Search on Administration Pages
Pages in the Access Management section of YouTrack feature a search box that allows you to filter the list of entities displayed on the current page. Entities are searched using attributes specific to each page. For example, on the Users page, the search box is designed to help you find user accounts using parameters specific to user accounts in YouTrack.
This type of attribute-based search is also available on other pages in the Administration section of YouTrack, including SSL Certificates, SSL Keys, and Audit Events.
Search Queries
Search queries are applied only within the context of the current page. This means that the list of available search attributes and options depends on the type of entity that you search for.
YouTrack processes a search query without a logical operator as follows:
Attributes of the same type are joined with the
ORoperator.Attributes of the different type are joined with the
ANDoperator.
For example, all the following queries return users that have a Google login and are members of either the Compliance or Legal user group.
In general, a search query contains one or more of the following:
An attribute-value pair. For example:
login: l.butlerA Boolean search keyword-attribute pair. For example:
is: trustedA sub-query that allows you to search for an entity based on one of its complex properties. For example, the following sub-query searches for users who are granted the Agent role in the Alertron Support project:
access(project: {Alertron Support}, role: Agent)An arbitrary text string to search for in an entity attribute.
Use the following syntax when constructing access management queries:
Follow attributes with a colon:
name:Enclose values that contain spaces with braces:
name: {Lisa Butler}
Query Completion
YouTrack supports query completion in the search box. Query completion helps you select suggested keywords and values based on your current input.
To display query completion at any caret position in the search box, press Ctrl+Space or Alt+Down.
Sample Search Queries
The following table provides a few examples of search queries.
Search Query | Context | Result |
|---|---|---|
| Users | Returns all user accounts with the full name Lisa Butler. |
| Users | Returns all users that have access to the project Alertron Support. |
| Users | Returns all groups that have access to the project Alertron Support. |
| Groups | Returns all groups that contain the user l.butler and are granted the Agent role in the Alertron Support project. |
| Roles | Returns all roles that contain the Create Project permission. |
Operators
Use the following operators to create logical combinations of attributes in a search query.
Operator | Description | |
|---|---|---|
not | Exclude a subset from a set of search query results. For example, to find users that do not have a Google login associated with their account and have any role granted directly to their account, enter: not authModule: Google and has: ownRole | |
and | Combine multiple search attributes to expand the search request. The For example, to find all projects where the user l.butler is granted the Developer role and the user g.villanova has any level of access, enter: accessible(for: {l.butler}, with: Developer) and accessible(for: g.villanova) | |
or | Combine multiple search attribute subsets to restrict the search request. For example, to find users that have administrative access to the YouTrack service, enter: (login: admin or login: root) and hasLicense: YouTrack | |
( ) | Combine various search attributes to change the order in which attributes and operators are processed. The part of a search query inside the parentheses has priority and is always processed as a single unit. For example, to find all users who have the Low-level Admin Read permission in the Alertron Support project and are either members of the Legal group or have the username g.villanova, enter the following query on the Users page: (login: admin or group: Legal) and access(project: {Alertron SUpport}, with: {Low-level Admin Read}) |
Symbols
The following symbols can be used to extend or refine a search query.
Symbol | Description |
|---|---|
, | List multiple values for a single attribute or a sub-query. For example, to find user accounts with the login name l.butler or g.villanova that have been granted the Developer role in a project with the ID AS, enter the following query on the Users page: login: l.butler, g.villanova access(project: AS, with: Developer) |
{ } | Encloses attribute values that contain spaces. For example, to find groups that have been granted access to the Alertron Support project, enter the following query on the Groups page: project: {Alertron Support} |
Boolean Search
The has and is keywords function as Boolean search terms. When used in a search query, they return all entities that contain a value for the specified attribute. Use the minus sign (-) as an operator before the specified attribute to find entities that have empty values.
For example, to find a list of groups that have been assigned direct roles in any project, open the Groups page and enter:
The attributes that you can use in combination with the has and is keywords depend on the type of the entity that you search for. Refer to the section for a specific entity type to view the list of available attributes.
Date and Period Values
Several search attributes reference values that are stored as a date. You can search for dates as single values or use a range of values to define a period.
Specify dates in the format: YYYY-MM-DD or YYYY-MM or MM-DD. You also can specify a time in 24h format: HH:MM:SS or HH:MM. To specify both date and time, use the format: YYYY-MM-DD}T{HH:MM:SS. For example, to find all accounts that were created after 12:00 on May 26, 2017, enter the following query on the Users page:
Search by ID
Every entity in YouTrack has its unique identifier. You can find the entity ID in logs, events, URLs and API requests and responses.
