Retrieve a user
You can search for a user by userId or username. With the retrieve user request, you are also retrieving the list of authenticators that are registered to the given user.
Send an HTTP request to the users endpoint
For detailed information on the HTTP request parameters and response fields, see the Users endpoint page of the API reference documentation.
The endpoint URL is different for retrieval with userId and for retrieval with username.
Send one of the following calls, depending on the chosen parameter:
userId:GET https://{instance}.mauth.nevis.cloud/api/v1/users/{userId}username:GET https://{instance}.mauth.nevis.cloud/api/v1/users?username={username}
Your instance ID and the userId or username must be included in the endpoint URL. Your access key must be sent in the Authorization Bearer token header.
If a user exceeds the rate limit for the number of SMS or push authentications, they become blocked. In this case, the HTTP response includes the exceededRateLimits field. When the user gets unblocked, the limit resets. For more information, see SMS rate limiting and Push rate limiting.
HTTP request examples
- Get user by userId
- Get user by username
cURL code sample to get user by userId
# Set $userId
curl "https://$instance.mauth.nevis.cloud/api/v1/users/$userId" \
-H "Authorization: Bearer $access_key"
Python 3 code sample to get user by userId
userId = '7e16ba00-92e2-4fcb-b30e-1af8fdc843aa'
resp = requests.get(f'https://{instance}.mauth.nevis.cloud/api/v1/users/{userId}',
headers = {'authorization': f'Bearer {access_key}'})
print(resp.json())
cURL code sample to get user by username
# Set $username
curl "https://$instance.mauth.nevis.cloud/api/v1/users?username=$username" \
-H "Authorization: Bearer $access_key"
Python 3 code sample to get user by username
data = {'username':'u12345'}
resp = requests.get(f'https://{instance}.mauth.nevis.cloud/api/v1/users',
headers = {'authorization': f'Bearer {access_key}'},
params = data)
print(resp.json())
HTTP response examples
- User with single authenticator
- User with multiple authenticators
- User with no authenticators
- User is blocked
- User not found
200 OK: User is found.
JSON code sample of a user with a single authenticator
{
"userId": "6a372961-8f09-4804-bf3e-d76cb50777ba",
"username": "009d56ad-9c28-466d-a407-ba5fce45c6bd",
"status": "active",
"createdAt": "2022-05-31T07:55:25Z",
"updatedAt": "2022-05-31T07:55:25Z",
"authenticators": [
{
"authenticatorId": "007d91e4-8b88-45a0-88ea-672efd4f10ea",
"name": "iPhone 12 25.07.2023 10:58:02",
"type": "ios",
"authenticatorType": "app",
"state": "active",
"enrolledAt": "2023-07-25T08:58:07Z",
"updatedAt": "2023-08-29T17:42:01Z",
"uaf": {
"userAgent": "NMASDK/3.3.2.447 (iPhone13,2; iPhoneOS 16.6) ch.nevis.accessapp.muvonda/2.7.20812.812"
}
}
],
"phones": [],
"recoveryCodes": null
}
200 OK: User is found.
JSON code sample of a user with multiple authenticators
{
"userId": "4c0e3f90-4ef2-47d3-8355-2496b3bf361c",
"username": "user123",
"status": "active",
"createdAt": "2022-10-15T15:22:12Z",
"updatedAt": "2022-10-15T15:22:12Z",
"authenticators": [
{
"authenticatorId": "aa5fe8af-40ca-4e7c-b72e-af767bdde974",
"name": "samsung XY-Z123A Jul 17, 2023 08:59:40",
"type": "android",
"authenticatorType": "app",
"state": "active",
"enrolledAt": "2023-07-17T06:59:44Z",
"updatedAt": "2023-07-17T06:59:44Z",
"uaf": {
"userAgent": "NMASDK/3.3.0.1443 (samsung SM-G973F; Android 12) ch.nevis.accessapp.muvonda/2.7.0.1878"
}
},
{
"authenticatorId": "e312772c-c9d0-4746-aa10-5dba62ae7da0",
"name": "fido2 auth",
"authenticatorType": "fido2",
"state": "unknown",
"enrolledAt": "2023-02-27T14:46:54Z",
"updatedAt": "2023-07-11T14:14:31Z",
"fido2": {
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36",
"rpId": "my-instance-a12345.mauth.nevis.cloud",
"aaguid": "00000000-0000-0000-0000-000000000000",
"userVerificationRequirement": "preferred",
"attestationConveyancePreference": "none",
"residentKeyRequirement": "discouraged"
}
}
],
"phones": [
{
"authenticatorId": "3538af23-3132-47b1-b2b4-f95d4f9917d8",
"name": "+363***12",
"authenticatorType": "sms",
"state": "active",
"enrolledAt": "2023-01-13T14:14:47Z",
"updatedAt": "2023-01-13T14:15:02Z",
"phoneNumber": "+363***12"
}
],
"recoveryCodes": {
"validFrom": "2023-01-23T18:02:32Z",
"validTo": "2033-01-20T18:02:32Z",
"state": "active",
"codes": [
{
"index": 0,
"usedAt": null
},
{
"index": 1,
"usedAt": "2023-01-23T18:02:42Z"
},
{
"index": 2,
"usedAt": null
},
{
"index": 3,
"usedAt": null
},
{
"index": 4,
"usedAt": null
},
{
"index": 5,
"usedAt": null
},
{
"index": 6,
"usedAt": null
},
{
"index": 7,
"usedAt": null
},
{
"index": 8,
"usedAt": null
},
{
"index": 9,
"usedAt": null
},
{
"index": 10,
"usedAt": null
},
{
"index": 11,
"usedAt": null
},
{
"index": 12,
"usedAt": null
},
{
"index": 13,
"usedAt": null
},
{
"index": 14,
"usedAt": null
},
{
"index": 15,
"usedAt": null
}
]
}
}
200 OK: User is found.
JSON code sample of a user with no authenticators
{
"userId": "1aa9dd1c-1330-4c9e-a37b-4004d1c99baa",
"username": "00cd4d81-5e3d-4ac1-ae53-9a26a3a81358",
"status": "new",
"createdAt": "2021-10-27T21:32:34Z",
"updatedAt": "2021-10-27T21:32:34Z",
"authenticators": [],
"phones": [],
"recoveryCodes": null
}
JSON code sample of a blocked user
"exceededRateLimits": {
"push": {
"resetInSeconds": "120",
"sent": "10",
"timeframe": "PT24H"
},
},
404 Not found: No user with provided userId exists.