Users with SDKs
You can use the Descope management SDK for common user management operations like create user, update user, delete user, etc. The management SDK requires a management key, which can be generated here.
Install SDK
npm i --save @descope/node-sdkpip3 install descopego get github.com/descope/go-sdk// Include the following in your `pom.xml` (for Maven)
<dependency>
<artifactId>java-sdk</artifactId>
<groupId>com.descope</groupId>
<version>sdk-version</version> // Check https://github.com/descope/descope-java/releases for the latest versions
</dependency>gem install descopecomposer require descope/descope-phpdotnet add package descopeImport and initialize Management SDK
import DescopeClient from '@descope/node-sdk';
const managementKey = "xxxx"
try{
// baseUrl="<URL>" // When initializing the Descope client you can also configure the baseUrl ex: https://auth.company.com - this is useful when you utilize a custom domain within your Descope project.
const descopeClient = DescopeClient({ projectId: '__ProjectID__', managementKey: managementKey });
} catch (error) {
// handle the error
console.log("failed to initialize: " + error)
}from descope import (
REFRESH_SESSION_TOKEN_NAME,
SESSION_TOKEN_NAME,
AuthException,
DeliveryMethod,
DescopeClient,
AssociatedTenant,
RoleMapping,
AttributeMapping
)
management_key = "xxxx"
try:
# You can configure the baseURL by setting the env variable Ex: export DESCOPE_BASE_URI="https://auth.company.com - this is useful when you utilize a custom domain within your Descope project."
descope_client = DescopeClient(project_id='__ProjectID__', management_key=management_key)
except Exception as error:
# handle the error
print ("failed to initialize. Error:")
print (error)import "github.com/descope/go-sdk/descope"
import "github.com/descope/go-sdk/descope/client"
import "fmt"
// Utilizing the context package allows for the transmission of context capabilities like cancellation
// signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
import (
"context"
)
managementKey = "xxxx"
// DescopeBaseURL // within the client.Config, you can also configure the baseUrl ex: https://auth.company.com - this is useful when you utilize a custom domain within your Descope project.
descopeClient, err := client.NewWithConfig(&client.Config{ProjectID:"__ProjectID__", managementKey:managementKey})
if err != nil {
// handle the error
log.Println("failed to initialize: " + err.Error())
}import com.descope.client;
// Initialized after setting the DESCOPE_PROJECT_ID env var (and optionally DESCOPE_MANAGEMENT_KEY)
var descopeClient = new DescopeClient();
// ** Or directly **
var descopeClient = new DescopeClient(Config.builder()
.projectId("__ProjectID__")
.managementKey("management-key")
.build());require 'descope'
descope_client = Descope::Client.new(
{
project_id: '__ProjectID__',
management_key: 'management_key'
}
)require 'vendor/autoload.php';
use Descope\SDK\DescopeSDK;
$descopeSDK = new DescopeSDK([
'projectId' => $_ENV['DESCOPE_PROJECT_ID'],
'managementKey' => $_ENV['DESCOPE_MANAGEMENT_KEY']
]);// appsettings.json
{
"Descope": {
"ProjectId": "your-project-id",
"ManagementKey": "your-management-key"
}
}
// Program.cs
using Descope;
using Microsoft.Extensions.Configuration;
// ... In your setup code
var config = new ConfigurationBuilder()
.AddJsonFile("appsettings.json")
.Build();
var descopeProjectId = config["Descope:ProjectId"];
var descopeManagementKey = config["Descope:ManagementKey"];
var descopeConfig = new DescopeConfig(projectId: descopeProjectId);
var descopeClient = new DescopeClient(descopeConfig)
{
ManagementKey = descopeManagementKey,
};Create User
This operation creates a new user within the project with the details provided. Create will not send an invite. If you want to send an invite on creation, use Invite User.
// Args:
// loginId (str): user login_id.
const loginId = "custom-login-id";
// displayName (str): Optional user display name.
const displayName = "Joe Person";
// phone (str): Optional user phone number.
const phone = "+15555555555";
// email (str): Optional user email address.
const email = "email@company.com";
// userTenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
const userTenants = [{ tenantId: "TestTenant", roleNames: ["TestRole"] }];
// roles (List[str]): An optional list of the user's role names without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
const roles = ["Tenant Admin"];
// customAttributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
const customAttributes = { attribute1: "Value 1", attribute2: "Value 2" };
// picture (str): Optional url for user picture
const picture = "https://example.com/picture.jpg";
// verifiedEmail (bool): Set to true for the user to be able to login with the email address.
const verifiedEmail = true; // or false
// verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
const verifiedPhone = true; // or false
// additionalLoginIds (optional List[str]): An optional list of additional login IDs to associate with the user
const additionalLoginIds = ["MyUserName", "+12223334455"];
// A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
const resp = await descopeClient.management.user.create(
loginId,
{
email,
phone,
displayName,
// picture,
verifiedEmail,
verifiedPhone,
customAttributes,
additionalLoginIds,
// userTenants,// either userTenants or roles
roles,
}
);
if (!resp.ok) {
console.log("Failed to create user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully created user.")
console.log(resp.data)
}# Args:
# login_id (str): user login_id.
# email (str): Optional user email address.
# phone (str): Optional user phone number.
# display_name (str): Optional user display name.
user = {"login_id": "email@company.com", "display_name": "Joe Person", "phone": "+15555555555", "email": "email@company.com"}
# role_names (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
role_names=["TestRole"]
# user_tenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
user_tenants=[AssociatedTenant("TestTenant")]
# picture (str): Optional url for user picture
picture = "xxxx"
# custom_attributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
custom_attributes = {"attribute1": "Value 1", "attribute2": "Value 2"}
# verified_email (bool): Set to true for the user to be able to login with the email address.
verified_email = true // or false
# verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
verified_phone = true // or false
# additional_login_ids (optional List[str]): An optional list of additional login IDs to associate with the user
additional_login_ids = ["MyUserName", "+12223334455"]
# A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
try:
resp = descope_client.mgmt.user.create(
login_id=user["login_id"],
email=user["email"],
display_name=user["display_name"],
phone=user["phone"],
# You can update user_tenants or role_names, not both in the same action
# user_tenants=user_tenants,
role_names=role_names,
picture=picture,
custom_attributes=custom_attributes,
verified_email=verified_email,
verified_phone=verified_phone,
additional_login_ids=additional_login_ids
)
print ("Successfully created user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to create user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): user loginID.
loginID := "xxxx"
// userRequest (UserRequest): A completed descope structure with applicable details for the user
userReq := &descope.UserRequest{}
userReq.Email = "email@company.com"
userReq.Name = "Joe Person"
userReq.Roles = nil // or []string{"TestRole1","TestRole2"} however, if roles is given, Tenants should then be nil
userReq.Tenants = []*descope.AssociatedTenant{{TenantID: "TestTenant"}}
userReq.CustomAttributes = map[string]any{"attribute1": "Value 1", "attribute2": "Value 2"}
userReq.Picture = "xxxx"
VerifiedEmail := true // or false
userReq.VerifiedEmail = &VerifiedEmail
VerifiedPhone := true // or false
userReq.VerifiedPhone = &VerifiedPhone
userReq.AdditionalLoginIds = ["MyUserName", "+12223334455"]
// A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
_, err := descopeClient.Management.User().Create(ctx, loginID, userReq)
if (err != nil){
fmt.Println("Unable to create user: ", err)
} else {
fmt.Println("User Successfully created.")
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
try {
us.create("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.tenants(Arrays.asList(
AssociatedTenant.builder()
.tenantId("tenant-ID1")
.roleNames(Arrays.asList("role-name1"),
AssociatedTenant.builder()
.tenantId("tenant-ID2"))))
.additionalLoginIDs("MyUserName", "+12223334455"));
} catch (DescopeException de) {
// Handle the error
}$response = $descopeSDK->management->user->create(
'testuser1', // loginId
'newemail@example.com', // email
'+1234567890', // phone
'Updated User', // displayName
'Updated', // givenName
'Middle', // middleName
'User', // familyName
null, // picture
null, // customAttributes
true, // verifiedEmail
true, // verifiedPhone
null, // inviteUrl
['altUser1'], // additionalLoginIds
['app123'], // ssoAppIds
null, // password
['admin', 'editor'], // roleNames
[['tenantId' => 'tenant1']] // userTenants
);
print_r($response);// Args:
// loginID (string): Unique login ID for the new user (required).
var loginID = "user-login-id";
// request (UserRequest?): Additional user details (optional).
var request = new UserRequest
{
Email = "email@company.com",
Name = "new-user",
UserTenants = new List<AssociatedTenant>{ new("Tenant‑ID1") { RoleNames = new List<string>{"role-name1"} } },
SsoAppIds = new List<string> { "appId1", "appId2" }
};
// sendInvite (bool): If true, an invitation email/SMS is sent.
var sendInvite = false;
// inviteOpts (InviteOptions?): Invitation options (URL, template, etc.).
InviteOptions? inviteOpts = null;
// testUser (bool): Flag to mark the user as a test account.
var testUser = false;
try
{
var userRes = await descopeClient.Management.User.Create(loginId: loginID, request: request, sendInvite: sendInvite, inviteOptions: inviteOpts, testUser: testUser);
}
catch (DescopeException ex)
{
// Handle the error
}Batch Create Users
This operation batch creates (optionally invites) new users within the project with the details provided. Create will not send an invite. If you want to send an invite on creation, use Invite User.
// Args:
// users (array of Descope Users)
// loginId (str): user login_id.
// email (str): Optional user email address.
// phone (str): Optional user phone number.
// displayName (str): Optional user display name.
// roles (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
// userTenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
// customAttributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
// picture (str): Optional url for user picture
// verifiedEmail (bool): Set to true for the user to be able to login with the email address.
// verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
// test (bool): Set to true if creating a test user, otherwise false
// additionalLoginIds (optional List[str]): An optional list of additional login IDs to associate with the user
const users = [
{
loginId: 'email2@company.com',
email: 'email2@company.com',
phone: '+15555555555',
displayName: 'Joe Person',
userTenants: [{ tenantId: 'TestTenant', roleNames: ['TestRole'] }],
customAttributes: {"attribute1": "Value 1", "attribute2": "Value 2"},
picture: "https://xxxx.co/img",
verifiedEmail: true,
verifiedPhone: true,
test: false,
additionalLoginIds: ["MyUserName", "+12223334455"]
},
{
loginId: 'email@company.com',
email: 'email@company.com',
phone: '+15556667777',
displayName: 'Desmond Copeland',
userTenants: [{ tenantId: 'TestTenant', roleNames: ['TestRole'] }],
customAttributes: {"attribute1": "Value 1", "attribute2": "Value 2"},
picture: "https://xxxx.co/img",
verifiedEmail: true,
verifiedPhone: true,
test: false,
additionalLoginIds: ["MyUserName", "+12223334455"]
}
]
// sendMail (bool): true or false for sending invite via email
const sendMail = true
// sendSMS (bool): true or false for sending invite via SMS
const sendSMS = false
// inviteUrl // URL to include in user invitation for the user to sign in with
const inviteUrl = "https://company.com/sign-in"
const resp = await descopeClient.management.user.inviteBatch(
users,
inviteUrl,
sendMail,
sendSMS
);
if (!resp.ok) {
console.log("Failed to batch create invite users.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully batch created users.")
console.log(resp.data)
}# Args:
# users (array of Descope Users)
# login_id (str): user login_id.
# email (str): Optional user email address.
# phone (str): Optional user phone number.
# display_name (str): Optional user display name.
# roles (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
# user_tenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
# custom_attributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
# picture (str): Optional url for user picture
# verified_email (bool): Set to true for the user to be able to login with the email address.
# verified_phone (bool): Set to true for the user to be able to login with the phone number.
# test (bool): Set to true if creating a test user, otherwise false
# additional_login_ids (optional List[str]): An optional list of additional login IDs to associate with the user
users = [
{
login_id: 'email2@company.com',
email: 'email2@company.com',
phone: '+15555555555',
display_name: 'Joe Person',
user_tenants: [{ tenantId: 'TestTenant', roleNames: ['TestRole'] }],
custom_attributes: {"attribute1": "Value 1", "attribute2": "Value 2"},
picture: "https:#xxxx.co/img",
verified_email: true,
verified_phone: true,
test: false,
additional_login_ids = ["MyUserName", "+12223334455"]
},
{
login_id: 'email@company.com',
email: 'email@company.com',
phone: '+15556667777',
display_name: 'Desmond Copeland',
user_tenants: [{ tenantId: 'TestTenant', roleNames: ['TestRole'] }],
custom_attributes: {"attribute1": "Value 1", "attribute2": "Value 2"},
picture: "https:#xxxx.co/img",
verified_email: true,
verified_phone: true,
test: false,
additional_login_ids = ["MyUserName", "+12223334455"]
}
]
# invite_url # URL to include in user invitation for the user to sign in with
invite_url = "https:#company.com/sign-in"
# send_mail (bool): true or false for sending invite via email
send_mail = true
# send_sms (bool): true or false for sending invite via SMS
send_sms = false
try:
resp = descope_client.mgmt.user.invite_batch(
users=users,
invite_url=invite_url,
send_mail=send_mail,
send_sms=send_sms
)
print ("Successfully batch invited users.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to batch invite users.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// Options (descope.InviteOptions): Invite options including URL, sendSMS and/or sendEmail
Options := &descope.InviteOptions{InviteURL: "https://company.com/signIn", sendSMS: false, sendEmail: true}
// BatchUsers (descope.BatchUser)
BatchUsers := []*descope.BatchUser{}
VerifiedEmail := new(bool)
*VerifiedEmail = true
VerifiedPhone := new(bool)
*VerifiedPhone = false
u1 := &descope.BatchUser{}
u1.LoginID = "email2@company.com"
u1.Email = "email2@company.com"
u1.Tenants = []*descope.AssociatedTenant{{TenantID: "TestTenant"}}
u1.CustomAttributes = map[string]any{"attribute1": "Value 1", "attribute2": "Value 2"}
//u1.Picture = "xxxx"
u1.VerifiedEmail = VerifiedEmail
u1.VerifiedPhone = VerifiedPhone
u2.AdditionalLoginIds = ["MyUserName", "+12223334455"]
u2 := &descope.BatchUser{}
u2.LoginID = "email@company.com"
u2.Email = "email@company.com"
u2.Tenants = []*descope.AssociatedTenant{{TenantID: "TestTenant"}}
u2.CustomAttributes = map[string]any{"attribute1": "Value 1", "attribute2": "Value 2"}
//u1.Picture = "xxxx"
u1.VerifiedEmail = VerifiedEmail
u2.VerifiedPhone = VerifiedPhone
u2.AdditionalLoginIds = ["MyUserName", "+12223334455"]
BatchUsers = append(BatchUsers, u1, u2)
res, err := descopeClient.Management.User().InviteBatch(ctx, BatchUsers, options)
if (err != nil){
fmt.Println("Unable to invite user: ", err)
} else {
fmt.Println("User Successfully invited: ", res)
}// Pending Release// Args:
// batchUsers (List<BatchUser>): Users to create (can include cleartext or hashed passwords).
var batchUsers = new List<BatchUser>
{
new BatchUser
{
LoginId = "email1@company.com",
Email = "email1@company.com",
Name = "user-one",
UserTenants = new List<AssociatedTenant>
{
new("Tenant‑123") { RoleNames = new List<string>{ "Member" } }
}
},
new BatchUser
{
LoginId = "email2@company.com",
Email = "email2@company.com",
Name = "user-two",
}
};
// sendInvite (bool) : If true, send invitations via email/SMS.
var sendInvite = true;
// inviteOpts (InviteOptions?) : Optional settings (invite URL, template, sendMail/SMS).
InviteOptions? inviteOpts = null;
try
{
var batchRes = await descopeClient.Management.User.CreateBatch(batchUsers: batchUsers, sendInvite: sendInvite, inviteOptions: inviteOpts);
}
catch (DescopeException ex)
{
// Handle the error
}Invite User
This operation creates a new user within the project with the details provided. This method also sends the invite to the user.
Note
For the .NET SDK, user invitation is handled in the same function call as user creation.
To invite users, pass sendInvite: true in the Create or BatchCreate functions.
Note
When inviting users from the SDK, the default connector and template configured within Project Settings will be used, unless a different template Id is specified. Currently, when using the Java SDK, only the default connector and template can be used.
const loginId = "custom-login-id";
// displayName (str): Optional user display name.
const displayName = "Joe Person";
// phone (str): Optional user phone number.
const phone = "+15555555555";
// email (str): Optional user email address.
const email = "email@company.com";
// userTenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
const userTenants = [{ tenantId: "TestTenant", roleNames: ["TestRole"] }];
// roles (List[str]): An optional list of the user's role names without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
const roles = ["Tenant Admin"];
// customAttributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
const customAttributes = { attribute1: "Value 1", attribute2: "Value 2" };
// picture (str): Optional url for user picture
const picture = "https://example.com/picture.jpg";
// verifiedEmail (bool): Set to true for the user to be able to login with the email address.
const verifiedEmail = true; // or false
// verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
const verifiedPhone = true; // or false
// additionalLoginIds (optional List[str]): An optional list of additional login IDs to associate with the user
const additionalLoginIds = ["MyUserName", "+12223334455"];
// inviteUrl // URL to include in user invitation for the user to sign in with
const inviteUrl = "https://company.com/sign-in"
// sendMail (bool): true or false for sending invite via email
const sendMail = true
// sendSMS (bool): true or false for sending invite via SMS
const sendSMS = false
// templateId (str): Optional template Id for the invitation message
const templateId = "my-template-id"
// A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
const resp = await descopeClient.management.user.create(
loginId,
{
email,
phone,
displayName,
// picture,
verifiedEmail,
verifiedPhone,
customAttributes,
additionalLoginIds,
// userTenants,// either userTenants or roles
roles,
inviteUrl,
sendSMS,
sendMail
}
);
if (!resp.ok) {
console.log("Failed to invite user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully invited user.")
console.log(resp.data)
}# Args:
# login_id (str): user login_id.
# email (str): Optional user email address.
# phone (str): Optional user phone number.
# display_name (str): Optional user display name.
user = {"login_id": "email@company.com", "display_name": "Joe Person", "phone": "+15555555555", "email": "email@company.com"}
# role_names (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
role_names=["TestRole"]
# user_tenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
user_tenants=[AssociatedTenant("TestTenant")]
# picture (str): Optional url for user picture
picture = "xxxx"
# custom_attributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
custom_attributes = {"attribute1": "Value 1", "attribute2": "Value 2"}
# verified_email (bool): Set to true for the user to be able to login with the email address.
verified_email = true // or false
# verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
verified_phone = true // or false
# invite_url // URL to include in user invitation for the user to sign in with
invite_url = "https://company.com/sign-in"
# send_mail (bool): true or false for sending invite via email
send_mail = true
# send_sms (bool): true or false for sending invite via SMS
send_sms = false
# additional_login_ids (List[str]): An optional list of additional login IDs to associate with the user
additional_login_ids = ["MyUserName", "+12223334455"]
# template_id (str): optional template Id for the invitation message
template_id = "my-template-id"
# A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
try:
resp = descope_client.mgmt.user.invite(
login_id=user["login_id"],
email=user["email"],
display_name=user["display_name"],
phone=user["phone"],
# You can update user_tenants or role_names, not both in the same action
# user_tenants=user_tenants,
role_names=role_names,
picture=picture,
custom_attributes=custom_attributes,
verified_email=verified_email,
verified_phone=verified_phone,
invite_url=invite_url,
send_mail = send_mail,
send_sms = send_sms,
additional_login_ids = additional_login_ids,
template_id = template_id
)
print ("Successfully invited user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to invite user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): user loginID.
loginID := "xxxx"
// userRequest (UserRequest): A completed descope structure with applicable details for the user
userReq := &descope.UserRequest{}
userReq.Email = "email@company.com"
userReq.Name = "Joe Person"
userReq.Roles = nil // or []string{"TestRole1","TestRole2"} however, if roles is given, Tenants should then be nil
userReq.Tenants = []*descope.AssociatedTenant{{TenantID: "TestTenant"}}
userReq.CustomAttributes = map[string]any{"attribute1": "Value 1", "attribute2": "Value 2"}
userReq.TemplateOptions = map[string]any{"option1": "Value 1", "option2": "Value 2"}
userReq.Picture = "xxxx"
VerifiedEmail := true // or false
userReq.VerifiedEmail = &VerifiedEmail
VerifiedPhone := true // or false
userReq.VerifiedPhone = &VerifiedPhone
userReq.AdditionalLoginIds = ["MyUserName", "+12223334455"]
userReq.templateID = "my-template-id" // optional template Id for the invitation message
// invite options (&descope.InviteOptions{}): Details of the invite configuration including inviteURL
inviteOptions := &descope.InviteOptions{InviteURL: "https://company.com/signIn", sendSMS: false, sendEmail: true}
// A user must have a login ID, other fields are optional. Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
res, err := descopeClient.Management.User().Invite(ctx, loginID, userReq, inviteOptions)
if (err != nil){
fmt.Println("Unable to invite user: ", err)
} else {
fmt.Println("User Successfully invited: ", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Alternatively, a user can be created and invited via an email message.
