User Guide Getting Started Help Center Documentation Community Training
  
English
日本語
User : Manage Users

Get Current User

GET/api/3.0/user
me(fields)

Implementation Notes

Get information about the current user; i.e. the user account currently calling the API.

Response Class

User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get All Users

GET/api/3.0/users
all_users(fields, page, per_page, sorts, ids)

Implementation Notes

Get information about all users.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
fields false Requested fields. string string
page false Requested page. integer int64
per_page false Results per page. integer int64
sorts false Fields to sort by. string string
ids false Optional list of ids to get specific users. array array

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Create User

POST/api/3.0/users
create_user(body, fields)

Implementation Notes

Create a user with the specified information.

Response Class

User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
body false User body
User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
409 Resource Already Exists
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Search Users

GET/api/3.0/users/search
search_users(fields, page, per_page, sorts, id, first_name, last_name, verified_looker_employee, email, is_disabled, filter_or, content_metadata_id, group_id)

Implementation Notes

Search users.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
fields false Requested fields. string string
page false Requested page. integer int64
per_page false Results per page. integer int64
sorts false Fields to sort by. string string
id false Match User Id. integer int64
first_name false Match First name. string string
last_name false Match Last name. string string
verified_looker_employee false Match Verified Looker employee. boolean boolean
email false Match Email Address. string string
is_disabled false Match Is disabled. boolean boolean
filter_or false Do an OR search with parameters boolean boolean
content_metadata_id false Id of content metadata to which users must have access integer int64
group_id false Id of group of which users must be directly members integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Search User Names

GET/api/3.0/users/search/names/{pattern}
search_users_names(pattern, fields, page, per_page, sorts, id, first_name, last_name, verified_looker_employee, email, is_disabled)

Implementation Notes

Search users where first_name OR last_name OR email matches a string.

The results will be AND’d with any additional search parameters that are (optionally) included.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
pattern true Pattern to match. string string
fields false Requested fields. string string
page false Requested page. integer int64
per_page false Results per page. integer int64
sorts false Fields to sort by. string string
id false Match User Id. integer int64
first_name false Match First name. string string
last_name false Match Last name. string string
verified_looker_employee false Match Verified Looker employee. boolean boolean
email false Match Email Address. string string
is_disabled false Match Is disabled. boolean boolean

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get User by Id

GET/api/3.0/users/{user_id}
user(user_id, fields)

Implementation Notes

Get information about the user with a specific id.

If the caller is an admin or the caller is the user being specified, then full user information will be returned. Otherwise, a minimal ‘public’ variant of the user information will be returned. This contains The user name and avatar url, but no sensitive information.

Response Class

User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete User

DELETE/api/3.0/users/{user_id}
delete_user(user_id)

Implementation Notes

Delete the user with a specific id.

DANGER this will delete the user and all looks and other information owned by the user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
403 Permission Denied
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 User successfully deleted. string

Update User

PATCH/api/3.0/users/{user_id}
update_user(user_id, body, fields)

Implementation Notes

Update information about the user with a specific id.

Response Class

User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
body true User body
User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Get User by Credential Id

GET/api/3.0/users/credential/{credential_type}/{credential_id}
user_for_credential(credential_type, credential_id, fields)

Implementation Notes

Get information about the user with a credential of given type with specific id.

This is used to do things like find users by their embed external_user_id. Or, find the user with a given api3 client_id, etc. The ‘credential_type’ matchs the ‘type’ name of the various credential types. It must be one of the values listed in the table below. The ‘credential_id’ is your unique Id for the user and is specific to each type of credential.

An example using the Ruby sdk might look like:

sdk.user_for_credential('embed', 'customer-4959425')

This table shows the supported ‘Credential Type’ strings. The right column is for reference; it shows which field in the given credential type is actually searched when finding a user with the supplied ‘credential_id’.

