users

Creates, updates, deletes, gets or lists a users resource.

Overview

Name	`users`
Type	Resource
Id	`googleadmin.directory.users`

Fields

The following fields are returned by SELECT queries:

get
list

Successful response

Name	Datatype	Description
`id`	`string`	The unique ID for the user. A user `id` can be used as a user request URI's `userKey`.
`name`	`object`	Holds the given and family names of the user, and the read-only `fullName` value. The maximum number of characters in the `givenName` and in the `familyName` values is 60. In addition, name values support unicode/UTF-8 characters, and can contain spaces, letters (a-z), numbers (0-9), dashes (-), forward slashes (/), and periods (.). For more information about character usage rules, see the administration help center. Maximum allowed data size for this field is 1KB. (id: UserName)
`addresses`	`any`	The list of the user's addresses. The maximum allowed data size for this field is 10KB.
`agreedToTerms`	`boolean`	Output only. This property is `true` if the user has completed an initial login and accepted the Terms of Service agreement.
`aliases`	`array`	Output only. The list of the user's alias email addresses.
`archived`	`boolean`	Indicates if user is archived.
`changePasswordAtNextLogin`	`boolean`	Indicates if the user is forced to change their password at next login. This setting doesn't apply when the user signs in via a third-party identity provider.
`creationTime`	`string (date-time)`	User's G Suite account creation time. (Read-only)
`customSchemas`	`object`	Custom fields of the user. The key is a `schema_name` and its values are `'field_name': 'field_value'`.
`customerId`	`string`	Output only. The customer ID to retrieve all account users. You can use the alias `my_customer` to represent your account's `customerId`. As a reseller administrator, you can use the resold customer account's `customerId`. To get a `customerId`, use the account's primary domain in the `domain` parameter of a users.list request.
`deletionTime`	`string (date-time)`
`emails`	`any`	The list of the user's email addresses. The maximum allowed data size for this field is 10KB. This excludes `publicKeyEncryptionCertificates`.
`etag`	`string`	Output only. ETag of the resource.
`externalIds`	`any`	The list of external IDs for the user, such as an employee or network ID. The maximum allowed data size for this field is 2KB.
`gender`	`any`	The user's gender. The maximum allowed data size for this field is 1KB.
`hashFunction`	`string`	Stores the hash format of the `password` property. The following `hashFunction` values are allowed: * `MD5` - Accepts simple hex-encoded values. * `SHA-1` - Accepts simple hex-encoded values. * `crypt` - Compliant with the C crypt library. Supports the DES, MD5 (hash prefix $1$ ), SHA-256 (hash prefix $5$ ), and SHA-512 (hash prefix $6$ ) hash algorithms. If rounds are specified as part of the prefix, they must be 10,000 or fewer.
`ims`	`any`	The list of the user's Instant Messenger (IM) accounts. A user account can have multiple ims properties. But, only one of these ims properties can be the primary IM contact. The maximum allowed data size for this field is 2KB.
`includeInGlobalAddressList`	`boolean`	Indicates if the user's profile is visible in the Google Workspace global address list when the contact sharing feature is enabled for the domain. For more information about excluding user profiles, see the administration help center.
