This API endpoint takes the user's loginId and then returns details of a user utilizing a valid management key. The response includes the following; however, there are additional items in the response that you can see below by expanding the response 200 OK.
Note: Suppose you frequently load a user for a specific user detail, such as their email address or a particular custom attribute. In that case, you can save execution time and additional API/SDK calls to load the user by adding the items to the custom claim. For details on adding items to the custom claims, see this documentation.
Note: If you have access to all SSO applications, the list will return as an empty array. Descope allows you to restrict which apps each user has access to, but by default gives access to all applications.
Once you have this data, you can utilize the response to prepare the payload to perform an Update on the user.
Use authorization bearer header with the following format:
Authorization: Bearer <ProjectId:ManagementKey>
OK
{- "user": {
- "loginIds": [
- "string"
], - "userId": "string",
- "name": "string",
- "email": "string",
- "phone": "string",
- "verifiedEmail": true,
- "verifiedPhone": true,
- "roleNames": [
- "string"
], - "userTenants": [
- {
- "tenantId": "string",
- "roleNames": [
- "string"
], - "tenantName": "string"
}
], - "status": "string",
- "externalIds": [
- "string"
], - "picture": "string",
- "test": false,
- "customAttributes": { },
- "createdTime": 0,
- "TOTP": false,
- "SAML": false,
- "OAuth": {
- "property1": false,
- "property2": false
}, - "webauthn": true,
- "password": true,
- "ssoAppIds": [
- "string"
], - "givenName": "string",
- "middleName": "string",
- "familyName": "string",
- "editable": true
}
}