user.query

Query users with query-filters and query-options.

If users provided by Active Directory or LDAP are not desired, then “local”, “=”, True should be added to filters.

Type: object

Type: array
No Additional Items

Tuple Validation

Parameter 1: filters

filters

Type: array Default: []

List of filters for query results. See API documentation for "Query Methods" for more guidance.

 No Additional Items
Each item of this array must be:
Type: object

Examples:

[
    [
        "name",
        "=",
        "bob"
    ]
]

[
    [
        "OR",
        [
            [
                [
                    "name",
                    "=",
                    "bob"
                ]
            ],
            [
                [
                    "name",
                    "=",
                    "larry"
                ]
            ]
        ]
    ]
]
Parameter 2: options

options

Type: object
Default:
{ "relationships": true, "extend": null, "extend_fk": [], "extend_context": null, "prefix": null, "extra": {}, "order_by": [], "select": [], "count": false, "get": false, "offset": 0, "limit": 0, "force_sql_filters": false }

Query options customize the results returned by a query method. More complete documentation with examples
are covered in the "Query methods" section of the TrueNAS API documentation.

No Additional Properties

Relationships

Type: boolean Default: true

Extend

Default: null

Type: string
Type: null

Extend Fk

Type: array of string Default: []
No Additional Items
Each item of this array must be:
Type: string

Extend Context

Default: null

Type: string
Type: null

Prefix

Default: null

Type: string
Type: null

Extra

Type: object Default: {}

Extra options are defined on a per-endpoint basis and are described in the documentation for the associated
query method.

Order By

Type: array of string Default: []

An array of field names describing the manner in which query results should be ordered. The field names may
also have one of more of the following special prefixes: - (reverse sort direction), nulls_first: (place
any null values at the head of the results list), nulls_last: (place any null values at the tail of the
results list).

No Additional Items
Each item of this array must be:
Type: string

Example:

[
    "size",
    "-devname",
    "nulls_first:-expiretime"
]

Select

Type: array Default: []

An array of field names specifying the exact fields to include in the query return. The dot character .
may be used to explicitly select only subkeys of the query result.

No Additional Items
Each item of this array must be:

Type: string
Type: array
No Additional Items
Each item of this array must be:
Type: object

Example:

[
    "username",
    "Authentication.status"
]

Count

Type: boolean Default: false

Return a numeric value representing the number of items that match the specified query-filters.

Get

Type: boolean Default: false

Return the JSON object of the first result matching the specified query-filters. The query fails
if there specified query-filters return no results.

Offset

Type: integer Default: 0

This specifies the beginning offset of the results array. When combined with the limit query-option
it may be used to implement pagination of large results arrays. WARNING: some query methods provide
volatile results and the onus is on the developer to understand whether pagination is appropriate
for a particular query API method.

Limit

Type: integer Default: 0

This specifies the maximum number of results matching the specified query-filters to return. When
combined wtih the offset query-option it may be used to implement pagination of large results arrays.
WARNING: some query methods provide volatile results and the onus is on the developer to understand whether
pagination is appropriate for a particular query API method.

Force Sql Filters

Type: boolean Default: false

Result


Type: array of object
No Additional Items
Each item of this array must be:

UserQueryResultItem

Type: object
No Additional Properties

Id

Type: integer

Uid

Type: integer

Username


Type: string
Type: string

Must be at least 1 characters long

Unixhash


Type: string
Type: null

Smbhash


Type: string
Type: null

Home

Type: string

Must be at least 1 characters long

Shell

Type: string

Available choices can be retrieved with user.shell_choices.

Must be at least 1 characters long

Full Name

Type: string

Builtin

Type: boolean

Smb

Type: boolean

Userns Idmap


Specifies the subuid mapping for this user. If DIRECT then the UID will be
directly mapped to all containers. Alternatively, the target UID may be
explicitly specified. If None, then the UID will not be mapped.

NOTE: this field will be ignored for users that have been assigned
TrueNAS roles.

Type: const
Must be one of:
  • "DIRECT"
Specific value: "DIRECT"
Type: integer

Value must be greater or equal to 1 and lesser or equal to 4294967294

Type: null

Group

Type: object

Groups

Type: array of integer

Specifies whether the user should be allowed access to SMB shares. User will also automatically be added to
the builtin_users group.

 No Additional Items
Each item of this array must be:
Type: integer

Password Disabled

Type: boolean

Ssh Password Enabled

Type: boolean

Required if password_disabled is false.

Sshpubkey


Type: string
Type: null

Locked

Type: boolean

Sudo Commands

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Sudo Commands Nopasswd

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Email


Type: stringFormat: email
Type: null

Id Type Both

Type: boolean

Local

Type: boolean

Immutable

Type: boolean

Twofactor Auth Configured

Type: boolean

Sid


Type: string
Type: null

Last Password Change


The date of the last password change for local user accounts.

Type: stringFormat: date-time
Type: null

Password Age


The age in days of the password for local user accounts.

Type: integer
Type: null

Password History


This contains hashes of the ten most recent passwords used by local user accounts, and is
for enforcing password history requirements as defined in system.security.

Type: array
No Additional Items
Each item of this array must be:
Type: object
Type: null

Password Change Required

Type: boolean

Password change for local user account is required on next login.

Roles

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Api Keys

Type: array of integer
No Additional Items
Each item of this array must be:
Type: integer

UserQueryResultItem

Type: object
No Additional Properties

Id

Type: integer

Uid

Type: integer

Username


Type: string
Type: string

Must be at least 1 characters long

Unixhash


Type: string
Type: null

Smbhash


Type: string
Type: null

Home

Type: string

Must be at least 1 characters long

Shell

Type: string

Available choices can be retrieved with user.shell_choices.

Must be at least 1 characters long

Full Name

Type: string

Builtin

Type: boolean

Smb

Type: boolean

Userns Idmap


Specifies the subuid mapping for this user. If DIRECT then the UID will be
directly mapped to all containers. Alternatively, the target UID may be
explicitly specified. If None, then the UID will not be mapped.

NOTE: this field will be ignored for users that have been assigned
TrueNAS roles.

Type: const
Must be one of:
  • "DIRECT"
Specific value: "DIRECT"
Type: integer

Value must be greater or equal to 1 and lesser or equal to 4294967294

Type: null

Group

Type: object

Groups

Type: array of integer

Specifies whether the user should be allowed access to SMB shares. User will also automatically be added to
the builtin_users group.

 No Additional Items
Each item of this array must be:
Type: integer

Password Disabled

Type: boolean

Ssh Password Enabled

Type: boolean

Required if password_disabled is false.

Sshpubkey


Type: string
Type: null

Locked

Type: boolean

Sudo Commands

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Sudo Commands Nopasswd

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Must be at least 1 characters long

Email


Type: stringFormat: email
Type: null

Id Type Both

Type: boolean

Local

Type: boolean

Immutable

Type: boolean

Twofactor Auth Configured

Type: boolean

Sid


Type: string
Type: null

Last Password Change


The date of the last password change for local user accounts.

Type: stringFormat: date-time
Type: null

Password Age


The age in days of the password for local user accounts.

Type: integer
Type: null

Password History


This contains hashes of the ten most recent passwords used by local user accounts, and is
for enforcing password history requirements as defined in system.security.

Type: array
No Additional Items
Each item of this array must be:
Type: object
Type: null

Password Change Required

Type: boolean

Password change for local user account is required on next login.

Roles

Type: array of string
No Additional Items
Each item of this array must be:
Type: string

Api Keys

Type: array of integer
No Additional Items
Each item of this array must be:
Type: integer
Type: integer


Required roles: ACCOUNT_READ