---
title: "User List"
slug: "user-list"
updated: 2025-06-29T14:12:38Z
published: 2025-07-08T10:10:03Z
stale: true
---
> ## Documentation Index
> Fetch the complete documentation index at: https://docs.plainid.io/llms.txt
> Use this file to discover all available pages before exploring further.
# User List
Post/api/runtime/userlist/v3
The User List API call is an open-ended question for a specific Asset. It returns the list of users, their associated Attributes and which action they are allowed to perform on a specific Asset.
Note: The User List end point is used primarily for reporting data. There are time and amount constraints based on your Identity sources.
### Notice
When accessing the Authorization APIs, the URL base/prefix, according to your PlainID PDP Location**United States Cloud PDP** - `https://tenant-name.us1.plainid.io`**Canadian Cloud PDP** - `https://tenant-name.ca1.plainid.io`**European Cloud PDP** - `https://tenant-name.eu1.plainid.io`
For more information on which Asset Types to use with your PAA or Cloud PDP, refer to [Managing Asset Types](https://docs.plainid.io/docs/managing-asset-types).
### Important note about headers
Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample, if not, ensure you add it to your cURL sample before pasting into your API tool.
### Headers
*Required
| Header | Value | cURL Line |
| --- | --- | --- |
| Accept | `application/json` | `'accept: application/json'` |
| Content-Type | `application/json` | `'content-type: application/json'` |
### cURL Sample Guidelines
In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right under the Try It\* or the Code Sample tabs. They will then appear in the cURL sample in the correct format to use in your API tool. *\*Try It function coming soon.*
Header parametersX-Client-Idstring
Client ID of the Scope The clientId is **required**, ensure that it is defined either in the header as `X-Client-Id` or in the body as `clientId`.
X-Client-Secretstring
Client Secret ID of the Scope. You can also authenticate with an Authorization Token (in your API tool). Note that the X-Client-Id is still required, whether in the header or the body. Refer to [Setting up an Authentication Method](https://docs.plainid.io/v1/docs/managing-scope-authentication#setting-up-an-authentication-method-in-the-scope) for more information.
Body parametersUser List request
```json
{
"clientId": "[ClientID]",
"clientSecret": "[ClientSecret]",
"asset": {
"resourceType": "Account US",
"path": "Transfer US 5000",
"actions": [
"Access"
],
"assetAttributes": {
"order_type": [
"credit_card"
],
"customer_type": [
"private"
]
}
},
"contextData": {
"string": [
"string"
]
},
"environment": {
"string": [
"string"
]
},
"remoteIp": "string",
"timeZoneOffset": 0.0,
"entityTypes": [
{
"name": "User",
"attributeList": [
"attr1",
"attr2"
]
}
],
"includeContext": false,
"includeAccessPolicy": false,
"includeAsset": false,
"includeInActiveIdentities": false,
"includeIdentityAttributes": false,
"accessTokenFormat": "JSON",
"useCache": true,
"calculateCorrelationAttributes": [
{
"entityType": "User",
"entityAttribute": "uid",
"resourceAttribute": "resource_attr"
}
],
"operationalFilters": [
{
"filterType": "identitySourcesFilterByIDs",
"filterProperties": {
"filterAction": "INCLUDE",
"objectsList": [
"sourceID_123",
"sourceID_456"
]
}
},
{
"filterType": "userListIdentitiesFilterByRule",
"filterProperties": {
"filterDetails": [
{
"sourceId": "c9a74c7d-e81c-4d16-b22e-7dbf8921f7ef",
"filtersRelation": "OR",
"filters": [
{
"attribute": "uid",
"operator": "IN",
"values": [
"user1",
"user2"
]
}
]
}
]
}
}
]
}
```
Expand Allobject clientIdstring Required
Client ID of the Scope The Client ID is **required**, ensure that it is defined either in the header as `X-Client-Id` or in the body as `clientId`.
