Retrieve a Group

This API is used to retrieve a single Group by unique Id or all of the configured Groups.

Request#

API Key Authentication
Retrieve all of the Groups
GET/api/group

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.


API Key Authentication
Retrieve a Group by Id
GET/api/group/{groupId}
OpenAPI Spec

Request Parameters#

groupIdUUIDrequired

The unique Id of the Group to retrieve.

Request Headers#

X-FusionAuth-TenantIdStringoptional

The unique Id of the tenant used to scope this API request.

The tenant Id is not required on this request even when more than one tenant has been configured because the tenant can be identified based upon the request parameters or it is otherwise not required.

Specify a tenant Id on this request when you want to ensure the request is scoped to a specific tenant. The tenant Id may be provided through this header or by using a tenant locked API key to achieve the same result.

See Making an API request using a Tenant Id for additional information.

Response#

The response for this API contains either a single Group or all of the Groups. When you call this API with an Id the response will contain a single Group. When you call this API without an Id the response will contain all of the Groups. Both response types are defined below along with an example JSON response.

Response Codes
CodeDescription
200The request was successful. The response will contain a JSON body.
400The request was invalid and/or malformed. The response will contain an Errors JSON Object with the specific errors. This status will also be returned if a paid FusionAuth license is required and is not present.
401You did not supply a valid Authorization header. The header was omitted or your API key was not valid. The response will be empty. See Authentication.
404The object you requested doesn't exist. The response will be empty.
500There was an internal error. A stack trace is provided and logged in the FusionAuth log files. The response will be empty.

Response Body#

group.dataObject

An object that can hold any information about the Group that should be persisted.

group.idUUID

The unique Id of the Group.

group.insertInstantLong

The instant that the Group was added to the FusionAuth database.

group.lastUpdateInstantLong

The instant that the Group was updated in the FusionAuth database.

group.nameString

The name of the Group.

group.rolesMap<UUID, List<Object>

The roles assigned to this Group. The map key is the Application Id, the value is an array of Application Roles.

group.roles[applicationId][x].descriptionString

The description of the role.

group.roles[applicationId][x].idUUID

The Application Role Unique Id

group.roles[applicationId][x].nameString

The name of the Group.

group.roles[applicationId][x].isDefaultBoolean

Whether or not the Role is a default role. A default role is automatically assigned to a user during registration if no roles are provided.

group.roles[applicationId][x].isSuperRoleBoolean

Whether or not the Role is a considered to be a super user role. This is a marker to indicate that it supersedes all other roles. FusionAuth will attempt to enforce this contract when using the web UI, it is not enforced programmatically when using the API.

group.tenantIdUUID

The unique Id of the Tenant.

Example Response JSON

{
  "group": {
    "data": {
      "description": "This group assigns members admin access to all applications.",
      "external": {
        "createdAt": 1503000771468
      }
    },
    "id": "1188edfc-cef3-4555-910e-181ddf6153c0",
    "insertInstant": 1595361142909,
    "lastUpdateInstant": 1595361143101,
    "name": "Company Admins",
    "roles": {
      "931fded0-f917-439d-b447-d7f21b37a134": [
        {
          "id": "68259c40-0b4e-4245-8956-7e5af0959c2b",
          "isDefault": false,
          "isSuperRole": true,
          "name": "admin"
        }
      ],
      "07d1efe7-9a14-433d-8247-2235e67736f0": [
        {
          "id": "00f24e72-52e2-4f55-8ea1-6a06bfe10df5",
          "isDefault": false,
          "isSuperRole": true,
          "name": "ADMIN"
        }
      ],
      "d23e9a51-2b20-4384-9c74-432e12219aad": [
        {
          "id": "11a5b1b8-7ef5-476f-af7d-69e19796fa8b",
          "isDefault": false,
          "isSuperRole": true,
          "name": "Administrator"
        }
      ]
    },
    "tenantId": "30663132-6464-6665-3032-326466613934"
  }
}

Response Body#

groupsArray

The list of Group objects.

groups[x].dataObject

An object that can hold any information about the Group that should be persisted.

groups[x].idUUID

The name of the Group.

group[x].insertInstantLong

The instant that the Group was added to the FusionAuth database.

group[x].lastUpdateInstantLong

The instant that the Group was updated in the FusionAuth database.

groups[x].nameString

The name of the Group.

groups[x].rolesMap<UUID, List<Object>

The roles assigned to this Group. The map key is the Application Id, the value is an array of Application Roles.

groups[x].roles[applicationId][x].descriptionString

The description of the role.

groups[x].roles[applicationId][x].idUUID

The Application Role Unique Id

groups[x].roles[applicationId][x].nameString

The name of the Group.

groups[x].roles[applicationId][x].isDefaultBoolean

Whether or not the Role is a default role. A default role is automatically assigned to a user during registration if no roles are provided.

groups[x].roles[applicationId][x].isSuperRoleBoolean

Whether or not the Role is a considered to be a super user role. This is a marker to indicate that it supersedes all other roles. FusionAuth will attempt to enforce this contract when using the web UI, it is not enforced programmatically when using the API.

groups[x].tenantIdUUID

The unique Id of the Tenant.

Example Response JSON

{
  "groups": [
    {
      "data": {
        "description": "This group assigns members admin access to all applications.",
        "external": {
          "createdAt": 1503000771468
        }
      },
      "id": "1188edfc-cef3-4555-910e-181ddf6153c0",
      "insertInstant": 1595361142909,
      "lastUpdateInstant": 1595361143101,
      "name": "Company Admins",
      "roles": {
        "931fded0-f917-439d-b447-d7f21b37a134": [
          {
            "id": "68259c40-0b4e-4245-8956-7e5af0959c2b",
            "isDefault": false,
            "isSuperRole": true,
            "name": "admin"
          }
        ],
        "07d1efe7-9a14-433d-8247-2235e67736f0": [
          {
            "id": "00f24e72-52e2-4f55-8ea1-6a06bfe10df5",
            "isDefault": false,
            "isSuperRole": true,
            "name": "ADMIN"
          }
        ],
        "d23e9a51-2b20-4384-9c74-432e12219aad": [
          {
            "id": "11a5b1b8-7ef5-476f-af7d-69e19796fa8b",
            "isDefault": false,
            "isSuperRole": true,
            "name": "Administrator"
          }
        ]
      },
      "tenantId": "30663132-6464-6665-3032-326466613934"
    }
  ]
}