Resource: User
The Directory API allows you to create and manage your account's users, user aliases, and user Google profile photos. For more information about common tasks, see the User Accounts Developer's Guide and the User Aliases Developer's Guide .
| JSON representation |
|---|
{
"id"
:
string
,
"primaryEmail"
:
string
,
"password"
:
value
,
"hashFunction"
:
string
,
"isAdmin"
:
boolean
,
"isDelegatedAdmin"
:
boolean
,
"agreedToTerms"
:
boolean
,
"suspended"
:
boolean
,
"changePasswordAtNextLogin"
:
boolean
,
"ipWhitelisted"
:
boolean
,
"name"
:
{
object (
|
id
string
The unique ID for the user. A user id
can be used as a user request URI's userKey
.
primaryEmail
string
The user's primary email address. This property is required in a request to create a user account. The primaryEmail
must be unique and cannot be an alias of another user.
password
value (
Value
format)
Stores the password for the user account. The user's password value is required when creating a user account. It's optional when updating a user and should only be provided if the user is updating their account password. The password value is never returned in the API's response body.
A password can contain any combination of ASCII characters, and must be between 8-100 characters.
We recommend sending the password
parameter as a hexadecimal-encoded hash value and setting hashFunction
accordingly. If hashFunction
is specified, the password must be a valid hash key.
hashFunction
string
Stores the hash format of the password
property. The following hashFunction
values are allowed:
-
MD5- Accepts simple hex-encoded values. -
SHA-1- Accepts simple hex-encoded values. -
crypt- Compliant with the C crypt library . Supports the DES, MD5 (hash prefix$1$), SHA-256 (hash prefix$5$), and SHA-512 (hash prefix$6$) hash algorithms.
If rounds are specified as part of the prefix, they must be 10,000 or fewer.
isAdmin
boolean
Output only. Indicates a user with super administrator privileges. The isAdmin
property can only be edited in the Make a user an administrator
operation ( makeAdmin
method). If edited in the user insert
or update
methods, the edit is ignored by the API service.
isDelegatedAdmin
boolean
Output only. Indicates if the user is a delegated administrator.
Delegated administrators are supported by the API but cannot create or undelete users, or make users administrators. These requests are ignored by the API service.Roles and privileges for administrators are assigned using the Admin console
.
agreedToTerms
boolean
Output only. This property is true
if the user has completed an initial login and accepted the Terms of Service agreement.
suspended
boolean
Indicates if user is suspended.
changePasswordAtNextLogin
boolean
Indicates if the user is forced to change their password at next login. This setting doesn't apply when the user signs in via a third-party identity provider .
ipWhitelisted
boolean
If true
, the user's IP address is subject to a deprecated IP address allowlist
configuration.
name
object (
UserName
)
Holds the given and family names of the user, and the read-only fullName
value. The maximum number of characters in the givenName
and in the familyName
values is 60. In addition, name values support unicode/UTF-8 characters, and can contain spaces, letters (a-z), numbers (0-9), dashes (-), forward slashes (/), and periods (.). For more information about character usage rules, see the administration help center
. Maximum allowed data size for this field is 1KB.
kind
string
Output only. The type of the API resource. For Users resources, the value is admin#directory#user
.
etag
string
Output only. ETag of the resource.
emails
value (
Value
format)
The list of the user's email addresses. The maximum allowed data size is 10KB.
emails[].address
string
emails[].customType
string
type
is custom
, this property contains the custom value and must be set. emails[].primary
boolean
emails[].type
string
custom
, customType
must also be set.Acceptable values:
custom
, home
, other
, work
.externalIds
value (
Value
format)
The list of external IDs for the user, such as an employee or network ID. The maximum allowed data size is 2KB.
externalIds[].customType
string
type
is custom
, this property contains the custom value and must be set. externalIds[].type
string
custom
, customType
must also be set.Acceptable values:
account
, custom
, customer
, login_id
, network
, organization
. externalIds[].value
string
relations
value (
Value
format)
The list of the user's relationships to other users. The maximum allowed data size for this field is 2KB. For more information, see Manage user accounts .
relations[].customType
string
type
is custom
, this property contains the custom value and must be set. relations[].type
string
custom
, customType
must also be set.Acceptable values:
-
admin_assistant -
assistant -
brother -
child -
custom -
domestic_partner -
dotted_line_manager -
exec_assistant -
father -
friend -
manager -
mother -
parent -
partner -
referred_by -
relative -
sister -
spouse
relations[].value
string
aliases[]
string
Output only. The list of the user's alias email addresses.
isMailboxSetup
boolean
Output only. Indicates if the user's Google mailbox is created. This property is only applicable if the user has been assigned a Gmail license.
customerId
string
Output only. The customer ID to retrieve all account users
.
