package cs3.identity.user.v1beta1

Get desktop application:
View/edit binary Protocol Buffers messages

Provides an API for managing users.

• rpc FindUsers (FindUsersRequest, FindUsersResponse)

  user_api.proto:62

  Finds users that match the specified filters. MAY return CODE_RESOURCE_EXHAUSTED if the filters return too many responses.

• rpc GetUser (GetUserRequest, GetUserResponse)

  user_api.proto:55

  Gets the information about a user by the user id.

• rpc GetUserByClaim (GetUserByClaimRequest, GetUserByClaimResponse)

  user_api.proto:57

  Gets the information about a user based on a specified claim.

• rpc GetUserGroups (GetUserGroupsRequest, GetUserGroupsResponse)

  user_api.proto:59

  Gets the groups of a user.

ExternalIdentity represents an external identifier of a user. This can be populated when multiple identities collapse onto the same user, for example when signing in with e-mail or with an SSO using an account with the same e-mail.

Used in: UserId

• string idp = 1

  REQUIRED. The identity provider for the user.

• string opaque_id = 2

  REQUIRED. the unique identifier for the user in the scope of the identity provider.

Represents a filter to apply to the request.

Used in: FindUsersRequest

• Filter.Type type = 1

  REQUIRED.

• oneof term

  • UserType usertype = 2

  • string query = 3

The filter to apply.

Used in: Filter

• TYPE_INVALID = 0

• TYPE_USERTYPE = 1

  extract all users of a given UserType

• TYPE_QUERY = 2

  extract all users matching the given query

Used as request type in: gateway.v1beta1.GatewayAPI.FindUsers, UserAPI.FindUsers

• optional types.v1beta1.Opaque opaque = 1

  OPTIONAL. Opaque information.

• repeated Filter filters = 2

  REQUIRED. The filters to apply.

• bool skip_fetching_user_groups = 3

  OPTIONAL. Whether to skip fetching user groups along with the user object.

Used as response type in: gateway.v1beta1.GatewayAPI.FindUsers, UserAPI.FindUsers

• optional rpc.v1beta1.Status status = 1

  REQUIRED. The response status.

• optional types.v1beta1.Opaque opaque = 2

  OPTIONAL. Opaque information.

• repeated User users = 3

  REQUIRED. The users matching the specified filter.

Used as request type in: gateway.v1beta1.GatewayAPI.GetUserByClaim, UserAPI.GetUserByClaim

• optional types.v1beta1.Opaque opaque = 1

  OPTIONAL. Opaque information.

• string claim = 2

  REQUIRED. The claim on the basis of which users will be filtered.

• string value = 3

  REQUIRED. The value of the claim to find the specific user.

• bool skip_fetching_user_groups = 4

  OPTIONAL. Whether to skip fetching user groups along with the user object.

Used as response type in: gateway.v1beta1.GatewayAPI.GetUserByClaim, UserAPI.GetUserByClaim

• optional rpc.v1beta1.Status status = 1

  REQUIRED. The response status.

• optional types.v1beta1.Opaque opaque = 2

  OPTIONAL. Opaque information.

• optional User user = 3

  REQUIRED. The user information.

Used as request type in: gateway.v1beta1.GatewayAPI.GetUserGroups, UserAPI.GetUserGroups

• optional types.v1beta1.Opaque opaque = 1

  OPTIONAL. Opaque information.

• optional UserId user_id = 2

  REQUIRED. The id of the user.

Used as response type in: gateway.v1beta1.GatewayAPI.GetUserGroups, UserAPI.GetUserGroups

• optional rpc.v1beta1.Status status = 1

  REQUIRED. The response status.

• optional types.v1beta1.Opaque opaque = 2

  OPTIONAL. Opaque information.

• repeated string groups = 3

  REQUIRED. The groups for the user.

Used as request type in: gateway.v1beta1.GatewayAPI.GetUser, UserAPI.GetUser

• optional types.v1beta1.Opaque opaque = 1

  OPTIONAL. Opaque information.

• optional UserId user_id = 2

  REQUIRED. The id of the user.

• bool skip_fetching_user_groups = 3

  OPTIONAL. Whether to skip fetching user groups along with the user object.

Used as response type in: gateway.v1beta1.GatewayAPI.GetUser, UserAPI.GetUser

• optional rpc.v1beta1.Status status = 1

  REQUIRED. The response status.

• optional types.v1beta1.Opaque opaque = 2

  OPTIONAL. Opaque information.

• optional User user = 3

  REQUIRED. The user information.

Represents a user of the system.

Used in: admin.user.v1beta1.CreateUserRequest, admin.user.v1beta1.CreateUserResponse, auth.provider.v1beta1.AuthenticateResponse, gateway.v1beta1.AuthenticateResponse, gateway.v1beta1.WhoAmIResponse, FindUsersResponse, GetUserByClaimResponse, GetUserResponse, ocm.invite.v1beta1.AcceptInviteRequest, ocm.invite.v1beta1.FindAcceptedUsersResponse, ocm.invite.v1beta1.GetAcceptedUserResponse, storage.provider.v1beta1.CreateStorageSpaceRequest, storage.provider.v1beta1.StorageSpace

• optional UserId id = 1

  REQUIRED. The unique identifier of this user.

