See api-docs Menu

List App Users

Use this API to return a list of users that are assigned to an App.

Resource URL


Header Parameters




Set to bearer <access_token>.

Set <access_token> to the access token you generated using the Generate Token API.

The access token must have been generated using an API credential pair created using the scope required to call this API. This API can be called using any one of the following scopes: Manage All, Read All.

Query Parameters

Standard pagination is supported. Max page limit is 1000. See Pagination for detail on how this works.

Sample Responses

        "firstname": "Bob",
        "id": 29260307,
        "email": "",
        "lastname": "Ross",
        "username": "bobross"
        "firstname": "Sally",
        "id": 35665909,
        "email": "",
        "lastname": "Gates",
        "username": "sallyg"

Typically, this error means that your access token value is invalid.

    "message": "Unauthorized",
    "statusCode": 401,
    "name": "UnauthorizedError"

Indicates that the syntax of the request is good but a value supplied is not valid.

    "message": "invalid value in \"auth_method\"",
    "statusCode": 422,
    "name": "UnprocessableEntityError"

Response Elements

id Users unique ID in OneLogin.
firstname First name of the user.
lastname Last name of the user.
username Username for the user.
email Email for the user

Postman Collection

Replace sample variables indicated by {{ }} with your actual values.

Run in Postman

    Clicking Run in Postman button navigates to the page where you can fork the collection to your workspace. Forking the collection into your workspace will enable you to contribute to the source collection using pull requests. You can also view the collection in a public workspace if you like and even import a copy of the collection using the links present on the screen.

Sample Code


Replace sample values indicated by < > with your actual values.

List Apps

curl 'https://<subdomain>/api/2/apps/<app_id>/users' \
-X GET \
-H "Authorization: bearer <access_token>"

Have a Question?

Have a how-to question? Seeing a weird error? Ask us about it on StackOverflow.

Found a bug? Submit a support ticket.

Have a product idea or request? Share it with us in our Ideas Portal.