Use the following operators to create logical combinations of attributes in a search query.
Operator
Description
Examples
not
Exclude a subset from a set of search query results.
To find users that do not have a Google login associated with their account and have any role granted directly to their account, enter:
notauthModule:Googleandhas:ownRole
and
Combine multiple search attributes to expand the search request. The AND-expression is always processed as group and has a higher priority than OR-expressions in the query.
To find all projects in which a user "Vader" has Developer role and also a user "Yoda" has any access, enter:
Combine multiple search attribute subsets to restrict the search request.
To find users that can administrate YouTrack service, enter:
(login:adminorlogin:root)andhasLicense:YouTrack
( )
Combine various search attributes to change the order in which attributes and operators are processed. The part of a search query inside the parentheses has priority and is always processed as a single unit.
To find all users that have "Low-level Read Administration" access permissions in the "Death Star" project, and are either members of the "star-team" group or have the login name "admin", on the Users page, enter:
To find a project that has the specified resource (let's say a project in YouTrack), on the Projects page, enter:
resource:{DeathStarBacklog}
Boolean Search
The has and is keywords function as Boolean search terms. When used in a search query, they return all entities that contain a value for the specified attribute. Use the not operator (-) before the specified attribute to find entities that have empty values.
For example, to find all trusted services that have any resources, open the Services page and enter:
has:resourceis:trusted
The attributes that you can use in combination with the has and is keywords depend on the type of the entity that you search for. See a section related to a particular entity type for the list of available attributes.
Date and Period Values
Several search attributes reference values that are stored as a date. You can search for dates as single values or use a range of values to define a period.
Specify dates in the format: YYYY-MM-DD or YYYY-MM or MM-DD. You also can specify a time in 24h format: HH:MM:SS or HH:MM. To specify both date and time, use the format: YYYY-MM-DD}T{HH:MM:SS. For example, to find all accounts that were created after 12:00 of May 26, 2017, on the Users page, enter
after:{2017-05-26T12:00}
Search by ID
Every entity in Hub has its unique identifier. You can find the entity id in logs, events, URLs and API requests and responses.
Please remember that you can use entity id in a search query only on the page that lists entities of the same type. That is: searching by an id of a user account on the Services page returns no results. However, if you search by this id on the Users page, you will be navigated to the settings page of the user account with this id.
Projects
The following search attributes are supported for projects in Hub:
Attribute
Value
Description
key
<project key>
Returns a project with the specified key. For example: key: DSB
name
<project name>
Returns a project with the specified name. For example: name: {Death Star Development}
resource
<resource name>
Returns projects with the specified resource. For example: resource: {Death Star Backlog}
has
resource
Returns projects that have any associated resources.
is
archived
Returns archived projects.
Supported sub-queries
Sub-query
Description
accessible(for: user, with: role)
Returns projects where the user is granted access with the specified role. For example:
accessible(for:Vader,with:{ProjectAdmin})
accessible(for: group, with: role)
Returns projects that the specified group can access with the specified role. For example:
accessible(for:{StormTroopers},with:Developer)
accessible(for: service, with: role)
Returns projects that the specified service can access with the specified role. For example:
accessible(for:YouTrack,with:{PublicObserver})
accessible(for: user, with: permission)
Returns projects that the specified user can access with the specified permission. For example:
accessible(for:Vader,with:{ReadIssue})
accessible(for: group, with: permission)
Returns projects that the group can access with the specified permission. For example:
accessible(for:Ewoks,with:{UpdateProject})
accessible(for: service, with: permission)
Returns projects that the service can access with the specified permission. For example:
accessible(for:YouTrack,with:{ReadProject})
accessible(for: user)
Returns projects that the specified user can access. For example:
accessible(for:Yoda})
accessible(for: group)
Returns projects that the specified group can access. For example:
accessible(for:{JediOrder})
accessible(for: service)
Returns projects that the specified service can access. For example:
accessible(for:{JediMobile})
accessible(with: role)
Returns projects for which a user or a group is granted the specified role. For example:
accessible(with:Developer)
accessible(with: permission)
Returns projects for which a user or a group is granted the specified permission. For example:
accessible(with:{ReadProject})
resource(key: resourceKey, service: service)
Returns projects with the specified resource of the specified service. For example:
resource(key:DSB,service:{DeathStarTracker)
resource(service: service)
Returns projects with resources of the specified service. For example:
resource(service:{DeathStarTracker)
Users
The following table describes search attributes supported for users list:
Attribute
Value
Description
login
<user login>
Returns a user with the specified Hub login name. For example: login: darth.vader
loginStartsWith
<string>
Returns users with login names that start with the specified prefix.