`ipWhitelisted`	`boolean`	If `true`, the user's IP address is subject to a deprecated IP address `allowlist` configuration.
`isAdmin`	`boolean`	Output only. Indicates a user with super administrator privileges. The `isAdmin` property can only be edited in the Make a user an administrator operation ( makeAdmin method). If edited in the user insert or update methods, the edit is ignored by the API service.
`isDelegatedAdmin`	`boolean`	Output only. Indicates if the user is a delegated administrator. Delegated administrators are supported by the API but cannot create or undelete users, or make users administrators. These requests are ignored by the API service. Roles and privileges for administrators are assigned using the Admin console.
`isEnforcedIn2Sv`	`boolean`	Output only. Is 2-step verification enforced (Read-only)
`isEnrolledIn2Sv`	`boolean`	Output only. Is enrolled in 2-step verification (Read-only)
`isMailboxSetup`	`boolean`	Output only. Indicates if the user's Google mailbox is created. This property is only applicable if the user has been assigned a Gmail license.
`keywords`	`any`	The list of the user's keywords. The maximum allowed data size for this field is 1KB.
`kind`	`string`	Output only. The type of the API resource. For Users resources, the value is `admin#directory#user`. (default: admin#directory#user)
`languages`	`any`	The user's languages. The maximum allowed data size for this field is 1KB.
`lastLoginTime`	`string (date-time)`	User's last login time. (Read-only)
`locations`	`any`	The user's locations. The maximum allowed data size for this field is 10KB.
`nonEditableAliases`	`array`	Output only. The list of the user's non-editable alias email addresses. These are typically outside the account's primary domain or sub-domain.
`notes`	`any`	Notes for the user.
`orgUnitPath`	`string`	The full path of the parent organization associated with the user. If the parent organization is the top-level, it is represented as a forward slash (`/`).
`organizations`	`any`	The list of organizations the user belongs to. The maximum allowed data size for this field is 10KB.
`password`	`string`	User's password
`phones`	`any`	The list of the user's phone numbers. The maximum allowed data size for this field is 1KB.
`posixAccounts`	`any`	The list of POSIX account information for the user.
`primaryEmail`	`string`	The user's primary email address. This property is required in a request to create a user account. The `primaryEmail` must be unique and cannot be an alias of another user.
`recoveryEmail`	`string`	Recovery email of the user.
`recoveryPhone`	`string`	Recovery phone of the user. The phone number must be in the E.164 format, starting with the plus sign (+). Example: +16506661212.
`relations`	`any`	The list of the user's relationships to other users. The maximum allowed data size for this field is 2KB.
`sshPublicKeys`	`any`	A list of SSH public keys.
`suspended`	`boolean`	Indicates if user is suspended.
`suspensionReason`	`string`	Output only. Has the reason a user account is suspended either by the administrator or by Google at the time of suspension. The property is returned only if the `suspended` property is `true`.
`thumbnailPhotoEtag`	`string`	Output only. ETag of the user's photo (Read-only)
`thumbnailPhotoUrl`	`string`	Output only. The URL of the user's profile photo. The URL might be temporary or private.
`websites`	`any`	The user's websites. The maximum allowed data size for this field is 2KB.

