Get groups - Opal Security Docs

Get groups

curl --request GET \
  --url https://api.opal.dev/v1/groups \
  --header 'Authorization: Bearer <token>'

{
  "next": "cD0yMDIxLTAxLTA2KzAzJTNBMjQlM0E1My40MzQzMjYlMkIwMCUzQTAw",
  "previous": "cj1sZXdwd2VycWVtY29zZnNkc2NzUWxNMEUxTXk0ME16UXpNallsTWtJ",
  "results": [
    {
      "group_id": "f454d283-ca87-4a8a-bdbb-df212eca5353",
      "app_id": "b5a5ca27-0ea3-4d86-9199-2126d57d1fbd",
      "name": "Payments Production Admin",
      "description": "This group represents Active Directory group \"Payments Production Admin\". We use this AD group to facilitate staging deployments and qualifying new releases.",
      "admin_owner_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
      "group_leader_user_ids": [
        "7c86c85d-0651-43e2-a748-d69d658418e8"
      ],
      "remote_id": "037m2jsg218b2wb",
      "remote_name": "Finance Team",
      "group_type": "ACTIVE_DIRECTORY_GROUP",
      "max_duration": 120,
      "recommended_duration": 60,
      "extensions_duration_in_minutes": 60,
      "require_manager_approval": false,
      "require_support_ticket": false,
      "require_mfa_to_approve": false,
      "require_mfa_to_request": false,
      "auto_approval": false,
      "is_requestable": true
    },
    {
      "group_id": "99d0b81d-14be-4cf6-bd27-348b4af1d11b",
      "app_id": "a7c3e291-1234-4abc-9def-1234567890ab",
      "name": "Integrations On-Call",
      "description": "Manages the Integrations Team on-call privileged resources. This group is automatically synced with the on-call rotation defined in PagerDuty.",
      "admin_owner_id": "4220bc12-ab8a-4b5d-be7b-f6bbcf9159f3",
      "group_leader_user_ids": [],
      "remote_id": "pagerduty-schedule:P123XYZ",
      "remote_name": "Integrations On-Call",
      "group_type": "PAGERDUTY_ON_CALL_SCHEDULE",
      "max_duration": 360,
      "recommended_duration": 120,
      "extensions_duration_in_minutes": 0,
      "require_manager_approval": false,
      "require_support_ticket": true,
      "require_mfa_to_approve": false,
      "require_mfa_to_request": false,
      "auto_approval": false,
      "is_requestable": true
    }
  ]
}

GET

groups

Get groups

curl --request GET \
  --url https://api.opal.dev/v1/groups \
  --header 'Authorization: Bearer <token>'

{
  "next": "cD0yMDIxLTAxLTA2KzAzJTNBMjQlM0E1My40MzQzMjYlMkIwMCUzQTAw",
  "previous": "cj1sZXdwd2VycWVtY29zZnNkc2NzUWxNMEUxTXk0ME16UXpNallsTWtJ",
  "results": [
    {
      "group_id": "f454d283-ca87-4a8a-bdbb-df212eca5353",
      "app_id": "b5a5ca27-0ea3-4d86-9199-2126d57d1fbd",
      "name": "Payments Production Admin",
      "description": "This group represents Active Directory group \"Payments Production Admin\". We use this AD group to facilitate staging deployments and qualifying new releases.",
      "admin_owner_id": "7c86c85d-0651-43e2-a748-d69d658418e8",
      "group_leader_user_ids": [
        "7c86c85d-0651-43e2-a748-d69d658418e8"
      ],
      "remote_id": "037m2jsg218b2wb",
      "remote_name": "Finance Team",
      "group_type": "ACTIVE_DIRECTORY_GROUP",
      "max_duration": 120,
      "recommended_duration": 60,
      "extensions_duration_in_minutes": 60,
      "require_manager_approval": false,
      "require_support_ticket": false,
      "require_mfa_to_approve": false,
      "require_mfa_to_request": false,
      "auto_approval": false,
      "is_requestable": true
    },
    {
      "group_id": "99d0b81d-14be-4cf6-bd27-348b4af1d11b",
      "app_id": "a7c3e291-1234-4abc-9def-1234567890ab",
      "name": "Integrations On-Call",
      "description": "Manages the Integrations Team on-call privileged resources. This group is automatically synced with the on-call rotation defined in PagerDuty.",
      "admin_owner_id": "4220bc12-ab8a-4b5d-be7b-f6bbcf9159f3",
      "group_leader_user_ids": [],
      "remote_id": "pagerduty-schedule:P123XYZ",
      "remote_name": "Integrations On-Call",
      "group_type": "PAGERDUTY_ON_CALL_SCHEDULE",
      "max_duration": 360,
      "recommended_duration": 120,
      "extensions_duration_in_minutes": 0,
      "require_manager_approval": false,
      "require_support_ticket": true,
      "require_mfa_to_approve": false,
      "require_mfa_to_request": false,
      "auto_approval": false,
      "is_requestable": true
    }
  ]
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

cursor

string

The pagination cursor value.

page_size

integer

Number of results to return per page. Default is 200.

Required range: x <= 1000

group_type_filter

enum<string>

The group type to filter by. The type of the group.

Available options:

ACTIVE_DIRECTORY_GROUP,

AWS_SSO_GROUP,

DATABRICKS_ACCOUNT_GROUP,

DUO_GROUP,

GIT_HUB_TEAM,

GIT_LAB_GROUP,

GOOGLE_GROUPS_GROUP,

GOOGLE_GROUPS_GKE_GROUP,

LDAP_GROUP,

OKTA_GROUP,

OKTA_GROUP_RULE,

TAILSCALE_GROUP,

OPAL_GROUP,

OPAL_ACCESS_RULE,

AZURE_AD_SECURITY_GROUP,

AZURE_AD_MICROSOFT_365_GROUP,

CONNECTOR_GROUP,

SNOWFLAKE_ROLE,

WORKDAY_USER_SECURITY_GROUP,

PAGERDUTY_ON_CALL_SCHEDULE,

INCIDENTIO_ON_CALL_SCHEDULE,

ROOTLY_ON_CALL_SCHEDULE,

DEVIN_GROUP,

GIT_HUB_ENTERPRISE_TEAM,

GRAFANA_TEAM,

CLICKHOUSE_ROLE,

TWINGATE_GROUP,

TWINGATE_GROUP_SYNCED,

ZENDESK_GROUP,

ZENDESK_ORGANIZATION

Example:

"OPAL_GROUP"

group_ids

string<uuid>[]

The group ids to filter by.

group_name

string

Group name.

tag_ids

string<uuid>[]

The IDs of the tags to filter by. Returns only groups that have any of these tags applied.

Response

200 - application/json

One page worth groups associated with your organization.

results

object[]

required

Show child attributes

string | null

The cursor with which to continue pagination if additional result pages exist.

Example:

"cD0yMDIxLTAxLTA2KzAzJTNBMjQlM0E1My40MzQzMjYlMkIwMCUzQTAw"

string | null

The cursor used to obtain the current result page.

Example:

"cj1sZXdwd2VycWVtY29zZnNkc2NzUWxNMEUxTXk0ME16UXpNallsTWtJ"

Last modified on June 5, 2026

Get event by ID Put groups

⌘I