Search Users

Search Office 365 for a user by property values. Supported search operations include 'Exact Match' and 'Starts With'. The 'Exact Match' will return users whose properties match exactly, and 'Starts With' will return users whose properties start with that value.

Caution

The Search Users action card returns a maximum of 4,000 users.

Options

Field Definition Type Required
Result Set Choose to return the First Matching Record, or return All Matching Records, which returns a list of objects as the output field on the card. Dropdown TRUE
Search By

Exact Match returns users whose properties are exactly equal to the input values.

Starts With returns users whose properties start with the input values.

Note

This operator will be applied to all properties, which means that if you choose Exact Match, then all input field properties must match in order to return results. Similarly, choosing Starts With means that all input field properties will be queried using the 'Starts With' operator. Currently, you cannot choose to perform Exact Match and Starts With searches using multiple properties on a single Search Users action.

Dropdown TRUE

Input

Field Definition Type Required
Search
About Me A field for the user to describe themselves. String FALSE
Account Enabled true if the account is enabled; otherwise, false. Boolean FALSE
Age Group The age group of the user. Allowed values: null, minor, notAdult and adult. String FALSE
Assigned Licenses The licenses that are assigned to the user. List of objects FALSE
Assigned Plans The plans that are assigned to the user. List of objects FALSE
Birthday The user's birthday. This is a timestamp value that follows the ISO 8601 format and is in UTC time. For example, midnight UTC on January 1, 2014 is expressed as 2014-01-01T00:00:00Z String FALSE
Business Phones

The telephone numbers for the user.

Note

Although this is a string collection, only one number can be set for this property.

List of text FALSE
City The city in which the user is located. String FALSE
Company Name The company name which the user is associated. This property can be useful for describing the company that an external user comes from. String FALSE
Consent Provided For Minor Whether consent has been obtained for minors. Allowed values: null, granted, denied and notRequired. String FALSE
Country The country or region in which the user is located; for example, US or UK. String FALSE
Created Date Time The created date of the user object. String FALSE
Department The name for the department in which the user works. String FALSE
Display Name The name displayed in the address book for the user. This is usually the combination of the user's first name, middle initial and last name. String FALSE
Employee Id The employee identifier assigned to the user by the organization. String FALSE
Fax Number The fax number of the user. String FALSE
Given Name The given name (first name) of the user. String FALSE
Hire Date The hire date of the user. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 would look like this: 2014-01-01T00:00:00Z. String FALSE
Id The unique identifier for the user. String FALSE
Im Addresses The instant message voice over IP (VOIP) session initiation protocol (SIP) addresses for the user. List of text FALSE
Interests A list of the user's interests. List of text FALSE
Is Resource Account true if the user is a resource account; otherwise, false. null value should be considered false. Boolean FALSE
Job Title The user's job title. String FALSE
Legal Age Group Classification Used by enterprise applications to determine the legal age group of the user. This property is read-only and calculated based on Age Group and Consent ProvidedForMinor properties. Allowed values: null, minorWithOutParentalConsent, minorWithParentalConsent, minorNoParentalConsentRequired, notAdult and adult. String FALSE
License Assignment States State of license assignments for this user. List of objects FALSE
Mail The SMTP address for the user, for example, jeff@contoso.onmicrosoft.com. String FALSE
Mail Nickname The mail alias for the user. String FALSE
Mobile Phone The primary cellular telephone number for the user. String FALSE
My Site The URL for the user's personal site. String FALSE
Office Location The office location in the user's place of business. String FALSE
On Premises Distinguished Name Contains the on-premises Active Directory distinguished name or DN. The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory using Azure AD Connect. String FALSE
On Premises Domain Name Contains the on-premises domainFQDN, also called dnsDomainName, which is synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory using Azure AD Connect. String FALSE
On Premises Extension Attributes

This contains fifteen custom extension attribute properties for the user (extensionAttribute1, ..., extensionAttribute15).

Note

Individual extension attributes can't be selected or filtered. For users where On Premises Sync Enabled is true, this set of properties is on-premises-sourced and is read-only. For a cloud-only user, where On Premises Sync Enabled is false, these properties may be set during creation or update.