Successful response

Name	Datatype	Description
`id`	`string`	The unique ID for the user. A user `id` can be used as a user request URI's `userKey`.
`name`	`object`	Holds the given and family names of the user, and the read-only `fullName` value. The maximum number of characters in the `givenName` and in the `familyName` values is 60. In addition, name values support unicode/UTF-8 characters, and can contain spaces, letters (a-z), numbers (0-9), dashes (-), forward slashes (/), and periods (.). For more information about character usage rules, see the administration help center. Maximum allowed data size for this field is 1KB. (id: UserName)
`addresses`	`any`	The list of the user's addresses. The maximum allowed data size for this field is 10KB.
`agreedToTerms`	`boolean`	Output only. This property is `true` if the user has completed an initial login and accepted the Terms of Service agreement.
`aliases`	`array`	Output only. The list of the user's alias email addresses.
`archived`	`boolean`	Indicates if user is archived.
`changePasswordAtNextLogin`	`boolean`	Indicates if the user is forced to change their password at next login. This setting doesn't apply when the user signs in via a third-party identity provider.
`creationTime`	`string (date-time)`	User's G Suite account creation time. (Read-only)
`customSchemas`	`object`	Custom fields of the user. The key is a `schema_name` and its values are `'field_name': 'field_value'`.
`customerId`	`string`	Output only. The customer ID to retrieve all account users. You can use the alias `my_customer` to represent your account's `customerId`. As a reseller administrator, you can use the resold customer account's `customerId`. To get a `customerId`, use the account's primary domain in the `domain` parameter of a users.list request.
`deletionTime`	`string (date-time)`
`emails`	`any`	The list of the user's email addresses. The maximum allowed data size for this field is 10KB. This excludes `publicKeyEncryptionCertificates`.
`etag`	`string`	Output only. ETag of the resource.
`externalIds`	`any`	The list of external IDs for the user, such as an employee or network ID. The maximum allowed data size for this field is 2KB.
`gender`	`any`	The user's gender. The maximum allowed data size for this field is 1KB.
`hashFunction`	`string`	Stores the hash format of the `password` property. The following `hashFunction` values are allowed: * `MD5` - Accepts simple hex-encoded values. * `SHA-1` - Accepts simple hex-encoded values. * `crypt` - Compliant with the C crypt library. Supports the DES, MD5 (hash prefix $1$ ), SHA-256 (hash prefix $5$ ), and SHA-512 (hash prefix $6$ ) hash algorithms. If rounds are specified as part of the prefix, they must be 10,000 or fewer.
`ims`	`any`	The list of the user's Instant Messenger (IM) accounts. A user account can have multiple ims properties. But, only one of these ims properties can be the primary IM contact. The maximum allowed data size for this field is 2KB.
`includeInGlobalAddressList`	`boolean`	Indicates if the user's profile is visible in the Google Workspace global address list when the contact sharing feature is enabled for the domain. For more information about excluding user profiles, see the administration help center.
`ipWhitelisted`	`boolean`	If `true`, the user's IP address is subject to a deprecated IP address `allowlist` configuration.
`isAdmin`	`boolean`	Output only. Indicates a user with super administrator privileges. The `isAdmin` property can only be edited in the Make a user an administrator operation ( makeAdmin method). If edited in the user insert or update methods, the edit is ignored by the API service.
`isDelegatedAdmin`	`boolean`	Output only. Indicates if the user is a delegated administrator. Delegated administrators are supported by the API but cannot create or undelete users, or make users administrators. These requests are ignored by the API service. Roles and privileges for administrators are assigned using the Admin console.
`isEnforcedIn2Sv`	`boolean`	Output only. Is 2-step verification enforced (Read-only)
`isEnrolledIn2Sv`	`boolean`	Output only. Is enrolled in 2-step verification (Read-only)
`isMailboxSetup`	`boolean`	Output only. Indicates if the user's Google mailbox is created. This property is only applicable if the user has been assigned a Gmail license.
`keywords`	`any`	The list of the user's keywords. The maximum allowed data size for this field is 1KB.
`kind`	`string`	Output only. The type of the API resource. For Users resources, the value is `admin#directory#user`. (default: admin#directory#user)
`languages`	`any`	The user's languages. The maximum allowed data size for this field is 1KB.
`lastLoginTime`	`string (date-time)`	User's last login time. (Read-only)
