Find users with a query Added in 8.14.0

GET /_security/_query/user

Get information for users in a paginated manner. You can optionally filter the results with a query.

Query parameters

  • with_profile_uid boolean

    If true will return the User Profile ID for the users in the query result, if any.

application/json

Body

  • query object

    Additional properties are allowed.

    Hide query attributes Show query attributes object
    • ids
    • bool
    • exists
    • match object

      Returns users that match a provided text, number, date or boolean value. The provided text is analyzed before matching.

    • match_all
    • prefix object

      Returns users that contain a specific prefix in a provided field.

    • range object

      Returns users that contain terms within a provided range.

    • simple_query_string
    • term object

      Returns users that contain an exact term in a provided field. To return a document, the query term must exactly match the queried field's value, including whitespace and capitalization.

    • terms
    • wildcard object

      Returns users that contain terms matching a wildcard pattern.

  • from number

    Starting document offset. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.

  • sort string | object | array[string | object]

    One of:
    _types:Field string _types:SortOptions object _types:Sort array[string | object]

    Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.

    One of:
    _types:Field string _types:SortOptions object

    Path to field or array of paths. Some API's support wildcards in the path to select multiple fields.

  • size number

    The number of hits to return. By default, you cannot page through more than 10,000 hits using the from and size parameters. To page through more hits, use the search_after parameter.

  • search_after array[number | string | boolean | null | object]

    A field value.

    One of:
    _types:FieldValue number _types:FieldValue number _types:FieldValue string _types:FieldValue boolean _types:FieldValue string | null _types:FieldValue object

    Additional properties are allowed.

Responses

GET /_security/_query/user 
curl \
 -X GET http://api.example.com/_security/_query/user \
 -H "Content-Type: application/json" \
 -d '{"query":{"match":{},"prefix":{},"range":{},"term":{},"wildcard":{}},"from":42.0,"":"string","size":42.0,"search_after":[42.0]}'
Request examples 
{
  "query": {
    "match": {},
    "prefix": {},
    "range": {},
    "term": {},
    "wildcard": {}
  },
  "from": 42.0,
  "": "string",
  "size": 42.0,
  "search_after": [
    42.0
  ]
}
Response examples (200) 
{
  "total": 42.0,
  "count": 42.0,
  "users": [
    {
      "email": "string",
      "full_name": "string",
      "metadata": {
        "additionalProperty1": {},
        "additionalProperty2": {}
      },
      "roles": [
        "string"
      ],
      "username": "string",
      "enabled": true,
      "profile_uid": "string",
      "_sort": [
        42.0
      ]
    }
  ]
}