User Accounts

List all user accounts

List UserAccount resources for the given application.

** Headers **

Authorization: Bearer <access_token>

** Scopes **

connectors.self:read-resource

GET

resources

user_account

List all user accounts

curl --request GET \
  --url https://api.vanta.com/v1/resources/user_account \
  --header 'Authorization: Bearer <token>'

{
  "resources": [
    {
      "displayName": "<string>",
      "uniqueId": "<string>",
      "externalUrl": "<string>",
      "fullName": "<string>",
      "accountName": "<string>",
      "email": "<string>",
      "createdTimestamp": "2023-11-07T05:31:56Z",
      "mfaEnabled": true,
      "mfaMethods": [],
      "roleDescription": "<string>",
      "updatedTimestamp": "2023-11-07T05:31:56Z",
      "deactivatedTimestamp": "2023-11-07T05:31:56Z",
      "lastLoginTimestamp": "2023-11-07T05:31:56Z",
      "lastPasswordResetTimestamp": "2023-11-07T05:31:56Z",
      "groupIds": [
        "<string>"
      ]
    }
  ]
}

Authorizations

Authorization

string

header

required

The access token received from the authorization server in the OAuth 2.0 flow.

Query Parameters

resourceId

string

required

Vanta generated identifier for the given resource, and can be found on the developer console page. See the list of registered resources and their IDs on https://app.vanta.com/settings/developer-console/<app_id>?tab=resources

Response

200 - application/json

List of resources.

resources

object[]

Show child attributes

Sync all user accountsTo send us data related to users in your system, you send us `UserAccount` resources. Every partner must send us `UserAccount` resources. This helps us determine whether users have appropriate levels of access and have a secure authentication mechanism. This call replaces ALL existing `UserAccount` resources for the given app and `source_id` - this is a "state of the world" sync. In other words, if a `UserAccount` resource is sent for a user in a previous `sync_all` call, but is not included in a later `sync_all` call for that customer, it is assumed to no longer exist and it is "deletedAt" time in is set to that of the `sync_all` call. The resource will still show in the Vanta UI as a Deactivated `UserAccount`, and `list_all` calls. ** Headers ** ``` Authorization: Bearer <access_token> ``` ** Scopes ** ``` connectors.self:write-resource ``` ** Schema ** Expand the `resources` array below for the schema of `UserAccount`.

⌘I

List all user accounts

curl --request GET \
  --url https://api.vanta.com/v1/resources/user_account \
  --header 'Authorization: Bearer <token>'

{
  "resources": [
    {
      "displayName": "<string>",
      "uniqueId": "<string>",
      "externalUrl": "<string>",
      "fullName": "<string>",
      "accountName": "<string>",
      "email": "<string>",
      "createdTimestamp": "2023-11-07T05:31:56Z",
      "mfaEnabled": true,
      "mfaMethods": [],
      "roleDescription": "<string>",
      "updatedTimestamp": "2023-11-07T05:31:56Z",
      "deactivatedTimestamp": "2023-11-07T05:31:56Z",
      "lastLoginTimestamp": "2023-11-07T05:31:56Z",
      "lastPasswordResetTimestamp": "2023-11-07T05:31:56Z",
      "groupIds": [
        "<string>"
      ]
    }
  ]
}