You can use the entity ID in a search query only on the page that lists entities of the same type. This means searching by an ID of a user account on the Roles page returns no results. However, if you use the same ID to filter the list of Users, you can navigate directly to the profile for the user with this ID.
Text Search
Access management pages offer limited support for text-based search queries. With text-based search, you don't specify the attribute that you want to search for. Instead, you enter the value or partial value directly.
On most pages, YouTrack returns a list of entities whose name starts with the specified string.
For pages that list users, YouTrack supports the following behavior:
When you enter a string of text, the query returns all users whose full name, username, or email starts with the specified string.
When you specify all or part of an email domain, the query returns all users whose email starts with the specified string.
You can use text-based search strings in combination with any other search terms that use attribute and value pairs.
Users
YouTrack supports the following attributes in search queries that are applied as a filter on the Users page. You can also use these search attributes to filter users in the Members tab on group profile pages:
Attribute | Value | Description |
|---|---|---|
login | <username> | Returns a user with the specified username. For example, |
loginStartsWith | <string> | Returns users whose usernames start with the specified string of characters. |
name | <user full name> | Returns a user with the specified full name. For example, |
nameStartsWith | string | Returns users whose full names start with the specified string of characters. |
Returns users with the specified email. | ||
vcsUserName | <VCS username> | Returns users with the specified VCS username. |
ownRole | <role> | Returns users who have been directly granted the specified role in any project. |
in | <group> | Returns users who are members of the specified group or any of its subgroups. |
group | group | Returns users who are members of the specified group. |
authMethod authModule | authModule | Returns users with whose user accounts are associated with the specified authentication module. |
authName | userName | Returns users with the specified full name in any authentication module that has been enabled in YouTrack. |
authLogin | userLogin | Returns users with the specified username registered in any authentication module that has been enabled in YouTrack. |
googleID | value | Returns user accounts with the specified identifier in Google. |
openID | value | Returns user accounts with the specified identifier in a connected OpenID service. |
sshPublicKey | value | Returns a user account that has an SSH public key with the specified fingerprint. |
after | Returns user accounts created after the specified date. For example, to find all accounts that were created after 12:00 of May 26, 2017, enter | |
before | Returns user accounts created before the specified date. For example, to find all accounts that were created before May 26, 2017, enter: | |
has | ownRole | Returns users who have been directly granted roles in any project. |
group | Returns users who are members of any group apart from the All Users group. | |
2FA | Returns users who have enabled two-factor authentication for their user accounts. | |
authMethod | Returns users who have at least one set of credentials stored in the system. | |
Returns user accounts that have at least one email address stored in their profile. | ||
originService | Returns user accounts with a set of credentials that were imported from a service. | |
login | Returns user accounts that have credentials that were not imported from a service or another authentication provider. | |
sshPublicKey | Returns users who have an SSH public key. | |
refresh token | Returns users who have been issued refresh tokens. | |
permanent token | Returns user accounts that have generated a permanent token. | |
is | guest | Returns the account for the guest user. |
banned | Returns users whose accounts are currently banned from accessing the system. | |
supporting2FA | Returns users who have at least one set of credentials that is capable of supporting two-factor authentication. This includes credentials that are provided by the Hub, Atlassian Jira, and LDAP-based authentication modules. |
Supported sub-queries
Sub-query | Description |
|---|---|
access(project: project, with: role) | Returns users who have been granted the specified role in the specified project. |
access(project: project, with: permission) | Returns users who have been granted the specified permission in the specified project. |
access(project: project) | Returns users who have been granted any role in the specified project. |
access(with: role) | Returns users who have been granted the specified role in any project. |
access(with: permission) | Returns users who have been granted the specified permission in any project. |
lastAccess(after: instant) | Returns users who accessed YouTrack after the specified date. |
lastAccess(before: instant) | Returns users who accessed YouTrack before the specified date. |
lastAccess(after: instant, before: instant) | Returns users who accessed YouTrack between the specified dates. |
Organizations
YouTrack supports the following attributes in search queries that are applied as a filter on the Organizations page:
Attribute | Value | Description |
|---|---|---|
id | <organization id> | Returns the organization with the specified ID. |
name | <group name> | Returns an organization by its name. |
user | <user name> <user login> | Returns organizations where a user with the specified name or username is a member of a group that belongs to the organization. |
project | <project name> <project key> | Returns the organization that the specified project is assigned to. |
group | <group> | Returns the organization that the specified group is assigned to. |
