StackHawk Documentation StackHawk Logo HawkDocs
api
organizations
list members

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

List Members

GET /api/v1/org/{orgId}/members

List Members

List this organization's members.

Returns a paginated list of StackHawk Users.

User

A StackHawk User as identified by the platform.

Parameter Default Description
stackhawkId "" An internal identifier for this user. This is not the user uuid.
provider {} Information about the login provider assigned to this user. Read More
external {} Information about the user itself, and how they appear in the platform. Read More
createdTimestamp 0 Creation timestamp of this user.

UserOrganization

Represents the relationship between a User and an Organization they belong to.

Parameter Default Description
organization {} The StackHawk organization this user belongs to.
role "UNKNOWN" The organization role the user belongs to within this organization.
features [] Specific access features available to this organization.
metadata [] The user's organizational specific metadata.
achievements [] Specific product journey events that have triggered for this user.
permissions [] Permissions the User has in this organization.
Parameter Description
UNKNOWN null
OWNER null
ADMIN null
MEMBER null
TEAM_ADMIN null
VIEW_ONLY null
SCAN_ONLY_SERVICE_ACCOUNT null

Organization

A StackHawk Organization.

Parameter Default Description
id "" The UUID identifier of this StackHawk Organization.
name "" The name of this Organization.
subscription {} The billing subscription of this Organization.
isLinkedToExternalBilling false If this organization is yet connected to external billing (Stripe).
plan "" The feature plan this organization belongs to.
features [] Specific overrides to the feature flags in the plan.
settings {} Organization settings.
createdTimestamp 0 Creation timestamp of this organization.

A StackHawk platform user can belong to many organizations.

Requires read:member permission.

Path parameters

orgIdstring · uuidrequired

UUID identifier for this StackHawk Organization.

Query parameters

pageSizeinteger · int32

Pagination response size limit.

default: 10
pageTokeninteger · int32

Pagination request page increment.

default: 0
sortFieldstring

Resource field to sort paginated response by.

1 available option
id
sortDirstring

Paginated results are sorted 'asc' or 'desc'.

2 available options
ascdesc
patternstring

Filter users by name or email (case-insensitive search).

rolesstring[]

Filter users by organization roles (comma-separated list of OWNER, ADMIN, MEMBER).

Response

A paginated response of StackHawk Users.

nextPageToken
string

An integer representing the next page of results to query for.

totalCount
integer<int64>

Total number of results to paginate through.

users
user.User[]

A list of users.

Hide child attributesShow child attributes
users.createdTimestamp
integer<int64>

Creation timestamp of this user.

users.external
user.UserExternal
Hide child attributesShow child attributes
users.external.applicationIds
string[]

An array of application ids this user has access to.

users.external.avatarUrl
string

Users avatar url.

users.external.email
string

Users email address.

users.external.firstName
string

Users first name.

users.external.fullName
string

Users full name.

users.external.id
string

The UUID identifier of this user.

users.external.lastName
string

Users last name.

users.external.metadata
user.UserMetadata[]

Metadata associated to this external user. Primarily used for stuffing 3rd party verification data.

Hide child attributesShow child attributes
users.external.metadata.name
string

Metadata name.

users.external.metadata.value
string

Metadata value.

users.external.organizations
user.UserOrganization[]

Organizations a user is a part of.

Hide child attributesShow child attributes
users.external.organizations.achievements
user.UserAchievement[]

Specific product journey events that have triggered for this user.

Hide child attributesShow child attributes
users.external.organizations.achievements.achievement
enum<string>

Achievement event. One of a few defined events that can happen.

5 available options
UNKNOWN_ACHIEVEMENTCLI_RAN_HAWK_INITCLI_RAN_FIRST_SCANCLI_FIRST_SCAN_SUCCESSCLI_AUTHENTICATED_SCAN_SUCCESS
users.external.organizations.achievements.timestamp
integer<int64>

Achievement timestamp.

users.external.organizations.features
feature.Feature[]

Specific access features available to this organization.

Hide child attributesShow child attributes
users.external.organizations.features.enabled
boolean

If the feature is enabled.

users.external.organizations.features.name
string

The name of the feature.

users.external.organizations.metadata
user.UserMetadata[]

The user's organizational specific metadata.