`locations`	`any`	The user's locations. The maximum allowed data size for this field is 10KB.
`nonEditableAliases`	`array`	Output only. The list of the user's non-editable alias email addresses. These are typically outside the account's primary domain or sub-domain.
`notes`	`any`	Notes for the user.
`orgUnitPath`	`string`	The full path of the parent organization associated with the user. If the parent organization is the top-level, it is represented as a forward slash (`/`).
`organizations`	`any`	The list of organizations the user belongs to. The maximum allowed data size for this field is 10KB.
`password`	`string`	User's password
`phones`	`any`	The list of the user's phone numbers. The maximum allowed data size for this field is 1KB.
`posixAccounts`	`any`	The list of POSIX account information for the user.
`primaryEmail`	`string`	The user's primary email address. This property is required in a request to create a user account. The `primaryEmail` must be unique and cannot be an alias of another user.
`recoveryEmail`	`string`	Recovery email of the user.
`recoveryPhone`	`string`	Recovery phone of the user. The phone number must be in the E.164 format, starting with the plus sign (+). Example: +16506661212.
`relations`	`any`	The list of the user's relationships to other users. The maximum allowed data size for this field is 2KB.
`sshPublicKeys`	`any`	A list of SSH public keys.
`suspended`	`boolean`	Indicates if user is suspended.
`suspensionReason`	`string`	Output only. Has the reason a user account is suspended either by the administrator or by Google at the time of suspension. The property is returned only if the `suspended` property is `true`.
`thumbnailPhotoEtag`	`string`	Output only. ETag of the user's photo (Read-only)
`thumbnailPhotoUrl`	`string`	Output only. The URL of the user's profile photo. The URL might be temporary or private.
`websites`	`any`	The user's websites. The maximum allowed data size for this field is 2KB.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`userKey`	`customFieldMask`, `projection`, `viewType`	Retrieves a user.
`list`	`select`	`domain`	`customFieldMask`, `customer`, `event`, `maxResults`, `orderBy`, `pageToken`, `projection`, `query`, `showDeleted`, `sortOrder`, `viewType`	Retrieves a paginated list of either deleted users or all users in a domain.
`insert`	`insert`		`resolveConflictAccount`	Creates a user. Mutate calls immediately following user creation might sometimes fail as the user isn't fully created due to propagation delay in our backends. Check the error details for the "User creation is not complete" message to see if this is the case. Retrying the calls after some time can help in this case. If `resolveConflictAccount` is set to `true`, a `202` response code means that a conflicting unmanaged account exists and was invited to join the organization. A `409` response code means that a conflicting account exists so the user wasn't created based on the handling unmanaged user accounts option selected.
`patch`	`update`	`userKey`		Updates a user using patch semantics. The update method should be used instead, because it also supports patch semantics and has better performance. If you're mapping an external identity to a Google identity, use the `update` method instead of the `patch` method. This method is unable to clear fields that contain repeated objects (`addresses`, `phones`, etc). Use the update method instead.
`update`	`replace`	`userKey`		Updates a user. This method supports patch semantics, meaning that you only need to include the fields you wish to update. Fields that are not present in the request will be preserved, and fields set to `null` will be cleared. For repeating fields that contain arrays, individual items in the array can't be patched piecemeal; they must be supplied in the request body with the desired values for all items. See the user accounts guide for more information.
`delete`	`delete`	`userKey`		Deletes a user.
`make_admin`	`exec`	`userKey`		Makes a user a super administrator.
`undelete`	`exec`	`userKey`		Undeletes a deleted user.
`watch`	`exec`		`domain`, `customer`, `event`, `customFieldMask`, `maxResults`, `orderBy`, `pageToken`, `projection`, `query`, `showDeleted`, `sortOrder`, `viewType`	Watches for changes in users list.
`sign_out`	`exec`	`userKey`		Signs a user out of all web and device sessions and reset their sign-in cookies. User will have to sign in by authenticating again.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`domain`	`string`
`userKey`	`string`
`customFieldMask`	`string`
`customer`	`string`
`domain`	`string`
`event`	`string`
`maxResults`	`integer (int32)`
`orderBy`	`string`
`pageToken`	`string`
`projection`	`string`
`query`	`string`
`resolveConflictAccount`	`boolean`
`showDeleted`	`string`
`sortOrder`	`string`
`viewType`	`string`