Min length1
clientSecretstring
Client Secret ID of the Scope. You can also authenticate with an Authorization Token (in your API tool). Note that the X-Client-Id is still required, whether in the header or the body. Refer to [Setting up an Authentication Method](https://docs.plainid.io/v1/docs/managing-scope-authentication#setting-up-an-authentication-method-in-the-scope) for more information.
Min length1
assetobject RequiredresourceTypestring
Asset Template ID (required)
pathstring
Unique Identifier of the Asset (required)
actions Array
Name of the Action (optional)
assetAttributesobject
(optional)
attribute_1string
attribute_2string
contextDataobject
Identity Context data for this request.
When specifying this parameter, you are requesting information based on a specific parameter and its value.
For example, Location where the contextData equals a specific branch.
If not defined, Dynamic groups based on context data will not be considered in the Access Decision.
string Array
environmentobject
Environmental parameters need to be defined in policies as request. (in Assetrules or Conditions) and also sent in the authorization request. Only the assets that match what will be sent in the request will come back.
If not defined, parameters based on environmental data will not be considered in the Access Decision.
string Array
remoteIpstring
IP address to be used when validating a Policy. Ensure that your IP Ranges are correct based on an [IP calculator](https://www.ipaddressguide.com/cidr). If not defined, the IP considered in the calculation is taken from the X-Forwarded-For (Request header). If not defined,the IP considered in the calculation is taken from the X-Forwarded-For (Request header).
timeZoneOffsetnumber
To define the offset from UTC time zone.
Used in Time Condition.
Default0.0Example-12.0
entityTypeIdstring
Identity Template ID. This is used to distinguish between different Workspaces and Identity Templates.
Min length1
entityTypes Array of object
This parameter enables you to decrease the payload size by including a list of Identity Types and their Attributes returning in the response. If not specified, all identities from all Identity Types are included in the response.
object namestring
attributeList Array
includeContextboolean
Show/hide the context data in the response.
Defaultfalse
includeAccessPolicyboolean
Show/hide the name of the Policy in the response that has granted the specified access.
Defaultfalse
includeAccessPolicyIdboolean
Show/hide the external id of the Policy in the response that granted the specified access.
Defaultfalse
includeAssetboolean
Show/hide the Asset Attribute of the Assets from the request.
Defaultfalse
includeInActiveIdentitiesboolean
Show/hide the inactive users in the response.
Defaultfalse
includeIdentityAttributesboolean
Show/hide the Identity Attributeof the Identity in the response.
Defaultfalse
accessTokenFormatstring
Determines the format of the response – whether `JSON`, `JWT`, or `StandardJWT`.
Default"JSON"
listOfResourcesstring
useCacheboolean
The Attribute determines if the response considers the cache settings or override the cache and perform a full calculation.
Defaulttrue
calculateCorrelationAttributes Array of object (correlationAttributeRequest)
Enables the response to include the Attribute(s) that influenced the access decision, based on predefined correlation logic. The correlation is defined using combinations of `entityType`, `entityAttribute`, and `resourceAttribute`, helping to identify which Identity Attribute matched which resource Attribute during evaluation.
object entityTypestring
entityAttributestring
resourceAttributestring
operationalFilters Array of object
These operational filters should affect the Runtime behavior and results by applying additional filtering which is not directly related to Authorization logic.
object #content#OneOfidentitySourcesFilterByIDsobject (identitySourcesFilterByIDs)filterTypestring Required
filterPropertiesobject filterActionstring RequiredValid values[
"INCLUDE",
"EXCLUDE"
]
objectsList Array of string Requiredstring
Input your sourceID/s here. For information on the sourceID parameter and where to locate it, check out [Managing Attribute Sources](https://docs.plainid.io/v1/docs/managing-attribute-sources) in the PlainID documentation.
