Skip to main content
Version: 7.2402.x.x RR

queryUsers()

Search for users based on a property with scope onProfileForApp

The method queryUsers supports user search with criteria for onProfileForApp properties. The name and scopeName of the property will be used for exact searches, while wildcards can be used for the value of the property (only String properties, not Enum). Note that for onProfileForApp properties, the attribute scopeName stands for the application name for which this property is valid.

<v1:queryUsers>
<query>
 <user>
     <profiles>
         <properties>
             <name>MyID</name>   <!-- name: exact search -->
             <value>id_*</value> <!-- value: wildcard search possible -->
             <scopeName>MyApp</scopeName> <!-- app name: exact search -->
         </properties>
     </profiles>
 </user>
</query>
</v1:queryUsers>

Search for users that have not set a value for a certain onUserGlobal property

The method queryUsers() is a very powerful method that supports user queries based on all property scopes except onApplicationGlobal. An example of an onUserGlobal property called InternalUser is shown below. The value on the property is purposely not set, which is interpreted as "search for all users that have not set any value for the property InternalUser".

<v1:queryUsers>
<query>
 <user>
     <properties>
         <name>InternalUser</name>
     </properties>
 </user>
</query>
</v1:queryUsers>

Search for users by credential type and state

The method queryUsers supports user search by credential attributes. In this example, we want to find all users with an active password credential.

<v1:queryUsers>
<query>
 <user>
     <credentials>
                    <state>ACTIVE</state>
                    <type>PASSWORD</type>
             </credentials>
 </user>
</query>
</v1:queryUsers>

Search for users by SAML federation attributes

The method queryUsers supports user search by credential attributes that are specific to certain credential types. In this example we want to search by SAML federation attributes.

<v1:queryUsers>
<query>
 <user>
     <samlFederations>
                      <subjectNameId>3f7b3dcf-1674-4ecd-92c8-1544f346baf8</subjectNameId>
                      <subjectNameIdFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</subjectNameIdFormat>
                      <issuerNameId>3f7b3dcf-1674-4ecd-92c8-1544f346baf8</issuerNameId>
                      <issuerNameIdFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:entity</issuerNameIdFormat>
     </samlFederations>
 </user>
</query>
</v1:queryUsers>
Last updated on