You can use the alias my_customer
to represent your account's customerId
.
As a reseller administrator, you can use the resold customer account's customerId
. To get a customerId
, use the account's primary domain in the domain
parameter of a users.list
request.
addresses
value (
Value
format)
The list of the user's addresses. The maximum allowed data size is 10KB.
addresses[].country
string
addresses[].countryCode
string
addresses[].customType
string
type
is custom
, this property contains the custom value and must be set. addresses[].extendedAddress
string
addresses[].formatted
string
addresses[].locality
string
addresses[].poBox
string
addresses[].postalCode
string
addresses[].primary
boolean
addresses[].region
string
addresses[].sourceIsStructured
boolean
addresses[].streetAddress
string
1600 Amphitheatre Parkway
. Whitespace within the string is ignored; however, newlines are significant. addresses[].type
string
custom
, customType
must also be set.Acceptable values:
custom
, home
, other
, work
.organizations
value (
Value
format)
The list of organizations the user belongs to. The maximum allowed data size is 10KB.
organizations[].costCenter
string
organizations[].customType
string
organizations[].department
string
sales
or engineering
. organizations[].description
string
organizations[].domain
string
organizations[].fullTimeEquivalent
integer
organizations[].location
string
organizations[].name
string
organizations[].primary
boolean
organizations[].symbol
string
GOOG
. organizations[].title
string
member
or engineer
. organizations[].type
string
Acceptable values:
domain_only
, school
, unknown
, work
.lastLoginTime
string
Output only. The last time the user logged into the user's account. The value is in ISO 8601
date and time format. The time is the complete date plus hours, minutes, and seconds in the form YYYY-MM-DDThh:mm:ssTZD
. For example, 2010-04-05T17:30:04+01:00
.
phones
value (
Value
format)
A list of the user's phone numbers. The maximum allowed data size is 1KB.
phones[].customType
string
type
is custom
, this property contains the custom value and must be set. phones[].primary
boolean
true
, this is the user's primary phone number. A user may only have one primary phone number. phones[].type
string
custom
, customType
must also be set.Acceptable values:
assistant
, callback
, car
, company_main
, custom
, grand_central
, home
, home_fax
, isdn
, main
, mobile
, other
, other_fax
, pager
, radio
, telex
, tty_tdd
, work
, work_fax
, work_mobile
, work_pager
. phones[].value
string
suspensionReason
string
Output only. Has the reason a user account is suspended either by the administrator or by Google at the time of suspension. The property is returned only if the suspended
property is true
.
thumbnailPhotoUrl
string
Output only. The URL of the user's profile photo. The URL might be temporary or private.
languages
value (
Value
format)
The list of the user's languages. The maximum allowed data size is 1KB.
languages[].customLanguage
string
languageCode
can't be set. languages[].languageCode
string
SchemaException
. If this is set, customLanguage
can't be set. languages[].preference
string
languageCode
is the user's preferred language. If customLanguage
is set, this can't be set. Allowed values are preferred
and not_preferred
.posixAccounts
value (
Value
format)
The list of POSIX account information for the user.
posixAccounts[].accountId
string
posixAccounts[].gecos
string
posixAccounts[].gid
unsigned long
posixAccounts[].homeDirectory
string
posixAccounts[].operatingSystemType
string
Acceptable values:
linux
, unspecified
, windows
. posixAccounts[].primary
boolean
posixAccounts[].shell
string
posixAccounts[].systemId
string
posixAccounts[].uid
unsigned long
posixAccounts[].username
string
creationTime
string
Output only. The time the user's account was created. The value is in ISO 8601
date and time format. The time is the complete date plus hours, minutes, and seconds in the form YYYY-MM-DDThh:mm:ssTZD
. For example, 2010-04-05T17:30:04+01:00
.
nonEditableAliases[]
string
Output only. The list of the user's non-editable alias email addresses. These are typically outside the account's primary domain or sub-domain.
sshPublicKeys
value (
Value
format)
A list of SSH public keys.
sshPublicKeys[].expirationTimeUsec
long
sshPublicKeys[].fingerprint
string
sshPublicKeys[].key
string
notes
value (
Value
format)
Notes for the user as a nested object.
notes.contentType
string
Acceptable values:
text_plain
, text_html
. notes.value
string
websites
value (
Value
format)
The list of the user's websites.
