size might differ for every call (it is an input parameter), so the calculation of how many pages there are in total is the caller's responsibility.", "format": "int64" } } Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
202	Response took too long; request cached. Response can be retrieved later using the response-id header.	Response took too long; request cached. Response can be retrieved later using the response-id header. Response schema [] Headers { "response-id": { "description": "Unique ID of a pending request. Used to retrieve cached result.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } }, "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
400	One of the errors: 1. Bad or missing authorization. 2. Validation error. Invalid argument provided.	One of the errors: 1. Bad or missing authorization. 2. Validation error. Invalid argument provided. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
401	Token has expired or is invalid.	Token has expired or is invalid. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
403	Access denied. Check permissions.	Access denied. Check permissions. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
404	Requested resource not found.	Requested resource not found. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
429	Rate limit reached. Try again later.	Rate limit reached. Try again later. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
500	Internal server failure. Try again later.	Internal server failure. Try again later. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
502	Internal server failure. Try again later.	Internal server failure. Try again later. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
503	Environment under maintenance. Try again later.	Environment under maintenance. Try again later. Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }
504	Action took too long; timeout reached	Action took too long; timeout reached Response schema [] Headers { "request-id": { "description": "Unique ID of the request. Include in support requests.", "style": "simple", "explode": false, "schema": { "type": "string", "format": "uuid" } } }

˄˅