`SELECT` examples

get
list

Retrieves a user.

SELECT
id,
name,
addresses,
agreedToTerms,
aliases,
archived,
changePasswordAtNextLogin,
creationTime,
customSchemas,
customerId,
deletionTime,
emails,
etag,
externalIds,
gender,
hashFunction,
ims,
includeInGlobalAddressList,
ipWhitelisted,
isAdmin,
isDelegatedAdmin,
isEnforcedIn2Sv,
isEnrolledIn2Sv,
isMailboxSetup,
keywords,
kind,
languages,
lastLoginTime,
locations,
nonEditableAliases,
notes,
orgUnitPath,
organizations,
password,
phones,
posixAccounts,
primaryEmail,
recoveryEmail,
recoveryPhone,
relations,
sshPublicKeys,
suspended,
suspensionReason,
thumbnailPhotoEtag,
thumbnailPhotoUrl,
websites
FROM googleadmin.directory.users
WHERE userKey = '{{ userKey }}' -- required
AND customFieldMask = '{{ customFieldMask }}'
AND projection = '{{ projection }}'
AND viewType = '{{ viewType }}';

Retrieves a paginated list of either deleted users or all users in a domain.

SELECT
id,
name,
addresses,
agreedToTerms,
aliases,
archived,
changePasswordAtNextLogin,
creationTime,
customSchemas,
customerId,
deletionTime,
emails,
etag,
externalIds,
gender,
hashFunction,
ims,
includeInGlobalAddressList,
ipWhitelisted,
isAdmin,
isDelegatedAdmin,
isEnforcedIn2Sv,
isEnrolledIn2Sv,
isMailboxSetup,
keywords,
kind,
languages,
lastLoginTime,
locations,
nonEditableAliases,
notes,
orgUnitPath,
organizations,
password,
phones,
posixAccounts,
primaryEmail,
recoveryEmail,
recoveryPhone,
relations,
sshPublicKeys,
suspended,
suspensionReason,
thumbnailPhotoEtag,
thumbnailPhotoUrl,
websites
FROM googleadmin.directory.users
WHERE domain = '{{ domain }}' -- required
AND customFieldMask = '{{ customFieldMask }}'
AND customer = '{{ customer }}'
AND event = '{{ event }}'
AND maxResults = '{{ maxResults }}'
AND orderBy = '{{ orderBy }}'
AND pageToken = '{{ pageToken }}'
AND projection = '{{ projection }}'
AND query = '{{ query }}'
AND showDeleted = '{{ showDeleted }}'
AND sortOrder = '{{ sortOrder }}'
AND viewType = '{{ viewType }}';

`INSERT` examples

insert
Manifest

Creates a user. Mutate calls immediately following user creation might sometimes fail as the user isn't fully created due to propagation delay in our backends. Check the error details for the "User creation is not complete" message to see if this is the case. Retrying the calls after some time can help in this case. If resolveConflictAccount is set to true, a 202 response code means that a conflicting unmanaged account exists and was invited to join the organization. A 409 response code means that a conflicting account exists so the user wasn't created based on the handling unmanaged user accounts option selected.

INSERT INTO googleadmin.directory.users (
data__id,
data__primaryEmail,
data__password,
data__hashFunction,
data__suspended,
data__changePasswordAtNextLogin,
data__ipWhitelisted,
data__name,
data__emails,
data__externalIds,
data__relations,
data__addresses,
data__organizations,
data__phones,
data__languages,
data__posixAccounts,
data__sshPublicKeys,
data__notes,
data__websites,
data__locations,
data__includeInGlobalAddressList,
data__keywords,
data__gender,
data__ims,
data__customSchemas,
data__archived,
data__orgUnitPath,
data__recoveryEmail,
data__recoveryPhone,
resolveConflictAccount
)
SELECT 
'{{ id }}',
'{{ primaryEmail }}',
'{{ password }}',
'{{ hashFunction }}',
{{ suspended }},
{{ changePasswordAtNextLogin }},
{{ ipWhitelisted }},
'{{ name }}',
'{{ emails }}',
'{{ externalIds }}',
'{{ relations }}',
'{{ addresses }}',
'{{ organizations }}',
'{{ phones }}',
'{{ languages }}',
'{{ posixAccounts }}',
'{{ sshPublicKeys }}',
'{{ notes }}',
'{{ websites }}',
'{{ locations }}',
{{ includeInGlobalAddressList }},
'{{ keywords }}',
'{{ gender }}',
'{{ ims }}',
'{{ customSchemas }}',
{{ archived }},
'{{ orgUnitPath }}',
'{{ recoveryEmail }}',
'{{ recoveryPhone }}',
'{{ resolveConflictAccount }}'
RETURNING
id,
name,
addresses,
agreedToTerms,
aliases,
archived,
changePasswordAtNextLogin,
creationTime,
customSchemas,
customerId,
deletionTime,
emails,
etag,
externalIds,
gender,
hashFunction,
ims,
includeInGlobalAddressList,
ipWhitelisted,
isAdmin,
isDelegatedAdmin,
isEnforcedIn2Sv,
isEnrolledIn2Sv,
isMailboxSetup,
keywords,
kind,
languages,
lastLoginTime,
locations,
nonEditableAliases,
notes,
orgUnitPath,
organizations,
password,
phones,
posixAccounts,
primaryEmail,
recoveryEmail,
recoveryPhone,
relations,
sshPublicKeys,
suspended,
suspensionReason,
thumbnailPhotoEtag,
thumbnailPhotoUrl,
websites
;

# Description fields are for documentation purposes
- name: users
  props:
    - name: id
      value: string
      description: >
        The unique ID for the user. A user `id` can be used as a user request URI's `userKey`.
        
