Get user information

Article summary

Did you find this summary helpful?

Thank you for your feedback

Available in Classic and VPC

Get the user information of sub accounts that has been granted permissions to an account, such as sub accounts, deleted sub accounts, or role users.

Request

This section describes the request format. The method and URI are as follows:

Method	URI
GET	/api/v1/users/{subAccountId}

Request headers

For information about the headers common to all Sub Account APIs, see Sub Account request headers.

Request path parameters

You can use the following path parameters with your request:

Field	Type	Required	Description
`subAccountId`	String	Required	Sub account ID See Get sub account list

Request query parameters

You can use the following query parameters with your request:

Field	Type	Required	Description
`includeDeleted`	Boolean	Optional	Whether to include deleted accounts `true` \| `false` (default) `true`: include `false`: exclude

Request example

The request example is as follows:

curl --location --request GET 'https://subaccount.apigw.ntruss.com/api/v1/users/dfafe250-****-****-****-246e96591594?includeDeleted=true' \
--header 'x-ncp-apigw-timestamp: {Timestamp}' \
--header 'x-ncp-iam-access-key: {Access Key}' \
--header 'x-ncp-apigw-signature-v2: {API Gateway Signature}' \
--header 'Accept: application/json'

Response

This section describes the response format.

Response body

The response body includes the following data:

Field	Type	Required	Description
`subAccountId`	String	-	Sub account ID
`loginId`	String	-	Sub account login ID
`name`	String	-	Sub account username
`groups`	Array	-	List of groups affiliated with sub account
`active`	Boolean	-	Sub account status `true` \| `false` `true`: enabled `false`: disabled
`deleted`	Boolean	-	Whether it is a deleted account `true` \| `false` `true`: deleted account `false`: Undeleted account
`createTime`	String	-	Sub account creation date and time ISO 8601 format
`principalType`	String	-	Sub account type `IamUser` \| `IamRole` `IamUser`: sub account `IamRole`: role user
`sourceIdentity`	Object	-	Role user information Display if `principalType` is `IamRole`
`sourceIdentity.type`	String	-	Role user type `IamUser` \| `Server` \| `FederatedUser` \| `NcloudService` `IamUser`: Account role `Server`: Server role `FederatedUser`: Single Sign-On role `NcloudService`: Service role Display if `principalType` is `IamRole`
`sourceIdentity.id`	String	-	Role user ID Information displayed by role type Account role: sub account ID Server role: not applicable Single Sign-On role: SSO user ID Service role: service resource ID Display if `principalType` is `IamRole`
`sourceIdentity.provider`	String	-	Role user's affiliation type Information displayed by role type Account role: member ID Server role: not applicable Single Sign-On role: SSO tenant ID Service role: service ID Display if `principalType` is `IamRole`
`roleNrn`	String	-	NAVER Cloud Platform resource identification value for the converted role Display if `principalType` is `IamRole`

`groups`

The following describes groups.

Field	Type	Required	Description
`groupId`	String	-	Group ID
`groupName`	String	-	Group name
`nrn`	String	-	NAVER Cloud Platform resource identification value for group

Response status codes

For information about the HTTP status codes common to all Sub Account APIs, see Sub Account status codes.

Response example

The response example is as follows:

{
    "subAccountId": "dfafe250-****-****-****-246e96591594",
    "loginId": "user000",
    "name": "user000",
    "groups": [
        {
            "groupId": "50b77400-****-****-****-246e96591a38",
            "groupName": "group002",
            "nrn": "nrn:PUB:IAM::*******:Group/50b77400-****-****-****-246e96591a38"
        }
    ],
    "active": true,
    "deleted": false,
    "createTime": "2024-12-10T00:15:34Z",
    "principalType": "IamUser"
}

Was this article helpful?

What's Next

Get user ID

Table of contents

Request
Response