Get All Users in Group

Version 4.0.25.18 (latest)

Get information about all the users directly included in a group.

Request

GET /groups/{group_id}/users

Datatype

Description

Request

HTTP Request

path

HTTP Path

Expand HTTP Path definition...

group_id

string

Id of group

query

HTTP Query

Expand HTTP Query definition...

fields

string

Requested fields.

page

integer

DEPRECATED. Use limit and offset instead. Return only page N of paginated results

per_page

integer

DEPRECATED. Use limit and offset instead. Return N rows of data per page

limit

integer

Number of results to return. (used with offset and takes priority over page and per_page)

offset

integer

Number of results to skip before returning any. (used with limit and takes priority over page and per_page)

sorts

string

Fields to sort by.

Response

200: All users in group.

Datatype

Description

(array)

User[]

can

object

Operations the current user is able to perform on this object

avatar_url

string

URL for the avatar image (may be generic)

avatar_url_without_sizing

string

URL for the avatar image (may be generic), does not specify size

credentials_api3

CredentialsApi3[]

Expand CredentialsApi3 definition...

can

object

Operations the current user is able to perform on this object

string

Unique Id

client_id

string

API key client_id

created_at

string

Timestamp for the creation of this credential

is_disabled

boolean

Has this credential been disabled?

type

string

Short name for the type of this kind of credential

purpose

string

User defined purpose for this credential.

url

string

Link to get this item

credentials_email

CredentialsEmail

Email/Password login credentials

Expand CredentialsEmail definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

string

EMail address used for user login

forced_password_reset_at_next_login

boolean

Force the user to change their password upon their next login

user_id

string

Unique Id of the user

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

password_reset_url

string

Url with one-time use secret token that the user can use to reset password

account_setup_url

string

Url with one-time use secret token that the user can use to setup account

password_reset_url_expired

boolean

Is password_reset_url expired or not present?

account_setup_url_expired

boolean

Is account_setup_url expired or not present?

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

user_url

string

Link to get this user

credentials_embed

CredentialsEmbed[]

Expand CredentialsEmbed definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

external_group_id

string

Embedder's id for a group to which this user was added during the most recent login

external_user_id

string

Embedder's unique id for the user

string

Unique Id

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

credentials_google

CredentialsGoogle

Google auth credentials

Expand CredentialsGoogle definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

domain

string

Google domain

string

EMail address

google_user_id

string

Google's Unique ID for this user

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

credentials_ldap

CredentialsLDAP

LDAP credentials

Expand CredentialsLDAP definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

string

EMail address

is_disabled

boolean

Has this credential been disabled?

ldap_dn

string

LDAP Distinguished name for this user (as-of the last login)

ldap_id

string

LDAP Unique ID for this user

logged_in_at

string

Timestamp for most recent login using credential

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

credentials_looker_openid

CredentialsLookerOpenid

LookerOpenID credentials. Used for login by Looker Analysts

Expand CredentialsLookerOpenid definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

string

EMail address used for user login

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

logged_in_ip

string

IP address of client for most recent login using credential

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

user_url

string

Link to get this user

credentials_oidc

CredentialsOIDC

OpenID Connect auth credentials

Expand CredentialsOIDC definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

string

EMail address

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

oidc_user_id

string

OIDC OP's Unique ID for this user

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

credentials_saml

CredentialsSaml

Saml auth credentials

Expand CredentialsSaml definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

string

EMail address

is_disabled

boolean

Has this credential been disabled?

logged_in_at

string

Timestamp for most recent login using credential

saml_user_id

string

Saml IdP's Unique ID for this user

type

string

Short name for the type of this kind of credential

url

string

Link to get this item

credentials_totp

CredentialsTotp

Two-factor credentials

Expand CredentialsTotp definition...

can

object

Operations the current user is able to perform on this object

created_at

string

Timestamp for the creation of this credential

is_disabled

boolean

Has this credential been disabled?

type

string

Short name for the type of this kind of credential

verified

boolean

User has verified

url

string

Link to get this item

display_name

string

Full name for display (available only if both first_name and last_name are set)

string

EMail address

embed_group_space_id

string

(DEPRECATED) (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login

first_name

string

First name

group_ids

string[]

home_folder_id

string

ID string for user's home folder

string

Unique Id

is_disabled

boolean

Account has been disabled

last_name

string

Last name

locale

string

User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.

looker_versions

string[]

models_dir_validated

boolean

User's dev workspace has been checked for presence of applicable production projects

personal_folder_id

string

ID of user's personal folder

presumed_looker_employee

boolean

(DEPRECATED) User is identified as an employee of Looker

role_ids

string[]

sessions

Session[]

Expand Session definition...

can

object

Operations the current user is able to perform on this object

string

Unique Id

ip_address

string

IP address of user when this session was initiated

browser

string

User's browser type

operating_system

string

User's Operating System

city

string

City component of user location (derived from IP address)

state

string

State component of user location (derived from IP address)

country

string

Country component of user location (derived from IP address)

credentials_type

string

Type of credentials used for logging in this session

extended_at

string

Time when this session was last extended by the user

extended_count

integer

Number of times this session was extended

sudo_user_id

string

Actual user in the case when this session represents one user sudo'ing as another

created_at

string

Time when this session was initiated

expires_at

string

Time when this session will expire

url

string

Link to get this item

ui_state

object

Per user dictionary of undocumented state information owned by the Looker UI.

verified_looker_employee

boolean

User is identified as an employee of Looker who has been verified via Looker corporate authentication

roles_externally_managed

boolean

User's roles are managed by an external directory like SAML or LDAP and can not be changed directly.

allow_direct_roles

boolean

User can be directly assigned a role.

allow_normal_group_membership

boolean

User can be a direct member of a normal Looker group.

allow_roles_from_normal_groups

boolean

User can inherit roles from a normal Looker group.

embed_group_folder_id

string

(Embed only) ID of user's group folder based on the external_group_id optionally specified during embed user login

is_iam_admin

boolean

User is an IAM Admin. This field may only be applicable for [Looker (Google Cloud core)](https://cloud.google.com/looker/docs/r/looker-core/overview). The is_iam_admin is not returned by default. Please explicitly request this attribute if needed via the fields query param. Note: Including the optional is_iam_admin attribute can increase API latency. For best performance, use this attribute only when filtering for users with the 'Admin via IAM' role. When using this filter, always paginate your results with the offset and limit fields to optimize response time.

can_manage_api3_creds

boolean

Indicates if the user can manage API3 credentials. This field may only be applicable for [Looker (Google Cloud core)](https://cloud.google.com/looker/docs/r/looker-core/overview). This is an experimental feature and may not yet be available on your instance.

is_service_account

boolean

Indicates if this user is a service account. This field may only be applicable for [Looker (Google Cloud core)](https://cloud.google.com/looker/docs/r/looker-core/overview). This is an experimental feature and may not yet be available on your instance.

service_account_name

string

The display name of the service account. This field is omitted for non service account users. This field may only be applicable for [Looker (Google Cloud core)](https://cloud.google.com/looker/docs/r/looker-core/overview). This is an experimental feature and may not yet be available on your instance.

url

string

Link to get this item

400: Bad Request

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link

404: Not Found

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link

429: Too Many Requests

Datatype

Description

(object)

Error

message

string

Error details

documentation_url

string

Documentation link