// You can configure the invite URL in the Descope console prior to using this function, or pass inviteUrl in the options parameter.
// and that an email address is provided in the information.
try {
us.invite("email@company.com",
UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.tenants(Arrays.asList(
AssociatedTenant.builder()
.tenantId("tenant-ID1")
.roleNames(Arrays.asList("role-name1"),
AssociatedTenant.builder()
.tenantId("tenant-ID2")))),
InviteOptions.builder()
.inviteUrl("https://my-app.com/invite"),
.sendSMS(false),
.sendMail(true)
.additionalLoginIDs("MyUserName", "+12223334455")
);
} catch (DescopeException de) {
// Handle the error
}$response = $descopeSDK->management->user->invite(
'newuser1', // loginId
'invite@example.com', // email
'+1234567890', // phone
'New User', // displayName
'John', // givenName
'Middle', // middleName
'Doe', // familyName
'https://example.com/profile.jpg', // picture
['department' => 'Engineering'], // customAttributes
true, // verifiedEmail
true, // verifiedPhone
'https://myapp.com/invite', // inviteUrl
true, // sendMail
true // sendSms
);
print_r($response);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// inviteOptions (InviteOptions?): Additional invite details.
var inviteOpts = new InviteOptions
{
InviteUrl = "https://company.com/sign-in",
SendMail = true,
SendSms = false,
TemplateId = "my-template-id"
};
// Passing sendInvite: true will both create *and* invite the user.
try
{
var userRes = await descopeClient.Management.User.Create(loginId: loginID, new UserRequest
{
Email = "email@company.com",
Name = "Joe Person",
Phone = "+15555555555",
UserTenants = new List<AssociatedTenant>
{
new("TestTenant") { RoleNames = new List<string>{ "Tenant Admin" } }
},
CustomAttributes = new Dictionary<string, object>
{
{ "attribute1", "Value 1" },
{ "attribute2", "Value 2" }
}
},
sendInvite: true,
inviteOptions: inviteOpts);
}
catch (DescopeException ex)
{
// Handle the error
}Update User
This operation updates an existing user with the details provided. It is important to note that all parameters are used as overrides to the existing user; empty fields will override populated fields.
// loginId (str): user login_id.
const loginId = "custom-login-id";
// displayName (str): Optional user display name.
const displayName = "Joe Person";
// phone (str): Optional user phone number.
const phone = "+15555555555";
// email (str): Optional user email address.
const email = "email@company.com";
// userTenants (List[UserTenants]): An optional list of the user's tenants, and optionally, their roles per tenant. These roles are mutually exclusive with the general `role_names`, and take precedence over them.
const userTenants = [{ tenantId: "TestTenant", roleNames: ["TestRole"] }];
// roles (List[str]): An optional list of the user's role names without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over them.
const roles = ["Tenant Admin"];
// customAttributes (dict): Optional, set the different custom attributes values of the keys that were previously configured in Descope console app
const customAttributes = { attribute1: "Value 1", attribute2: "Value 2" };
// picture (str): Optional url for user picture
const picture = "https://example.com/picture.jpg";
// verifiedEmail (bool): Set to true for the user to be able to login with the email address.
const verifiedEmail = true; // or false
// verifiedPhone (bool): Set to true for the user to be able to login with the phone number.
const verifiedPhone = true; // or false
// additionalLoginIds (optional List[str]): An optional list of additional login IDs to associate with the user
const additionalLoginIds = ["MyUpdatedUserName", "+9999998765"];
const resp = await descopeClient.management.user.update(
loginId,
{
email,
phone,
displayName,
// picture,
verifiedEmail,
verifiedPhone,
customAttributes,
additionalLoginIds,
// userTenants,// either userTenants or roles
roles,
}
);
if (!resp.ok) {
console.log("Failed to update user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user.")
console.log(resp.data)
}# Args:
# login_id (str): The login_id of the user to update.
# email (str): Optional user email address.
# phone (str): Optional user phone number.
# display_name (str): Optional user display name.
user = {"login_id": "email@company.com", "display_name": "Joe Person", "phone": "+15555555555", "email": "email@company.com"}
# role_names (List[str]): An optional list of the user's roles without tenant association. These roles are mutually exclusive with the `user_tenant` roles, which take precedence over the general roles.
# custom_attributes: Record<string, AttributesTypes>: Updates users with certain custom attributes
custom_attributes = {"mycustomattribute": "Test"}
# picture (str): Optional url to user avatar. Leave empty to remove.
picture = "https://example.com/picture.png"
# verified_email (bool): Set to true for the user to be able to login with the email address.
verified_email = True # or False
# verified_phone (bool): Set to true for the user to be able to login with the phone number.
verified_phone = True # or False
new_phone = "+12222222222"
new_email = "updateEmail@email.com"
# additional_login_ids (optional List[str]): An optional list of additional login IDs to associate with the user
additional_login_ids = ["MyUserName", "+12223334455"]
try:
resp = descope_client.mgmt.user.update(
login_id=user["login_id"],
email=new_email,
display_name=user["display_name"],
phone=new_phone,
# You can update user_tenants or role_names, not both in the same action
role_names=["TestyTester"],
# user_tenants=[AssociatedTenant("testWithID")],
picture=picture,
custom_attributes=custom_attributes,
verified_email=verified_email,
verified_phone=verified_phone,
additional_login_ids=additional_login_ids
)
print ("Successfully updated user. New user info:")
# Display Updates
try:
resp = descope_client.mgmt.user.load(login_id=user["login_id"])
print ("Successfully loaded user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to load user after update.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))
except AuthException as error:
print ("Unable to update user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): user loginID or userID.
loginIDOrUserID := "xxxx"
// userRequest (UserRequest): A completed descope structure with applicable details for the user
userReq := &descope.UserRequest{}
userReq.Email = "email@company.com"
userReq.Name = "Joe Person"
userReq.Phone = "+12223334455"
userReq.Roles = nil // or []string{"TestRole1","TestRole2"} however, if roles is given, Tenants should then be nil
userReq.Tenants = []*descope.AssociatedTenant{{TenantID: "TestTenant"}}
userReq.CustomAttributes = map[string]any{"mycustomattribute": "Test"}
userReq.Picture = "https://example.com/picture.png"
VerifiedEmail := true // or false
userReq.VerifiedEmail = &VerifiedEmail
VerifiedPhone := true // or false
userReq.VerifiedPhone = &VerifiedPhone
userReq.AdditionalLoginIds = ["MyUserName", "+12223334455"]
res, err := descopeClient.Management.User().Update(ctx, loginIDOrUserID, userReq)
if (err != nil){
fmt.Println("Unable to update user: ", err)
} else {
fmt.Println("User Successfully updated", res)
}// A user must have a loginID, other fields are optional.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.tenants(Arrays.asList(
AssociatedTenant.builder()
.tenantId("tenant-ID1")
.roleNames(Arrays.asList("role-name1"),
AssociatedTenant.builder()
.tenantId("tenant-ID2"))))
.additionalLoginIDs("MyUserName", "+12223334455"));
} catch (DescopeException de) {
// Handle the error
}$response = $descopeSDK->management->user->update(
'testuser1', // loginId
'updatedemail@example.com', // email
'+1234567890', // phone
'Updated User', // displayName
'Updated', // givenName
'Middle', // middleName
'User', // familyName
'https://example.com/newpic.jpg', // picture
['department' => 'HR'], // customAttributes
true, // verifiedEmail
true, // verifiedPhone
['altUser1'], // additionalLoginIds
[''], // ssoAppIds
);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// request (UserRequest?): A full/partial user object whose non‑null fields will override existing values. Use carefully.
var request = new UserRequest
{
Email = "email@company.com",
Name = "updated-name",
Phone = "+15555555555",
CustomAttributes = new Dictionary<string, object>
{
{ "attribute1", "New Value" }
},
RoleNames = new List<string>{ "Role1" },
UserTenants = new List<AssociatedTenant>
{
new("Tenant‑123") { RoleNames = new List<string>{ "Role2" } }
}
};
try
{
var userRes = await descopeClient.Management.User.Update(loginId: loginID, request: request);
}
catch (DescopeException ex)
{
// Handle the error
}Load Existing User Details
This operation loads the details of an existing user.
Note
Suppose you frequently load a user for a specific user detail, such as their email address or a particular custom attribute. In that case, you can save execution time and additional API/SDK calls to load the user by adding the items to the custom claim. For details on adding items to the custom claims, see this documentation.
// Args:
// loginId (str): The login_id of the user to be loaded.
const loginId = "xxxx"
let resp = await descopeClient.management.user.load(loginId)
if (!resp.ok) {
console.log("Failed to load user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully loaded user.")
console.log(resp.data)
}
// If needed, users can be loaded using the user_id as well. The response is the same as above.
const userId = "xxxx"
resp = await descopeClient.management.user.loadByUserId(userId)
if (!resp.ok) {
console.log("Failed to load user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully loaded user.")
console.log(resp.data)
}# Args:
# login_id (str): The login_id of the user to be loaded.
login_id = "xxxx"
try:
resp = descope_client.mgmt.user.load(login_id=login_id)
print ("Successfully loaded user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to load user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))
# If needed, users can be loaded using the user_id as well. The response is the same as above.
user_id = "xxxx"
try:
user_resp = descope_client.mgmt.user.load_by_user_id(user_id=user_id)
print ("Successfully loaded user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to load user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to be loaded.
loginIDOrUserID := "xxxx"
res, err := descopeClient.Management.User().Load(ctx, loginIDOrUserID)
if (err != nil){
fmt.Println("Unable to load user: ", err)
} else {
fmt.Println("User Successfully loaded: ", res)
}
// If needed, users can be loaded using the userID as well. The response is the same as above.
userID = "xxxx"
res, err := descopeClient.Management.User().LoadByUserID(ctx, userID)
if (err != nil){
fmt.Println("Unable to load user: ", err)
} else {
fmt.Println("User Successfully loaded: ", res)
}// A user must have a loginID, other fields are optional.
UserService us = descopeClient.getManagementServices().getUserService();
// If needed, users can be loaded using their ID as well
try {
us.loadByUserId("<user-id>");
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (str): The login ID of the user to load.
var loginID = "user-login-id";
try
{
var userRes = descopeClient.Management.User.Load(loginID);
}
catch (DescopeException ex)
{
// Handle the error
}Get User's Login History
Retrieve users' authentication history, by the given user's ids.
// Args:
// userIds (list[str]): user IDs to load history for.
const userIds = ["xxxx", "yyyy"]
const resp = await descopeClient.management.user.history(userIds);
if (!resp.ok) {
console.log("Failed to load users history.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully loaded users history.")
console.log(resp.data)
}# Args:
# user_ids (list[str]): user IDs to load history for.
user_ids = ["xxxx", "yyyy"]
try:
resp = descope_client.mgmt.user.history(user_ids=user_ids)
print ("Successfully loaded users history.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Failed to load users history.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// userIds (list[str]): user IDs to load history for.
userIds := ["xxxx", "yyyy"]
res, err := descopeClient.Management.User().History(ctx, userIds)
if (err != nil){
fmt.Println("Failed to load users history. ", err)
} else {
fmt.Println("Successfully loaded users history. ")
for _, u := range res {
fmt.Println(u)
}
}UserService us = descopeClient.getManagementServices().getUserService();
try {
us.history(["xxxx", "yyyy"]);
} catch (DescopeException de) {
// Handle the error
}Load Existing User's Provider Token
This operation loads the user's access token generated by the OAuth/OIDC provider, using a valid management key. When
querying for OAuth providers, this only applies when utilizing your own account with the provider
and have selected Manage tokens from provider selected under the social auth methods.
// Args:
// loginId (str): The login_id of the user to be loaded.
const loginId = "xxxx"
// provider (str): The provider name (google, facebook, etc')
const provider = "google"
const resp = await descopeClient.management.user.getProviderToken(loginId, provider)
if (!resp.ok) {
console.log(resp)
console.log("Unable to load user's provider token.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully loaded user's provider token.")
console.log(resp.data)
}# Args:
# login_id (str): The login_id of the user to be loaded.
login_id = "xxxx"
# provider (str): The provider name (google, facebook, etc')
provider = "google"
try:
resp = descope_client.mgmt.user.get_provider_token(login_id=login_id, provider=provider)
print ("Successfully loaded user's provider token.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to load user's provider token.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The loginID of the user to be loaded.
loginID := "xxxx"
// provider (str): The provider name (google, facebook, etc')
provider := "google"
res, err := descopeClient.Management.User().GetProviderToken(ctx, loginID, provider)
if (err != nil){
fmt.Println("Unable to load user's provider token: ", err)
} else {
fmt.Println("Successfully loaded user's provider token.", res)
}// Args:
// loginID (string): The login ID of the user whose provider token you want.
var loginID = "user-login-id";
// provider (string) : The social provider (e.g., "google", "facebook").
var provider = "google";
try
{
var tokenRes = await descopeClient.Management.User.GetProviderToken(loginId: loginID, provider: provider);
}
catch (DescopeException ex)
{
// Handle the error
}Search Users
This operation returns user details based on the applicable search.
// Args:
// tenantIds (List[str]): Optional list of tenant IDs to filter by
const tenantIds = ["Test1", "Test2", "Test3"]
// roleNames (List[str]): Optional list of role names to filter by
const roleNames = ["TestRole1", "TestRole2", "TestRole3"]
// limit (number): Optional limit of the number of users returned. Leave empty for default.
const limit = 1
// page (number): Optional pagination control. Pages start at 0 and must be non-negative.
const page = 0
// testUsersOnly: boolean: Given true, it will only return test users.
const testUsersOnly = false
// withTestUser: boolean: Given true, it will also return test users. False will omit test users.
const withTestUser = true
// customAttributes: Record<string, AttributesTypes>: Searches users with certain custom attributes
const customAttributes = {"mycustomattribute": "Test"}
// statuses (List[str]): a list of statuses to search users for, the options are: "invited", "enabled", "disabled"
const statuses = ["invited", "enabled", "disabled"]
// emails (List[str]): Optional list of emails to search for
const emails = ["email@company.com"]
// phones (List[str]): Optional list of phones to search for
const phones = ["+12223334444"]
// userIds (List[str]): Optional list of user IDs to search for
const userIds = ["user-id-1"]
// sort (List[str]): Optional list of fields to sort by.
const sort = [{ field: "displayName", desc: true }]
// text (str): Optional full text search across relevant columns.
const text = ""
// fromCreatedTime (number): Optional search parameter returning users who were created on or after this time (in Unix epoch milliseconds).
const fromCreatedTime = 1735689600000
// toCreatedTime (number): Optional search parameter returning users who were created on or before this time (in Unix epoch milliseconds).
const toCreatedTime = 1735689600000
// fromModifiedTime (number): Optional search parameter returning users whose last modification/update occurred on or after this time (in Unix epoch milliseconds).
const fromModifiedTime = 1735689600000
// toModifiedTime (number): Optional search parameter returning users whose last modification/update occurred on or before this time (in Unix epoch milliseconds).
const toModifiedTime = 1735689600000
// Search all users with no filter: let resp = await descopeClient.management.user.search({})
// Search users with limit filter: let resp = await descopeClient.management.user.search({ limit: 10 })
// Search users with tenant filter: let resp = await descopeClient.management.user.search({ tenantIds: ['Test1', 'Test2'] })
// Search users with role filter: let resp = await descopeClient.management.user.search({ roleNames: ['TestRole1', 'TestRole2'] })
// Search users with a combination of filters:
let resp = await descopeClient.management.user.search({ tenantIds: ['Test1', 'Test2'], roleNames: ['TestRole1', 'TestRole2'] });
if (!resp.ok) {
console.log("Failed to search users.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully searched users.")
console.log(resp.data)
}# Args:
# tenant_ids (List[str]): Optional list of tenant IDs to filter by
tenant_ids = ["Test1", "Test2", "Test3"]
# role_names (List[str]): Optional list of role names to filter by
role_names = ["TestRole1", "TestRole2", "TestRole3"]
# limit (int): Optional limit of the number of users returned. Leave empty for default.
limit = 1
# page (int): Optional pagination control. Pages start at 0 and must be non-negative.
page = 0
# test_users_only: boolean: Given true, it will only return test users.
test_users_only = False
# with_test_user: boolean: Given true, it will also return test users. False will omit test users.
with_test_user = True
# custom_attributes: dict: Searches users with certain custom attributes
custom_attributes = {"mycustomattribute": "Test"}
# statuses (List[str]): a list of statuses to search users for, the options are: "invited", "enabled", "disabled"
statuses = ["invited", "enabled", "disabled"]
# emails (List[str]): Optional list of emails to search for
emails = ["email@company.com"]
# phones (List[str]): Optional list of phones to search for
phones = ["+12223334444"]
# user_ids (List[str]): Optional list of user IDs to search for
user_ids = ["user-id-1"]
# sort (List[str]): Optional list of fields to sort by.
sort = [{"field": "displayName", "desc": True}]
# text (str): Optional full text search across relevant columns.
text = ""
# from_created_time (int): Optional search parameter returning users who were created on or after this time (in Unix epoch milliseconds).
from_created_time = 1735689600000
# to_created_time (int): Optional search parameter returning users who were created on or before this time (in Unix epoch milliseconds).
to_created_time = 1735689600000
# from_modified_time (int): Optional search parameter returning users whose last modification/update occurred on or after this time (in Unix epoch milliseconds).
from_modified_time = 1735689600000
# to_modified_time (int): Optional search parameter returning users whose last modification/update occurred on or before this time (in Unix epoch milliseconds).
to_modified_time = 1735689600000
try:
# Search all users with no filter: resp = descope_client.mgmt.user.search_all()
# Search all users with limit filter: resp = descope_client.mgmt.user.search_all(limit=limit)
# Search all users with tenant filter: resp = descope_client.mgmt.user.search_all(tenant_ids=tenant_ids)
# Search all users with role filter: resp = descope_client.mgmt.user.search_all(role_names=role_names)
# Search all users with a combination of filters:
resp = descope_client.mgmt.user.search_all(tenant_ids=tenant_ids, role_names=role_names, limit=limit, page=page, test_users_only=test_users_only, with_test_user=with_test_user, custom_attributes=custom_attributes, statuses=statuses, emails=emails, phones=phones, sort=sort, text=text, from_created_time=from_created_time, to_created_time=to_created_time, from_modified_time=from_modified_time, to_modified_time=to_modified_time)
print ("Successfully searched users.")
users = resp["users"]
for user in users:
print(print(json.dumps(user, indent=2)))
except AuthException as error:
print ("Unable to search users.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// searchOptions: Options for searching and filtering users
// TenantIds(List[str]): Optional list of tenant IDs to filter by
// Roles (List[str]): Optional list of role names to filter by
// Limit (int32): Optional limit of the number of users returned. Leave empty for default.
// Page (int): The page parameter allow to paginate over the results. Pages start at 0 and must non-negative.
// WithTestUsers: boolean: Given true, it will also return test users. False will omit test users.
// TestUsersOnly: boolean: Given true, it will only return test users.
// CustomAttributes: map[string]any: Searches users with certain custom attributes
// Emails (List[str]): Optional list of emails to search for
// Phones (List[str]): Optional list of phones to search for
// UserIds (List[str]): Optional list of user IDs to search for
// Sort (List[str]): Optional list of fields to sort by.
// Text (str): Optional full text search across relevant columns.
// FromCreatedTime (int64): Optional search parameter returning users who were created on or after this time (in Unix epoch milliseconds).
// ToCreatedTime (int64): Optional search parameter returning users who were created on or before this time (in Unix epoch milliseconds).
// FromModifiedTime (int64): Optional search parameter returning users whose last modification/update occurred on or after this time (in Unix epoch milliseconds).
// ToModifiedTime (int64): Optional search parameter returning users whose last modification/update occurred on or before this time (in Unix epoch milliseconds).
// Note - you can leave any of these items as nil as to not filter on them as well.
searchOptions := &descope.UserSearchOptions{
TenantIDs: []string{"Test1", "Test2", "Test3"},
Roles: []string{"TestRole1", "TestRole2", "TestRole3"},
Limit: 5,
Statuses: []descope.UserStatus{"invited", "enabled", "disabled"},
Page: 0,
WithTestUsers: true,
TestUsersOnly: false,
CustomAttributes: map[string]any{"mycustomattribute": "Test"},
Emails: []string{"email@company.com"},
Phones: []string{"+12223334444"},
Sort: []descope.UserSearchSort{
{Field: "displayName", Desc: true},
},
Text: "",
FromCreatedTime: 1735689600000
}
res, err := descopeClient.Management.User().SearchAll(ctx, searchOptions)
if (err != nil){
fmt.Println("Unable to search users: ", err)
} else {
fmt.Println("Successfully searched users: ")
for _, u := range res {
fmt.Println(u)
}
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Search all users, optionally according to tenant and/or role filter
// Results can be paginated using the limit and page parameters
try {
List<AllUsersResponsibleDetails> users = us.searchAll(UserRequest.builder()
.tenants(Arrays.asList(
AssociatedTenant.builder()
.tenantId("tenant-ID1"),
AssociatedTenant.builder()
.tenantId("tenant-ID2"))));
for (AllUsersResponsibleDetails u : users) {
// Do something
}
}$response = $descopeSDK->management->user->searchAll(
"", // loginId
[], // tenantIds
['admin', 'viewer'], // roleNames
50, // limit
"", // text
1, // page
false, // ssoOnly
false, // testUsersOnly
false, // withTestUser
null, // customAttributes
['enabled'], // statuses
['user@example.com'], // emails
['+1234567890'], // phones
['ssoApp123'], // ssoAppIds
[ // sort
['field' => 'displayName', 'desc' => true]
]
);
print_r($response);// Args:
// options (SearchUserOptions?): Fine‑tune filters for tenants and/or roles. Paginate by limit and page.
var options = new SearchUserOptions
{
TenantIds = new List<string> { "Tenant‑123", "Tenant‑456" },
RoleNames = new List<string> { "Role1", "Role2" },
Limit = 50,
Page = 0,
Sort = new List<UserSearchSort>
{
new UserSearchSort("displayName", true)
},
Text = ""
};
try
{
var users = await descopeClient.Management.User.SearchAll(options: options);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Email Address
This operation allows administrators to update a user's email address.
// Args:
// loginId (str): The login ID of the user to update the email for.
const loginId = "xxxx"
// email (str): The new email address for the user. Leave empty to remove.
const email = "xxxx@xxxxxx.xxx"
// verified (bool): Set to true for the user to be able to login with the email address.
const verified = true // or false
let resp = await descopeClient.management.user.updateEmail(loginId, email, verified)
if (!resp.ok) {
console.log(resp)
console.log("Failed to update user's email address.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's email address.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update the email for.
login_id = "xxxx"
# email (str): The new email address for the user. Leave empty to remove.
email = "xxxx@xxxxxx.xxx"
# verified (bool): Set to true for the user to be able to login with the email address.
verified = True # or False
try:
resp = descope_client.mgmt.user.update_email(login_id=login_id, email=email, verified=verified)
print ("Successfully updated user's email address.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's email address.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The login ID or userID of the user to update the email for.
loginIDOrUserID := "xxxx"
// email (str): The new email address for the user. Leave empty to remove.
email := "xxxx@xxxxxx.xxx"
// verified (bool): Set to true for the user to be able to login with the email address.
verified := true // or false
res, err := descopeClient.Management.User().UpdateEmail(ctx, loginIDOrUserID, email, verified)
if (err != nil){
fmt.Println("Unable to update user's email address: ", err)
} else {
fmt.Println("Successfully updated user's email address: ", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.loginId("<login_id>")
.phone("980-012-1234")
.build());
} catch (DescopeException de) {
// Handle the error
}<Tab value=".NET">
```csharp
// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// newEmail (string?): The new email address, or null to remove.
var newEmail = "email@company.com";
// verified (bool): Must be true for the user to log in with this email.
var verified = true;
try
{
var userRes = await descopeClient.Management.User.UpdateEmail(
loginId : loginID,
email : newEmail,
verified: verified);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Login ID
This operation allows administrators to update a user's Login ID. If you'd like to remove a login ID, provide an empty string for the new login ID.
// Args:
// login_id (str): The login ID of the user to update the Login ID for.
const loginId = "xxxx"
// new_login_id (str): New login ID to set for the user.
const newLoginId = "xxxx"
const resp = await descopeClient.management.user.updateLoginId(loginId, newLoginId)
if (!resp.ok) {
console.log(resp)
console.log("Unable to update user's Login ID.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's Login ID.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update the Login ID for.
login_id = "xxxx"
# new_login_id (str): New login ID to set for the user.
new_login_id = "xxxx"
try:
resp = descope_client.mgmt.user.update_login_id(login_id=login_id, new_login_id=new_login_id)
print ("Successfully updated user's Login ID.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's Login ID.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// login_id (str): The login ID of the user to update the Login ID for.
loginID := "xxxx"
// new_login_id (str): New login ID to set for the user.
newLoginID := "xxxx"
res, err := descopeClient.Management.User().UpdateLoginID(ctx, loginID, newLoginID)
if (err != nil){
fmt.Println("Unable to update user's Login ID: ", err)
} else {
fmt.Println("Successfully updated user's Login ID.", res)
}UserService us = descopeClient.getManagementServices().getUserService();
try {
us.updateLoginId("email@company.com", "newEmail@company.com")
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The user’s current login ID to be replaced.
var loginID = "user-login-id";
// newLoginID (string?): The new login ID, or null to remove the current one
var newLoginID = "new-login-id";
try
{
var userRes = await descopeClient.Management.User.UpdateLoginId(loginId:loginID, newLoginId: newLoginID);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Phone Number
This operation allows administrators to update a user's phone number.
// Args:
// loginId (str): The login ID of the user to update the phone number for.
const loginId = "xxxx"
// phone (str): The new user phone number. Leave empty to remove.
const phone = "+17777777777"
// verified (bool): Set to true for the user to be able to login with the phone number.
const verified = true // or false
let resp = await descopeClient.management.user.updatePhone(loginId, phone, verified)
if (!resp.ok) {
console.log(resp)
console.log("Failed to update user's phone number.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's phone number.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update the phone for.
login_id = "xxxx"
# phone (str): The new user phone number. Leave empty to remove.
phone = "+1777777777"
# verified (bool): Set to true for the user to be able to login with the phone number.
verified = True # or False
try:
resp = descope_client.mgmt.user.update_phone(login_id=login_id, phone=phone, verified=verified)
print ("Successfully updated user's phone number.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's phone number.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The login ID or userID of the user to update the phone for.
loginIDOrUserID := "xxxx"
// phone (str): The new user phone number. Leave empty to remove.
phone := "+13333333333"
// verified (bool): Set to true for the user to be able to login with the phone number.
verified := true // or False
res, err := descopeClient.Management.User().UpdatePhone(ctx, loginIDOrUserID, phone, verified)
if (err != nil){
fmt.Println("Unable to update user's phone number: ", err)
} else {
fmt.Println("Successfully updated user's phone number: ", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.loginId("<login_id>")
.phone("980-012-1234")
.build());
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// newPhone (string?): The new phone number, or null to remove.
var newPhone = "+15555555555";
// verified(bool) : Must be true for the user to log in with this phone.
var verified = true;
try
{
var userRes = await descopeClient.Management.User.UpdatePhone(loginId: loginID, phone: newPhone, verified: true);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Display Name
This operation allows administrators to update a user's display name.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// displayName (str): Optional user display name. Leave empty to remove.
const displayName = "Updated Display Name"
let resp = await descopeClient.management.user.updateDisplayName(loginId, displayName)
if (!resp.ok) {
console.log(resp)
console.log("Failed to update user's display name.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's display name.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# display_name (str): Optional user display name. Leave empty to remove.
display_name = "Updated Display Name"
try:
resp = descope_client.mgmt.user.update_display_name(login_id=login_id, display_name=display_name)
print ("Successfully updated user's display name.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's display name.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The login ID userID of the user to update.
loginIDOrUserID := "xxxx"
// displayName (str): Optional user display name. Leave empty to remove.
displayName := "Updated Display Name"
res, err := descopeClient.Management.User().UpdateDisplayName(ctx, loginIDOrUserID, displayName)
if (err != nil){
fmt.Println("Unable to update user's display name: ", err)
} else {
fmt.Println("Successfully updated user's display name: ", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.loginId("<login_id>")
.phone("980-012-1234")
.build());
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// newDisplayName (string?): The new display name, or null to remove.
var newDisplayName = "updated-display-name";
try
{
var userRes = await descopeClient.Management.User.UpdateDisplayName(loginId: loginID, displayName: newDisplayName);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Picture
This operation allows administrators to update a user's profile picture granularly without updating all user details.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// picture (str): Optional url to user avatar. Leave empty to remove.
const picture = "https://example.com/picture.png"
const resp = await descopeClient.management.user.updatePicture(loginId, picture)
if (!resp.ok) {
console.log(resp)
console.log("Unable to update user's picture.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's picture.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# picture (str): Optional url to user avatar. Leave empty to remove.
picture = "https://example.com/picture.png"
try:
resp = descope_client.mgmt.user.update_picture(login_id=login_id, picture=picture)
print ("Successfully updated user's picture.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's picture.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// picture (str): Optional url to user avatar. Leave empty to remove.
picture := "https://example.com/picture.png"
res, err := descopeClient.Management.User().UpdatePicture(ctx, loginIDOrUserID, picture)
if (err != nil){
fmt.Println("Unable to update user's picture: ", err)
} else {
fmt.Println("Successfully updated user's picture.", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.phone("980-012-1234")
.picture("<string_to_picture>").build());
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The login ID of the user to update.
var loginID = "custom-login-id";
// picture (string?): The new picture URL, or null to remove.
var newPicture = "https://example.com/picture.png";
try
{
var userRes = await descopeClient.Management.User.UpdatePicture(loginId: loginID, picture: newPicture);
}
catch (DescopeException ex)
{
// Handle the error
}Update a User's Custom Attributes
This operation allows administrators to update a user's custom attributes granularly without updating all user details.
// Args:
// loginID (str): The login ID of the user to update.
const loginId = "xxxx"
// attributeKey: The custom attribute that needs to be updated, this attribute needs to exists in Descope console app
const attributeKey = "mycustomattribute"
// attributeValue (str): The value to be update
const attributeValue = "Test Value"
const resp = await descopeClient.management.user.updateCustomAttribute(loginId, attributeKey, attributeValue)
if (!resp.ok) {
console.log(resp)
console.log("Unable to update user's custom attribute.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully updated user's custom attribute.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# attribute_key: The custom attribute that needs to be updated, this attribute needs to exists in Descope console app
attribute_key = "mycustomattribute"
# attribute_val (str): The value to be update
attribute_val = "Test Value"
try:
resp = descope_client.mgmt.user.update_custom_attribute(login_id=login_id, attribute_key=attribute_key, attribute_val=attribute_val)
print ("Successfully updated user's custom attribute.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's custom attribute.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// attributeKey (str): The custom attribute that needs to be updated, this attribute needs to exists in Descope console app
attributeKey := "mycustomattribute"
// attributeValue: The value to be update
attributeValue := "Test Value"
res, err := descopeClient.Management.User().UpdateCustomAttribute(ctx, loginIDOrUserID, attributeKey, attributeValue)
if (err != nil){
fmt.Println("Unable to update user's custom attribute: ", err)
} else {
fmt.Println("Successfully updated user's custom attribute.", res)
}// A user must have a loginID, other fields are optional.
// Roles should be set directly if no tenants exist, otherwise set on a per-tenant basis.
UserService us = descopeClient.getManagementServices().getUserService();
// Update will override all fields as is. Use carefully.
try {
us.update("email@company.com", UserRequest.builder()
.email("email@company.com")
.displayName("Joe Person")
.phone("980-012-1234")
.customAttributes(customAttributes)
.picture("<string_to_picture>").build());
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// attrKey (string): An existing custom‑attribute key configured in the Descope console.
var attrKey = "my-custom-attribute";
// attrVal (object): Value matching the type defined for the key.
object attrVal = "attribute-value";
try
{
var userRes = await descopeClient.Management.User.UpdateCustomAttributes(loginId: loginID, key: attrKey, value: attrVal);
}
catch (DescopeException ex)
{
// Handle the error
}Expire a User's Password
This operation allows administrators to expire an existing user's password. Upon next login, the user will need to follow the reset password flow.
// Args:
// loginId (str): The login ID of the user to expire password for.
const loginId = "xxxx"
const resp = await descopeClient.management.user.expirePassword(loginId)
if (!resp.ok) {
console.log(resp)
console.log("Unable to expire user's password.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully expired user's password.")
}# Args:
# login_id (str): The login ID of the user expire password for.
login_id = "xxxx"
try:
resp = descope_client.mgmt.user.expire_password(login_id=login_id)
print ("Successfully expired user's password.")
except AuthException as error:
print ("Unable to expire user's password.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The login ID of the user to expire password for.
loginID := "xxxx"
err := descopeClient.Management.User().ExpirePassword(ctx, loginID)
if (err != nil){
fmt.Println("Unable to expire user's password: ", err)
} else {
fmt.Println("Successfully expired user's password.")
}UserService us = descopeClient.getManagementServices().getUserService();
// Set a user's password
try {
us.expirePassword("my-custom-id");
} catch (DescopeException de) {
// Handle the error
}// Args:
// loginID (string): The login ID of the user whose password should be expired.
var loginID = "user-login-id";
try
{
await descopeClient.Management.User.ExpirePassword(loginId: loginID);
}
catch (DescopeException ex)
{
// Handle the error
}Set a Temporary User's Password
This operation allows administrators to set a temporary password for an existing user. This will require the user to change their password on next authentication.
// Args:
// loginId (str): The login ID of the user set password for.
const loginId = "xxxx"
// password (str): The password to be set for the user.
const password = "xxxxx"
const resp = await descopeClient.management.user.setTemporaryPassword(loginId, password)
if (!resp.ok) {
console.log(resp)
console.log("Unable to set user's password.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully set user's password.")
}# Args:
# login_id (str): The login ID of the user set password for.
login_id = "xxxx"
# password (str): The password to be set for the user.
password = "xxxxx"
try:
resp = descope_client.mgmt.user.set_temporary_password(login_id=login_id, password=password)
print ("Successfully set user's password.")
except AuthException as error:
print ("Unable to set user's password.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The login ID of the user to set password for.
loginID := "xxxx"
// password (str): The password to be set for the user.
password := "xxxxx"
err := descopeClient.Management.User().SetTemporaryPassword(ctx, loginID, password)
if (err != nil){
fmt.Println("Unable to set user's password: ", err)
} else {
fmt.Println("Successfully set user's password.")
}UserService us = descopeClient.getManagementServices().getUserService();
// Set a user's password
try {
us.setPassword("my-custom-id", "some-password");
} catch (DescopeException de) {
// Handle the error
}$descopeSDK->management->user->setTemporaryPassword("testuser1", new UserPassword(cleartext: "temporaryPassword123"));// Args:
// loginID (string): The login ID of the user whose password is being set.
var loginID = "user-login-id";
// tempPassword (string): The temporary password to assign (will be marked expired).
var tempPassword = "TempP@ssw0rd!";
try
{
await descopeClient.Management.User.SetTemporaryPassword(loginId: loginID, password: tempPassword);
}
catch (DescopeException ex)
{
// Handle the error
}Set an Active Password for User
This endpoint allows you to set an active password for an existing user. This will allow the user to authenticate with this password without changing it.
// Args:
// loginId (str): The login ID of the user set password for.
const loginId = "xxxx"
// password (str): The password to be set for the user.
const password = "xxxxx"
const resp = await descopeClient.management.user.setActivePassword(loginId, password)
if (!resp.ok) {
console.log(resp)
console.log("Unable to set user's password.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully set user's password.")
}# Args:
# login_id (str): The login ID of the user set password for.
login_id = "xxxx"
# password (str): The password to be set for the user.
password = "xxxxx"
try:
resp = descope_client.mgmt.user.set_active_password(login_id=login_id, password=password)
print ("Successfully set user's password.")
except AuthException as error:
print ("Unable to set user's password.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The login ID of the user to set password for.
loginID := "xxxx"
// password (str): The password to be set for the user.
password := "xxxxx"
err := descopeClient.Management.User().SetActivePassword(ctx, loginID, password)
if (err != nil){
fmt.Println("Unable to set user's password: ", err)
} else {
fmt.Println("Successfully set user's password.")
}// pending release$descopeSDK->management->user->setActivePassword("testuser1", new UserPassword(cleartext: "activePassword123"));// Args:
// loginID (string) : The login ID of the user whose password is being set.
var loginID = "user-login-id";
// newPass (string) : The active (non‑expired) password to assign.
var newPassword = "Str0ngP@ssw0rd";
try
{
await descopeClient.Management.User.SetActivePassword(loginId: loginID, password: newPassword);
}
catch (DescopeException ex)
{
// Handle the error
}Add a Role to a User
This operation allows administrators to add roles to an existing user.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// roleNames (List[str]): A list of roles to add to a user without tenant association.
const roleNames = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.addRoles(loginId, roleNames)
if (!resp.ok) {
console.log(resp)
console.log("Failed to add roles to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully added roles to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# role_names (List[str]): A list of roles to add to a user without tenant association.
role_names = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.add_roles(login_id=login_id, role_names=role_names)
print ("Successfully updated user's roles.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's roles.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// roleNames (List[str]): A list of roles to add to a user without tenant association.
roleNames := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().AddRoles(ctx, loginIDOrUserID, roleNames)
if (err != nil){
fmt.Println("Unable to add roles to user: ", err)
} else {
fmt.Println("Successfully added roles to user: ", res)
}```java
UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("My Updated Permission");
/**
* Add roles for a user without tenant association. Use AddTenantRoles for users that are part of
* a multi-tenant project.
*
* @param loginId The loginID is required.
* @param roles User Roles
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.addRoles("<login_id>", roles);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "custom-login-id";
// roles (List<string>): Roles to add (project‑level unless tenantID provided).
var roles = new List<string> { "Role1", "Role2" };
// tenantID (string?): Optional tenant association. Provide tenantId when roles are tenant‑scoped.
string? tenantID = null;
try
{
var userRes = await descopeClient.Management.User.AddRoles(loginId: loginID, roleNames: roles, tenantId : tenantID);
}
catch (DescopeException ex)
{
// Handle the error
}Set Roles for a User
This endpoint allows you to set a user's roles. This will override the current roles associated to the user and will set all passed roles.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// roles (List[str]): A list of roles to set for a user without tenant association.
const roles = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.setRoles(loginId, roles)
if (!resp.ok) {
console.log(resp)
console.log("Failed to set roles to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully set roles to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# roles (List[str]): A list of roles to set for a user without tenant association.
roles = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.set_roles(login_id=login_id, roles=roles)
print ("Successfully set user's roles.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to set user's roles.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// roles (List[str]): A list of roles to set for a user without tenant association.
roles := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().SetRoles(ctx, loginIDOrUserID, roles)
if (err != nil){
fmt.Println("Unable to set roles to user: ", err)
} else {
fmt.Println("Successfully set roles to user: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("TestRole1","TestRole2");
/**
* Add roles for a user without tenant association. Use AddTenantRoles for users that are part of
* a multi-tenant project.
*
* @param loginId The loginID is required.
* @param roles User Roles
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.setRoles("<login_id>", roles);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "usr-login-id";
// roles (List<string>): Roles to set (overrides existing).
var roles = new List<string> { "Role1", "Role2" };
// tenantID (string?): Optional tenant association. Provide tenantId when roles are tenant‑scoped.
string? tenantID = null;
try
{
var userRes = await descopeClient.Management.User.SetRoles(loginId: loginID, roleNames: roles, tenantId: tenantID);
}
catch (DescopeException ex)
{
// Handle the error
}Remove a Role from a User
This operation allows administrators to remove roles from an existing user.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// roleNames (List[str]): A list of roles to remove from a user without tenant association.
const roleNames = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.removeRoles(loginId, roleNames)
if (!resp.ok) {
console.log(resp)
console.log("Failed to remove roles from user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully removed roles from user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# role_names (List[str]): A list of roles to remove from a user without tenant association.
role_names = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.remove_roles(login_id=login_id, role_names=role_names)
print ("Successfully updated user's roles.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to update user's roles.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// roleNames (List[str]): A list of roles to remove from a user without tenant association.
roleNames := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().RemoveRoles(ctx, loginIDOrUserID, roleNames)
if (err != nil){
fmt.Println("Unable to remove roles from user: ", err)
} else {
fmt.Println("Successfully removed roles from user: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("My Updated Permission");
/**
* Remove roles from a user without tenant association.
*
* @param loginId The loginID is required.
* @param roles Use RemoveTenantRoles for users that are part of a multi-tenant project.
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.removeRoles("<login_id>", roles);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "custom-login-id";
// roles (List<string>): Roles to remove.
var roles = new List<string> { "Role1", "Role2" };
// tenantID (string?): Optional tenant association. Provide tenantId when roles are tenant‑scoped.
string? tenantID = null;
try
{
var userRes = await descopeClient.Management.User.RemoveRoles(loginId: loginID, roleNames: roles, tenantId: tenantID);
}
catch (DescopeException ex)
{
// Handle the error
}Add a Tenant to a User
This operation allows administrators to add tenants to an existing user.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// tenantId (str): The ID of the tenant to add to the user.
const tenantId = "TestTenant"
let resp = await descopeClient.management.user.addTenant(loginId, tenantId)
if (!resp.ok) {
console.log(resp)
console.log("Failed to add tenant to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully added tenant to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# tenant_id (str): The ID of the tenant to add to the user.
tenant_id = "TestTenant"
try:
resp = descope_client.mgmt.user.add_tenant(login_id=login_id, tenant_id=tenant_id)
print ("Successfully added tenant to user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to add tenant to user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// tenantID (str): The ID of the tenant to add to the user.
tenantID := "TestTenant"
res, err := descopeClient.Management.User().AddTenant(ctx, loginIDOrUserID, tenantID)
if (err != nil){
fmt.Println("Unable to add tenant to user: ", err)
} else {
fmt.Println("Successfully added tenant to user: ", res)
}```java
UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("My Updated Permission");
/**
* Add a tenant association for an existing user.
*
* @param loginId The loginID is required.
* @param tenantId Tenant ID
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.addTenant("<login_id>", "<tenant_id>");$response = $descopeSDK->management->user->addTenant("testuser1", "tenantId1");
print_r($response);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// tenantID (string): The tenant ID to add to the user.
var tenantID = "tenant-id";
try
{
var userRes = await descopeClient.Management.User.AddTenant(loginId: loginID, tenantId: tenantID);
}
catch (DescopeException ex)
{
// Handle the error
}Remove a Tenant from a User
This operation allows administrators to remove tenants from an existing user.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// tenantId (str): The ID of the tenant to remove from the user.
const tenantId = "TestTenant"
let resp = await descopeClient.management.user.removeTenant(loginId, tenantId)
if (!resp.ok) {
console.log(resp)
console.log("Failed to remove tenant from user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully removed tenant from user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# tenant_id (str): The ID of the tenant to add to the user.
tenant_id = "TestTenant"
try:
resp = descope_client.mgmt.user.remove_tenant(login_id=login_id, tenant_id=tenant_id)
print ("Successfully removed tenant from user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to remove tenant from user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// tenantID (str): The ID of the tenant to add to the user.
tenantID := "TestTenant"
res, err := descopeClient.Management.User().RemoveTenant(ctx, loginIDOrUserID, tenantID)
if (err != nil){
fmt.Println("Unable to remove tenant from user: ", err)
} else {
fmt.Println("Successfully removed tenant from user: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
/**
* Remove a tenant association from an existing user.
*
* @param loginId The loginID is required.
* @param tenantId Tenant ID
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.removeTenant("<login_id>", "<tenant_id>");$response = $descopeSDK->management->user->removeTenant("testuser1", "tenantId1");
print_r($response);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// tenantID (string): The tenant ID to remove from the user.
var tenantID = "tenant-id";
try
{
var userRes = await descopeClient.Management.User.RemoveTenant(loginId: loginID, tenantId: tenantID);
}
catch (DescopeException ex)
{
// Handle the error
}Add Roles to a User in a Specific Tenant
This operation allows administrators to add roles to a user within a specific tenant.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// tenantId (str): The ID of the user's tenant.
const tenantId = "TestTenant"
// roleNames (List[str]): A list of roles to add to the user.
const roleNames = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.addTenantRoles(loginId, tenantId, roleNames)
if (!resp.ok) {
console.log(resp)
console.log("Unable to add roles to the user in the specified tenant.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully added roles to the user in the specified tenant.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# tenant_id (str): The ID of the user's tenant.
tenant_id = "TestTenant"
# role_names (List[str]): A list of roles to add to the user.
role_names = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.add_tenant_roles(login_id=login_id, tenant_id=tenant_id, role_names=role_names)
print ("Successfully added roles to the user in the specified tenant.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to add roles to the user in the specified tenant.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// tenantID (str): The ID of the user's tenant.
tenantID := "TestTenant"
// roleNames (List[str]): A list of roles to add to the user.
roleNames := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().AddTenantRoles(ctx, loginIDOrUserID, tenantID, roleNames)
if (err != nil){
fmt.Println("Unable to add roles to the user in the specified tenant: ", err)
} else {
fmt.Println("Successfully added roles to the user in the specified tenant: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("My Updated Permission");
/**
* Add roles for a user in a specific tenant.
*
* @param loginId The loginID is required.
* @param tenantId Tenant ID
* @param roles Tenant Roles
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.addTenantRoles("<login_id>", "<tenant_id>", roles);$response = $descopeSDK->management->user->addTenantRoles("testuser1", "tenantId1", ["user"]);
print_r($response);Set Roles for a User in a Specific Tenant
This operation allows administrators to set roles to a user within a specific tenant. This will override the current roles associated to the user for the tenant and will set all passed roles.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// tenantId (str): The ID of the user's tenant.
const tenantId = "TestTenant"
// roles (List[str]): A list of roles to set for the user.
const roles = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.setTenantRoles(loginId, tenantId, roles)
if (!resp.ok) {
console.log(resp)
console.log("Unable to set roles to the user in the specified tenant.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully set roles to the user in the specified tenant.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# tenant_id (str): The ID of the user's tenant.
tenant_id = "TestTenant"
# roles (List[str]): A list of roles to set for the user.
roles = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.set_tenant_roles(login_id=login_id, tenant_id=tenant_id, roles=roles)
print ("Successfully set roles to the user in the specified tenant.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to set roles to the user in the specified tenant.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// tenantID (str): The ID of the user's tenant.
tenantID := "TestTenant"
// roles (List[str]): A list of roles to set for the user.
roles := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().SetTenantRoles(ctx, loginIDOrUserID, tenantID, roles)
if (err != nil){
fmt.Println("Unable to set roles to the user in the specified tenant: ", err)
} else {
fmt.Println("Successfully set roles to the user in the specified tenant: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("TestRole1","TestRole2");
/**
* Add roles for a user in a specific tenant.
*
* @param loginId The loginID is required.
* @param tenantId Tenant ID
* @param roles Tenant Roles
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.setTenantRoles("<login_id>", "<tenant_id>", roles);$response = $descopeSDK->management->user->setTenantRoles("testuser1", "tenantId1", ["admin"]);
print_r($response);Remove Roles from a User in a Specific Tenant
This operation allows administrators to remove roles from a user within a specific tenant.
// Args:
// loginId (str): The login ID of the user to update.
const loginId = "xxxx"
// tenantId (str): The ID of the user's tenant.
const tenantId = "TestTenant"
// roleNames (List[str]): A list of roles to remove from the user.
const roleNames = ["TestRole1","TestRole2"]
let resp = await descopeClient.management.user.removeTenantRoles(loginId, tenantId, roleNames)
if (!resp.ok) {
console.log(resp)
console.log("Unable to remove roles from the user in the specified tenant.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully removed roles from the user in the specified tenant.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# tenant_id (str): The ID of the user's tenant.
tenant_id = "TestTenant"
# role_names (List[str]): A list of roles to remove from the user.
role_names = ["TestRole1", "TestRole2", "TestRole3"]
try:
resp = descope_client.mgmt.user.remove_tenant_roles(login_id=login_id, tenant_id=tenant_id, role_names=role_names)
print ("Successfully removed roles from the user in the specified tenant.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to remove roles from the user in the specified tenant.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// tenantID (str): The ID of the user's tenant.
tenantID := "TestTenant"
// roleNames (List[str]): A list of roles to remove from the user.
roleNames := []string{"TestRole1","TestRole2"}
res, err := descopeClient.Management.User().RemoveTenantRoles(ctx, loginIDOrUserID, tenantID, roleNames)
if (err != nil){
fmt.Println("Unable to remove roles from the user in the specified tenant: ", err)
} else {
fmt.Println("Successfully removed roles from the user in the specified tenant: ", res)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> roles = Arrays.asList("My Updated Permission");
/**
* Add roles for a user in a specific tenant.
*
* @param loginId The loginID is required.
* @param tenantId Tenant ID
* @param roles Tenant Roles
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.removeTenantRoles("<login_id>", "<tenant_id>", roles);$response = $descopeSDK->management->user->removeTenantRoles("testuser1", "tenantId1", ["admin"]);
print_r($response);Associate an Application to a User
This operation allows administrators to associate an Application with a user.
// loginId (str): The login ID of the user to update.
loginId = "xxxx"
// ssoAppIds (array(str)): The IDs of the sso apps to add to the user.
ssoAppIds = ["app1", "app2"]
let resp = await descopeClient.management.user.addSSOapps(loginId, ssoAppIds)
if (!resp.ok) {
console.log(resp)
console.log("Unable to add sso apps to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully added sso apps to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# sso_ids (array(str)): The IDs of the sso apps to add to the user.
sso_ids = ["appId1", "appId2"]
try:
user = descope_client.mgmt.user.set_sso_apps(
login_id=loginId,
sso_app_ids=sso_ids
)
print ("Successfully added sso apps to user.")
except AuthException as error:
print ("Unable to add sso apps to user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// ssoAppIds (array(str)): The IDs of the sso apps to add to the user.
ssoAppIds := []string{"appId3"}
user, err := descopeClient.Management.User().AddSSOApps(context.Background(), loginIDOrUserID, ssoAppIds)
if (err != nil){
fmt.Println("Unable to add sso apps to user: ", err)
} else {
fmt.Println("Successfully added sso apps to user: ", user)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> ssoAppIds = Arrays.asList("appId1", "appId2");
us.addSsoApps("<login_id>", ssoAppIds);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// ssoAppIDs (List<string>): One or more SSO application IDs to associate.
var ssoAppIDs = new List<string> { "appId1", "appId2" };
try
{
var userRes = await descopeClient.Management.User.AddSsoApps(loginId: loginID, ssoAppIds: ssoAppIDs);
}
catch (DescopeException ex)
{
// Handle the error
}Set Applications for user
This operation allows administrators to set Applications associated to a user. This will override the current Application associated to the user for the user and set all passed Applications.
// loginId (str): The login ID of the user to update.
loginId = "xxxx"
// ssoAppIds (array(str)): The IDs of the sso apps to add to the user.
ssoAppIds = ["app1", "app2"]
let resp = await descopeClient.management.user.setSSOapps(loginId, ssoAppIds)
if (!resp.ok) {
console.log(resp)
console.log("Unable to set sso apps to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully set sso apps to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# sso_ids (array(str)): The IDs of the sso apps to add to the user.
sso_ids = ["appId1", "appId2"]
try:
user = descope_client.mgmt.user.set_sso_apps(
login_id=loginId,
sso_app_ids=sso_ids
)
print ("Successfully set sso apps to user.")
except AuthException as error:
print ("Unable to set tenant to user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// ssoAppIds (array(str)): The IDs of the sso apps to add to the user.
ssoAppIds := []string{"appId3"}
user, err := descopeClient.Management.User().SetSSOApps(context.Background(), loginIDOrUserID, ssoAppIds)
if (err != nil){
fmt.Println("Unable to set sso apps to user: ", err)
} else {
fmt.Println("Successfully set sso apps to user: ", user)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> ssoAppIds = Arrays.asList("appId1", "appId2");
us.setSsoApps("<login_id>", ssoAppIds);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "custom-login-id";
// ssoAppIDs (List<string>): The set of SSO application IDs to associate (overwrites existing list).
var ssoAppIDs = new List<string> { "appId1", "appId2" };
try
{
var userRes = await descopeClient.Management.User.SetSsoApps(loginId: loginID, ssoAppIds: ssoAppIDs);
}
catch (DescopeException ex)
{
// Handle the error
}Remove an Application from a User
This operation allows administrators to remove an Application from being associated with a user.
// loginId (str): The login ID of the user to update.
loginId = "xxxx"
// ssoAppIds (array(str)): The IDs of the sso apps to add to the user.
ssoAppIds = ["app1", "app2"]
let resp = await descopeClient.management.user.removeSSOapps(loginId, ssoAppIds)
if (!resp.ok) {
console.log(resp)
console.log("Unable to remove sso apps to user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully removed sso apps to user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to update.
login_id = "xxxx"
# sso_ids (array(str)): The IDs of the sso apps to remove to the user.
sso_ids = ["appId1", "appId2"]
try:
user = descope_client.mgmt.user.remove_sso_apps(
login_id=loginId,
sso_app_ids=sso_ids
)
print ("Successfully removed sso apps from user.")
except AuthException as error:
print ("Unable to remove sso apps from user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to update.
loginIDOrUserID := "xxxx"
// sso_ids (array(str)): The IDs of the sso apps to remove from the user.
ssoAppIds := []string{"appId3"}
user, err := descopeClient.Management.User().RemoveSSOApps(context.Background(), loginIDOrUserID, ssoAppIds)
if (err != nil){
fmt.Println("Unable to add sso apps to user: ", err)
} else {
fmt.Println("Successfully removed sso app from user: ", user)
}UserService us = descopeClient.getManagementServices().getUserService();
List<String> ssoAppIds = Arrays.asList("appId1", "appId2");
us.removeSsoApps("<login_id>", ssoAppIds);// Args:
// loginID (string): The login ID of the user to update.
var loginID = "user-login-id";
// ssoAppIDs (List<string>): One or more SSO application IDs to remove.
var ssoAppIDs = new List<string> { "appId2" };
try
{
var userRes = await descopeClient.Management.User.RemoveSsoApps(loginId: loginID, ssoAppIds: ssoAppIDs);
}
catch (DescopeException ex)
{
// Handle the error
}Activate User
This operation allows administrators to activate an existing user.
// Args:
// loginId (str): The login ID of the user to be activated.
const loginId = "xxxx"
let resp = await descopeClient.management.user.activate(loginId)
if (!resp.ok) {
console.log(resp)
console.log("Failed to activate user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully activated user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to be activated.
login_id = "xxxx"
try:
resp = descope_client.mgmt.user.activate(login_id=login_id)
print ("Successfully activated user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to activate user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to be activated.
loginIDOrUserID := "xxxx"
res, err := descopeClient.Management.User().Activate(ctx, loginIDOrUserID)
if (err != nil){
fmt.Println("Unable to activate user: ", err)
} else {
fmt.Println("User successfully activated", res)
}UserService us = descopeClient.getManagementServices().getUserService();
/**
* Activate an existing user.
*
* @param loginId The loginID is required.
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.activate("<login_id>");// Args:
// loginID (string): The login ID of the user to activate.
var loginID = "user-login-id";
try
{
var userRes = await descopeClient.Management.User.Activate(loginId: loginID);
}
catch (DescopeException ex)
{
// Handle the error
}Deactivate User
This operation allows administrators to deactivate an existing user.
// Args:
// loginId (str): The login ID of the user to be deactivated.
const loginId = "xxxx"
let resp = await descopeClient.management.user.deactivate(loginId)
if (!resp.ok) {
console.log(resp)
console.log("Failed to deactivate user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully deactivated user.")
console.log(resp.data)
}# Args:
# login_id (str): The login ID of the user to be deactivated.
login_id = "xxxx"
try:
resp = descope_client.mgmt.user.deactivate(login_id=login_id)
print ("Successfully deactivated user.")
print(json.dumps(resp, indent=2))
except AuthException as error:
print ("Unable to deactivate user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to be deactivated.
loginIDOrUserID := "xxxx"
res, err := descopeClient.Management.User().Deactivate(ctx, loginIDOrUserID)
if (err != nil){
fmt.Println("Unable to deactivate user: ", err)
} else {
fmt.Println("User successfully deactivated", res)
}UserService us = descopeClient.getManagementServices().getUserService();
/**
* Deactivate an existing user.
*
* @param loginId The loginID is required.
* @return {@link UserResponseDetails UserResponseDetails}
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.deactivate("<login_id>");// Args:
// loginID (string): The login ID of the user to deactivate.
var loginID = "user-login-id";
try
{
var userRes = await descopeClient.Management.User.Deactivate(loginId: loginID);
}
catch (DescopeException ex)
{
// Handle the error
}Logout All User Sessions
This operation allows administrators to log an existing user out of all sessions. This operation can be done via loginId or userId.
// Args:
// loginId (str): The loginId of the user to be logged out.
const loginId = "email@company.com"
const resp = await descopeClient.management.user.logoutUser(loginId);
if (!resp.ok) {
console.log("Failed to logout user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully logged user out.")
}
// Args:
// userId (str): The userId of the user to be logged out.
const userId = "email@company.com"
const resp = await descopeClient.management.user.logoutUserByUserId(userId);
if (!resp.ok) {
console.log("Failed to logout user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully logged user out.")
}# Args:
# login_id (str): The login_id of the user that's to be logged out.
login_id = "xxxxx"
try:
resp = descope_client.mgmt.user.logout_user(login_id=login_id)
print("Successfully logged user out.")
except AuthException as error:
print ("Failed to logout user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))
# Args:
# user_id (str): The user_id of the user that's to be logged out.
user_id = "xxxxx"
try:
resp = descope_client.mgmt.user.logout_user_by_user_id(user_id=user_id)
print("Successfully logged user out.")
except AuthException as error:
print ("Failed to logout user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The loginID of the user to be logged out.
loginID := "xxxx"
err := descopeClient.Management.User().LogoutUser(ctx, loginID)
if (err != nil){
fmt.Println("Failed to logout user.", err)
} else {
fmt.Println("Successfully logged user out.")
}
// Args:
// userID (str): The userID of the user to be logged out.
userID := "xxxx"
err := descopeClient.Management.User().LogoutUserByUserID(ctx, userID)
if (err != nil){
fmt.Println("Failed to logout user.", err)
} else {
fmt.Println("Successfully logged user out.")
}UserService us = descopeClient.getManagementServices().getUserService();
us.logoutUser("<loginId>");
us.logoutUserByUserId("<userId>");// Args:
// loginID (string?): The login ID of the user to log out (optional if user ID is provided).
string? loginID = "user-login-id";
// userID (string?): The user ID of the user to log out (optional if login ID is provided).
string? userID = "user-uuid";
try
{
await descopeClient.Management.User.Logout(loginId: loginID, userId: userID);
}
catch (DescopeException ex)
{
// Handle the error
}Delete User's Passkeys
This operation will delete all existing passkeys for a user.
// Args:
// loginId (str): The loginId of the user to be remove passkeys for.
const loginId = "email@company.com"
const resp = await descopeClient.management.user.removeAllPasskeys(loginId);
if (!resp.ok) {
console.log("Failed to remove user's passkeys.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully removed user's passkeys.")
}# Args:
# login_id (str): The login_id of the user to be remove passkeys for.
login_id = "xxxxx"
try:
resp = descope_client.mgmt.user.remove_all_passkeys(login_id=login_id)
print("Successfully removed user's passkeys.")
except AuthException as error:
print ("Failed to remove user's passkeys.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginID (str): The loginID of the user to be remove passkeys for.
loginID: = "xxxx"
err := descopeClient.Management.User().RemoveAllPasskeys(ctx, userID)
if (err != nil){
fmt.Println("Failed to remove user's passkeys.", err)
} else {
fmt.Println("Successfully removed user's passkeys.")
}// Pending release// Args:
// loginID (string): The login ID of the user whose passkeys will be removed.
var loginID = "user-login-id";
try
{
await descopeClient.Management.User.RemoveAllPasskeys(loginId: loginID);
}
catch (DescopeException ex)
{
// Handle the error
}Delete User
This operation allows administrators to delete an existing user. It is important to note that this operation is irreversible and the user will be removed and will not be able to be added back without recreation.
// Args:
// loginId (str): The loginId of the user to be deleted.
const loginId = "email@company.com"
const resp = await descopeClient.management.user.delete(loginId);
if (!resp.ok) {
console.log("Failed to delete user.")
console.log("Status Code: " + resp.code)
console.log("Error Code: " + resp.error.errorCode)
console.log("Error Description: " + resp.error.errorDescription)
console.log("Error Message: " + resp.error.errorMessage)
}
else {
console.log("Successfully deleted user.")
console.log(resp.data)
}# Args:
# login_id (str): The login_id of the user that's to be deleted.
login_id = "xxxxx"
try:
resp = descope_client.mgmt.user.delete(login_id=login_id)
print("Successfully deleted user.")
except AuthException as error:
print ("Failed to delete user.")
print ("Status Code: " + str(error.status_code))
print ("Error: " + str(error.error_message))// Args:
// ctx: context.Context - Application context for the transmission of context capabilities like
// cancellation signals during the function call. In cases where context is absent, the context.Background()
// function serves as a viable alternative.
// Utilizing context within the Descope GO SDK is supported within versions 1.6.0 and higher.
ctx := context.Background()
// loginIDOrUserID (str): The loginID or userID of the user to be deleted.
loginIDOrUserID: = "xxxx"
err := descopeClient.Management.User().Delete(ctx, loginIDOrUserID)
if (err != nil){
fmt.Println("Unable to delete user: ", err)
} else {
fmt.Println("User Successfully deleted")
}UserService us = descopeClient.getManagementServices().getUserService();
/**
* Delete an existing user.
*
* <p>IMPORTANT: This action is irreversible. Use carefully.
*
* @param loginId The loginID is required.
* @throws DescopeException If there occurs any exception, a subtype of this exception will be
* thrown.
*/
us.delete("<loginId>");$descopeSDK->management->user->delete("testuser1");// Args:
// loginID (string): The login ID of the user to delete (irreversible).
var loginID = "user-login-id";
try
{
await descopeClient.Management.User.Delete(loginId: loginID);
}
catch (DescopeException ex)
{
// Handle the error
} Was this helpful?