websites[].customType
string
type
is custom
, this property contains the custom value and must be set. websites[].primary
boolean
true
, this is the user's primary website. websites[].type
string
home
or blog
. Alternatively, an entry can have a custom
type. If set to custom
, customType
must also be set.Acceptable values:
app_install_page
, blog
, custom
, ftp
, home
, home_page
, other
, profile
, reservations
, resume
, work
. websites[].value
string
locations
value (
Value
format)
The list of the user's locations. The maximum allowed data size is 10KB.
locations[].area
string
Mountain View, CA
or Near Seattle
. locations[].buildingId
string
locations[].customType
string
type
is custom
, this property contains the custom value and must be set. locations[].deskCode
string
locations[].floorName
string
locations[].floorSection
string
A
, B
, and C
, this field would identify one of those values. locations[].type
string
custom
, customType
must also be set.Acceptable values:
custom
, default
, desk
.includeInGlobalAddressList
boolean
Indicates if the user's profile is visible in the Google Workspace global address list when the contact sharing feature is enabled for the domain. For more information about excluding user profiles, see the administration help center .
keywords
value (
Value
format)
The list of the user's keywords. The maximum allowed data size is 1KB.
keywords[].customType
string
type
is custom
, this property contains the custom value and must be set. keywords[].type
string
For example, keyword could be of type
occupation
or outlook
. In addition to the standard type, an entry can have a custom
type and can give it any name. If set to custom
, customType
must also be set.Acceptable values:
custom
, mission
, occupation
, outlook
. keywords[].value
string
deletionTime
string
Output only. The time the user's account was deleted. The value is in ISO 8601
date and time format. The time is the complete date plus hours, minutes, and seconds in the form YYYY-MM-DDThh:mm:ssTZD
. For example 2010-04-05T17:30:04+01:00
.
gender
value (
Value
format)
A nested object containing the user's gender. Maximum allowed data size for this field is 1KB.
gender.addressMeAs
string
gender.customGender
string
gender.type
string
Acceptable values:
-
female -
male -
other -
unknown
thumbnailPhotoEtag
string
Output only. ETag of the user's photo (Read-only)
ims
value (
Value
format)
The user's Instant Messenger (IM) accounts. A user account can have multiple ims
properties, but only one of these ims
properties can be the primary IM contact.
ims[].customProtocol
string
custom_protocol
, this property holds the custom protocol's string. ims[].customType
string
type
is custom
, this property contains the custom value and must be set. ims[].im
string
ims[].primary
boolean
ims[].protocol
string
Acceptable values:
-
aim: AOL Instant Messenger protocol -
custom_protocol: A custom IM network protocol -
gtalk: Google Talk protocol -
icq: ICQ protocol -
jabber: Jabber protocol -
msn: MSN Messenger protocol -
net_meeting: Net Meeting protocol -
qq: QQ protocol -
skype: Skype protocol -
yahoo: Yahoo Messenger protocol
ims[].type
string
custom
, customType
must also be set.Acceptable values:
custom
, home
, other
, work
.customSchemas
value (
Value
format)
Custom fields of the user. The key is a schemaName
and its values are 'fieldName': 'field_value'
.
-
customSchemas.(key)is a nested object. -
customSchemas.(key).(key)can be any value.
isEnrolledIn2Sv
boolean
Output only. Is enrolled in 2-step verification (Read-only)
isEnforcedIn2Sv
boolean
Output only. Is 2-step verification enforced (Read-only)
archived
boolean
Indicates if user is archived.
orgUnitPath
string
The full path of the parent organization associated with the user. If the parent organization is the top-level, it is represented as a forward slash ( /
).
recoveryEmail
string
Recovery email of the user.
recoveryPhone
string
Recovery phone of the user. The phone number must be in the E.164 format, starting with the plus sign (+). Example: +16506661212 .
UserName
| JSON representation |
|---|
{ "fullName" : string , "familyName" : string , "givenName" : string , "displayName" : string } |
| Fields | |
|---|---|
fullName
|
The user's full name formed by concatenating the first and last name values. |
familyName
|
The user's last name. Required when creating a user account. |
givenName
|
The user's first name. Required when creating a user account. |
displayName
|
The user's display name. Limit: 256 characters. |
Methods |
|
|---|---|
|
Deletes a user. |
|
Retrieves a user. |
|
Creates a user. |
|
Retrieves a paginated list of either deleted users or all users in a domain. |
|
Makes a user a super administrator. |
|
Updates a user using patch semantics. |
|
Signs a user out of all web and device sessions and reset their sign-in cookies. |
|
Undeletes a deleted user. |
|
Updates a user. |
|
Watches for changes in users list. |