Credential Types Id Field Matched
email email
google google_user_id
saml saml_user_id
oidc oidc_user_id
ldap ldap_id
api token
api3 client_id
embed external_user_id
looker_openid email

NOTE: ‘api’ is the legacy Looker query API. The API you are currently looking at is ‘api3’.

Response Class

User {
id (long, read-only): Unique Id,
first_name (string): First name,
last_name (string): Last name,
display_name (string, read-only): Full name for display (available only if both first_name and last_name are set),
email (string, read-only): EMail address,
is_disabled (boolean): Account has been disabled,
avatar_url (string, read-only): URL for the avatar image (may be generic),
home_space_id (string): ID string for user's home space,
personal_space_id (long, read-only): ID of user's personal space,
embed_group_space_id (long, read-only): (Embed only) ID of user's group space based on the external_group_id optionally specified during embed user login,
access_filters (Array[AccessFilter], read-only): Model access filters.,
credentials_email (CredentialsEmail, read-only): Email/Password login credentials,
credentials_totp (CredentialsTotp, read-only): Two-factor credentials,
credentials_ldap (CredentialsLDAP, read-only): LDAP credentials,
credentials_google (CredentialsGoogle, read-only): Google auth credentials,
credentials_saml (CredentialsSaml, read-only): Saml auth credentials,
credentials_oidc (CredentialsOIDC, read-only): OpenID Connect auth credentials,
credentials_api (CredentialsApi, read-only): API user credentials. NO LONGER SUPPORTED.,
credentials_api3 (Array[CredentialsApi3], read-only): API 3 credentials,
credentials_embed (Array[CredentialsEmbed], read-only): Embed credentials,
credentials_looker_openid (CredentialsLookerOpenid, read-only): LookerOpenID credentials. Used for login by Looker Analysts,
sessions (Array[Session], read-only): Active sessions,
role_ids (Array[long], read-only): Array of ids of the roles for this user,
group_ids (Array[long], read-only): Array of ids of the groups for this user,
presumed_looker_employee (boolean, read-only): User is identified as an employee of Looker,
verified_looker_employee (boolean, read-only): User is identified as an employee of Looker who has been verified via Looker corporate authentication,
looker_versions (Array[string], read-only): Array of strings representing the Looker versions that this user has used (this only goes back as far as '3.54.0'),
ui_state (object): Per user dictionary of undocumented state information owned by the Looker UI.,
locale (string): User's preferred locale. User locale takes precedence over Looker's system-wide default locale. Locale determines language of display strings and date and numeric formatting in API responses. Locale string must be a 2 letter language code or a combination of language code and region code: 'en' or 'en-US', for example.,
models_dir_validated (boolean): User's dev workspace has been checked for presence of applicable production projects,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
credential_type true Type name of credential string string
credential_id true Id of credential string string
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get Email/Password Credential

GET/api/3.0/users/{user_id}/credentials_email
user_credentials_email(user_id, fields)

Implementation Notes

Email/password login information for the specified user.

Response Class

CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Create Email/Password Credential

POST/api/3.0/users/{user_id}/credentials_email
create_user_credentials_email(user_id, body, fields)

Implementation Notes

Email/password login information for the specified user.

Response Class

CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body false Email/Password Credential body
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
409 Resource Already Exists
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Update Email/Password Credential

PATCH/api/3.0/users/{user_id}/credentials_email
update_user_credentials_email(user_id, body, fields)

Implementation Notes

Email/password login information for the specified user.

Response Class

CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body true Email/Password Credential body
CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Delete Email/Password Credential

DELETE/api/3.0/users/{user_id}/credentials_email
delete_user_credentials_email(user_id)

Implementation Notes

Email/password login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get Two-Factor Credential

GET/api/3.0/users/{user_id}/credentials_totp
user_credentials_totp(user_id, fields)

Implementation Notes

Two-factor login information for the specified user.

Response Class

CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Create Two-Factor Credential

POST/api/3.0/users/{user_id}/credentials_totp
create_user_credentials_totp(user_id, body, fields)

Implementation Notes

Two-factor login information for the specified user.

