# Users ## List users `admin.organization.users.list(**kwargs) -> ConversationCursorPage` **get** `/organization/users` Lists all of the users in the organization. ### Parameters - `after: String` A cursor for use in pagination. `after` is an object ID that defines your place in the list. For instance, if you make a list request and receive 100 objects, ending with obj_foo, your subsequent call can include after=obj_foo in order to fetch the next page of the list. - `emails: Array[String]` Filter by the email address of users. - `limit: Integer` A limit on the number of objects to be returned. Limit can range between 1 and 100, and the default is 20. ### Returns - `class OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") page = openai.admin.organization.users.list puts(page) ``` #### Response ```json { "data": [ { "id": "id", "added_at": 0, "object": "organization.user", "api_key_last_used_at": 0, "created": 0, "developer_persona": "developer_persona", "email": "email", "is_default": true, "is_scale_tier_authorized_purchaser": true, "is_scim_managed": true, "is_service_account": true, "name": "name", "projects": { "data": [ { "id": "id", "name": "name", "role": "role" } ], "object": "list" }, "role": "role", "technical_level": "technical_level", "user": { "id": "id", "object": "user", "banned": true, "banned_at": 0, "email": "email", "enabled": true, "name": "name", "picture": "picture" } } ], "has_more": true, "object": "list", "first_id": "first_id", "last_id": "last_id" } ``` ## Retrieve user `admin.organization.users.retrieve(user_id) -> OrganizationUser` **get** `/organization/users/{user_id}` Retrieves a user by their identifier. ### Parameters - `user_id: String` ### Returns - `class OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") organization_user = openai.admin.organization.users.retrieve("user_id") puts(organization_user) ``` #### Response ```json { "id": "id", "added_at": 0, "object": "organization.user", "api_key_last_used_at": 0, "created": 0, "developer_persona": "developer_persona", "email": "email", "is_default": true, "is_scale_tier_authorized_purchaser": true, "is_scim_managed": true, "is_service_account": true, "name": "name", "projects": { "data": [ { "id": "id", "name": "name", "role": "role" } ], "object": "list" }, "role": "role", "technical_level": "technical_level", "user": { "id": "id", "object": "user", "banned": true, "banned_at": 0, "email": "email", "enabled": true, "name": "name", "picture": "picture" } } ``` ## Modify user `admin.organization.users.update(user_id, **kwargs) -> OrganizationUser` **post** `/organization/users/{user_id}` Modifies a user's role in the organization. ### Parameters - `user_id: String` - `developer_persona: String` Developer persona metadata. - `role: String` `owner` or `reader` - `role_id: String` Role ID to assign to the user. - `technical_level: String` Technical level metadata. ### Returns - `class OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") organization_user = openai.admin.organization.users.update("user_id") puts(organization_user) ``` #### Response ```json { "id": "id", "added_at": 0, "object": "organization.user", "api_key_last_used_at": 0, "created": 0, "developer_persona": "developer_persona", "email": "email", "is_default": true, "is_scale_tier_authorized_purchaser": true, "is_scim_managed": true, "is_service_account": true, "name": "name", "projects": { "data": [ { "id": "id", "name": "name", "role": "role" } ], "object": "list" }, "role": "role", "technical_level": "technical_level", "user": { "id": "id", "object": "user", "banned": true, "banned_at": 0, "email": "email", "enabled": true, "name": "name", "picture": "picture" } } ``` ## Delete user `admin.organization.users.delete(user_id) -> UserDeleteResponse` **delete** `/organization/users/{user_id}` Deletes a user from the organization. ### Parameters - `user_id: String` ### Returns - `class UserDeleteResponse` - `id: String` - `deleted: bool` - `object: :"organization.user.deleted"` - `:"organization.user.deleted"` ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") user = openai.admin.organization.users.delete("user_id") puts(user) ``` #### Response ```json { "id": "id", "deleted": true, "object": "organization.user.deleted" } ``` ## Domain Types ### Organization User - `class OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### User Delete Response - `class UserDeleteResponse` - `id: String` - `deleted: bool` - `object: :"organization.user.deleted"` - `:"organization.user.deleted"` # Roles ## List user organization role assignments `admin.organization.users.roles.list(user_id, **kwargs) -> NextCursorPage` **get** `/organization/users/{user_id}/roles` Lists the organization roles assigned to a user within the organization. ### Parameters - `user_id: String` - `after: String` Cursor for pagination. Provide the value from the previous response's `next` field to continue listing organization roles. - `limit: Integer` A limit on the number of organization role assignments to return. - `order: :asc | :desc` Sort order for the returned organization roles. - `:asc` - `:desc` ### Returns - `class RoleListResponse` Detailed information about a role assignment entry returned when listing assignments. - `id: String` Identifier for the role. - `assignment_sources: Array[AssignmentSource{ principal_id, principal_type}]` Principals from which the role assignment is inherited, when available. - `principal_id: String` - `principal_type: String` - `created_at: Integer` When the role was created. - `created_by: String` Identifier of the actor who created the role. - `created_by_user_obj: Hash[Symbol, untyped]` User details for the actor that created the role, when available. - `description: String` Description of the role. - `metadata: Hash[Symbol, untyped]` Arbitrary metadata stored on the role. - `name: String` Name of the role. - `permissions: Array[String]` Permissions associated with the role. - `predefined_role: bool` Whether the role is predefined by OpenAI. - `resource_type: String` Resource type the role applies to. - `updated_at: Integer` When the role was last updated. ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") page = openai.admin.organization.users.roles.list("user_id") puts(page) ``` #### Response ```json { "data": [ { "id": "id", "assignment_sources": [ { "principal_id": "principal_id", "principal_type": "principal_type" } ], "created_at": 0, "created_by": "created_by", "created_by_user_obj": { "foo": "bar" }, "description": "description", "metadata": { "foo": "bar" }, "name": "name", "permissions": [ "string" ], "predefined_role": true, "resource_type": "resource_type", "updated_at": 0 } ], "has_more": true, "next": "next", "object": "list" } ``` ## Assign organization role to user `admin.organization.users.roles.create(user_id, **kwargs) -> RoleCreateResponse` **post** `/organization/users/{user_id}/roles` Assigns an organization role to a user within the organization. ### Parameters - `user_id: String` - `role_id: String` Identifier of the role to assign. ### Returns - `class RoleCreateResponse` Role assignment linking a user to a role. - `object: :"user.role"` Always `user.role`. - `:"user.role"` - `role: Role` Details about a role that can be assigned through the public Roles API. - `id: String` Identifier for the role. - `description: String` Optional description of the role. - `name: String` Unique name for the role. - `object: :role` Always `role`. - `:role` - `permissions: Array[String]` Permissions granted by the role. - `predefined_role: bool` Whether the role is predefined and managed by OpenAI. - `resource_type: String` Resource type the role is bound to (for example `api.organization` or `api.project`). - `user: OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") role = openai.admin.organization.users.roles.create("user_id", role_id: "role_id") puts(role) ``` #### Response ```json { "object": "user.role", "role": { "id": "id", "description": "description", "name": "name", "object": "role", "permissions": [ "string" ], "predefined_role": true, "resource_type": "resource_type" }, "user": { "id": "id", "added_at": 0, "object": "organization.user", "api_key_last_used_at": 0, "created": 0, "developer_persona": "developer_persona", "email": "email", "is_default": true, "is_scale_tier_authorized_purchaser": true, "is_scim_managed": true, "is_service_account": true, "name": "name", "projects": { "data": [ { "id": "id", "name": "name", "role": "role" } ], "object": "list" }, "role": "role", "technical_level": "technical_level", "user": { "id": "id", "object": "user", "banned": true, "banned_at": 0, "email": "email", "enabled": true, "name": "name", "picture": "picture" } } } ``` ## Retrieve user organization role `admin.organization.users.roles.retrieve(role_id, **kwargs) -> RoleRetrieveResponse` **get** `/organization/users/{user_id}/roles/{role_id}` Retrieves an organization role assigned to a user. ### Parameters - `user_id: String` - `role_id: String` ### Returns - `class RoleRetrieveResponse` Detailed information about a role assignment entry returned when listing assignments. - `id: String` Identifier for the role. - `assignment_sources: Array[AssignmentSource{ principal_id, principal_type}]` Principals from which the role assignment is inherited, when available. - `principal_id: String` - `principal_type: String` - `created_at: Integer` When the role was created. - `created_by: String` Identifier of the actor who created the role. - `created_by_user_obj: Hash[Symbol, untyped]` User details for the actor that created the role, when available. - `description: String` Description of the role. - `metadata: Hash[Symbol, untyped]` Arbitrary metadata stored on the role. - `name: String` Name of the role. - `permissions: Array[String]` Permissions associated with the role. - `predefined_role: bool` Whether the role is predefined by OpenAI. - `resource_type: String` Resource type the role applies to. - `updated_at: Integer` When the role was last updated. ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") role = openai.admin.organization.users.roles.retrieve("role_id", user_id: "user_id") puts(role) ``` #### Response ```json { "id": "id", "assignment_sources": [ { "principal_id": "principal_id", "principal_type": "principal_type" } ], "created_at": 0, "created_by": "created_by", "created_by_user_obj": { "foo": "bar" }, "description": "description", "metadata": { "foo": "bar" }, "name": "name", "permissions": [ "string" ], "predefined_role": true, "resource_type": "resource_type", "updated_at": 0 } ``` ## Unassign organization role from user `admin.organization.users.roles.delete(role_id, **kwargs) -> RoleDeleteResponse` **delete** `/organization/users/{user_id}/roles/{role_id}` Unassigns an organization role from a user within the organization. ### Parameters - `user_id: String` - `role_id: String` ### Returns - `class RoleDeleteResponse` Confirmation payload returned after unassigning a role. - `deleted: bool` Whether the assignment was removed. - `object: String` Identifier for the deleted assignment, such as `group.role.deleted` or `user.role.deleted`. ### Example ```ruby require "openai" openai = OpenAI::Client.new(admin_api_key: "My Admin API Key") role = openai.admin.organization.users.roles.delete("role_id", user_id: "user_id") puts(role) ``` #### Response ```json { "deleted": true, "object": "object" } ``` ## Domain Types ### Role List Response - `class RoleListResponse` Detailed information about a role assignment entry returned when listing assignments. - `id: String` Identifier for the role. - `assignment_sources: Array[AssignmentSource{ principal_id, principal_type}]` Principals from which the role assignment is inherited, when available. - `principal_id: String` - `principal_type: String` - `created_at: Integer` When the role was created. - `created_by: String` Identifier of the actor who created the role. - `created_by_user_obj: Hash[Symbol, untyped]` User details for the actor that created the role, when available. - `description: String` Description of the role. - `metadata: Hash[Symbol, untyped]` Arbitrary metadata stored on the role. - `name: String` Name of the role. - `permissions: Array[String]` Permissions associated with the role. - `predefined_role: bool` Whether the role is predefined by OpenAI. - `resource_type: String` Resource type the role applies to. - `updated_at: Integer` When the role was last updated. ### Role Create Response - `class RoleCreateResponse` Role assignment linking a user to a role. - `object: :"user.role"` Always `user.role`. - `:"user.role"` - `role: Role` Details about a role that can be assigned through the public Roles API. - `id: String` Identifier for the role. - `description: String` Optional description of the role. - `name: String` Unique name for the role. - `object: :role` Always `role`. - `:role` - `permissions: Array[String]` Permissions granted by the role. - `predefined_role: bool` Whether the role is predefined and managed by OpenAI. - `resource_type: String` Resource type the role is bound to (for example `api.organization` or `api.project`). - `user: OrganizationUser` Represents an individual `user` within an organization. - `id: String` The identifier, which can be referenced in API endpoints - `added_at: Integer` The Unix timestamp (in seconds) of when the user was added. - `object: :"organization.user"` The object type, which is always `organization.user` - `:"organization.user"` - `api_key_last_used_at: Integer` The Unix timestamp (in seconds) of the user's last API key usage. - `created: Integer` The Unix timestamp (in seconds) of when the user was created. - `developer_persona: String` The developer persona metadata for the user. - `email: String` The email address of the user - `is_default: bool` Whether this is the organization's default user. - `is_scale_tier_authorized_purchaser: bool` Whether the user is an authorized purchaser for Scale Tier. - `is_scim_managed: bool` Whether the user is managed through SCIM. - `is_service_account: bool` Whether the user is a service account. - `name: String` The name of the user - `projects: Projects{ data, object}` Projects associated with the user, if included. - `data: Array[Data{ id, name, role}]` - `id: String` - `name: String` - `role: String` - `object: :list` - `:list` - `role: String` `owner` or `reader` - `technical_level: String` The technical level metadata for the user. - `user: User{ id, object, banned, 5 more}` Nested user details. - `id: String` - `object: :user` - `:user` - `banned: bool` - `banned_at: Integer` - `email: String` - `enabled: bool` - `name: String` - `picture: String` ### Role Retrieve Response - `class RoleRetrieveResponse` Detailed information about a role assignment entry returned when listing assignments. - `id: String` Identifier for the role. - `assignment_sources: Array[AssignmentSource{ principal_id, principal_type}]` Principals from which the role assignment is inherited, when available. - `principal_id: String` - `principal_type: String` - `created_at: Integer` When the role was created. - `created_by: String` Identifier of the actor who created the role. - `created_by_user_obj: Hash[Symbol, untyped]` User details for the actor that created the role, when available. - `description: String` Description of the role. - `metadata: Hash[Symbol, untyped]` Arbitrary metadata stored on the role. - `name: String` Name of the role. - `permissions: Array[String]` Permissions associated with the role. - `predefined_role: bool` Whether the role is predefined by OpenAI. - `resource_type: String` Resource type the role applies to. - `updated_at: Integer` When the role was last updated. ### Role Delete Response - `class RoleDeleteResponse` Confirmation payload returned after unassigning a role. - `deleted: bool` Whether the assignment was removed. - `object: String` Identifier for the deleted assignment, such as `group.role.deleted` or `user.role.deleted`.