> ## Documentation Index
> Fetch the complete documentation index at: https://developers.govworx.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Lookup User

> Fetch a single user by a unique identifier. Token must have 'Manage Users' permission.



## OpenAPI

````yaml https://app.govworx.net/u/api-docs get /api/v1/external/user/single
openapi: 3.1.0
info:
  title: GovWorx Data API
  description: Interfaces to access data produced and organized by GovWorx Applications.
  termsOfService: http://swagger.io/terms/
  version: '1.0'
servers:
  - url: https://app.govworx.net
security: []
tags:
  - name: TRAIN
    description: Training Phase and Enrollment Records
  - name: Audit Log Export
    description: Programmatically pull audit records into your SIEM solution
  - name: Knowledge
    description: >-
      Push and version guide cards and instruction cards into GovWorx from
      external systems (e.g., APCO, PowerPhone, IAED). 


      ## Concepts


      **Knowledge entry:** A guide card or instruction card identified by a
      GovWorx-internal `id` and your partner-supplied `externalId`. Each entry
      carries one or more immutable versions.


      **Version:** An immutable snapshot of the guide card content created by
      `POST /` (create) or `POST /{knowledgeId}/versions` (append). Only one
      version is published (active) at a time.


      **Section ownership (`apiControl`):** A single top-level `apiControl`
      object on each request declares which sections are owned by the API and
      which are managed within GovWorx. API-owned sections are fully overwritten
      on every append. GovWorx-owned sections are editable inside GovWorx and
      carried forward automatically — do not include their content in append
      payloads. Flags are set once at creation and are immutable between
      versions.


      ## referenceId lifecycle


      GovWorx assigns a stable `referenceId` to every item in every content list
      on create. These identifiers are echoed back in the create/append
      response. **Store them.** On future appends, echo a `referenceId` to
      update the existing item in place. Omit the `referenceId` to add a new
      item (a fresh id is generated). Supplying an unknown `referenceId` — one
      not present in the previous version — is rejected (400).


      Reference id formats: `q-{8 hex}` (questions), `si-{8 hex}` (spoken
      instructions), `ca-{8 hex}` (CAD actions), `sms-{8 hex}` (SMS messages),
      `dt-{8 hex}` (dispatch triggers).


      ## Authentication


      All endpoints require a bearer token with the `Manage Knowledge`
      permission.
  - name: Incident
    description: Upload a new Incident to the system
  - name: MCP Resources
    description: MCP Resource endpoints for external integrations
  - name: Quality Assurance
    description: QA evaluation and feedback report endpoints
  - name: Users
    description: User Records
externalDocs:
  description: GovWorx Developer Docs
  url: https://api.govworx.ai
paths:
  /api/v1/external/user/single:
    get:
      tags:
        - Users
      summary: Lookup User
      description: >-
        Fetch a single user by a unique identifier. Token must have 'Manage
        Users' permission.
      operationId: getSingleUser
      parameters:
        - name: userId
          in: query
          required: false
          schema:
            type: integer
            format: int64
        - name: email
          in: query
          required: false
          schema:
            type: string
        - name: personnelId
          in: query
          required: false
          schema:
            type: string
      responses:
        '200':
          description: OK
          content:
            '*/*':
              schema:
                $ref: '#/components/schemas/UserDto'
components:
  schemas:
    UserDto:
      type: object
      properties:
        email:
          type: string
        firstName:
          type: string
        lastName:
          type: string
        loginEnabled:
          type: boolean
        notificationEmail:
          type: string
        id:
          type: integer
          format: int64
        tenantId:
          type: integer
          format: int64
        idpSub:
          type: string
        personnelId:
          type: string
        roleId:
          type: integer
          format: int64
        isSuperAdmin:
          type: boolean
        isSystemUser:
          type: boolean
        mfaEnabled:
          type: boolean
        lastLoginAt:
          type: string
          format: date-time
        isSupervisor:
          type: boolean
        isTemplatePublishingAllowed:
          type: boolean
        vlrIdentifier:
          type: string
        passwordExpiresAt:
          type: string
          format: date-time
        isPasswordExpired:
          type: boolean
        isSupportUser:
          type: boolean
        investmentTrainingPipeline:
          type: boolean

````