Response Class

CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body false Two-Factor Credential body
CredentialsTotp {
verified (boolean, read-only): User has verified,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
409 Resource Already Exists
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Delete Two-Factor Credential

DELETE/api/3.0/users/{user_id}/credentials_totp
delete_user_credentials_totp(user_id)

Implementation Notes

Two-factor login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get API Credential

GET/api/3.0/users/{user_id}/credentials_api
user_credentials_api(user_id, fields)

Implementation Notes

API login information for the specified user. This is for ‘API Users’ used for the ‘old’ query API. THIS SUPPORT HAS BEEN REMOVED.

Response Class

CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete API Credential

DELETE/api/3.0/users/{user_id}/credentials_api
delete_user_credentials_api(user_id)

Implementation Notes

API login information for the specified user. This is for ‘API Users’ used for the ‘old’ query API. THIS SUPPORT HAS BEEN REMOVED.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Create API Credential

POST/api/3.0/users/{user_id}/credentials_api
create_user_credentials_api(user_id, body)

Implementation Notes

Create API Credential.

SUPPORT FOR THIS HAS BEEN REMOVED.

Response Class

CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
body false API Credential body
CredentialsApi {
token (string, read-only): API key token,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get LDAP Credential

GET/api/3.0/users/{user_id}/credentials_ldap
user_credentials_ldap(user_id, fields)

Implementation Notes

LDAP login information for the specified user.

Response Class

CredentialsLDAP {
email (string, read-only): EMail address,
ldap_id (string, read-only): LDAP Unique ID for this user,
ldap_dn (string, read-only): LDAP Distinguished name for this user (as-of the last login),
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete LDAP Credential

DELETE/api/3.0/users/{user_id}/credentials_ldap
delete_user_credentials_ldap(user_id)

Implementation Notes

LDAP login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get Google Auth Credential

GET/api/3.0/users/{user_id}/credentials_google
user_credentials_google(user_id, fields)

Implementation Notes

Google authentication login information for the specified user.

Response Class

CredentialsGoogle {
email (string, read-only): EMail address,
google_user_id (string, read-only): Google's Unique ID for this user,
domain (string, read-only): Google domain,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete Google Auth Credential

DELETE/api/3.0/users/{user_id}/credentials_google
delete_user_credentials_google(user_id)

Implementation Notes

Google authentication login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get Saml Auth Credential

GET/api/3.0/users/{user_id}/credentials_saml
user_credentials_saml(user_id, fields)

Implementation Notes

Saml authentication login information for the specified user.

Response Class

CredentialsSaml {
email (string, read-only): EMail address,
saml_user_id (string, read-only): Saml IdP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete Saml Auth Credential

DELETE/api/3.0/users/{user_id}/credentials_saml
delete_user_credentials_saml(user_id)

Implementation Notes

Saml authentication login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get OIDC Auth Credential

GET/api/3.0/users/{user_id}/credentials_oidc
user_credentials_oidc(user_id, fields)

Implementation Notes

OpenID Connect (OIDC) authentication login information for the specified user.

Response Class

CredentialsOIDC {
email (string, read-only): EMail address,
oidc_user_id (string, read-only): OIDC OP's Unique ID for this user,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete OIDC Auth Credential

DELETE/api/3.0/users/{user_id}/credentials_oidc
delete_user_credentials_oidc(user_id)

Implementation Notes

OpenID Connect (OIDC) authentication login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get API 3 Credential

GET/api/3.0/users/{user_id}/credentials_api3/{credentials_api3_id}
user_credentials_api3(user_id, credentials_api3_id, fields)

Implementation Notes

API 3 login information for the specified user. This is for the newer API keys that can be added for any user.