    - name: primaryEmail
      value: string
      description: >
        The user's primary email address. This property is required in a request to create a user account. The `primaryEmail` must be unique and cannot be an alias of another user.
        
    - name: password
      value: string
      description: >
        User's password
        
    - name: hashFunction
      value: string
      description: >
        Stores the hash format of the `password` property. The following `hashFunction` values are allowed: * `MD5` - Accepts simple hex-encoded values. * `SHA-1` - Accepts simple hex-encoded values. * `crypt` - Compliant with the [C crypt library](https://en.wikipedia.org/wiki/Crypt_%28C%29). Supports the DES, MD5 (hash prefix `$1$`), SHA-256 (hash prefix `$5$`), and SHA-512 (hash prefix `$6$`) hash algorithms. If rounds are specified as part of the prefix, they must be 10,000 or fewer.
        
    - name: suspended
      value: boolean
      description: >
        Indicates if user is suspended.
        
    - name: changePasswordAtNextLogin
      value: boolean
      description: >
        Indicates if the user is forced to change their password at next login. This setting doesn't apply when [the user signs in via a third-party identity provider](https://support.google.com/a/answer/60224).
        
    - name: ipWhitelisted
      value: boolean
      description: >
        If `true`, the user's IP address is subject to a deprecated IP address [`allowlist`](https://support.google.com/a/answer/60752) configuration.
        
    - name: name
      value: object
      description: >
        Holds the given and family names of the user, and the read-only `fullName` value. The maximum number of characters in the `givenName` and in the `familyName` values is 60. In addition, name values support unicode/UTF-8 characters, and can contain spaces, letters (a-z), numbers (0-9), dashes (-), forward slashes (/), and periods (.). For more information about character usage rules, see the [administration help center](https://support.google.com/a/answer/9193374). Maximum allowed data size for this field is 1KB.
        
    - name: emails
      value: any
      description: >
        The list of the user's email addresses. The maximum allowed data size for this field is 10KB. This excludes `publicKeyEncryptionCertificates`.
        
    - name: externalIds
      value: any
      description: >
        The list of external IDs for the user, such as an employee or network ID. The maximum allowed data size for this field is 2KB.
        
    - name: relations
      value: any
      description: >
        The list of the user's relationships to other users. The maximum allowed data size for this field is 2KB.
        
    - name: addresses
      value: any
      description: >
        The list of the user's addresses. The maximum allowed data size for this field is 10KB.
        
    - name: organizations
      value: any
      description: >
        The list of organizations the user belongs to. The maximum allowed data size for this field is 10KB.
        
    - name: phones
      value: any
      description: >
        The list of the user's phone numbers. The maximum allowed data size for this field is 1KB.
        
    - name: languages
      value: any
      description: >
        The user's languages. The maximum allowed data size for this field is 1KB.
        
    - name: posixAccounts
      value: any
      description: >
        The list of [POSIX](https://www.opengroup.org/austin/papers/posix_faq.html) account information for the user.
        
    - name: sshPublicKeys
      value: any
      description: >
        A list of SSH public keys.
        
    - name: notes
      value: any
      description: >
        Notes for the user.
        
    - name: websites
      value: any
      description: >
        The user's websites. The maximum allowed data size for this field is 2KB.
        
    - name: locations
      value: any
      description: >
        The user's locations. The maximum allowed data size for this field is 10KB.
        
    - name: includeInGlobalAddressList
      value: boolean
      description: >
        Indicates if the user's profile is visible in the Google Workspace global address list when the contact sharing feature is enabled for the domain. For more information about excluding user profiles, see the [administration help center](https://support.google.com/a/answer/1285988).
        
    - name: keywords
      value: any
      description: >
        The list of the user's keywords. The maximum allowed data size for this field is 1KB.
        
    - name: gender
      value: any
      description: >
        The user's gender. The maximum allowed data size for this field is 1KB.
        
