2016-10-21 04:01:34 -05:00
+++
title = "User HTTP API "
description = "Grafana User HTTP API"
keywords = ["grafana", "http", "documentation", "api", "user"]
2019-12-30 01:17:03 -06:00
aliases = ["/docs/grafana/latest/http_api/user/"]
2016-10-21 04:01:34 -05:00
type = "docs"
[menu.docs]
name = "Users"
parent = "http_api"
+++
# User HTTP resources / actions
2016-02-03 00:59:22 -06:00
2016-02-05 03:47:34 -06:00
## Search Users
2016-02-03 00:59:22 -06:00
2017-02-21 09:09:15 -06:00
`GET /api/users?perpage=10&page=1`
2016-02-03 00:59:22 -06:00
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/users HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
2016-02-03 00:59:22 -06:00
2017-08-11 03:24:54 -05:00
Default value for the `perpage` parameter is `1000` and for the `page` parameter is `1` . Requires basic authentication and that the authenticated user is a Grafana Admin.
2017-02-21 09:09:15 -06:00
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"id": 1,
"name": "Admin",
"login": "admin",
"email": "admin@mygraf.com",
"isAdmin": true
},
{
"id": 2,
"name": "User",
"login": "user",
"email": "user@mygraf.com",
"isAdmin": false
}
]
```
2016-02-03 00:59:22 -06:00
2017-02-21 09:09:15 -06:00
## Search Users with Paging
2017-03-23 12:07:29 -05:00
`GET /api/users/search?perpage=10&page=1&query=mygraf`
2017-02-21 09:09:15 -06:00
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/users/search?perpage=10& page=1& query=mygraf HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
2017-02-21 09:09:15 -06:00
2020-02-14 10:11:08 -06:00
Default value for the `perpage` parameter is `1000` and for the `page` parameter is `1` . The `totalCount` field in the response can be used for pagination of the user list E.g. if `totalCount` is equal to 100 users and the `perpage` parameter is set to 10 then there are 10 pages of users. The `query` parameter is optional and it will return results where the query value is contained in one of the `name` , `login` or `email` fields. Query values with spaces need to be URL encoded e.g. `query=Jane%20Doe` .
2017-02-21 09:09:15 -06:00
2017-08-11 03:24:54 -05:00
Requires basic authentication and that the authenticated user is a Grafana Admin.
2017-02-21 09:09:15 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
{
"totalCount": 2,
"users": [
2017-02-21 09:09:15 -06:00
{
2017-10-05 12:01:03 -05:00
"id": 1,
"name": "Admin",
"login": "admin",
"email": "admin@mygraf.com",
"isAdmin": true
},
{
"id": 2,
"name": "User",
"login": "user",
"email": "user@mygraf.com",
"isAdmin": false
2017-02-21 09:09:15 -06:00
}
2017-10-05 12:01:03 -05:00
],
"page": 1,
"perPage": 10
}
```
2017-02-21 09:09:15 -06:00
2016-02-05 03:47:34 -06:00
## Get single user by Id
2016-02-03 00:59:22 -06:00
`GET /api/users/:id`
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/users/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
2017-08-11 03:24:54 -05:00
Requires basic authentication and that the authenticated user is a Grafana Admin.
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{
2019-09-30 14:54:09 -05:00
"id": "1",
"email": "user@mygraf.com",
2017-10-05 12:01:03 -05:00
"name": "admin",
"login": "admin",
"theme": "light",
"orgId": 1,
2019-09-30 14:54:09 -05:00
"isGrafanaAdmin": true,
"isDisabled": true,
"isExternal": false,
"authLabels": [],
"updatedAt": "2019-09-09T11:31:26+01:00",
"createdAt": "2019-09-09T11:31:26+01:00"
2017-10-05 12:01:03 -05:00
}
```
2016-02-03 00:59:22 -06:00
2017-01-30 23:25:55 -06:00
## Get single user by Username(login) or Email
2017-02-14 05:56:49 -06:00
`GET /api/users/lookup?loginOrEmail=user@mygraf.com`
2017-01-30 23:25:55 -06:00
2017-02-14 05:56:49 -06:00
**Example Request using the email as option**:
2017-01-30 23:25:55 -06:00
2017-10-05 12:01:03 -05:00
```http
GET /api/users/lookup?loginOrEmail=user@mygraf.com HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2017-01-30 23:25:55 -06:00
2017-02-14 05:56:49 -06:00
**Example Request using the username as option**:
2017-10-05 12:01:03 -05:00
```http
GET /api/users/lookup?loginOrEmail=admin HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
2017-08-11 03:24:54 -05:00
Requires basic authentication and that the authenticated user is a Grafana Admin.
