get https://{tenanturl}/v2.0/Users
Entitlement required: readUserGroups (Read users and groups), or manageUserGroups (Manage users and groups), or manageAllUserGroups (Synchronize users and groups), or manageUserStandardGroups (Manage users and standard groups).
Note: You only need one entitlement, but you can have more than one.
Searching, sorting, paging, and filtering are supported. A maximum of 2500 records are returned for a search query.
To improve performance, specify the list of the attributes that you want returned by using the attributes query parameter.
Search operators supported:
| eq | The attribute and operator values must be identical for a match. |
| ne | The attribute and operator values are not identical. |
| co | The entire operator value must be a substring of the attribute value for a match. For performance reasons, use sw or ew operators instead of co. |
| sw | The entire operator value must be a substring of the attribute value, starting at the beginning of the attribute value. |
| ew | The entire operator value must be a substring of the attribute value, matching at the end of the attribute value. |
| pr | If the attribute has a value, there is a match. |
| npr | If the attribute does not have a value, there is a match. |
| gt | If the attribute value is greater than the operator value, there is a match. The actual comparison is dependent on the attribute type. |
| ge | If the attribute value is greater than or equal to the operator value, there is a match. The actual comparison is dependent on the attribute type. |
| lt | If the attribute value is less than the operator value, there is a match. The actual comparison is dependent on the attribute type. |
| le | If the attribute value is less than or equal to the operator value, there is a match. The actual comparison is dependent on the attribute type. |
Example search queries:
| filter=userName eq "bob"&attributes=userName |
| filter=name.familyName eq "Marley"&attributes=name |
| filter=meta.created ge "2011-09-20T00:00:00Z" and meta.created le "2021-09-21T00:00:00Z"&attributes=userName,meta.created,emails&sortBy=userName&count=2500 |
| filter=urn:ietf:params:scim:schemas:extension:ibm:2.0:User:customAttributes.favoriteColor eq "blue"&attributes=userName,urn:ietf:params:scim:schemas:extension:ibm:2.0:User:customAttributes.favoriteColor&count=2500 |
| filter=urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department eq "2A"&attributes=userName,emails,urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager |
| filter=emails ew "@example.com" and (phoneNumbers eq "15551212" or phoneNumbers eq "1(555)1212")&attributes=userName,phoneNumbers,emails |
| Note: There are some special syntax for "phoneNumbers" to allow filtering using the type, such as GET /v2.0/Users?filter=phoneNumbers.work eq "{value}"&attributes=phoneNumbers.work |
For tenants that support large groups, additional feature are available. They are:
| - Search for users in a specific group by using the "memberOf" SCIM attribute. For example. GET /v2.0/Users?filter=userName sw "patel" and memberOf eq "{group ID}" |
| - Restrict HelpDesk administrators to manage specific groups of users by using Admin Roles. |
To check whether the tenant supports large groups, run the GET /v2.0/SCIM/capabilities API.