Hide child attributesShow child attributes
users.external.organizations.metadata.name
string

Metadata name.

users.external.organizations.metadata.value
string

Metadata value.

users.external.organizations.organization
organization.Organization
Hide child attributesShow child attributes
users.external.organizations.organization.createdTimestamp
integer<int64>

Creation timestamp of this organization.

users.external.organizations.organization.features
feature.Feature[]

Specific overrides to the feature flags in the plan.

Hide child attributesShow child attributes
users.external.organizations.organization.features.enabled
boolean

If the feature is enabled.

users.external.organizations.organization.features.name
string

The name of the feature.

users.external.organizations.organization.id
string

The UUID identifier of this StackHawk Organization.

users.external.organizations.organization.isLinkedToExternalBilling
boolean

If this organization is yet connected to external billing (Stripe).

users.external.organizations.organization.name
string

The name of this Organization.

users.external.organizations.organization.plan
string

The feature plan this organization belongs to.

users.external.organizations.organization.settings
organization.OrgSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.cloudScanSettings
organization.CloudScanSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.cloudScanSettings.dayOfMonthUsagePeriodStart
integer<int32>

day of the month Cloud Scan usage period starts

users.external.organizations.organization.settings.cloudScanSettings.hawkscanVersion
string

HawkScan Docker image version for hosted/cloud scans ("dev" or "latest")

users.external.organizations.organization.settings.cloudScanSettings.targetVerificationId
string

id for the current verification of the target org domain

users.external.organizations.organization.settings.cloudScanSettings.usagePeriodLimitSeconds
integer<int64>

allotment of seconds per usage period the org has for Cloud Scans

users.external.organizations.organization.settings.cloudScanSettings.whitelistedDomains
string[]

domains that are whitelisted to bypass DNS TXT verification (e.g., "stackhawk.com", "acme.com")

users.external.organizations.organization.settings.customPluginLimit
integer<int64>

number of custom plugins a company is allowed to register.

users.external.organizations.organization.settings.inviteLimit
integer<int64>

Maximum pending invites for this org. 0 indicates to use the default.

users.external.organizations.organization.settings.ipAllowListingSettings
organization.IPAllowListingSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.ipAllowListingSettings.ipv4CidrRange
string[]

List of allowed ipv4 CIDR ranges API connections must come through. All IPs are allowed if this list is empty.

users.external.organizations.organization.settings.isOrganizationSamlOnly
boolean

default is false, therefore all auth methods are allowed by default.

users.external.organizations.organization.settings.isTurnedOffAI
boolean

default is false, therefore AI enabled.

users.external.organizations.organization.settings.isTurnedOffOASGen
boolean

default is false, therefore OAS generation is enabled.

users.external.organizations.organization.settings.limitedMemberRoleSettings
organization.LimitedMemberSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffFindingTriage
boolean

disable MEMBER triaging of findings from the api and platform

users.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffReportDownloads
boolean

disable MEMBER reporting downloads from the api and platform

users.external.organizations.organization.settings.screenrSettings
organization.ScreenrSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.screenrSettings.browserMode
enum<string>

Wire default is APP (0); falcon treats APP as "defaulted" and applies WITH_CONTROLS. Set to NO_CONTROLS to explicitly opt into Chrome --app mode.

3 available options
APPWITH_CONTROLSNO_CONTROLS
users.external.organizations.organization.settings.screenrSettings.podSize
enum<string>

Defaults to SMALL (0).