team | <project team> | Returns the organization that the specified project team is assigned to. |
has | user | Returns organizations that contain at least one user. |
project | Returns organizations that contain at least one project. | |
group | Returns organizations that contain at least one group. | |
team | Returns organizations that contain at least one project team. |
Groups
YouTrack supports the following attributes in search queries that are applied as a filter on the Groups page:
Attribute | Value | Description |
|---|---|---|
id | <group id> | Returns a group with the specified ID. |
name | <group name> | Returns a group by its name. |
user | <user name> <user login> | Returns groups where a user with the specified name or username is a member. |
parent | <group> | Returns sub-groups of the specified parent group. |
subgroup | <group> | Returns a parent group that contains the specified sub-group. |
project | <project name> <project key> | Returns all groups from the specified project. |
has | user | Returns groups that have at least one member. |
subgroup | Returns groups that have at least one sub-group. | |
ownRole | Returns groups that have been granted at least one role in a project directly. | |
icon | Returns groups that use a custom logo. | |
is | allUsers | Returns the All Users group. |
autoJoin | Returns groups for which the auto-join option is currently enabled. | |
required2FA | Returns groups for which the option to require two-factor authentication (2FA) is currently enabled. |
Supported sub-queries
Sub-query | Description |
|---|---|
access(project: project, with: role) | Returns groups that have the specified role granted in the specified project. |
access(project: project, with: permission) | Returns groups that have been granted the specified permission in the specified project. |
access(project: project) | Returns groups that have been granted any permission in the specified project |
access(with: role) | Returns groups that have been granted the specified role in any project. |
access(with: permission) | Returns groups that have been granted the specified permission in any project. |
Roles
YouTrack supports the following attributes in search queries that return roles:
Attribute | Value | Description |
|---|---|---|
id | value | Returns the role with the specified ID. |
key | <role key> | Returns the role with the specified key. |
name | <role name> | Returns the role with the specified name. |
permission | <permission> | Returns roles that contain the specified permission. |
has | permission | Returns roles that contain at least one permission. |
Supported sub-queries
Sub-query | Description |
|---|---|
permission(key: permissionKey, service: service) | Returns roles that include the specified permission from the specified service. For example, to find roles that contain permission to create groups in the YouTrack Administration service, enter the following query on the Roles page: permission(key: {jetbrains.jetpass.group-create}, service: {YouTrack Administration}) Note that each part of the permission key is indexed separately, so you can see relevant suggestions just by typing the name of the entity that the permission relates to. |
permission(service: service) | Returns roles that include any permission from the specified service. For example, to find roles that contain permission from the YouTrack Administration service, enterthe following query on the Roles page: permission(service: {YouTrack Administration}) |
Auth Modules
YouTrack supports the following attributes in search queries that return auth modules:
Attribute | Value | Description |
|---|---|---|
serverUrl | authModuleServerUrl | Returns authentication modules with the specified server URL. |
name | authModuleName | Returns the authentication module with the specified name. |
type | authModuleType | Returns authentication modules that are assigned the specified type. |
user | <user> | Returns all authentication modules that store login credentials for the specified user. |
has | user | Returns authentication modules that have associated users. |
is | disabled | Returns a list of authentication modules that are currently disabled. |
SSL Certificates
YouTrack supports the following attributes in search queries that return trusted SSL certificates:
Attribute | Value | Description |
|---|---|---|
id | <cert id> | Returns a certificate with the specified ID. |
name | <certificate name> | Returns an SSL certificate with the specified name. |
is | enabled | Returns the list of all trusted SSL certificates that are currently enabled. |
SSL Keystores
YouTrack supports the following attributes in search queries that return SSL keystores:
Attribute | Value | Description |
|---|---|---|
id | <keystore id> | Returns a keystore with the specified ID. |
name | <keystore name> | Returns a keystore with the specified name. |
Audit Events
YouTrack supports the following attributes when searching the list of audit events:
Attribute | Value | Description |
|---|---|---|
author | <user> <group> | Returns events triggered by the specified user or group. |
event | Created Updated Deleted | Returns events of the specified type. For example, |
entityType | <type> | Returns events related to the entities of the specified type. For example, |
target | string | Returns events related to the specified target. |
authModule | Returns events related to the specified authentication module. | |
role | Returns events related to the specified role. | |
service | Returns events related to the specified service. | |
user | Returns events related to the specified user. | |
group | Returns events related to the specified group. | |
before | Returns events registered before the specified moment. | |
beforeId | string | Returns events logged before the specified ID (inclusively). |
after | Returns events registered after the specified moment. | |
afterId | string | Returns events logged after the specified ID (exclusively). |