• string username = 2

  REQUIRED. A human-friendly unique identifier of this user.

• string mail = 3

  OPTIONAL. The e-mail address of this user.

• bool mail_verified = 4

  OPTIONAL. Whether the e-mail address was verified by the IDP.

• string display_name = 5

  OPTIONAL. A human-friendly display name for this user, e.g. "Family and First Name"

• repeated string groups = 6

  OPTIONAL. A list of groups this user belongs to.

• optional types.v1beta1.Opaque opaque = 7

  OPTIONAL. Opaque information.

• int64 uid_number = 8

  OPTIONAL. The user id of this user in the Unix world.

• int64 gid_number = 9

  OPTIONAL. The group id of this user in the Unix world.

• UserStatus status = 10

  OPTIONAL. The status of this user in the tenant it belongs to. Useful for tenants implementing a users lifecycle, otherwise it defaults to ACTIVE.

A UserId represents a unique identifier of a user.

Used in: admin.group.v1beta1.AddUserToGroupRequest, admin.group.v1beta1.RemoveUserFromGroupRequest, admin.user.v1beta1.DeleteUserRequest, auth.applications.v1beta1.AppPassword, auth.applications.v1beta1.GetAppPasswordRequest, group.v1beta1.GetMembersResponse, group.v1beta1.Group, group.v1beta1.HasMemberRequest, GetUserGroupsRequest, GetUserRequest, User, labels.v1beta1.AddLabelRequest, labels.v1beta1.ListLabelsRequest, labels.v1beta1.ListResourcesForLabelRequest, labels.v1beta1.RemoveLabelRequest, ocm.core.v1beta1.CreateOCMCoreShareRequest, ocm.incoming.v1beta1.CreateOCMIncomingShareRequest, ocm.invite.v1beta1.AcceptInviteResponse, ocm.invite.v1beta1.DeleteAcceptedUserRequest, ocm.invite.v1beta1.ForwardInviteResponse, ocm.invite.v1beta1.GetAcceptedUserRequest, ocm.invite.v1beta1.InviteToken, permissions.v1beta1.SubjectReference, sharing.collaboration.v1beta1.Filter, sharing.collaboration.v1beta1.Share, sharing.collaboration.v1beta1.ShareKey, sharing.link.v1beta1.ListPublicSharesRequest.Filter, sharing.link.v1beta1.PublicShare, sharing.ocm.v1beta1.ListOCMSharesRequest.Filter, sharing.ocm.v1beta1.ListReceivedOCMSharesRequest.Filter, sharing.ocm.v1beta1.ReceivedShare, sharing.ocm.v1beta1.Share, sharing.ocm.v1beta1.ShareKey, storage.provider.v1beta1.Grant, storage.provider.v1beta1.Grantee, storage.provider.v1beta1.ListStorageSpacesRequest.Filter, storage.provider.v1beta1.Lock, storage.provider.v1beta1.ResourceInfo, tx.v1beta1.TxInfo

• string idp = 1

  REQUIRED. The identity provider for the user.

• string opaque_id = 2

  REQUIRED. the unique identifier for the user in the scope of the identity provider.

• UserType type = 3

  REQUIRED. The type of user.

• string tenant_id = 4

  OPTIONAL. The tenant id of the user, if applicable. This is used to identify users in multi-tenant systems.

• repeated ExternalIdentity external_identities = 5

  OPTIONAL. External identities of the user, if applicable. This is used to track identities of the same user on multiple systems.

The status of a user.

Used in: User

• USER_STATUS_ACTIVE = 0

  The user is active and allowed to log in.

• USER_STATUS_EXPIRING = 1

  The user can log in but its validity is about to expire. The actual grace period the user is granted depends on its tenant's policy.

• USER_STATUS_BLOCKED = 2

  The user is valid but it has been blocked from login in its tenant.

The type of user.

Used in: Filter, UserId

• USER_TYPE_INVALID = 0

  The user is invalid, for example, is missing primary attributes.

• USER_TYPE_PRIMARY = 1

  A primary user.

• USER_TYPE_SECONDARY = 2

  A secondary user for cases with multiple identities.

• USER_TYPE_SERVICE = 3

  A user catering to specific services.

• USER_TYPE_APPLICATION = 4

  A user to be used by specific applications.

• USER_TYPE_GUEST = 5

  A guest user not affiliated to the IDP.

• USER_TYPE_FEDERATED = 6

  A federated user provided by external IDPs.

• USER_TYPE_LIGHTWEIGHT = 7

  A lightweight user account without access to various major functionalities.

• USER_TYPE_SPACE_OWNER = 8

  A space owner to allow access for public link or content indexing.