3 available options
SMALLMEDIUMLARGE
users.external.organizations.organization.subscription
organization.Subscription
Hide child attributesShow child attributes
users.external.organizations.organization.subscription.appCount
integer<int64>

Soft application limit for this organization

users.external.organizations.organization.subscription.customerId
string

CustomerId from billing provider

users.external.organizations.organization.subscription.endDate
integer<int64>

End Date of this subscription, in seconds from epoch

users.external.organizations.organization.subscription.isEnabled
boolean

If external billing is enabled

users.external.organizations.organization.subscription.isSelfServe
boolean

If the subscription was created via self-serve or not

users.external.organizations.organization.subscription.productId
string

The ID of the purchased product subscription

users.external.organizations.organization.subscription.productName
string

The name of the purchased product subscription

users.external.organizations.organization.subscription.quantity
integer<int64>

The quantity of units in this subscription

users.external.organizations.organization.subscription.recurringInterval
enum<string>

The billing recurring interval for this subscription

3 available options
RECURRING_INTERVAL_UNKNOWNMONTHYEAR
users.external.organizations.organization.subscription.recurringIntervalCount
integer<int64>

How often in the recurring interval billing occurs

users.external.organizations.organization.subscription.stackhawkOrgId
string

The organization UUID for this subscription

users.external.organizations.organization.subscription.startDate
integer<int64>

Start Date of this subscription, in seconds from epoch

users.external.organizations.organization.subscription.status
enum<string>

The status of the organization subscription

10 available options
SUBSCRIPTION_UNKNOWNTRIALINGACTIVEINCOMPLETECANCELLEDFREEINCOMPLETE_EXPIREDPAST_DUEUNPAIDDOWNGRADED
users.external.organizations.organization.subscription.subscriptionId
string

SubscriptionId from billing provider

users.external.organizations.organization.subscription.unitAmount
integer<int64>

The number of units with this subscription

users.external.organizations.organization.subscription.userCount
integer<int64>

Soft user limit for this organization

users.external.organizations.permissions
string[]

Permissions the User has in this organization.

users.external.organizations.role
enum<string>

The organization role the user belongs to within this organization.

7 available options
UNKNOWNOWNERADMINMEMBERTEAM_ADMINVIEW_ONLYSCAN_ONLY_SERVICE_ACCOUNT
users.external.preferences
user.UserPreferences
Hide child attributesShow child attributes
users.external.preferences.defaultOrganizationId
string

The UUID identifier of the organization a user currently logs into.

users.external.preferences.dontReceiveTrialingEmails
boolean

If `true`, the user will be opted out of stackhawk subscription-trialing notifications.

users.external.preferences.dontReceiveUpdatesEmail
boolean write-only

UNUSED. (currently unused) if `true`, the user will be opted out of Company Update emails.

users.external.preferences.dontReceiveWeeklyEmail
boolean

If the user will be opted out of weekly organization update emails.

users.external.teams
user.UserTeam[]

Teams this user belongs to.

Hide child attributesShow child attributes
users.external.teams.id
string

The UUID identifier of the team.

users.external.teams.name
string

The name of the team.

users.external.teams.organizationId
string

The organization ID this team belongs to.

users.organizationIds
string[] write-only deprecated

OrganizationIds **deprecated** - 4/26/22.

users.provider
user.ProviderInfo
Hide child attributesShow child attributes
users.provider.clientId
string

Provider client Id.

users.provider.created
integer<int64>

Milliseconds since epoch timestamp of when the user access was granted.

users.provider.slug
enum<string>

User access provider.

5 available options
GITHUBGOOGLESTACKHAWKSAMLIDPAZURE
users.stackhawkId
string write-only

An internal identifier for this user. _This is not the user uuid_.

nextPageToken
string

An integer representing the next page of results to query for.

totalCount
integer<int64>

Total number of results to paginate through.

users
user.User[]

A list of users.

Hide child attributesShow child attributes
users.createdTimestamp
integer<int64>

Creation timestamp of this user.

users.external
user.UserExternal
Hide child attributesShow child attributes
users.external.applicationIds
string[]

An array of application ids this user has access to.

users.external.avatarUrl
string

Users avatar url.

users.external.email
string

Users email address.

users.external.firstName
string

Users first name.

users.external.fullName
string

Users full name.

users.external.id
string

The UUID identifier of this user.

users.external.lastName
string

Users last name.

users.external.metadata
user.UserMetadata[]

Metadata associated to this external user. Primarily used for stuffing 3rd party verification data.

Hide child attributesShow child attributes
users.external.metadata.name
string

Metadata name.

users.external.metadata.value
string

Metadata value.

users.external.organizations
user.UserOrganization[]

Organizations a user is a part of.