Response Class

CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
credentials_api3_id true Id of API 3 Credential integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete API 3 Credential

DELETE/api/3.0/users/{user_id}/credentials_api3/{credentials_api3_id}
delete_user_credentials_api3(user_id, credentials_api3_id)

Implementation Notes

API 3 login information for the specified user. This is for the newer API keys that can be added for any user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
credentials_api3_id true id of API 3 Credential integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get All API 3 Credentials

GET/api/3.0/users/{user_id}/credentials_api3
all_user_credentials_api3s(user_id, fields)

Implementation Notes

API 3 login information for the specified user. This is for the newer API keys that can be added for any user.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Create API 3 Credential

POST/api/3.0/users/{user_id}/credentials_api3
create_user_credentials_api3(user_id, body, fields)

Implementation Notes

API 3 login information for the specified user. This is for the newer API keys that can be added for any user.

Response Class

CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body false API 3 Credential body
CredentialsApi3 {
id (long, read-only): Unique Id,
client_id (string, read-only): API key client_id,
created_at (string, read-only): Timestamp for the creation of this credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
409 Resource Already Exists
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Get Embedding Credential

GET/api/3.0/users/{user_id}/credentials_embed/{credentials_embed_id}
user_credentials_embed(user_id, credentials_embed_id, fields)

Implementation Notes

Embed login information for the specified user.

Response Class

CredentialsEmbed {
id (long, read-only): Unique Id,
external_user_id (string, read-only): Embedder's unique id for the user,
external_group_id (string, read-only): Embedder's id for a group to which this user was added during the most recent login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
credentials_embed_id true Id of Embedding Credential integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete Embedding Credential

DELETE/api/3.0/users/{user_id}/credentials_embed/{credentials_embed_id}
delete_user_credentials_embed(user_id, credentials_embed_id)

Implementation Notes

Embed login information for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
credentials_embed_id true id of Embedding Credential integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get All Embedding Credentials

GET/api/3.0/users/{user_id}/credentials_embed
all_user_credentials_embeds(user_id, fields)

Implementation Notes

Embed login information for the specified user.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get Looker OpenId Credential

GET/api/3.0/users/{user_id}/credentials_looker_openid
user_credentials_looker_openid(user_id, fields)

Implementation Notes

Looker Openid login information for the specified user. Used by Looker Analysts.

Response Class

CredentialsLookerOpenid {
email (string, read-only): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
logged_in_ip (string, read-only): IP address of client for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete Looker OpenId Credential

DELETE/api/3.0/users/{user_id}/credentials_looker_openid
delete_user_credentials_looker_openid(user_id)

Implementation Notes

Looker Openid login information for the specified user. Used by Looker Analysts.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get Web Login Session

GET/api/3.0/users/{user_id}/sessions/{session_id}
user_session(user_id, session_id, fields)

Implementation Notes

Web login session for the specified user.

Response Class

Session {
id (long, read-only): Unique Id,
ip_address (string, read-only): IP address of user when this session was initiated,
browser (string, read-only): User's browser type,
operating_system (string, read-only): User's Operating System,
city (string, read-only): City component of user location (derived from IP address),
state (string, read-only): State component of user location (derived from IP address),
country (string, read-only): Country component of user location (derived from IP address),
credentials_type (string, read-only): Type of credentials used for logging in this session,
extended_at (string, read-only): Time when this session was last extended by the user,
extended_count (long, read-only): Number of times this session was extended,
sudo_user_id (long, read-only): Actual user in the case when this session represents one user sudo'ing as another,
created_at (string, read-only): Time when this session was initiated,
expires_at (string, read-only): Time when this session will expire,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
session_id true Id of Web Login Session integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete Web Login Session

DELETE/api/3.0/users/{user_id}/sessions/{session_id}
delete_user_session(user_id, session_id)

Implementation Notes

Web login session for the specified user.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
session_id true id of Web Login Session integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get All Web Login Sessions

GET/api/3.0/users/{user_id}/sessions
all_user_sessions(user_id, fields)

Implementation Notes

Web login session for the specified user.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get Access Filter deprecated

GET/api/3.0/users/{user_id}/access_filters/{access_filter_id}
user_access_filter(user_id, access_filter_id, fields)

Implementation Notes

NOTE: this feature is completely end of life and has been removed from the product.

