Skip to main content
GET
/
api
/
v2
/
bloodhound-users
List Users
curl --request GET \
  --url https://your-tenant.bloodhoundenterprise.io/api/v2/bloodhound-users \
  --header 'Authorization: Bearer <token>'
{
  "data": {
    "users": [
      {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "created_at": "2023-11-07T05:31:56Z",
        "updated_at": "2023-11-07T05:31:56Z",
        "deleted_at": {
          "time": "2023-11-07T05:31:56Z",
          "valid": true
        },
        "saml_provider_id": {
          "int32": 123,
          "valid": true
        },
        "sso_provider_id": {
          "int32": 123,
          "valid": true
        },
        "AuthSecret": {
          "id": 123,
          "created_at": "2023-11-07T05:31:56Z",
          "updated_at": "2023-11-07T05:31:56Z",
          "deleted_at": {
            "time": "2023-11-07T05:31:56Z",
            "valid": true
          },
          "digest_method": "<string>",
          "expires_at": "2023-11-07T05:31:56Z",
          "totp_activated": true
        },
        "roles": [
          {
            "id": 123,
            "created_at": "2023-11-07T05:31:56Z",
            "updated_at": "2023-11-07T05:31:56Z",
            "deleted_at": {
              "time": "2023-11-07T05:31:56Z",
              "valid": true
            },
            "name": "<string>",
            "description": "<string>",
            "permissions": [
              {
                "id": 123,
                "created_at": "2023-11-07T05:31:56Z",
                "updated_at": "2023-11-07T05:31:56Z",
                "deleted_at": {
                  "time": "2023-11-07T05:31:56Z",
                  "valid": true
                },
                "authority": "<string>",
                "name": "<string>"
              }
            ]
          }
        ],
        "first_name": {
          "string": "<string>",
          "valid": true
        },
        "last_name": {
          "string": "<string>",
          "valid": true
        },
        "email_address": {
          "string": "<string>",
          "valid": true
        },
        "principal_name": "<string>",
        "last_login": "2023-11-07T05:31:56Z",
        "is_disabled": true,
        "eula_accepted": true
      }
    ]
  }
}

Documentation Index

Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt

Use this file to discover all available pages before exploring further.

Applies to BloodHound Enterprise and CE

Authorizations

Authorization
string
header
required

Authorization: Bearer $JWT_TOKEN

Headers

Prefer
string
default:wait=30

Prefer header, used to specify a custom timeout in seconds using the wait parameter as per RFC7240. Passing in wait=-1 bypasses all timeout limits when the feature is enabled.

Pattern: ^wait=(-1|[0-9]+)$

Query Parameters

sort_by
string

Sortable columns are first_name, last_name, email_address, principal_name, last_login, created_at, updated_at, deleted_at. Sort by column. Can be used multiple times; prepend a hyphen for descending order. See parameter description for details about which columns are sortable.

first_name
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
last_name
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
email_address
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
principal_name
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
id
string

Filter results by column string-formatted uuid value. Valid filter predicates are eq, neq.

Pattern: ^((eq|neq):)?[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$
last_login
string

Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
created_at
string

Filter results by created_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
updated_at
string

Filter results by updated_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
deleted_at
string

Filter results by deleted_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$

Response

OK

data
object