2017-01-30 23:25:55 -06:00
2017-02-14 05:56:49 -06:00
**Example Response**:
2017-01-30 23:25:55 -06:00
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2017-01-30 23:25:55 -06:00
2017-10-05 12:01:03 -05:00
{
2019-03-01 09:07:34 -06:00
"id": 1,
2017-12-19 14:30:35 -06:00
"email": "user@mygraf.com",
2017-10-05 12:01:03 -05:00
"name": "admin",
"login": "admin",
"theme": "light",
"orgId": 1,
2019-09-30 14:54:09 -05:00
"isGrafanaAdmin": true,
"isDisabled": false,
"isExternal": false,
"authLabels": null,
"updatedAt": "2019-09-25T14:44:37+01:00",
"createdAt": "2019-09-25T14:44:37+01:00"
2017-10-05 12:01:03 -05:00
}
```
2017-01-30 23:25:55 -06:00
2016-02-05 03:47:34 -06:00
## User Update
2016-02-03 00:59:22 -06:00
`PUT /api/users/:id`
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
PUT /api/users/2 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{
"email":"user@mygraf.com",
"name":"User2",
"login":"user",
"theme":"light"
}
```
2016-02-03 00:59:22 -06:00
2017-08-11 03:24:54 -05:00
Requires basic authentication and that the authenticated user is a Grafana Admin.
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{"message":"User updated"}
```
2016-02-03 00:59:22 -06:00
2018-11-28 13:33:41 -06:00
## Get Organizations for user
2016-02-03 00:59:22 -06:00
`GET /api/users/:id/orgs`
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/users/1/orgs HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
2017-08-11 03:24:54 -05:00
Requires basic authentication and that the authenticated user is a Grafana Admin.
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
[
{
"orgId":1,
"name":"Main Org.",
"role":"Admin"
}
]
```
2016-02-03 00:59:22 -06:00
2018-11-19 20:17:46 -06:00
## Get Teams for user
`GET /api/users/:id/teams`
**Example Request**:
```http
GET /api/users/1/teams HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Basic YWRtaW46YWRtaW4=
```
Requires basic authentication and that the authenticated user is a Grafana Admin.
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"id":1,
"orgId":1,
"name":"team1",
"email":"",
"avatarUrl":"/avatar/3fcfe295eae3bcb67a49349377428a66",
"memberCount":1
}
]
```
2016-02-03 00:59:22 -06:00
## User
2016-02-05 03:47:34 -06:00
## Actual User
2016-02-03 00:59:22 -06:00
`GET /api/user`
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/user HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{
"email":"admin@mygraf.com",
"name":"Admin",
"login":"admin",
"theme":"light",
"orgId":1,
"isGrafanaAdmin":true
}
```
2016-02-03 00:59:22 -06:00
2016-02-05 03:47:34 -06:00
## Change Password
2016-02-03 00:59:22 -06:00
`PUT /api/user/password`
Changes the password for the user
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
PUT /api/user/password HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{
"oldPassword": "old_password",
2019-11-26 10:21:25 -06:00
"newPassword": "new_password"
2017-10-05 12:01:03 -05:00
}
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{"message":"User password changed"}
```
2016-02-03 00:59:22 -06:00
2020-01-10 11:41:39 -06:00
**Change Password with a Script**
If you need to change a password with a script, here is an example of changing the Admin password using curl with basic auth:
```bash
curl -X PUT -H "Content-Type: application/json" -d '{
"oldPassword": "oldpass",
"newPassword": "newpass",
"confirmNew": "newpass"
}' http://admin:oldpass@< your_grafana_host > :3000/api/user/password
```
2017-08-11 03:24:54 -05:00
## Switch user context for a specified user
`POST /api/users/:userId/using/:organizationId`
Switch user context to the given organization. Requires basic authentication and that the authenticated user is a Grafana Admin.