    - name: ims
      value: any
      description: >
        The list of the user's Instant Messenger (IM) accounts. A user account can have multiple ims properties. But, only one of these ims properties can be the primary IM contact. The maximum allowed data size for this field is 2KB.
        
    - name: customSchemas
      value: object
      description: >
        Custom fields of the user. The key is a `schema_name` and its values are `'field_name': 'field_value'`.
        
    - name: archived
      value: boolean
      description: >
        Indicates if user is archived.
        
    - name: orgUnitPath
      value: string
      description: >
        The full path of the parent organization associated with the user. If the parent organization is the top-level, it is represented as a forward slash (`/`).
        
    - name: recoveryEmail
      value: string
      description: >
        Recovery email of the user.
        
    - name: recoveryPhone
      value: string
      description: >
        Recovery phone of the user. The phone number must be in the E.164 format, starting with the plus sign (+). Example: *+16506661212*.
        
    - name: resolveConflictAccount
      value: boolean

`UPDATE` examples

patch

Updates a user using patch semantics. The update method should be used instead, because it also supports patch semantics and has better performance. If you're mapping an external identity to a Google identity, use the update method instead of the patch method. This method is unable to clear fields that contain repeated objects (addresses, phones, etc). Use the update method instead.

UPDATE googleadmin.directory.users
SET 
data__id = '{{ id }}',
data__primaryEmail = '{{ primaryEmail }}',
data__password = '{{ password }}',
data__hashFunction = '{{ hashFunction }}',
data__suspended = {{ suspended }},
data__changePasswordAtNextLogin = {{ changePasswordAtNextLogin }},
data__ipWhitelisted = {{ ipWhitelisted }},
data__name = '{{ name }}',
data__emails = '{{ emails }}',
data__externalIds = '{{ externalIds }}',
data__relations = '{{ relations }}',
data__addresses = '{{ addresses }}',
data__organizations = '{{ organizations }}',
data__phones = '{{ phones }}',
data__languages = '{{ languages }}',
data__posixAccounts = '{{ posixAccounts }}',
data__sshPublicKeys = '{{ sshPublicKeys }}',
data__notes = '{{ notes }}',
data__websites = '{{ websites }}',
data__locations = '{{ locations }}',
data__includeInGlobalAddressList = {{ includeInGlobalAddressList }},
data__keywords = '{{ keywords }}',
data__gender = '{{ gender }}',
data__ims = '{{ ims }}',
data__customSchemas = '{{ customSchemas }}',
data__archived = {{ archived }},
data__orgUnitPath = '{{ orgUnitPath }}',
data__recoveryEmail = '{{ recoveryEmail }}',
data__recoveryPhone = '{{ recoveryPhone }}'
WHERE 
userKey = '{{ userKey }}' --required
RETURNING
id,
name,
addresses,
agreedToTerms,
aliases,
archived,
changePasswordAtNextLogin,
creationTime,
customSchemas,
customerId,
deletionTime,
emails,
etag,
externalIds,
gender,
hashFunction,
ims,
includeInGlobalAddressList,
ipWhitelisted,
isAdmin,
isDelegatedAdmin,
isEnforcedIn2Sv,
isEnrolledIn2Sv,
isMailboxSetup,
keywords,
kind,
languages,
lastLoginTime,
locations,
nonEditableAliases,
notes,
orgUnitPath,
organizations,
password,
phones,
posixAccounts,
primaryEmail,
recoveryEmail,
recoveryPhone,
relations,
sshPublicKeys,
suspended,
suspensionReason,
thumbnailPhotoEtag,
thumbnailPhotoUrl,
websites;

`REPLACE` examples

update

Updates a user. This method supports patch semantics, meaning that you only need to include the fields you wish to update. Fields that are not present in the request will be preserved, and fields set to null will be cleared. For repeating fields that contain arrays, individual items in the array can't be patched piecemeal; they must be supplied in the request body with the desired values for all items. See the user accounts guide for more information.