Response Class

AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
access_filter_id true Id of Access Filter integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Update Access Filter deprecated

PATCH/api/3.0/users/{user_id}/access_filters/{access_filter_id}
update_user_access_filter(user_id, access_filter_id, body, fields)

Implementation Notes

NOTE: this feature is completely end of life and has been removed from the product.

Response Class

AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
access_filter_id true id of Access Filter integer int64
body true Access Filter body
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Delete Access Filter deprecated

DELETE/api/3.0/users/{user_id}/access_filters/{access_filter_id}
delete_user_access_filter(user_id, access_filter_id)

Implementation Notes

NOTE: this feature is completely end of life and has been removed from the product.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
access_filter_id true id of Access Filter integer int64

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
204 Successfully deleted. string

Get All Access Filters deprecated

GET/api/3.0/users/{user_id}/access_filters
all_user_access_filters(user_id, fields)

Implementation Notes

NOTE: this feature is completely end of life and has been removed from the product.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Create Access Filter deprecated

POST/api/3.0/users/{user_id}/access_filters
create_user_access_filter(user_id, body, fields)

Implementation Notes

NOTE: this feature is completely end of life and has been removed from the product.

Response Class

AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body false Access Filter body
AccessFilter {
id (long, read-only): ID of this AccessFilter,
model (string): Model to which this filter applies,
field (string): Field to which this filter applies,
value (string): Value for this filter,
url (string, read-only): Link to get this item,
can (object, read-only): Operations the current user is able to perform on this object
}
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
409 Resource Already Exists
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
422 Validation Error
ValidationError {
message (string, read-only, required): Error details,
errors (Array[ValidationErrorDetail], read-only): Error detail array,
documentation_url (string, read-only, required): Documentation link
}
ValidationErrorDetail {
field (string, read-only): Field with error,
code (string, read-only): Error code,
message (string, read-only): Error info message,
documentation_url (string, read-only, required): Documentation link
}

Create Password Reset Token

POST/api/3.0/users/{user_id}/credentials_email/password_reset
create_user_credentials_email_password_reset(user_id, expires, fields)

Implementation Notes

Create a password reset token.

This will create a cryptographically secure random password reset token for the user. If the user already has a password reset token then this invalidates the old token and creates a new one. The token is expressed as the ‘password_reset_url’ of the user’s email/password credential object. This takes an optional ‘expires’ param to indicate if the new token should be an expiring token. Tokens that expire are typically used for self-service password resets for existing users. Invitation emails for new users typically are not set to expire. The expire period is always 60 minutes when expires is enabled. This method can be called with an empty body.

Response Class

CredentialsEmail {
email (string): EMail address used for user login,
created_at (string, read-only): Timestamp for the creation of this credential,
logged_in_at (string, read-only): Timestamp for most recent login using credential,
is_disabled (boolean, read-only): Has this credential been disabled?,
type (string, read-only): Short name for the type of this kind of credential,
password_reset_url (string, read-only): Url with one-time use secret token that the user can use to reset password,
forced_password_reset_at_next_login (boolean, read-only): Force the user to change their password upon their next login,
url (string, read-only): Link to get this item,
user_url (string, read-only): Link to get this user,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
expires false Expiring token. boolean boolean
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get User Roles

GET/api/3.0/users/{user_id}/roles
user_roles(user_id, fields, direct_association_only)

Implementation Notes

Get information about roles of the user with a specific id.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
fields false Requested fields. string string
direct_association_only false Get only roles associated directly with the user: exclude those only associated through groups. boolean boolean

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Set User Roles

PUT/api/3.0/users/{user_id}/roles
set_user_roles(user_id, body, fields)

Implementation Notes

Set roles of the user with a specific id.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true id of user integer int64
body true array of roles ids for user body array
fields false Requested fields. string string

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Get User Attribute Values

GET/api/3.0/users/{user_id}/attribute_values
user_attribute_user_values(user_id, fields, user_attribute_ids, all_values, include_unset)

Implementation Notes

Get user attribute values for a given user.