name
<user full name>
Returns a user with the specified full name in Hub. For example: name: {Darth Vader}
nameStartsWith
string
Returns users with the full name that start with the specified prefix.
email
email
Returns users with the specified email.
jabber
<jabber>
Returns users with the specified jabber.
vcsUserName
<VCS User Name>
Returns users with the specified VCS user name.
ownRole
<role>
Returns users with the specified role that is granted directly in any project.
in
<group>
Returns users that are members of the specified group or any of its subgroups.
group
group
Returns users that are members of the specified group.
authMethod authModule
authModule
Returns users with user details associated with the specified auth provider.
authName
userName
Returns users with the specified full name in any auth provide service enabled in Hub (including Hub auth module)
authLogin
userLogin
Returns users with the specified login name registered in any auth provider service enabled in Hub (including Hub auth module)
originService
service
Returns user accounts with credentials that were imported from the specified service.
googleID
value
Returns all user accounts with the specified googleID identifier
openID
value
Returns user accounts with the specified openID identifier
sshPublicKey
value
Returns a user account that has SSH public key with the specified fingerprint.
hasLicense
service
Returns users who are licensed to use the specified service.
Returns user accounts that were created after the specified date. For example: To find all accounts that were created after 12:00 of May 26, 2017, enter after: {2017-05-26T12:00}
Returns user accounts that were created before the specified date. For example: To find all accounts that have a license for the YouTrack service and that were created before May 26, 2017, enter: before: {2017-05-26} hasLicense: YouTrack
has
ownRole
Users with own roles
group
Returns users that are members of any group apart from the All Users group.
authMethod
Returns users that have at least one set of credentials.
email
Returns user accounts that have at least one email defined.
jabber
Returns user accounts with the defined jabber.
originService
Returns user accounts with a set of credentials that was imported from a service.
login
Returns user accounts that have credentials created in Hub service, and not imported from a service or another auth provider.
sshPublicKey
Returns users that have SSH public key.
license
Returns user accounts that are granted with any license.
refresh token
User who has emitted refresh tokens
permanent token
Returns user accounts that have generated a permanent token.
approved resource
Users with approved resources
is
guest
The guest user
banned
Banned users
Supported sub-queries
Sub-query
Description
access(project: project, with: role)
Returns users who have the specified role in the specified project
access(project: project, with: permission)
Returns users who have the specified permission in the specified project
access(project: project)
Returns users who have any role granted in the specified project
access(with: role)
Returns users who have the specified role granted in any project
access(with: permission)
Returns users who have the specified permission in any project
lastAccess(after: instant)
Returns users that accessed Hub after the specified date
lastAccess(before: instant)
Returns users that accessed Hub before the specified date
lastAccess(after: instant, before: instant)
Returns users that accessed Hub between the specified dates
Groups
Attribute
Value
Description
id
<group id>
Returns a group with the specified id and opens its page.
name
<group name>
Returns a group by its name.
user
<user name> <user login>
Returns groups that contain the specified user.
parent
<group>
Returns sub-groups of the specified parent group.
subgroup
<group>
Returns a parent group that contains the specified sub-group.
project
<project name> <project key>
Returns all groups from the specified project.
has
user
Returns groups that have members.
subgroup
Returns groups that have at least one sub-group.
ownRole
Returns groups that are granted at least one role in a project directly.
icon
Returns groups with an icon.
is
allUsers
Returns the "All users" group
autoJoin
Returns groups with enabled auto-join option.