REPLACE googleadmin.directory.users
SET 
data__id = '{{ id }}',
data__primaryEmail = '{{ primaryEmail }}',
data__password = '{{ password }}',
data__hashFunction = '{{ hashFunction }}',
data__suspended = {{ suspended }},
data__changePasswordAtNextLogin = {{ changePasswordAtNextLogin }},
data__ipWhitelisted = {{ ipWhitelisted }},
data__name = '{{ name }}',
data__emails = '{{ emails }}',
data__externalIds = '{{ externalIds }}',
data__relations = '{{ relations }}',
data__addresses = '{{ addresses }}',
data__organizations = '{{ organizations }}',
data__phones = '{{ phones }}',
data__languages = '{{ languages }}',
data__posixAccounts = '{{ posixAccounts }}',
data__sshPublicKeys = '{{ sshPublicKeys }}',
data__notes = '{{ notes }}',
data__websites = '{{ websites }}',
data__locations = '{{ locations }}',
data__includeInGlobalAddressList = {{ includeInGlobalAddressList }},
data__keywords = '{{ keywords }}',
data__gender = '{{ gender }}',
data__ims = '{{ ims }}',
data__customSchemas = '{{ customSchemas }}',
data__archived = {{ archived }},
data__orgUnitPath = '{{ orgUnitPath }}',
data__recoveryEmail = '{{ recoveryEmail }}',
data__recoveryPhone = '{{ recoveryPhone }}'
WHERE 
userKey = '{{ userKey }}' --required
RETURNING
id,
name,
addresses,
agreedToTerms,
aliases,
archived,
changePasswordAtNextLogin,
creationTime,
customSchemas,
customerId,
deletionTime,
emails,
etag,
externalIds,
gender,
hashFunction,
ims,
includeInGlobalAddressList,
ipWhitelisted,
isAdmin,
isDelegatedAdmin,
isEnforcedIn2Sv,
isEnrolledIn2Sv,
isMailboxSetup,
keywords,
kind,
languages,
lastLoginTime,
locations,
nonEditableAliases,
notes,
orgUnitPath,
organizations,
password,
phones,
posixAccounts,
primaryEmail,
recoveryEmail,
recoveryPhone,
relations,
sshPublicKeys,
suspended,
suspensionReason,
thumbnailPhotoEtag,
thumbnailPhotoUrl,
websites;

`DELETE` examples

delete

Deletes a user.

DELETE FROM googleadmin.directory.users
WHERE userKey = '{{ userKey }}' --required;

Lifecycle Methods

make_admin
undelete
watch
sign_out

Makes a user a super administrator.

EXEC googleadmin.directory.users.make_admin 
@userKey='{{ userKey }}' --required 
@@json=
'{
"status": {{ status }}
}';

Undeletes a deleted user.

EXEC googleadmin.directory.users.undelete 
@userKey='{{ userKey }}' --required 
@@json=
'{
"orgUnitPath": "{{ orgUnitPath }}"
}';

Watches for changes in users list.

EXEC googleadmin.directory.users.watch 
@domain='{{ domain }}', 
@customer='{{ customer }}', 
@event='{{ event }}', 
@customFieldMask='{{ customFieldMask }}', 
@maxResults='{{ maxResults }}', 
@orderBy='{{ orderBy }}', 
@pageToken='{{ pageToken }}', 
@projection='{{ projection }}', 
@query='{{ query }}', 
@showDeleted='{{ showDeleted }}', 
@sortOrder='{{ sortOrder }}', 
@viewType='{{ viewType }}' 
@@json=
'{
"id": "{{ id }}", 
"token": "{{ token }}", 
"expiration": "{{ expiration }}", 
"type": "{{ type }}", 
"address": "{{ address }}", 
"payload": {{ payload }}, 
"params": "{{ params }}", 
"resourceId": "{{ resourceId }}", 
"resourceUri": "{{ resourceUri }}", 
"kind": "{{ kind }}"
}';

Signs a user out of all web and device sessions and reset their sign-in cookies. User will have to sign in by authenticating again.

EXEC googleadmin.directory.users.sign_out 
@userKey='{{ userKey }}' --required;

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

REPLACE examples​

DELETE examples​

Lifecycle Methods​