Users

Users are the central entities in the identity service, serving as the cornerstone for authentication and access management. This documentation outlines the user-related concepts, profile structure, and associated attributes in detail.

User Profile Overview

Each user in the system has a profile that stores their information. This profile consists of three primary types of data:

1. Social Identities

  • Stores user information retrieved from social sign-in (e.g., Facebook, GitHub, WeChat).

  • Includes details such as social identity references and provider-specific data.

2. Custom Data

  • Stores additional user information not included in predefined user properties.

  • Examples: User preferences like preferred language, theme, or display settings.

3. Basic Data

  • Contains all other core user information except for social identities and custom data.

  • Examples: User ID, username, email, phone number, and timestamps for key events like last sign-in.

Sample User Data

Below is an example of user data retrieved from a Facebook sign-in:

{
  "userDetail": {
    "family_name": "User",
    "email": "vimalprakashts@gmail.com",
    "given_name": "System",
    "sub": "b1c9676a-d9f5-4cf0-a3fc-c2d49bde06ae",
    "isub": "03ca3d79-b0b6-4dd9-b527-3bbfb491a0d8",
    "name": "System User",
    "email_verified": true,
    "phone_number_verified": false,
    "updated_at": 1663438130,
    "created_at": 1647170635,
    "last_logged_in_time": 1663438130,
    "providers": [
      {
        "provider_type": "CLASSICAL",
        "provider_name": "self",
        "social_identity_ref": "",
        "username": ""
      },
      {
        "provider_type": "SOCIAL",
        "provider_name": "FACEBOOK",
        "social_identity_ref": "safaseervasdfad",
        "username": "vimalprakashts@gmail.com"
      }
    ],
    "groups": [
      {
        "roles": ["auth_admin"],
        "group_id": "auth_admins",
        "group_name": "ADMIN",
        "roles_obj": [
          {
            "permissions": [],
            "role_key": "auth_admin"
          }
        ]
      }
    ]
  }
}

Querying User Profiles

You can retrieve user profiles via:

  1. Admin Console: Interactive UI for managing users.

  2. Management API: Example endpoint: GET /users-srv/users/byadmin/:sub

User Profile Attributes

Basic Data Properties

1. sub

  • A unique auto-generated identifier for the user within the system.

2. Name Information

  • given_name: User's first name.

  • family_name: User's last name.

  • middle_name: User's middle name (if applicable).

  • name: Full name of the user.

3. Email

  • The user's primary email address used for sign-in.

  • email_verified: Indicates whether the email address is verified.

    • Default for classical registration: false.

    • Default for social sign-in: true.

  • Max length: 128 characters.

4. Phone Number

  • The user's phone number, used for SMS-based authentication.

  • Format: Numbers prefixed with the country calling code (e.g., +1, +44).

  • phone_number_verified: Indicates whether the phone number is verified.

5. Timestamps

  • created_at: Date and time when the user profile was created.

  • updated_at: Timestamp of the last update made to the user entity.

  • last_logged_in_time: The last recorded login timestamp.

6. Providers

  • Lists the authentication providers associated with the user.

  • Examples: SELF (classical registration), FACEBOOK, GOOGLE.

7. Groups

  • Lists the groups and roles the user is a member of.

  • Example Structure:

    • group_id: Identifier for the group.

    • group_name: Display name of the group.

    • roles: Roles assigned to the user within the group.

Benefits of Organized User Data

  • Flexibility: Supports multiple authentication methods (classical and social).

  • Customization: Allows storing additional user-specific preferences.

  • Transparency: Provides a detailed view of the user’s roles, groups, and account activity.

  • Compliance: Facilitates auditing and adherence to organizational policies.

By leveraging the structured profile attributes, administrators can efficiently manage user identities and provide a personalized experience tailored to individual users.

PreviousAPI ResourceNextSearch Users

Last updated