userListIdentitiesFilterByRuleobject (userListIdentitiesFilterByRule)filterTypestring Required
filterPropertiesobject filterDetails Array of object Requiredobject sourceIdstring Required
Input your sourceID/s here. For information on the sourceID parameter and where to locate it, check out [Managing Attribute Sources](https://docs.plainid.io/v1/docs/managing-attribute-sources) in the PlainID documentation.
filtersRelationstring RequiredValid values[
"OR",
"AND"
]
filters Array of object Requiredobject attributestring Required
For more information on where to locate attributes, see [Managing Identity Attributes](https://docs.plainid.io/docs/managing-identity-attributes).
operatorstring RequiredValid values[
"IN",
"EQUALS"
]
values Array of string Requiredstring
Responses200
OK
users list for asset - 200
```json
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349"
},
{
"entityType": "bank_users",
"uid": "UX-12348"
},
{
"entityType": "bank_users",
"uid": "UX-12347"
},
{
"entityType": "bank_users",
"uid": "UX-12346"
},
{
"entityType": "bank_users",
"uid": "UX-12345"
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
```
includeIdentityAttributes - 200
```json
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349",
"attributes": {
"uid": [
"UX-12349"
],
"location": [
"Alabama"
],
"department": [
"Mortgage"
],
"branch": [
"vitae nisl"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12348",
"attributes": {
"uid": [
"UX-12348"
],
"location": [
"Alabama"
],
"department": [
"Loans"
],
"branch": [
"varius integer"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12347",
"attributes": {
"uid": [
"UX-12347"
],
"location": [
"Alabama"
],
"department": [
"Savings"
],
"branch": [
"egestas metus"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12346",
"attributes": {
"uid": [
"UX-12346"
],
"location": [
"Alabama"
],
"department": [
"Mortgage"
],
"branch": [
"ac est"
]
}
},
{
"entityType": "bank_users",
"uid": "UX-12345",
"attributes": {
"uid": [
"UX-12345"
],
"location": [
"Alabama"
],
"department": [
"Savings"
],
"branch": [
"sapien quis"
]
}
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
```
includeAccessPolicy and includeAccessPolicyId - 200
```json
{
"response": [
{
"action": "Access",
"entities": [
{
"entityType": "bank_users",
"uid": "UX-12349",
"permissions": [
{
"permission": "Manage consumers accounts in branch",
"permissionId": "p1"
}
]
},
{
"entityType": "bank_users",
"uid": "UX-12348",
"permissions": [
{
"permission": "Manage consumers accounts in branch",
"permissionId": "p1"
}
]
},
{
"entityType": "bank_users",
"uid": "UX-12347",
"permissions": [
{
"permission": "Manage consumers accounts in branch"
},
{
"permissionId": "p1"
}
]
},
{
"entityType": "bank_users",
"uid": "UX-12346",
"permissions": [
{
"permission": "Manage consumers accounts in branch",
"permissionId": "p1"
}
]
},
{
"entityType": "bank_users",
"uid": "UX-12345",
"permissions": [
{
"permission": "Manage consumers accounts in branch",
"permissionId": "p1"
}
]
}
]
},
{
"action": "TestAction",
"entities": []
}
]
}
```
Expand Allobject assetobject resourceTypestring
Asset Template ID (required)
pathstring
Unique Identifier of the Asset (required)
assetAttributesobject
(optional)
attribute_1string
attribute_2string
contextDataobject string Array
response Array of object object actionstring
entities Array of object object entityTypestring
uidstring
permissions Array of object object permissionstring
permissionIdstring
permissionMetadataobject (permissionMetadata)
Additional response metadata. This response is only returned when the `includeAccessPolicy` is set to true, and when the `permissionMetadata` object contains one or more properties.
attributesobject string Array
400
Basic Request - 400 - Bad Request
Basic Request - 400 - Bad Request
```json
{}
```
object
401
Unauthorized
403
Forbidden
404
Not Found
500
Internal Server Error
501
Not Implemented