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
POST /api/users/7/using/2 HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
```
2017-08-11 03:24:54 -05:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2017-08-11 03:24:54 -05:00
2017-10-05 12:01:03 -05:00
{"message":"Active organization changed"}
```
2017-08-11 03:24:54 -05:00
## Switch user context for signed in user
2016-02-03 00:59:22 -06:00
2017-08-11 03:24:54 -05:00
`POST /api/user/using/:organizationId`
2016-02-03 00:59:22 -06:00
2017-08-11 03:24:54 -05:00
Switch user context to the given organization.
2016-02-03 00:59:22 -06:00
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
POST /api/user/using/2 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{"message":"Active organization changed"}
```
2016-02-03 00:59:22 -06:00
2018-11-28 13:33:41 -06:00
## Organizations of the actual User
2016-02-03 00:59:22 -06:00
`GET /api/user/orgs`
2018-11-28 13:33:41 -06:00
Return a list of all organizations of the current user.
2016-02-03 00:59:22 -06:00
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
GET /api/user/orgs HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
[
{
"orgId":1,
"name":"Main Org.",
"role":"Admin"
}
]
```
2016-02-03 00:59:22 -06:00
2018-08-08 03:26:05 -05:00
## Teams that the actual User is member of
`GET /api/user/teams`
Return a list of all teams that the current user is member of.
**Example Request**:
```http
GET /api/user/teams HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"id": 1,
"orgId": 1,
"name": "MyTestTeam",
"email": "",
"avatarUrl": "\/avatar\/3f49c15916554246daa714b9bd0ee398",
"memberCount": 1
}
]
```
2016-02-05 03:47:34 -06:00
## Star a dashboard
2016-02-03 00:59:22 -06:00
`POST /api/user/stars/dashboard/:dashboardId`
Stars the given Dashboard for the actual user.
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
POST /api/user/stars/dashboard/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{"message":"Dashboard starred!"}
```
2016-02-03 00:59:22 -06:00
2016-02-05 03:47:34 -06:00
## Unstar a dashboard
2016-02-03 00:59:22 -06:00
`DELETE /api/user/stars/dashboard/:dashboardId`
Deletes the starring of the given Dashboard for the actual user.
**Example Request**:
2017-10-05 12:01:03 -05:00
```http
DELETE /api/user/stars/dashboard/1 HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
2016-02-03 00:59:22 -06:00
**Example Response**:
2017-10-05 12:01:03 -05:00
```http
HTTP/1.1 200
Content-Type: application/json
2016-02-03 00:59:22 -06:00
2017-10-05 12:01:03 -05:00
{"message":"Dashboard unstarred"}
2017-12-19 14:30:35 -06:00
```
2019-03-08 08:15:57 -06:00
## Auth tokens of the actual User
`GET /api/user/auth-tokens`
Return a list of all auth tokens (devices) that the actual user currently have logged in from.
**Example Request**:
```http
GET /api/user/auth-tokens HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
[
{
"id": 361,
"isActive": true,
"clientIp": "127.0.0.1",
2019-06-11 07:12:52 -05:00
"browser": "Chrome",
"browserVersion": "72.0",
"os": "Linux",
"osVersion": "",
"device": "Other",
2019-03-08 08:15:57 -06:00
"createdAt": "2019-03-05T21:22:54+01:00",
"seenAt": "2019-03-06T19:41:06+01:00"
},
{
"id": 364,
"isActive": false,
"clientIp": "127.0.0.1",
2019-06-11 07:12:52 -05:00
"browser": "Mobile Safari",
"browserVersion": "11.0",
"os": "iOS",
"osVersion": "11.0",
"device": "iPhone",
2019-03-08 08:15:57 -06:00
"createdAt": "2019-03-06T19:41:19+01:00",
"seenAt": "2019-03-06T19:41:21+01:00"
}
]
```
## Revoke an auth token of the actual User
`POST /api/user/revoke-auth-token`
Revokes the given auth token (device) for the actual user. User of issued auth token (device) will no longer be logged in
and will be required to authenticate again upon next activity.
**Example Request**:
```http
POST /api/user/revoke-auth-token HTTP/1.1
Accept: application/json
Content-Type: application/json
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
{
"authTokenId": 364
}
```
**Example Response**:
```http
HTTP/1.1 200
Content-Type: application/json
{
"message": "User auth token revoked"
}
```