User by ID
GET/users/:id
Returns the full user object (human or machine) including the profile, email, etc.
Deprecated: please use user service v2 GetUserByID
Request​
Path Parameters
User ID of the user you like to get.
Header Parameters
The default is always the organization of the requesting user. If you like to get users of another organization include the header. Make sure the user has permission to access the requested data.
Responses​
- 200
- default
OK
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_SUSPEND
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
profile
object
a user can set the display name, if nothing is set ZITADEL computes "first_name last_name"
language tag analog https://tools.ietf.org/html/rfc3066
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
the gender of the human
avatar URL of the user
email
object
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
Is true if the user verified the email or if the email is managed outside ZITADEL
phone
object
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
Is true if the user verified the phone or if the phone is managed outside ZITADEL
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"user": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2025-01-03T13:39:49.515Z",
"changeDate": "2025-01-03T13:39:49.515Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"userName": "gigi-giraffe",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"profile": {
"firstName": "Gigi",
"lastName": "Giraffe",
"nickName": "gigi-giraffe",
"displayName": "Gigi Giraffe",
"preferredLanguage": "en",
"gender": "GENDER_UNSPECIFIED",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "gigi@zitadel.com",
"isEmailVerified": true
},
"phone": {
"phone": "+41 71 000 00 00",
"isPhoneVerified": true
},
"passwordChanged": "2025-01-03T13:39:49.515Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
- Schema
- Example (from schema)
Schema
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_SUSPEND
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
profile
object
a user can set the display name, if nothing is set ZITADEL computes "first_name last_name"
language tag analog https://tools.ietf.org/html/rfc3066
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
the gender of the human
avatar URL of the user
email
object
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
Is true if the user verified the email or if the email is managed outside ZITADEL
phone
object
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
Is true if the user verified the phone or if the phone is managed outside ZITADEL
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"user": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2025-01-03T13:39:49.517Z",
"changeDate": "2025-01-03T13:39:49.517Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"userName": "gigi-giraffe",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"profile": {
"firstName": "Gigi",
"lastName": "Giraffe",
"nickName": "gigi-giraffe",
"displayName": "Gigi Giraffe",
"preferredLanguage": "en",
"gender": "GENDER_UNSPECIFIED",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "gigi@zitadel.com",
"isEmailVerified": true
},
"phone": {
"phone": "+41 71 000 00 00",
"isPhoneVerified": true
},
"passwordChanged": "2025-01-03T13:39:49.517Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
- Schema
- Example (from schema)
Schema
user
object
details
object
on read: the sequence of the last event reduced by the projection
on manipulation: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the first event of the object
on create: the timestamp of the event(s) added by the manipulation
on read: the timestamp of the last event reduced by the projection
on manipulation: the
Possible values: [USER_STATE_UNSPECIFIED
, USER_STATE_ACTIVE
, USER_STATE_INACTIVE
, USER_STATE_DELETED
, USER_STATE_LOCKED
, USER_STATE_SUSPEND
, USER_STATE_INITIAL
]
Default value: USER_STATE_UNSPECIFIED
current state of the user
human
object
one of type use human or machine
profile
object
a user can set the display name, if nothing is set ZITADEL computes "first_name last_name"
language tag analog https://tools.ietf.org/html/rfc3066
Possible values: [GENDER_UNSPECIFIED
, GENDER_FEMALE
, GENDER_MALE
, GENDER_DIVERSE
]
Default value: GENDER_UNSPECIFIED
the gender of the human
avatar URL of the user
email
object
email address of the user. (spec: https://tools.ietf.org/html/rfc2822#section-3.4.1)
Is true if the user verified the email or if the email is managed outside ZITADEL
phone
object
mobile phone number of the user. (use global pattern of spec https://tools.ietf.org/html/rfc3966)
Is true if the user verified the phone or if the phone is managed outside ZITADEL
The time the user last changed their password.
machine
object
one of type use human or machine
Possible values: [ACCESS_TOKEN_TYPE_BEARER
, ACCESS_TOKEN_TYPE_JWT
]
Default value: ACCESS_TOKEN_TYPE_BEARER
Type of access token to receive
{
"user": {
"id": "69629023906488334",
"details": {
"sequence": "2",
"creationDate": "2025-01-03T13:39:49.518Z",
"changeDate": "2025-01-03T13:39:49.518Z",
"resourceOwner": "69629023906488334"
},
"state": "USER_STATE_UNSPECIFIED",
"userName": "gigi-giraffe",
"loginNames": [
"gigi@zitadel.com",
"gigi@zitadel.zitadel.ch"
],
"preferredLoginName": "gigi@zitadel.com",
"human": {
"profile": {
"firstName": "Gigi",
"lastName": "Giraffe",
"nickName": "gigi-giraffe",
"displayName": "Gigi Giraffe",
"preferredLanguage": "en",
"gender": "GENDER_UNSPECIFIED",
"avatarUrl": "https://api.zitadel.ch/assets/v1/avatar-32432jkh4kj32"
},
"email": {
"email": "gigi@zitadel.com",
"isEmailVerified": true
},
"phone": {
"phone": "+41 71 000 00 00",
"isPhoneVerified": true
},
"passwordChanged": "2025-01-03T13:39:49.518Z"
},
"machine": {
"name": "zitadel",
"description": "The one and only IAM",
"hasSecret": "true",
"accessTokenType": "ACCESS_TOKEN_TYPE_BEARER"
}
}
}
An unexpected error response.
- application/json
- application/grpc
- application/grpc-web+proto
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}
- Schema
- Example (from schema)
Schema
Array [
]
details
object[]
{
"code": 0,
"message": "string",
"details": [
{
"@type": "string"
}
]
}