# Users Users are the central entities in the identity service, serving as the cornerstone for authentication and access management. This documentation outlines the user-related concepts, profile structure, and associated attributes in detail. ### User Profile Overview Each user in the system has a **profile** that stores their information. This profile consists of three primary types of data: **1. Social Identities** * Stores user information retrieved from social sign-in (e.g., Facebook, GitHub, WeChat). * Includes details such as social identity references and provider-specific data. **2. Custom Data** * Stores additional user information not included in predefined user properties. * Examples: User preferences like preferred language, theme, or display settings. **3. Basic Data** * Contains all other core user information except for **social identities** and **custom data**. * Examples: User ID, username, email, phone number, and timestamps for key events like last sign-in. ### Sample User Data Below is an example of user data retrieved from a Facebook sign-in: ``` { "userDetail": { "family_name": "User", "email": "vimalprakashts@gmail.com", "given_name": "System", "sub": "b1c9676a-d9f5-4cf0-a3fc-c2d49bde06ae", "isub": "03ca3d79-b0b6-4dd9-b527-3bbfb491a0d8", "name": "System User", "email_verified": true, "phone_number_verified": false, "updated_at": 1663438130, "created_at": 1647170635, "last_logged_in_time": 1663438130, "providers": [ { "provider_type": "CLASSICAL", "provider_name": "self", "social_identity_ref": "", "username": "" }, { "provider_type": "SOCIAL", "provider_name": "FACEBOOK", "social_identity_ref": "safaseervasdfad", "username": "vimalprakashts@gmail.com" } ], "groups": [ { "roles": ["auth_admin"], "group_id": "auth_admins", "group_name": "ADMIN", "roles_obj": [ { "permissions": [], "role_key": "auth_admin" } ] } ] } } ``` ### **Querying User Profiles** You can retrieve user profiles via: 1. **Admin Console**: Interactive UI for managing users. 2. **Management API**: Example endpoint:\ `GET /users-srv/users/byadmin/:sub` ### **User Profile Attributes** #### **Basic Data Properties** **1. `sub`** * A unique auto-generated identifier for the user within the system. **2. Name Information** * **`given_name`**: User's first name. * **`family_name`**: User's last name. * **`middle_name`**: User's middle name (if applicable). * **`name`**: Full name of the user. **3. Email** * The user's primary email address used for sign-in. * **`email_verified`**: Indicates whether the email address is verified. * Default for classical registration: **false**. * Default for social sign-in: **true**. * Max length: **128 characters**. **4. Phone Number** * The user's phone number, used for SMS-based authentication. * Format: Numbers prefixed with the country calling code (e.g., `+1`, `+44`). * **`phone_number_verified`**: Indicates whether the phone number is verified. **5. Timestamps** * **`created_at`**: Date and time when the user profile was created. * **`updated_at`**: Timestamp of the last update made to the user entity. * **`last_logged_in_time`**: The last recorded login timestamp. **6. Providers** * Lists the authentication providers associated with the user. * Examples: `SELF` (classical registration), `FACEBOOK`, `GOOGLE`. **7. Groups** * Lists the groups and roles the user is a member of. * Example Structure: * **`group_id`**: Identifier for the group. * **`group_name`**: Display name of the group. * **`roles`**: Roles assigned to the user within the group. ### **Benefits of Organized User Data** * **Flexibility**: Supports multiple authentication methods (classical and social). * **Customization**: Allows storing additional user-specific preferences. * **Transparency**: Provides a detailed view of the user’s roles, groups, and account activity. * **Compliance**: Facilitates auditing and adherence to organizational policies. By leveraging the structured profile attributes, administrators can efficiently manage user identities and provide a personalized experience tailored to individual users.