POST
/
v2
/
identities.listIdentities
Go (SDK)
package main

import(
	"context"
	"os"
	unkey "github.com/unkeyed/sdks/api/go/v2"
	"github.com/unkeyed/sdks/api/go/v2/models/components"
	"log"
)

func main() {
    ctx := context.Background()

    s := unkey.New(
        unkey.WithSecurity(os.Getenv("UNKEY_ROOT_KEY")),
    )

    res, err := s.Identities.ListIdentities(ctx, components.V2IdentitiesListIdentitiesRequestBody{
        Limit: unkey.Int64(50),
    })
    if err != nil {
        log.Fatal(err)
    }
    if res.V2IdentitiesListIdentitiesResponseBody != nil {
        for {
            // handle items

            res, err = res.Next()

            if err != nil {
                // handle error
            }

            if res == nil {
                break
            }
        }
    }
}
{
  "data": {
    "cursor": "cursor_eyJsYXN0SWQiOiJpZF8wMlpZUjNROU5QOEpNNFg4SFdTS1BXNDNKRiJ9",
    "identities": [
      {
        "externalId": "user_123",
        "id": "id_01H9TQP8NP8JN3X8HWSKPW43JE",
        "meta": {
          "name": "Alice Smith",
          "plan": "premium"
        },
        "ratelimits": [
          {
            "duration": 60000,
            "limit": 1000,
            "name": "requests"
          }
        ]
      },
      {
        "externalId": "user_456",
        "id": "id_02ZYR3Q9NP8JM4X8HWSKPW43JF",
        "meta": {
          "name": "Bob Johnson",
          "plan": "basic"
        },
        "ratelimits": [
          {
            "duration": 60000,
            "limit": 500,
            "name": "requests"
          }
        ]
      }
    ],
    "total": 247
  },
  "meta": {
    "requestId": "req_01H9TQPP77V5E48E9SH0BG0ZQX"
  }
}

Authorizations

Authorization
string
header
required

Unkey uses API keys (root keys) for authentication. These keys authorize access to management operations in the API. To authenticate, include your root key in the Authorization header of each request:

Authorization: Bearer unkey_123

Root keys have specific permissions attached to them, controlling what operations they can perform. Key permissions follow a hierarchical structure with patterns like resource.resource_id.action (e.g., apis.*.create_key, apis.*.read_api). Security best practices:

  • Keep root keys secure and never expose them in client-side code
  • Use different root keys for different environments
  • Rotate keys periodically, especially after team member departures
  • Create keys with minimal necessary permissions following least privilege principle
  • Monitor key usage with audit logs.

Body

application/json

Response

200
application/json

Successfully retrieved the list of identities

The response is of type object.