Group enterprise users API
- Tier: Premium, Ultimate
- Offering: GitLab.com
Use this API to interact with enterprise users accounts. For more information, see enterprise users.
This API endpoint only works for top-level groups. Users do not have to be a member of the group.
Prerequisites:
- You must have the Owner role in the top-level group.
List all enterprise users
Lists all enterprise users for a given top-level group.
Use the page and per_page pagination parameters to filter the results.
GET /groups/:id/enterprise_usersSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | ID or URL-encoded path of a top-level group. |
username |
string | no | Return a user with a given username. |
search |
string | no | Return users with a matching name, email, or username. Use partial values to increase results. |
active |
boolean | no | Return only active users. |
blocked |
boolean | no | Return only blocked users. |
created_after |
datetime | no | Return users created after the specified time. Format: ISO 8601 (YYYY-MM-DDTHH:MM:SSZ). |
created_before |
datetime | no | Return users created before the specified time. Format: ISO 8601 (YYYY-MM-DDTHH:MM:SSZ). |
two_factor |
string | no | Return users based on their two-factor authentication (2FA) enrollment status. Possible values: enabled, disabled. |
Example request:
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/enterprise_users"Example response:
[
{
"id": 66,
"username": "user22",
"name": "Sidney Jones22",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/xxx?s=80&d=identicon",
"web_url": "http://my.gitlab.com/user22",
"created_at": "2021-09-10T12:48:22.381Z",
"bio": "",
"location": null,
"public_email": "",
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"organization": null,
"job_title": "",
"pronouns": null,
"bot": false,
"work_information": null,
"followers": 0,
"following": 0,
"local_time": null,
"last_sign_in_at": null,
"confirmed_at": "2021-09-10T12:48:22.330Z",
"last_activity_on": null,
"email": "user22@example.org",
"theme_id": 1,
"color_scheme_id": 1,
"projects_limit": 100000,
"current_sign_in_at": null,
"identities": [
{
"provider": "group_saml",
"extern_uid": "2435223452345",
"saml_provider_id": 1
}
],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": false,
"external": false,
"private_profile": false,
"commit_email": "user22@example.org",
"shared_runners_minutes_limit": null,
"extra_shared_runners_minutes_limit": null,
"scim_identities": [
{
"extern_uid": "2435223452345",
"group_id": 1,
"active": true
}
]
},
...
]Get details on an enterprise user
Gets details on a specified enterprise user.
GET /groups/:id/enterprise_users/:user_idSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | ID or URL-encoded path of a top-level group. |
user_id |
integer | yes | ID of user account. |
Example request:
curl --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/enterprise_users/:user_id"Example response:
{
"id": 66,
"username": "user22",
"name": "Sidney Jones22",
"state": "active",
"avatar_url": "https://www.gravatar.com/avatar/xxx?s=80&d=identicon",
"web_url": "http://my.gitlab.com/user22",
"created_at": "2021-09-10T12:48:22.381Z",
"bio": "",
"location": null,
"public_email": "",
"skype": "",
"linkedin": "",
"twitter": "",
"website_url": "",
"organization": null,
"job_title": "",
"pronouns": null,
"bot": false,
"work_information": null,
"followers": 0,
"following": 0,
"local_time": null,
"last_sign_in_at": null,
"confirmed_at": "2021-09-10T12:48:22.330Z",
"last_activity_on": null,
"email": "user22@example.org",
"theme_id": 1,
"color_scheme_id": 1,
"projects_limit": 100000,
"current_sign_in_at": null,
"identities": [
{
"provider": "group_saml",
"extern_uid": "2435223452345",
"saml_provider_id": 1
}
],
"can_create_group": true,
"can_create_project": true,
"two_factor_enabled": false,
"external": false,
"private_profile": false,
"commit_email": "user22@example.org",
"shared_runners_minutes_limit": null,
"extra_shared_runners_minutes_limit": null,
"scim_identities": [
{
"extern_uid": "2435223452345",
"group_id": 1,
"active": true
}
]
}Disable two-factor authentication for an enterprise user
Disables two-factor authentication (2FA) for a specified enterprise user.
PATCH /groups/:id/enterprise_users/:user_id/disable_two_factorSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id |
integer/string | yes | ID or URL-encoded path of a top-level group. |
user_id |
integer | yes | ID of user account. |
Example request:
curl --request PATCH --header "PRIVATE-TOKEN: <your_access_token>" "https://gitlab.example.com/api/v4/groups/:id/enterprise_users/:user_id/disable_two_factor"If successful, returns 204 No content.
Other possible responses:
400 Bad request: 2FA is not enabled for the specified user.403 Forbidden: The authenticated user is not an Owner.404 Not found: User can not be found.
Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support