# Users

## Overview

List of users visible to the currently-scoped User.

## Configuration

### Parameters

* `parameters.domain` will store the value of the API URL, excluding the endpoint paths like `/v1/cp/oauth/token` or `/v1/cp/domains`

### Secrets

* `secrets.client_id` will reference to Agari's Client ID
* `secrets.client_secret` will reference to Agari's Client Secret.

<figure><picture><source srcset="https://965373739-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FkxZeV4nlXcIAjMGZxzLI%2Fuploads%2FrwysEb2rM3FJarnx5dhx%2Fclientiddark.png?alt=media&#x26;token=24ef6ed6-6ac7-48c1-9ea5-d8db4b0b11c1" media="(prefers-color-scheme: dark)"><img src="https://965373739-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FkxZeV4nlXcIAjMGZxzLI%2Fuploads%2FXsprE4B4v3WLcH2AxeoC%2Fclientsecretlight.png?alt=media&#x26;token=77db1838-3b8b-4241-b47f-bb14d6872819" alt=""></picture><figcaption></figcaption></figure>

Open the **Secret** fields and click **New secret** to create a new one:

* Give the secret a **Name**.
* Turn off the **Expiration date** option.
* Click **Add new value** and paste the secret corresponding to the value.
* Click **Save**.

<figure><picture><source srcset="https://965373739-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FkxZeV4nlXcIAjMGZxzLI%2Fuploads%2FlUo7CuVpPgIVm5VNjLw6%2Fnenenew.png?alt=media&#x26;token=eb7a7231-0ac2-4099-93f9-18f9ead5add1" media="(prefers-color-scheme: dark)"><img src="https://965373739-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FkxZeV4nlXcIAjMGZxzLI%2Fuploads%2FTSD53FxGQOjijA3W3DhE%2Fimage.png?alt=media&#x26;token=9941a3c0-100a-4759-b603-30079fbc90de" alt=""></picture><figcaption></figcaption></figure>

{% hint style="info" %}
Learn more about secrets in Onum in [this article](https://docs.onum.com/administration/global-settings/organization-settings/secrets-management).
{% endhint %}

You can now select the secret you just created in the corresponding fields.

After entering the required parameters and secrets, you can choose to manually enter the fields, or simply paste the given YAML:

### Configure as YAML

Toggle this **ON** to enable a free text field where you can paste your YAML.&#x20;

```yaml
withTemporalWindow: true
temporalWindow:
  duration: 5m
  offset: 5m
  tz: UTC
  format: RFC3339
withAuthentication: true
authentication:
  type: token
  token:
    request:
      method: POST
      url: ${parameters.domain}/v1/cp/oauth/token
      headers:
        - name: Content-Type
          value: application/x-www-form-urlencoded
        - name: Accept
          value: application/json
      bodyType: urlEncoded
      bodyParams:
        - name: client_id
          value: '${secrets.client_id}'
        - name: client_secret
          value: '${secrets.client_secret}'
    tokenPath: ".access_token"
    authInjection:
      in: header
      name: Authorization
      prefix: 'Bearer '
      suffix: ''
withEnumerationPhase: false
collectionPhase:
  paginationType: offsetLimit
  limit: 200
  request:
    responseType: json
    method: GET
    url: ${parameters.domain}/v1/cp/users
    queryParams:
      - name: offset
        value: ${pagination.offset}
      - name: limit
        value: ${pagination.limit}
  output:
    select: "."
    map: "."
    outputMode: element
```

### Manually configure

If you would rather configure each field, follow the steps below.&#x20;

**Temporal Window**

Toggle **ON** to add a temporal window for events. This repeatedly shifts the time window over which data is collected.

* **Duration -** 5 minutes (`5m`) as default, adjust based on your needs.
* **Offset -** initial offset should be `5m` used to specify the index, or starting point, for the collection of items in the response.
* **Format** - `RFC3339`

**Authentication Phase**

Toggle **ON** to configure the authentication phase. This is required to get the token to pull data using **OAuth**.

* **Type**<mark style="color:red;">**\***</mark>**&#x20;-** `token`
* **Request Method**<mark style="color:red;">**\***</mark>**&#x20;-** `POST` (we would need to generate the JWT using the secrets `client_id` and `client_secret)`
* **URL**<mark style="color:red;">**\***</mark>**&#x20;-** `${parameters.domain}/v1/cp/oauth/token`
* **Headers**&#x20;
  * **Name** - `Content-type`
  * **Value** - `application/x-www-form-urlencoded`
  * **Name** - `Accept`
  * **Value** - `application/json`
* **BodyType**<mark style="color:red;">**\***</mark> - `UrlEncoded`
  * **Body params**
    * **Name -** `client_id`
    * **Value -**`'${secrets.client_id}'`
    * **Name -** `client_secret`
    * **Value -** `'${secrets.client_secret`
* **Token Path**<mark style="color:red;">**\***</mark> - `.access_token`
* **Auth Injection**
  * **In**<mark style="color:red;">**\***</mark> - `header`
  * **Name**<mark style="color:red;">**\***</mark> - `authorization`
  * **Prefix** - `Bearer`
  * **Suffix** - `''`

**Enumeration Phase**

**OFF**

**Collection Phase**&#x20;

* **Pagination Type**<mark style="color:red;">**\***</mark>**&#x20;-** `offsetLimit`To page through a collection of items, set the offset parameter to the first item of the next page. The offset calculation for the next page is: `current_offset + current_count`. The end of the collection is reached when the count of returned items is less than the limit.
* **Limit -** `200` (Maximum number of collection items to include in a response)
* **Request**&#x20;
  * **Response Type -** `JSON`
  * **Method**<mark style="color:red;">**\***</mark>**&#x20;-** `GET`
  * **URL**<mark style="color:red;">**\***</mark>**&#x20;-** `${parameters.domain}/v1/cp/users`
  * **Query Params -** &#x20;
    * **Name** - `offset`
    * **Value -** `${pagination.offset}`
    * **Name** - `limit`
    * **Value -** `${pagination.limit}`
* **Output**&#x20;
  * **Select -** `.`
  * **Map -** `.`
  * **Output Mode** - `element`

This HTTP Pull Listener now uses the data export API to extract alert events.&#x20;

Click **Create labels** to move on to the next step and define the required [Labels](https://docs.onum.com/the-workspace/listeners/labels) if needed.