Object FALSE
On Premises Immutable Id This property is used to associate an on-premises Active Directory user account to their Azure AD user object. This property must be specified when creating a new user account in the Graph if you are using a federated domain for the user's User Principal Name (UPN) property. String FALSE
On Premises Last Sync Date Time This is when the object was last synced with the on-premises directory. This is a timestamp value that follows the ISO 8601 format and is in UTC time. For example, midnight UTC on January 1, 2014 is expressed as 2014-01-01T00:00:00Z. String FALSE
On Premises Provisioning Errors Errors when using Microsoft synchronization product during provisioning. List of objects FALSE
On Premises Sam Account Name Contains the on-premises Sam AccountName synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory using Azure AD Connect. String FALSE
On Premises Security Identifier Contains the on-premises security identifier (SID) for the user that was synchronized from on-premises to the cloud. String FALSE
On Premises Sync Enabled true if this object is synced from an on-premises directory; false if this object was originally synced from an on-premises directory but is no longer synced; null if this object has never been synced from an on-premises directory (default). Boolean FALSE
On Premises User Principal Name Contains the on-premises User Principal Name synchronized from the on-premises directory. The property is only populated for customers who are synchronizing their on-premises directory to Azure Active Directory using Azure AD Connect. String FALSE
Other Mails A list of additional email addresses for the user. String FALSE
Password Policies This specifies the password policies for the user. "DisableStrongPassword" allows weaker passwords than the default policy to be used. "DisablePasswordExpiration" sets the user's password to never expire. You can specify both by entering "DisablePasswordExpiration, DisableStrongPassword". String FALSE
Password Profile The password profile for the user. The profile contains the user's password. This property is required when a user is created. The password in the profile must satisfy minimum requirements as specified by the passwordPolicies property. By default, a strong password is required. Object FALSE
Past Projects A list for the user to enumerate their past projects. List of text FALSE
Postal Code The postal code for the user's postal address. The postal code is specific to the user's country or region. In the United States of America, this attribute contains the ZIP code. String FALSE
Preferred Data Location The preferred data location for the user. String FALSE
Preferred Language The user's preferred language. This is an ISO 639-1 code. For example, en-US. String FALSE
Preferred Name The preferred name for the user. String FALSE
Provisioned Plans The plans that are provisioned for the user. List of objects FALSE
Proxy Address List of user proxy addresses. For example: ["SMTP: bob@contoso.com", "smtp: bob@sales.contoso.com"]. The any operator is required for filter expressions on multi-valued properties. List of text FALSE
Responsibilities A list for the user to enumerate their responsibilities. List of text FALSE
Schools A list for the user to enumerate the schools they have attended. List of text FALSE
Show In Address List true if the Outlook global address list should contain this user, otherwise false. If not set, this will be treated as true. For users invited through the invitation manager, this property will be set to false. Boolean FALSE
Skills A list for the user to enumerate their skills. List of text FALSE
Sign In Sessions Valid From Date Time Any refresh tokens or sessions tokens (session cookies) issued before this time are invalid, and applications will get an error when using an invalid refresh or sessions token to acquire a delegated access token (to access APIs such as Microsoft Graph). If this happens, the application will need to acquire a new refresh token by making a request to the authorize endpoint. String FALSE
State The state or province in the user's address. String FALSE
Street Address The street address of the user's place of business. String FALSE
Surname The user's surname (family name or last name). String FALSE
Usage Location (2 char) A two letter country code (ISO standard 3166). Required for users that will be assigned licenses due to legal requirement to check for availability of services in countries. Examples include: US, JP, and GB. String FALSE
User Principal Name The User Principal Name (UPN) of the user. This is an internet-style login name for the user based on RFC 822. Its format is alias@domain, where domain must be present in the tenant's collection of verified domains. This is sometimes the same as the user's email address. String FALSE
User Type A string value that can be used to classify user types in your directory, such as Member and Guest. String FALSE

Output

Field Definition Type
Id The unique identifier for the user. String
Display Name The name displayed in the address book for the user. This is usually the combination of the user's first name, middle initial and last name. String
Username The user's username. Also known as User Principal Name (UPN). This is an internet-style login name for the user based on RFC 822. Its format is alias@domain, where domain must be present in the tenant's collection of verified domains. This is sometimes the same as the user's email address. String

Related topics

Office 365 Admin connector

About the elements of Okta Workflows

Office 365 Admin Management APIs overview