Supported sub-queries
Sub-query
Description
access(project: project, with: role)
Returns groups that have the specified role granted in the specified project.
access(project: project, with: permission)
Returns groups that have the specified permission granted in the specified project.
access(project: project)
Returns groups that have any permission granted in the specified project
access(with: role)
Returns groups that have the specified role granted in any project.
access(with: permission)
Returns groups that have the specified permission granted in any project.
Roles
The following search attributes are supported for roles in Hub:
Attribute
Value
Description
id
value
Returns a role with the specified id and opens its page.
key
<role key>
Returns a role with the specified key.
name
<role name>
Returns a role with the specified name.
permission
<permission>
Returns roles that include the specified permission.
is
team
Returns roles that are marked as team roles.
has
permission
Returns roles with at least one permission.
Supported sub-queries
Sub-query
Description
permission(key: permissionKey, service: service)
Returns roles that include the specified permission from the specified service. For example, to find roles that contain permission to create groups in the service "YouTrack Administration", enter
Returns roles that include any permission from the specified service. For example, to find roles that contain permission from the service "Dark Forth", enter
permission(service:{DarkSide})
Auth Modules
The following search attributes are supported for auth modules:
Attribute
Value
Description
serverUrl
authModuleServerUrl
Returns auth modules that have the specified server Url.
name
authModuleName
Returns an auth provider with the specified name
type
authModuleType
Returns auth providers of the specified type.
user
<user>
Returns all auth modules that provide login credentials for the specified user.
has
user
Returns auth modules that have associated users.
is
disabled
Returns the list of all disabled auth modules.
Trusted SSL Certificates
The following search attributes are supported for the Trusted SSL Certificates:
Attribute
Value
Description
id
<cert id>
Returns a certificate with the specified ID.
name
<certificate name>
Returns an SSL certificate with the specified name.
is
enabled
Returns the list of all enabled trusted certificates.
SSL Key Stores
The following search attributes are supported for the SSL Key Stores and Certificates:
Attribute
Value
Description
id
<key store id>
Returns a key store with the specified ID.
name
<key store name>
Returns a key store with the specified name.
Services
The following search attributes are supported for services in Hub:
Attribute
Value
Description
id
<service id>
Returns a service with the specified id
key
<service key>
Returns a service with the specified key
name
<service name>
Returns a service with the specified name
applicationName
<service application name>
Returns services with the specified application name
vendor
<vendor name>
Returns services from the specified vendor
version
<version number>
Returns services of the specified version
homeUrl
<URL>
Returns services with the specified homeURL
userUriPattern
<URI>
Returns services with the specified user uri
groupUriPattern
<URI>
Returns services with the specified group uri
redirectUri
<URI>
Returns services with the specified redirectUri
permission
<permission>
Returns a service that provide the specified permission
defaultRole
<role name>
Returns a service that provide the specified default role
resource
<resource name>
Returns a service that holds the specified resource
has
applicationName
Returns services with defined applicationName
vendor
Returns services with vendor name provided.
version
Returns services with the version provided.
homeUrl
Returns services with the homeUrl provided.
userUriPattern
Returns services with the user URI provided.
groupUriPattern
Returns services with the group URI provided.
redirectUri
Returns services with Redirect URI provided.
permission
Returns services that provide any permissions.
defaultRole
Returns services that provide any permissions.
resource
Returns services that provide any resources.
license
Returns services that require license.
is
trusted
Returns trusted services.
Audit Events
The following search attributes are supported for the events in Hub:
Attribute
Value
Description
author
<user> <group> <service>
Returns events triggered by the specified user, group or service.
event
Created Updated Deleted
Returns events of the specified type. For example, event: Deleted author: admin
entityType
<type>
Returns events related to the entities of the specified type. For example, entityType:service event:Created
target
string
Returns events related to the specified target.
authModule
Returns events related to the specified auth module.