# UserAccess

Users which have access to an organization

## Read all organizations users

> Retrieves list of all users linked to an organization.\
> NOTE: This endpoint does not return pending invitations. \
> Use GET /organizations/{organizationId}/invites to retrieve list of invitations.<br>

```json
{"openapi":"3.0.0","info":{"title":"Account Management HTTP API\n","version":"1.0.0"},"tags":[{"name":"UserAccess","description":"Users which have access to an organization"}],"servers":[{"url":"https://accounts.apps.verygoodsecurity.com","description":"Main (production) server"},{"url":"https://accounts.verygoodsecurity.io","description":"Internal development server for testing"},{"url":"localhost:8003"}],"security":[{"OAuth2":["organization-users:read"]}],"components":{"securitySchemes":{"OAuth2":{"type":"oauth2","description":"This API uses OAuth 2 with the authorization code flow for browser or client credentials flow for service accounts.","flows":{"authorizationCode":{"authorizationUrl":"https://auth.verygoodsecurity.com/auth/realms/vgs/protocol/openid-connect/auth","tokenUrl":"https://auth.verygoodsecurity.com/auth/realms/vgs/protocol/openid-connect/token","scopes":{"organization-users:read":"Read your organization users","organization-users:write":"Add, delete or manage permissions of users related to your organizations","organizations:read":"Read details of your organizations except of profile information","organizations:write":"Create, update, read and delete organizations","vaults:read":"Read details of your vaults","vaults:write":"Read, create, update and delete your vaults"}},"clientCredentials":{"tokenUrl":"https://auth.verygoodsecurity.com/auth/realms/vgs/protocol/openid-connect/token","scopes":{"organization-users:read":"Read your organization users","organization-users:write":"Add, delete or manage permissions of users related to your organizations","organizations:read":"Read details of your organizations except of profile information","organizations:write":"Create, update, read and delete organizations","vaults:read":"Read details of your vaults","vaults:write":"Read, create, update and delete your vaults"}}}}},"schemas":{"User":{"type":"object","properties":{"created_at":{"type":"string","format":"date-time"},"updated_at":{"deprecated":true,"type":"string"},"id":{"type":"string"},"name":{"type":"string"},"email_address":{"type":"string"},"vaults":{"type":"array","description":"List of vaults that this user is member of. Available in Org Members API.","items":{"$ref":"#/components/schemas/UserVault"}},"role":{"$ref":"#/components/schemas/OrganizationUserRole"},"permissions":{"type":"array","items":{"type":"string"}},"last_login":{"deprecated":true,"type":"string","nullable":true},"last_ip":{"deprecated":true,"type":"string","nullable":true},"sso_id":{"type":"string","description":"A unique identifier for a user in the SSO system, issued by the identity provider. Typically a UUID or alphanumeric string. The sso_id field remains null unless SSO with SAML is enabled and the Identity Provider includes the sso_id attribute in the SAML response; to populate this field, please contact VGS Support for provisioning."}}},"UserVault":{"type":"object","properties":{"id":{"type":"string"},"name":{"type":"string"},"role":{"$ref":"#/components/schemas/UserVaultRole"},"env_identifier":{"type":"string","description":"Identifier of environment of this vault. See corresponding Environment API of Account Management."}}},"UserVaultRole":{"type":"string","description":"User's role on Vault","enum":["admin","write","read"]},"OrganizationUserRole":{"type":"string","description":"Indicates whether this user has admin rights for organization. Available in Org Members API.","enum":["admin","user"]}}},"paths":{"/organizations/{organizationId}/members":{"get":{"tags":["UserAccess"],"summary":"Read all organizations users","description":"Retrieves list of all users linked to an organization.\nNOTE: This endpoint does not return pending invitations. \nUse GET /organizations/{organizationId}/invites to retrieve list of invitations.\n","responses":{"200":{"description":"OK","content":{"application/vnd.api+json":{"schema":{"type":"object","properties":{"data":{"type":"array","items":{"type":"object","properties":{"id":{"type":"string"},"type":{"type":"string","enum":["users"]},"attributes":{"anyOf":[{"$ref":"#/components/schemas/User"}]}}}}}}}}}}}}}}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.verygoodsecurity.com/enterprise-platform/developer-resources/api-reference/useraccess.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.