# Get users Search across your application’s users at Transmit. This endpoint also allows you to return all of your application’s users by sending no filters at all. Required permissions: users:read, users:list, apps:read, [appId]:read, apps:list, [appId]:list. Endpoint: GET /v1/users Security: ClientAccessToken ## Query parameters: - `search` (string) Search expression based on the SCIM protocol. For syntax and searchable fields, see Search query syntax - `page_offset` (number) Number of users you wish to skip before selecting users - `page_limit` (number) Number of users to return in page - `search_prefix` (string) Value to search for in the primary email and phone_number fields, where the search value must match the prefix of the field value. For example, "search_prefix=john" will return users whose email starts with "john" and "search_prefix=%2B1212" returns users whose phone number starts with "+1212". Example: "joe" - `sort_field` (string) The name of the field you wish to sort by. Mgmt flows also support: organization_added_at (sort by when member was added to org) Enum: "email", "created_at", "phone_number", "last_auth", "organization_added_at" - `sort_order` (string) The order of the sort Enum: "asc", "desc" ## Response 200 fields (application/json): - `total_count` (number, required) - `page_info` (object, required) - `page_info.has_next_page` (boolean, required) - `page_info.has_previous_page` (boolean, required) - `result` (array, required) - `result.email` (object) Primary email address, used as user identifier - `result.email.value` (string, required) Email address - `result.email.email_verified` (boolean) Indicates if email was verified (via magic link, social login, or email verification flows) - `result.email.verified_at` (string) Last verification date of the email - `result.secondary_emails` (array) - `result.secondary_emails.value` (string, required) Email address - `result.secondary_emails.email_verified` (boolean) Indicates if email was verified (via magic link, social login, or email verification flows) - `result.secondary_emails.verified_at` (string) Last verification date of the email - `result.phone_number` (object) Primary phone number, used as user identifier - `result.phone_number.value` (string, required) Phone number - `result.phone_number.phone_number_verified` (boolean) Indicates if phone number was verified (via SMS OTP or verification flow) - `result.phone_number.verified_at` (string) Last verification date of the phone number - `result.secondary_phone_numbers` (array) - `result.secondary_phone_numbers.value` (string, required) Phone number - `result.secondary_phone_numbers.phone_number_verified` (boolean) Indicates if phone number was verified (via SMS OTP or verification flow) - `result.secondary_phone_numbers.verified_at` (string) Last verification date of the phone number - `result.username` (string) Username used to identify the user for password login (unless a primary email will be used instead). Defined only if a password was set for the user. - `result.user_id` (string, required) User ID autogenerated upon user creation - `result.birthday` (string) Birthday as YYYY-MM-DD - `result.address` (object) User's address - `result.address.country` (string) Country - `result.address.state` (string) State - `result.address.city` (string) City - `result.address.street_address` (string) Street address - `result.address.postal_code` (string) Postal code - `result.address.type` (string) Enum: "Home", "Work", "Other" - `result.address.updated_at` (number) Date user's address was last updated - `result.name` (object) Full name - `result.name.title` (string) Title - `result.name.first_name` (string) User's first name - `result.name.last_name` (string) User's last name - `result.name.middle_name` (string) User's middle name - `result.status` (string, required) Enum: "Active", "Disabled", "Pending" - `result.status_changed_at` (string) Date status was last updated - `result.created_at` (number, required) Date user was created in the tenant - `result.updated_at` (number, required) Date user was last updated - `result.identities` (array) - `result.identities.provider_name` (string, required) Name of identity provider - `result.identities.provider_type` (string, required) Indicates whether the identity provider is Transmit (Native) or a social login provider (OAuth2) Enum: "OAuth2", "Native", "External" - `result.identities.auth_type` (string, required) Type of authentication method that was used Enum: "webauthn", "email_otp", "sms_otp", "direct_otp", "email_magic_link", "password", "oauth2", "saml", "transmit", "totp" - `result.identities.identifier` (string, required) Identifier of the user in the provider's system - `result.identities.user_alias` (object) Alias used by the user to authenticate to this provider - `result.identities.user_alias.type` (string, required) Alias type, which varies based on authentication method Enum: "username", "email", "phone_number", "unspecified" - `result.identities.user_alias.value` (string, required) Alias value - `result.identities.first_auth_date` (string, required) Date user first authenticated to this provider - `result.identities.last_auth_date` (string, required) Date user last authenticated to this provider - `result.last_auth` (string) Date user last authenticated - `result.external_account_id` (string) User identifier in an app, set by the app - `result.app_name` (string) Name of the app the user is associated with - `result.custom_app_data` (object) Custom data object for app-related user info - `result.groupIds` (array) List of group IDs the user is assigned to - `result.picture` (string) The picture of user, specified as a URL - `result.language` (string) The language of the user, as provided by the browser using the [Accept-Language](https://www.rfc-editor.org/rfc/rfc7231#section-5.3.5) header field - `result.custom_data` (object) Custom data object for tenant user info - `result.external_user_id` (string) A unique identifier in a tenant - `result.password_information` (object) The information of the user's password - `result.password_information.expired` (boolean, required) Whether the password is currently expired - `result.password_information.temporary` (boolean, required) Whether the password must be reset after first use - `result.password_information.updated_at` (number, required) The date the password was last updated, as unix epoch in milliseconds - `result.password_information.expires_in` (string) The date the password will be expired - `result.identity_providers` (array) - `result.identity_providers.source` (string, required) Type of identity provider Enum: "UserID", "BindID", "Google", "Apple", "Facebook", "Line", "Tiktok", "Transmit Identity", "Transmit Security", "BindIDApi", "Email OTP", "SMS OTP", "Direct OTP", "Email Magic Link", "Password", "Orchestrated", "SAML", "SSO OIDC", "Mobile Biometrics", "totp", "face" - `result.identity_providers.identifier` (string, required) Identifier of the user in the provider's system - `result.identity_providers.email` (string, required) Email used by the user to authenticate to this provider - `result.identity_providers.first_auth_date` (string, required) Date user first authenticated to this provider - `result.identity_providers.last_auth_date` (string, required) Date user last authenticated to this provider ## Response 400 fields (application/json): - `message` (array, required) Example: "Bad request" - `error_code` (number, required) Example: 400