# Users

Users are the central entities in the identity service, serving as the cornerstone for authentication and access management. This documentation outlines the user-related concepts, profile structure, and associated attributes in detail.

### User Profile Overview

Each user in the system has a **profile** that stores their information. This profile consists of three primary types of data:

**1. Social Identities**

* Stores user information retrieved from social sign-in (e.g., Facebook, GitHub, WeChat).
* Includes details such as social identity references and provider-specific data.

**2. Custom Data**

* Stores additional user information not included in predefined user properties.
* Examples: User preferences like preferred language, theme, or display settings.

**3. Basic Data**

* Contains all other core user information except for **social identities** and **custom data**.
* Examples: User ID, username, email, phone number, and timestamps for key events like last sign-in.

### Sample User Data

Below is an example of user data retrieved from a Facebook sign-in:

```
{
  "userDetail": {
    "family_name": "User",
    "email": "vimalprakashts@gmail.com",
    "given_name": "System",
    "sub": "b1c9676a-d9f5-4cf0-a3fc-c2d49bde06ae",
    "isub": "03ca3d79-b0b6-4dd9-b527-3bbfb491a0d8",
    "name": "System User",
    "email_verified": true,
    "phone_number_verified": false,
    "updated_at": 1663438130,
    "created_at": 1647170635,
    "last_logged_in_time": 1663438130,
    "providers": [
      {
        "provider_type": "CLASSICAL",
        "provider_name": "self",
        "social_identity_ref": "",
        "username": ""
      },
      {
        "provider_type": "SOCIAL",
        "provider_name": "FACEBOOK",
        "social_identity_ref": "safaseervasdfad",
        "username": "vimalprakashts@gmail.com"
      }
    ],
    "groups": [
      {
        "roles": ["auth_admin"],
        "group_id": "auth_admins",
        "group_name": "ADMIN",
        "roles_obj": [
          {
            "permissions": [],
            "role_key": "auth_admin"
          }
        ]
      }
    ]
  }
}

```

### **Querying User Profiles**

You can retrieve user profiles via:

1. **Admin Console**: Interactive UI for managing users.
2. **Management API**: Example endpoint:\
   `GET /users-srv/users/byadmin/:sub`

### **User Profile Attributes**

#### **Basic Data Properties**

**1. `sub`**

* A unique auto-generated identifier for the user within the system.

**2. Name Information**

* **`given_name`**: User's first name.
* **`family_name`**: User's last name.
* **`middle_name`**: User's middle name (if applicable).
* **`name`**: Full name of the user.

**3. Email**

* The user's primary email address used for sign-in.
* **`email_verified`**: Indicates whether the email address is verified.
  * Default for classical registration: **false**.
  * Default for social sign-in: **true**.
* Max length: **128 characters**.

**4. Phone Number**

* The user's phone number, used for SMS-based authentication.
* Format: Numbers prefixed with the country calling code (e.g., `+1`, `+44`).
* **`phone_number_verified`**: Indicates whether the phone number is verified.

**5. Timestamps**

* **`created_at`**: Date and time when the user profile was created.
* **`updated_at`**: Timestamp of the last update made to the user entity.
* **`last_logged_in_time`**: The last recorded login timestamp.

**6. Providers**

* Lists the authentication providers associated with the user.
* Examples: `SELF` (classical registration), `FACEBOOK`, `GOOGLE`.

**7. Groups**

* Lists the groups and roles the user is a member of.
* Example Structure:
  * **`group_id`**: Identifier for the group.
  * **`group_name`**: Display name of the group.
  * **`roles`**: Roles assigned to the user within the group.

### **Benefits of Organized User Data**

* **Flexibility**: Supports multiple authentication methods (classical and social).
* **Customization**: Allows storing additional user-specific preferences.
* **Transparency**: Provides a detailed view of the user’s roles, groups, and account activity.
* **Compliance**: Facilitates auditing and adherence to organizational policies.

By leveraging the structured profile attributes, administrators can efficiently manage user identities and provide a personalized experience tailored to individual users.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://authdocs.skill-mine.com/licentio-documentation/users.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.