Returns the values of specified user attributes (or all user attributes) for a certain user.

A value for each user attribute is searched for in the following locations, in this order: 1. in the user’s account information 1. in groups that the user is a member of 1. the default value of the user attribute

If more than one group has a value defined for a user attribute, the group with the lowest rank wins.

The response will only include user attributes for which values were found. Use include_unset=true to include empty records for user attributes with no value.

The value of all hidden user attributes will be blank.

Response Class

  array

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
fields false Requested fields. string string
user_attribute_ids false Specific user attributes to request. Omit or leave blank to request all user attributes. array array
all_values false If true, returns all values in the search path instead of just the first value found. Useful for debugging group precedence. boolean boolean
include_unset false If true, returns an empty record for each requested attribute that has no user, group, or default value. boolean boolean

Response Messages

HTTP Status Code Reason Response Model
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Set User Attribute User Value

PATCH/api/3.0/users/{user_id}/attribute_values/{user_attribute_id}
set_user_attribute_user_value(user_id, user_attribute_id, body)

Implementation Notes

Store a custom value for a user attribute in a user’s account settings.

Per-user user attribute values take precedence over group or default values.

Response Class

UserAttributeWithValue {
name (string, read-only): Name of user attribute,
label (string, read-only): Human-friendly label for user attribute,
rank (long, read-only): Precedence for setting value on user (lowest wins),
value (string): Value of attribute for user,
user_id (long, read-only): Id of User,
user_can_edit (boolean, read-only): Can the user set this value,
value_is_hidden (boolean, read-only): If true, the "value" field will be null, because the attribute settings block access to this value,
user_attribute_id (long, read-only): Id of User Attribute,
source (string, read-only): How user got this value for this attribute,
hidden_value_domain_whitelist (string, read-only): If this user attribute is hidden, whitelist of destinations to which it may be sent.,
can (object, read-only): Operations the current user is able to perform on this object
}

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
user_attribute_id true Id of user attribute integer int64
body true New attribute value for user. body
UserAttributeWithValue {
name (string, read-only): Name of user attribute,
label (string, read-only): Human-friendly label for user attribute,
rank (long, read-only): Precedence for setting value on user (lowest wins),
value (string): Value of attribute for user,
user_id (long, read-only): Id of User,
user_can_edit (boolean, read-only): Can the user set this value,
value_is_hidden (boolean, read-only): If true, the "value" field will be null, because the attribute settings block access to this value,
user_attribute_id (long, read-only): Id of User Attribute,
source (string, read-only): How user got this value for this attribute,
hidden_value_domain_whitelist (string, read-only): If this user attribute is hidden, whitelist of destinations to which it may be sent.,
can (object, read-only): Operations the current user is able to perform on this object
}

Response Messages

HTTP Status Code Reason Response Model
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}

Delete User Attribute User Value

DELETE/api/3.0/users/{user_id}/attribute_values/{user_attribute_id}
delete_user_attribute_user_value(user_id, user_attribute_id)

Implementation Notes

Delete a user attribute value from a user’s account settings.

After the user attribute value is deleted from the user’s account settings, subsequent requests for the user attribute value for this user will draw from the user’s groups or the default value of the user attribute. See Get User Attribute Values) for more information about how user attribute values are resolved.

Response Class

  None

Parameters

Parameter Required? Description Parameter Type Data Type
user_id true Id of user integer int64
user_attribute_id true Id of user attribute integer int64

Response Messages

HTTP Status Code Reason Response Model
204 Deleted
400 Bad Request
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
404 Not Found
Error {
message (string, read-only, required): Error details,
documentation_url (string, read-only, required): Documentation link
}
Top