List Users

List the people in an organization or workspace, look up a single user, or fetch the current authenticated user.


Blue exposes several queries for reading people. Use organizationUserList to list everyone in an organization, workspaceUserList to list the members of a single workspace, user to look up one person by ID, and currentUser to identify the authenticated caller. People are User objects in the API; organizations are Organization and workspaces are Workspace.

All of these queries require authentication headers. Workspace-scoped reads also need the blue-workspace-id header.

Request

List the users in an organization. companyId accepts either the organization ID or its slug.

query ListCompanyUsers {
  organizationUserList(companyId: "company_123") {
    users {
      id
      fullName
      email
      jobTitle
      lastActiveAt
    }
    totalCount
    pageInfo {
      totalItems
      hasNextPage
    }
  }
}

Parameters

organizationUserList

ParameterTypeRequiredDescription
companyIdString!YesOrganization ID or slug. The caller must be a member of it.
notInProjectIdStringNoExclude users who are already members of this workspace. Useful for building an “add member” picker.
searchStringNoFilter by first or last name (substring match). Does not match email.
skipIntNoNumber of users to skip. This is the only parameter that advances the page (see Pagination).
afterStringNoAccepted but ignored by the resolver.
beforeStringNoAccepted but ignored by the resolver.
firstIntNoAccepted but ignored — every request returns at most 200 users.
lastIntNoAccepted but ignored by the resolver.
orderByUserOrderByInputNoAccepted but ignored — results are always sorted by first name (A→Z).

workspaceUserList

Lists the members of a single workspace. Same return shape and the same pagination behavior as organizationUserList.

ParameterTypeRequiredDescription
projectIdString!YesWorkspace ID or slug.
searchStringNoFilter by first or last name (substring match).
skipIntNoNumber of users to skip.
after / before / first / last / orderByNoAccepted but ignored, as with organizationUserList.

user

Looks up a single user by ID.

ParameterTypeRequiredDescription
idString!YesUser ID. Throws USER_NOT_FOUND if no user matches.

currentUser

Takes no arguments. Returns the User! for the authenticated caller — the canonical “who am I” query.

Pagination is offset-based

Despite accepting cursor arguments, both organizationUserList and workspaceUserList ignore first, last, after, before, and orderBy. Each request returns at most 200 users sorted by first name. To page through a larger organization, increase skip by 200 on each call and stop when pageInfo.hasNextPage is false.

Response

{
  "data": {
    "organizationUserList": {
      "users": [
        {
          "id": "clm4n8qwx000008l0g4oxdqn7",
          "fullName": "Ada Lovelace",
          "email": "ada@example.com",
          "jobTitle": "Engineering Lead",
          "lastActiveAt": "2026-05-28T09:14:00.000Z"
        }
      ],
      "totalCount": 42,
      "pageInfo": {
        "totalItems": 42,
        "hasNextPage": true
      }
    }
  }
}

Returns

organizationUserList and workspaceUserList both return the same object.

FieldTypeDescription
users[User!]!The page of users (see User object).
totalCountInt!Total users matching the query across all pages.
pageInfoPageInfo!Offset-pagination metadata (see PageInfo).

User object

The most useful fields on User. Full definition is in the schema.

FieldTypeDescription
idID!Unique user identifier.
uidString!Firebase authentication UID.
usernameString!The user’s username.
emailString!Email address. Blanked to an empty string unless the caller is the organization OWNER or a project OWNER/ADMIN.
firstNameString!First name.
lastNameString!Last name.
fullNameString!First and last name combined.
jobTitleStringProfessional title.
phoneNumberStringContact number.
localeLocale!Language preference (an enum, e.g. EN, ES, FR, DE, JA).
timezoneStringIANA timezone, e.g. Europe/Rome.
imageImageProfile picture. Select a size: thumbnail, small, medium, large, or original.
isEmailVerifiedBoolean!Whether the email address is verified.
isOnlineBoolean!Whether the user is currently connected.
lastActiveAtDateTimeTimestamp of last activity.
createdAtDateTime!Account creation timestamp.
updatedAtDateTime!Last profile update timestamp.
companyLevel(companyId: String)UserAccessLevelThe user’s access level in the given organization.
projectLevel(projectId: String)UserAccessLevelThe user’s access level in the given workspace.
workspaceUserRole(projectId: String)ProjectUserRoleThe user’s custom role in the given workspace, if one is assigned.

Per-workspace access and role are not separate node types — they are computed fields on User that take the workspace as an argument. UserAccessLevel is one of OWNER, ADMIN, MEMBER, CLIENT, COMMENT_ONLY, VIEW_ONLY.

PageInfo

FieldTypeDescription
totalItemsIntTotal users matching the query.
totalPagesIntTotal pages, derived from the 200-per-page limit.
pageIntCurrent page number.
perPageIntPage size (200).
hasNextPageBoolean!Whether more users remain after this page.
hasPreviousPageBoolean!Whether a previous page exists.
startCursorStringDeprecated. Do not use.
endCursorStringDeprecated. Do not use.

Full example

List the members of one workspace, reading each person’s access level and custom role for that workspace, and page past the first 200 with skip.

query ListProjectUsers {
  workspaceUserList(projectId: "project_123", search: "ada", skip: 0) {
    users {
      id
      fullName
      email
      projectLevel(projectId: "project_123")
      workspaceUserRole(projectId: "project_123") {
        id
        name
      }
    }
    totalCount
    pageInfo {
      hasNextPage
    }
  }
}

To build an “add member to workspace” picker, list organization users who are not yet in the workspace:

query AddableMembers {
  organizationUserList(companyId: "company_123", notInProjectId: "project_123") {
    users {
      id
      fullName
      email
    }
    totalCount
  }
}

The currentUser query identifies the authenticated caller and is the right way to resolve the calling token’s identity and access level:

query Me {
  currentUser {
    id
    fullName
    email
    companyLevel(companyId: "company_123")
  }
}

The assignees query returns the users who can be assigned to records in a workspace. It reads the workspace from the blue-workspace-id header unless you pass filter.projectId.

query AssignableUsers {
  assignees(filter: { projectId: "project_123", search: "ada" }) {
    id
    fullName
    email
  }
}

Errors

CodeWhen
COMPANY_NOT_FOUNDorganizationUserList was called with a companyId you are not a member of, or that does not exist.
USER_NOT_FOUNDuser(id:) was called with an ID that matches no user.
FORBIDDENassignees was called for a workspace you are not a member of.
UNAUTHENTICATEDThe request is missing or has invalid authentication headers.

Permissions

  • organizationUserList requires membership in the target organization. A non-OWNER caller only sees users who share at least one workspace with them.
  • workspaceUserList requires membership in the target workspace.
  • Email addresses are returned only to the organization OWNER and to project OWNER/ADMIN users; everyone else receives an empty string for email.