Hide child attributesShow child attributes
users.external.organizations.achievements
user.UserAchievement[]

Specific product journey events that have triggered for this user.

Hide child attributesShow child attributes
users.external.organizations.achievements.achievement
enum<string>

Achievement event. One of a few defined events that can happen.

5 available options
UNKNOWN_ACHIEVEMENTCLI_RAN_HAWK_INITCLI_RAN_FIRST_SCANCLI_FIRST_SCAN_SUCCESSCLI_AUTHENTICATED_SCAN_SUCCESS
users.external.organizations.achievements.timestamp
integer<int64>

Achievement timestamp.

users.external.organizations.features
feature.Feature[]

Specific access features available to this organization.

Hide child attributesShow child attributes
users.external.organizations.features.enabled
boolean

If the feature is enabled.

users.external.organizations.features.name
string

The name of the feature.

users.external.organizations.metadata
user.UserMetadata[]

The user's organizational specific metadata.

Hide child attributesShow child attributes
users.external.organizations.metadata.name
string

Metadata name.

users.external.organizations.metadata.value
string

Metadata value.

users.external.organizations.organization
organization.Organization
Hide child attributesShow child attributes
users.external.organizations.organization.createdTimestamp
integer<int64>

Creation timestamp of this organization.

users.external.organizations.organization.features
feature.Feature[]

Specific overrides to the feature flags in the plan.

Hide child attributesShow child attributes
users.external.organizations.organization.features.enabled
boolean

If the feature is enabled.

users.external.organizations.organization.features.name
string

The name of the feature.

users.external.organizations.organization.id
string

The UUID identifier of this StackHawk Organization.

users.external.organizations.organization.isLinkedToExternalBilling
boolean

If this organization is yet connected to external billing (Stripe).

users.external.organizations.organization.name
string

The name of this Organization.

users.external.organizations.organization.plan
string

The feature plan this organization belongs to.

users.external.organizations.organization.settings
organization.OrgSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.cloudScanSettings
organization.CloudScanSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.cloudScanSettings.dayOfMonthUsagePeriodStart
integer<int32>

day of the month Cloud Scan usage period starts

users.external.organizations.organization.settings.cloudScanSettings.hawkscanVersion
string

HawkScan Docker image version for hosted/cloud scans ("dev" or "latest")

users.external.organizations.organization.settings.cloudScanSettings.targetVerificationId
string

id for the current verification of the target org domain

users.external.organizations.organization.settings.cloudScanSettings.usagePeriodLimitSeconds
integer<int64>

allotment of seconds per usage period the org has for Cloud Scans

users.external.organizations.organization.settings.cloudScanSettings.whitelistedDomains
string[]

domains that are whitelisted to bypass DNS TXT verification (e.g., "stackhawk.com", "acme.com")

users.external.organizations.organization.settings.customPluginLimit
integer<int64>

number of custom plugins a company is allowed to register.

users.external.organizations.organization.settings.inviteLimit
integer<int64>

Maximum pending invites for this org. 0 indicates to use the default.

users.external.organizations.organization.settings.ipAllowListingSettings
organization.IPAllowListingSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.ipAllowListingSettings.ipv4CidrRange
string[]

List of allowed ipv4 CIDR ranges API connections must come through. All IPs are allowed if this list is empty.

users.external.organizations.organization.settings.isOrganizationSamlOnly
boolean

default is false, therefore all auth methods are allowed by default.

users.external.organizations.organization.settings.isTurnedOffAI
boolean

default is false, therefore AI enabled.

users.external.organizations.organization.settings.isTurnedOffOASGen
boolean

default is false, therefore OAS generation is enabled.

users.external.organizations.organization.settings.limitedMemberRoleSettings
organization.LimitedMemberSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffFindingTriage
boolean

disable MEMBER triaging of findings from the api and platform

users.external.organizations.organization.settings.limitedMemberRoleSettings.isTurnedOffReportDownloads
boolean

disable MEMBER reporting downloads from the api and platform

users.external.organizations.organization.settings.screenrSettings
organization.ScreenrSettings
Hide child attributesShow child attributes
users.external.organizations.organization.settings.screenrSettings.browserMode
enum<string>

Wire default is APP (0); falcon treats APP as "defaulted" and applies WITH_CONTROLS. Set to NO_CONTROLS to explicitly opt into Chrome --app mode.

