Request Syntax URI Request Parameters Request Body Response Syntax Response Elements Errors Examples See Also

ListGroupsForMember

Returns group information for the specified member.

This operation supports pagination with the use of the NextToken request and response parameters. If more results are available, the ListGroupsForMember.NextToken member contains a token that you pass in the next call to ListGroupsForMember. This retrieves the next set of items.

You can also specify a maximum number of return results with the MaxResults parameter.

Request Syntax


POST /GroupMemberships/ListGroupsForMember?DirectoryId=DirectoryId HTTP/1.1
Content-type: application/json

{
   "MaxResults": number,
   "MemberRealm": "string",
   "NextToken": "string",
   "Realm": "string",
   "SAMAccountName": "string"
}

URI Request Parameters

The request uses the following URI parameters.

DirectoryId

The identifier (ID) of the directory that's associated with the member.

Pattern: ^d-[0-9a-f]{10}$

Required: Yes

Request Body

The request accepts the following data in JSON format.

MaxResults

The maximum number of results to be returned per request.

Type: Integer

Valid Range: Minimum value of 1. Maximum value of 250.

Required: No

MemberRealm

The domain name that's associated with the group member.

Note

This parameter is optional, so you can limit your results to the group members in a specific domain.

This parameter is case insensitive and defaults to Realm

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+[.]?$

Required: No

NextToken

An encoded paging token for paginated calls that can be passed back to retrieve the next page.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 6144.

Required: No

Realm

The domain name that's associated with the group.

Note

This parameter is optional, so you can return groups outside of your AWS Managed Microsoft AD domain. When no value is defined, only your AWS Managed Microsoft AD groups are returned.

This value is case insensitive and defaults to your AWS Managed Microsoft AD domain.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+[.]?$

Required: No

SAMAccountName

The SAMAccountName of the user, group, or computer that's a member of the group.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 63.

Pattern: ^[^:;|=+"*?<>/\\,\[\]@]+$

Required: Yes

Response Syntax


HTTP/1.1 200
Content-type: application/json

{
   "DirectoryId": "string",
   "Groups": [ 
      { 
         "GroupScope": "string",
         "GroupType": "string",
         "SAMAccountName": "string",
         "SID": "string"
      }
   ],
   "MemberRealm": "string",
   "NextToken": "string",
   "Realm": "string"
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

DirectoryId

The identifier (ID) of the directory that's associated with the member.

Type: String

Pattern: ^d-[0-9a-f]{10}$

Groups

The group information that the request returns.

Type: Array of GroupSummary objects

MemberRealm

The domain that's associated with the member.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+[.]?$

NextToken

An encoded paging token for paginated calls that can be passed back to retrieve the next page.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 6144.

Realm

The domain that's associated with the group.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 255.

Pattern: ^([a-zA-Z0-9]+[\\.-])+([a-zA-Z0-9])+[.]?$

Errors

For information about the errors that are common to all actions, see Common Errors.

AccessDeniedException

You don't have permission to perform the request or access the directory. It can also occur when the DirectoryId doesn't exist or the user, member, or group might be outside of your organizational unit (OU).

Make sure that you have the authentication and authorization to perform the action. Review the directory information in the request, and make sure that the object isn't outside of your OU.

HTTP Status Code: 403

DirectoryUnavailableException

The request could not be completed due to a problem in the configuration or current state of the specified directory.

HTTP Status Code: 400

InternalServerException

The operation didn't succeed because an internal error occurred. Try again later.

HTTP Status Code: 500

ResourceNotFoundException

The resource couldn't be found.

HTTP Status Code: 404

ThrottlingException

The limit on the number of requests per second has been exceeded.

HTTP Status Code: 429

ValidationException

The request isn't valid. Review the details in the error message to update the invalid parameters or values in your request.

HTTP Status Code: 400

Examples

Example

This example illustrates one usage of ListGroupsForMember.

Sample Request


{
  "MaxResults": 123,
  "SAMAccountName": "twhitlock",
  "MemberRealm": "example.local",
  "NextToken": "123456",
  "Realm": "examplecorp.com"
}

Sample Response


{
  "DirectoryId": "d-926example",
  "Groups": [
    {
      "GroupScope": "BuiltinLocal", 
      "GroupType": "Security", 
      "SAMAccountName": "Administrators", 
      "SID": "S-1-5-32-544"
    }, 
    {
      "GroupScope": "BuiltinLocal", 
      "GroupType": "Security", 
      "SAMAccountName": "Users", 
      "SID": "S-1-5-32-545"
    }
  ],
  "NextToken": "223456"
}