Retrieves a list of users that belong to a specified tenant and match the search filter criteria.

Entitlement required: readUserGroups (Read users and groups), or manageUserGroups (Manage users and groups), or manageAllUserGroups (Synchronize users and groups), or manageUserStandardGroups (Manage users and standard groups), or readUsers (Read all users but not group memberships), or readUsersGroupMembership (Read all users and group memberships), or readUsersStandardGroupMembership (Read all users and standard group memberships), or manageUsers (Manage all users), or manageUsersInStandardGroups (Manage users in standard groups).
Note: You only need one entitlement, but you can have more than one.

Overview
Searching, sorting, paging, and filtering are supported. A maximum of 2500 records are returned for a search query. To retrieve more than 2500 records, use User reports.

Performance Optimization
To improve performance, use the attributes query parameter to specify only the attributes you need. Choose faster search operators when possible.

Operator Performance:
- Faster operators: eq, sw, ew, ge, le
- Slower operators: pr, npr, co, gt, lt, ne

Best Practices:
- Use ge and le instead of gt and lt
- Use sw or ew instead of co when possible
- Avoid the ne operator

Supported Search Operators
- eq - Equal. The attribute and operator values must be identical for a match.
- sw - Starts with. The operator value must match the beginning of the attribute value.
- ew - Ends with. The operator value must match the end of the attribute value.
- ge - Greater than or equal. The attribute value is greater than or equal to the operator value.
- le - Less than or equal. The attribute value is less than or equal to the operator value.
- ne - Not equal. The attribute and operator values are not identical.
- co - Contains. The entire operator value must be a substring of the attribute value.
- pr - Present. Matches if the attribute has a value.
- npr - Not present. Matches if the attribute does not have a value.
- gt - Greater than. The attribute value is greater than the operator value.
- lt - Less than. The attribute value is less than the operator value.


Example Search Queries
filter=userName eq "bob"&attributes=userName
filter=name.familyName eq "Marley"&attributes=name
filter=urn:ietf:params:scim:schemas:extension:ibm:2.0:User:customAttributes.favoriteColor eq "blue"&attributes=urn:ietf:params:scim:schemas:extension:ibm:2.0:User:customAttributes.favoriteColor
filter=urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department eq "2A"&attributes=urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department
filter=emails ew "@example.com" and (phoneNumbers.mobile eq "15551212" or phoneNumbers.mobile eq "1(555)1212")&attributes=phoneNumbers.mobile,emails

Phone Number Filtering
Special syntax is available for phoneNumbers to filter by type. Example:
GET /v2.0/Users?filter=phoneNumbers.mobile eq "{value}"&attributes=phoneNumbers.mobile
Using phoneNumbers without type will search for all types of phoneNumbers which is not efficient.

Large Groups Support
For tenants that support large groups, additional features are available:
- Search for users in a specific group by using the memberOf SCIM attribute. Example: GET /v2.0/Users?filter=userName sw "patel" and memberOf eq "{group ID}"
- Restrict HelpDesk administrators to manage specific groups of users by using Admin Roles.

To determine whether the tenant supports large groups, run the GET /v2.0/SCIM/capabilities API.

Recent Requests
Log in to see full request history
TimeStatusUser Agent
Retrieving recent requests…
LoadingLoading…
Query Params
string

The SCIM compliant search filter. For example, userName eq "john". The filter should be no longer than 4096 characters in length.

string

The list of attributes that are passed in as comma-separated values that are used when passing the result back to the caller. To improve performance, specify in the list only the attributes that you want returned. If no list is provided, the default action is to return all attributes.

string

Limit the number of records that match the search filter. The range is 1 to 2500. If not specified, the default limit is 2500.

string

Specifies the maximum number of query results per page. A negative value is interpreted as 0. A value of 0 indicates that no resource results are to be returned, except for totalResults.

string

A 1-based index that indicates the start index that is used when the number of users is returned. A value less than 1 is interpreted as 1.

string

Sort the results by the specified criteria when the users are returned.

string
enum

The sorting order when the number of users is returned.

Allowed:
string

The comma-separated list of attributes whose values are to be hashed.

string

A string that is searched for in the user records.

string

Include group information in the response.

Responses

Language
URL
LoadingLoading…
Response
Choose an example:
application/scim+json