Get a single user

{ "tuid": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "external_id": "<string>", "name": "<string>", "user_principal_name": "<string>", "email_addresses": [ "<string>" ], "group_guid": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "is_active": true, "created_at": "2023-11-07T05:31:56Z", "updated_at": "2023-11-07T05:31:56Z", "security": { "total_cases": 123, "open_cases": 123, "cases_by_state": { "discover": 123, "pending_investigation": 123, "investigating": 123, "enforced": 123, "closed": 123 }, "active_case_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "last_case": { "case_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "threat_type": "<string>", "case_state": "<string>", "created_at": "2023-11-07T05:31:56Z" }, "last_threat_event": { "event_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "severity": "<string>", "signal_type": "<string>", "source": "<string>", "created_at": "2023-11-07T05:31:56Z" }, "cluster_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a", "cluster_assigned_at": "2023-11-07T05:31:56Z" } }

Authorizations

X-API-Key

string

header

required

Domain-scoped API key. Generate and manage keys from the API Keys page in Settings.

Accepted in two forms:

X-API-Key: <key> header (preferred)
Authorization: Bearer <key> header (also accepted)

Path Parameters

tuid

string<uuid>

required

Response

User identity and profile

tuid

string<uuid>

external_id

string | null

name

string | null

user_principal_name

string | null

email_addresses

string[]

group_guid

string<uuid>

is_active

boolean

created_at

string<date-time> | null

updated_at

string<date-time> | null

security

object

Security-relevant context derived from the user's activity.

Show child attributes

Documentation

Cases

Users

Personas

Threats

Drift

Integrations

Authorizations

Path Parameters

Response

Documentation

Cases

Users

Personas

Threats

Drift

Integrations

Documentation Index

Authorizations

Path Parameters

Response