identity Graph Node
Back to IndexRoot Set Name: identities
Fields
createdAt | DateTimeOffsetValue |
identityId | UuidValue |
lastModified | DateTimeOffsetValue |
properties | IdentityPropertiesObject |
type | EnumValue |
Edges
| Name | Type | Cardinality |
|---|---|---|
activityLogs | activityLog | Many |
checkpoints | mutationSet | Many |
What is an Identity?
An identity represents an authentication entity in Hantera. There are three types:
- Principal (
type: "principal") - Human users - Client (
type: "client") - OAuth applications and integrations - System (
type: "system") - Internal system processes
Properties Object
The properties field exposes a limited set of identity properties:
name- Display nameemail- Email address (unique for principals)phone- Phone number
Note: Identities may have additional properties in the database, but only these three are exposed via the Graph API.
Common Query Patterns
Query All Principals
POST https://<hantera-hostname>/resources/graphAuthorization: Bearer <YOUR TOKEN>Content-Type: application/json
[ { "edge": "identities", "filter": "type == 'principal'", "node": { "fields": ["identityId", "type", "properties", "createdAt"] } }]curl -i -X POST \ https://<hantera-hostname>/resources/graph \ -H 'Authorization: Bearer <YOUR TOKEN>' \ -H 'Content-Type: application/json' \ -d '[ { "edge": "identities", "filter": "type == 'principal'", "node": { "fields": ["identityId", "type", "properties", "createdAt"] } }]'Invoke-WebRequest `-Uri "https://<hantera-hostname>/resources/graph" `-Method POST `-Headers @{Authorization="Bearer <YOUR TOKEN>"; 'Content-Type'="application/json"} `-Body '[ { "edge": "identities", "filter": "type == 'principal'", "node": { "fields": ["identityId", "type", "properties", "createdAt"] } }]'Returns all human identities in the system.
Find Identity by Email
POST https://<hantera-hostname>/resources/graphAuthorization: Bearer <YOUR TOKEN>Content-Type: application/json
[ { "edge": "identities", "node": { "fields": ["identityId", "properties"] } }]curl -i -X POST \ https://<hantera-hostname>/resources/graph \ -H 'Authorization: Bearer <YOUR TOKEN>' \ -H 'Content-Type: application/json' \ -d '[ { "edge": "identities", "node": { "fields": ["identityId", "properties"] } }]'Invoke-WebRequest `-Uri "https://<hantera-hostname>/resources/graph" `-Method POST `-Headers @{Authorization="Bearer <YOUR TOKEN>"; 'Content-Type'="application/json"} `-Body '[ { "edge": "identities", "filter": "type == 'principal' and properties.email == 'user@example.com'", "node": { "fields": ["identityId", "properties"] } }]'Email addresses are unique across all principals.
Query Clients
POST https://<hantera-hostname>/resources/graphAuthorization: Bearer <YOUR TOKEN>Content-Type: application/json
[ { "edge": "identities", "filter": "type == 'client'", "node": { "fields": ["identityId", "properties"] } }]curl -i -X POST \ https://<hantera-hostname>/resources/graph \ -H 'Authorization: Bearer <YOUR TOKEN>' \ -H 'Content-Type: application/json' \ -d '[ { "edge": "identities", "filter": "type == 'client'", "node": { "fields": ["identityId", "properties"] } }]'Invoke-WebRequest `-Uri "https://<hantera-hostname>/resources/graph" `-Method POST `-Headers @{Authorization="Bearer <YOUR TOKEN>"; 'Content-Type'="application/json"} `-Body '[ { "edge": "identities", "filter": "type == 'client'", "node": { "fields": ["identityId", "properties"] } }]'Returns OAuth client identities (system clients are excluded).
Managing Identities
Identity management (create, update, delete, suspend, password reset) is done via the IAM REST API, not through Graph queries.
See also:
- IAM Domain Model - Understanding identity management
- Managing Identities Guide - Complete integration examples