3 available options
APPWITH_CONTROLSNO_CONTROLS
users.external.organizations.organization.settings.screenrSettings.podSize
enum<string>

Defaults to SMALL (0).

3 available options
SMALLMEDIUMLARGE
users.external.organizations.organization.subscription
organization.Subscription
Hide child attributesShow child attributes
users.external.organizations.organization.subscription.appCount
integer<int64>

Soft application limit for this organization

users.external.organizations.organization.subscription.customerId
string

CustomerId from billing provider

users.external.organizations.organization.subscription.endDate
integer<int64>

End Date of this subscription, in seconds from epoch

users.external.organizations.organization.subscription.isEnabled
boolean

If external billing is enabled

users.external.organizations.organization.subscription.isSelfServe
boolean

If the subscription was created via self-serve or not

users.external.organizations.organization.subscription.productId
string

The ID of the purchased product subscription

users.external.organizations.organization.subscription.productName
string

The name of the purchased product subscription

users.external.organizations.organization.subscription.quantity
integer<int64>

The quantity of units in this subscription

users.external.organizations.organization.subscription.recurringInterval
enum<string>

The billing recurring interval for this subscription

3 available options
RECURRING_INTERVAL_UNKNOWNMONTHYEAR
users.external.organizations.organization.subscription.recurringIntervalCount
integer<int64>

How often in the recurring interval billing occurs

users.external.organizations.organization.subscription.stackhawkOrgId
string

The organization UUID for this subscription

users.external.organizations.organization.subscription.startDate
integer<int64>

Start Date of this subscription, in seconds from epoch

users.external.organizations.organization.subscription.status
enum<string>

The status of the organization subscription

10 available options
SUBSCRIPTION_UNKNOWNTRIALINGACTIVEINCOMPLETECANCELLEDFREEINCOMPLETE_EXPIREDPAST_DUEUNPAIDDOWNGRADED
users.external.organizations.organization.subscription.subscriptionId
string

SubscriptionId from billing provider

users.external.organizations.organization.subscription.unitAmount
integer<int64>

The number of units with this subscription

users.external.organizations.organization.subscription.userCount
integer<int64>

Soft user limit for this organization

users.external.organizations.permissions
string[]

Permissions the User has in this organization.

users.external.organizations.role
enum<string>

The organization role the user belongs to within this organization.

7 available options
UNKNOWNOWNERADMINMEMBERTEAM_ADMINVIEW_ONLYSCAN_ONLY_SERVICE_ACCOUNT
users.external.preferences
user.UserPreferences
Hide child attributesShow child attributes
users.external.preferences.defaultOrganizationId
string

The UUID identifier of the organization a user currently logs into.

users.external.preferences.dontReceiveTrialingEmails
boolean

If `true`, the user will be opted out of stackhawk subscription-trialing notifications.

users.external.preferences.dontReceiveUpdatesEmail
boolean write-only

UNUSED. (currently unused) if `true`, the user will be opted out of Company Update emails.

users.external.preferences.dontReceiveWeeklyEmail
boolean

If the user will be opted out of weekly organization update emails.

users.external.teams
user.UserTeam[]

Teams this user belongs to.

Hide child attributesShow child attributes
users.external.teams.id
string

The UUID identifier of the team.

users.external.teams.name
string

The name of the team.

users.external.teams.organizationId
string

The organization ID this team belongs to.

users.organizationIds
string[] write-only deprecated

OrganizationIds **deprecated** - 4/26/22.

users.provider
user.ProviderInfo
Hide child attributesShow child attributes
users.provider.clientId
string

Provider client Id.

users.provider.created
integer<int64>

Milliseconds since epoch timestamp of when the user access was granted.

users.provider.slug
enum<string>

User access provider.

5 available options
GITHUBGOOGLESTACKHAWKSAMLIDPAZURE
users.stackhawkId
string write-only

An internal identifier for this user. _This is not the user uuid_.

Unauthorized

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy