Get group members
Retrieves all members of a group.
GET ~/api/directoryObjects/groupMembers?<parameters>
Query parameters
-
Name
-
Required
-
Type
-
Description
-
group -
True
-
string
-
The identifier of the group whose members to retrieve. You can use:
Distinguished name (DN)
# Example CN=My Group,CN=Groups,DC=example,DC=comGlobally unique identifier (GUID)
# Example a7b63270-b8a4-4c34-b830-7e0d09f2e021Security identifier (SID)
# Example S-1-5-21-3625849556-2655411187-3268999566-9847 -
includeIndirect -
False
-
bool
-
Set to
trueto retrieve both, direct members and indirect members (i.e. members of nested groups). If not specified, defaults tofalse. -
properties -
False
-
string
-
A comma-separated list of LDAP property names without whitespaces e.g. manager,department. Each retrieved object will contain the values of specified properties. If not specified, objects will be retrieved with the default property set.
Default property set
- guid
- dn
- displayName
- objectType
- objectTypeCode
- domainName
- directoryType
-
sizeLimit -
False
-
integer
-
The maximum number of objects to retrieve. If not specified, every group member will be retrieved.
Request headers
-
Name
-
Required
-
Description
-
Adm-Authorization
-
True
-
Specify the security token obtained during authentication.
Request body
Do not send a body with this request.
Responses
- If successful, returns
200 OKstatus code and an array of directory objects in the response body. - If successful, and there are no objects to retrieve, returns
200 OKstatus code and an empty array in the response body. - If unsuccessful, returns one of the common HTTP error codes and an error description in the response body.
Only objects that the authenticated user has the permissions to view will be included in the response. All permissions in Adaxes are granted by security roles.
Examples
Example 1 – Retrieve group members
The following code sample retrieves all members of a specific group, including indirect members due to group nesting.
Request
- PowerShell
-
$baseUrl = "https://host.example.com/restApi" $endpoint = "/api/directoryObjects/groupMembers" # Request parameters $requestUrl = $baseUrl + $endpoint $requestHeaders = @{"Adm-Authorization" = YOUR-SECURITY-TOKEN} $queryParams = @{ "group" = "CN=My Group,OU=Groups,DC=example,DC=com"; "includeIndirect" = $true } # Make request Invoke-RestMethod -Method GET -Headers $requestHeaders -Uri $requestUrl -Body $queryParams - C#
-
using System; using System.Net.Http; using System.Threading.Tasks; class Program { static async Task Main() { const string baseUrl = "https://host.example.com"; const string endpoint = "/restApi/api/directoryObjects/groupMembers"; // Request parameters const string groupIdentifier = "CN=My Group,OU=Groups,DC=example,DC=com"; UriBuilder requestUrl = new() { Host = baseUrl + endpoint, Query = $"?group={groupIdentifier}" + "&includeIndirect=true" }; // Initialize HTTP client using HttpClient client = new(); client.DefaultRequestHeaders.Add("Adm-Authorization", YOUR-SECURITY-TOKEN); // Make request string response = await client.GetStringAsync(requestUrl.ToString()); Console.WriteLine(response); } } - cURL
-
curl --header 'Adm-Authorization: YOUR-SECURITY-TOKEN' \ --get -X GET 'https://host.example.com/restApi/api/directoryObjects/groupMembers' \ --data-urlencode 'group=CN=My Group,OU=Groups,DC=example,DC=com' \ --data-urlencode 'includeIndirect=true' - node.js
-
var https = require('https'); // Request parameters var groupIdentifier = encodeURIComponent("CN=My Group,OU=Groups,DC=example,DC=com"); var requestPath = "/restApi/api/directoryObjects/groupMembers" + `?group=${groupIdentifier}` + "&includeIndirect=true"; var options = { 'method': 'GET', 'hostname': 'host.example.com', 'path': requestPath, 'headers': {'Adm-Authorization': 'YOUR-SECURITY-TOKEN'} }; // Make request var req = https.request(options, res => { var data = []; res.on("data", chunk => { data.push(chunk); }); res.on("end", () => { var body = Buffer.concat(data); console.log(body.toString()); }); res.on("error", error => { console.error(error); }); }); req.end(); - Python
-
import requests import json baseUrl = "https://host.example.com/restApi" endpoint = "/api/directoryObjects/groupMembers" # Request parameters requestUrl = baseUrl + endpoint requestHeaders = {"Adm-Authorization": YOUR-SECURITY-TOKEN} queryParams = { "group": "CN=My Group,OU=Groups,DC=example,DC=com", "includeIndirect": True } # Make request request = requests.get(requestUrl, headers=requestHeaders, params=queryParams) response = json.loads(request.content) print(response)
Response
HTTP Status code: 200 OK
Response body:
[
{
"accountStatus": {
"isDisabled": false,
"isLocked": false,
"expirationDate": null
},
"passwordStatus": {
"whenChanged": "2020-09-03T14:18:48.974886Z",
"expirationStatus": 0,
"expirationDate": "2023-05-30T14:18:48.974886Z"
},
"guid": "13ce39d7-183d-41d7-9a6e-ad1ba85b4be3",
"dn": "CN=Nick Johnston,OU=Sales,DC=example,DC=com",
"displayName": "Nick Johnston",
"objectType": "user",
"objectTypeCode": 2,
"domainName": "example.com",
"directoryType": 1,
"properties": {}
},
{
"accountStatus": {
"isDisabled": false,
"isLocked": false,
"expirationDate": null
},
"passwordStatus": {
"whenChanged": "2020-09-03T11:45:12.1312415Z",
"expirationStatus": 0,
"expirationDate": "2022-02-22T11:45:12.1312415Z"
},
"guid": "073ea181-87a7-46ea-8f4e-c0e3345c7bb8",
"dn": "CN=Laura Webb,OU=Sales,DC=example,DC=com",
"displayName": "Laura Webb",
"objectType": "user",
"objectTypeCode": 2,
"domainName": "example.com",
"directoryType": 1,
"properties": {}
}
]
Example 2 – Retrieve group members with their department and account expiration date
The following code sample retrieves all direct members of a specific group and their values of the following properties:
- Department
- Account expires
Request
- PowerShell
-
$baseUrl = "https://host.example.com/restApi" $endpoint = "/api/directoryObjects/groupMembers" # Request parameters $requestUrl = $baseUrl + $endpoint $requestHeaders = @{"Adm-Authorization" = YOUR-SECURITY-TOKEN} $queryParams = @{ "group" = "a7b63270-b8a4-4c34-b830-7e0d09f2e021"; "properties" = "department,accountExpires" } # Make request Invoke-RestMethod -Method GET -Headers $requestHeaders -Uri $requestUrl -Body $queryParams - C#
-
using System; using System.Net.Http; using System.Threading.Tasks; class Program { static async Task Main() { const string baseUrl = "https://host.example.com"; const string endpoint = "/restApi/api/directoryObjects/groupMembers"; // Request parameters const string groupIdentifier = "a7b63270-b8a4-4c34-b830-7e0d09f2e021"; const string propertiesToGet = "department,accountExpires"; UriBuilder requestUrl = new() { Host = baseUrl + endpoint, Query = $"?group={groupIdentifier}" + $"&properties={propertiesToGet}" }; // Initialize HTTP client using HttpClient client = new(); client.DefaultRequestHeaders.Add("Adm-Authorization", YOUR-SECURITY-TOKEN); // Make request string response = await client.GetStringAsync(requestUrl.ToString()); Console.WriteLine(response); } } - cURL
-
curl --header 'Adm-Authorization: YOUR-SECURITY-TOKEN' \ --get -X GET 'https://host.example.com/restApi/api/directoryObjects/groupMembers' \ --data-urlencode 'group=a7b63270-b8a4-4c34-b830-7e0d09f2e021' \ --data-urlencode 'properties=department,accountExpires' - node.js
-
var https = require('https'); // Request parameters var groupIdentifier = "a7b63270-b8a4-4c34-b830-7e0d09f2e021"; var propertiesToGet = "department,accountExpires"; var requestPath = "/restApi/api/directoryObjects" + `?directoryobject=${groupIdentifier}` + `&properties=${propertiesToGet}`; var options = { 'method': 'GET', 'hostname': 'host.example.com', 'path': requestPath, 'headers': {'Adm-Authorization': 'YOUR-SECURITY-TOKEN'} }; // Make request var req = https.request(options, res => { var data = []; res.on("data", chunk => { data.push(chunk); }); res.on("end", () => { var body = Buffer.concat(data); console.log(body.toString()); }); res.on("error", error => { console.error(error); }); }); req.end(); - Python
-
import requests import json baseUrl = "https://host.example.com/restApi" endpoint = "/api/directoryObjects/groupMembers" # Request parameters requestUrl = baseUrl + endpoint requestHeaders = {"Adm-Authorization": YOUR-SECURITY-TOKEN} queryParams = { "group": "CN=My Group,OU=Groups,DC=example,DC=com", "properties": "department,accountExpires" } # Make request request = requests.get(requestUrl, headers=requestHeaders, params=queryParams) response = json.loads(request.content) print(response)
Response
HTTP Status code: 200 OK
Response body:
[
{
"accountStatus": {
"isDisabled": false,
"isLocked": false,
"expirationDate": null
},
"passwordStatus": {
"whenChanged": "2020-09-03T14:18:48.974886Z",
"expirationStatus": 0,
"expirationDate": "2023-05-30T14:18:48.974886Z"
},
"guid": "13ce39d7-183d-41d7-9a6e-ad1ba85b4be3",
"dn": "CN=Nick Johnston,OU=Sales,DC=example,DC=com",
"displayName": "Nick Johnston",
"objectType": "user",
"objectTypeCode": 2,
"domainName": "example.com",
"directoryType": 1,
"properties": {
"department": [
"Sales"
],
"accountexpires": [
"never"
]
}
},
{
"accountStatus": {
"isDisabled": false,
"isLocked": false,
"expirationDate": null
},
"passwordStatus": {
"whenChanged": "2020-09-03T11:45:12.1312415Z",
"expirationStatus": 0,
"expirationDate": "2022-02-22T11:45:12.1312415Z"
},
"guid": "073ea181-87a7-46ea-8f4e-c0e3345c7bb8",
"dn": "CN=Laura Webb,OU=Sales,DC=example,DC=com",
"displayName": "Laura Webb",
"objectType": "user",
"objectTypeCode": 2,
"domainName": "example.com",
"directoryType": 1,
"properties": {
"department": [
"Marketing"
],
"accountexpires": [
"2020-12-12T11:39:38.9936927Z"
]
}
}
]