Skip to main content
GET
/
v1
/
people
Get all people
curl --request GET \
  --url http://localhost:3333/v1/people \
  --header 'X-API-Key: <api-key>'
{
  "data": [
    {
      "id": "mem_abc123def456",
      "organizationId": "org_abc123def456",
      "userId": "usr_abc123def456",
      "role": "admin",
      "createdAt": "2024-01-01T00:00:00Z",
      "department": "it",
      "isActive": true,
      "fleetDmLabelId": 123,
      "user": {
        "id": "usr_abc123def456",
        "name": "John Doe",
        "email": "john.doe@company.com",
        "emailVerified": true,
        "image": "https://example.com/avatar.jpg",
        "createdAt": "2024-01-01T00:00:00Z",
        "updatedAt": "2024-01-15T00:00:00Z",
        "lastLogin": "2024-01-15T12:00:00Z"
      }
    }
  ],
  "count": 1,
  "authType": "api-key",
  "authenticatedUser": {
    "id": "usr_abc123def456",
    "email": "user@company.com"
  }
}

Documentation Index

Fetch the complete documentation index at: https://docs.matproof.com/llms.txt

Use this file to discover all available pages before exploring further.

The list-people endpoint returns every team member visible to your API key’s role, with pagination and filtering. It’s the canonical example of a Matproof list endpoint — the same conventions (page / perPage / response shape with data and meta) apply across every other list endpoint.

Common use cases

  • Pulling the team list to drive your own dashboard or report
  • Scripting access reviews against your IdP / HR system
  • Detecting drift between Matproof People and an authoritative HR feed (Deel, Workday, BambooHR)

Pagination

For organizations with more than ~50 members, paginate via page and perPage: 
curl "https://api.matproof.com/v1/people?page=2&perPage=100" \
  -H "X-API-Key: ..."
Stop when meta.page reaches meta.totalPages.

Filtering by role

To list only Auditors (typically external audit firms), filter via the role query parameter: 
curl "https://api.matproof.com/v1/people?role=auditor" \
  -H "X-API-Key: ..."
Valid role values are the five built-in roles: owner, admin, auditor, employee, contractor.

Response shape

Every member entry includes the fields needed for access-review evidence: name, email, role, last-login timestamp, and link to any associated devices reported by the Device Agent. The full schema is rendered in the interactive playground below.

Authorizations

X-API-Key
string
header
required

API key for authentication

Headers

X-Organization-Id
string

Organization ID (required for session auth, optional for API key auth)

Response

People retrieved successfully

data
object[]
count
number

Total number of people

Example:

25

authType
enum<string>

How the request was authenticated

Available options:
api-key,
session
authenticatedUser
object