Users
Users are the central entities in the identity service, serving as the cornerstone for authentication and access management. This documentation outlines the user-related concepts, profile structure, and associated attributes in detail.
User Profile Overview
Each user in the system has a profile that stores their information. This profile consists of three primary types of data:
1. Social Identities
Stores user information retrieved from social sign-in (e.g., Facebook, GitHub, WeChat).
Includes details such as social identity references and provider-specific data.
2. Custom Data
Stores additional user information not included in predefined user properties.
Examples: User preferences like preferred language, theme, or display settings.
3. Basic Data
Contains all other core user information except for social identities and custom data.
Examples: User ID, username, email, phone number, and timestamps for key events like last sign-in.
Sample User Data
Below is an example of user data retrieved from a Facebook sign-in:
{
"userDetail": {
"family_name": "User",
"email": "[email protected]",
"given_name": "System",
"sub": "b1c9676a-d9f5-4cf0-a3fc-c2d49bde06ae",
"isub": "03ca3d79-b0b6-4dd9-b527-3bbfb491a0d8",
"name": "System User",
"email_verified": true,
"phone_number_verified": false,
"updated_at": 1663438130,
"created_at": 1647170635,
"last_logged_in_time": 1663438130,
"providers": [
{
"provider_type": "CLASSICAL",
"provider_name": "self",
"social_identity_ref": "",
"username": ""
},
{
"provider_type": "SOCIAL",
"provider_name": "FACEBOOK",
"social_identity_ref": "safaseervasdfad",
"username": "[email protected]"
}
],
"groups": [
{
"roles": ["auth_admin"],
"group_id": "auth_admins",
"group_name": "ADMIN",
"roles_obj": [
{
"permissions": [],
"role_key": "auth_admin"
}
]
}
]
}
}
Querying User Profiles
You can retrieve user profiles via:
Admin Console: Interactive UI for managing users.
Management API: Example endpoint:
GET /users-srv/users/byadmin/:sub
User Profile Attributes
Basic Data Properties
1. sub
A unique auto-generated identifier for the user within the system.
2. Name Information
given_name: User's first name.family_name: User's last name.middle_name: User's middle name (if applicable).name: Full name of the user.
3. Email
The user's primary email address used for sign-in.
email_verified: Indicates whether the email address is verified.Default for classical registration: false.
Default for social sign-in: true.
Max length: 128 characters.
4. Phone Number
The user's phone number, used for SMS-based authentication.
Format: Numbers prefixed with the country calling code (e.g.,
+1,+44).phone_number_verified: Indicates whether the phone number is verified.
5. Timestamps
created_at: Date and time when the user profile was created.updated_at: Timestamp of the last update made to the user entity.last_logged_in_time: The last recorded login timestamp.
6. Providers
Lists the authentication providers associated with the user.
Examples:
SELF(classical registration),FACEBOOK,GOOGLE.
7. Groups
Lists the groups and roles the user is a member of.
Example Structure:
group_id: Identifier for the group.group_name: Display name of the group.roles: Roles assigned to the user within the group.
Benefits of Organized User Data
Flexibility: Supports multiple authentication methods (classical and social).
Customization: Allows storing additional user-specific preferences.
Transparency: Provides a detailed view of the user’s roles, groups, and account activity.
Compliance: Facilitates auditing and adherence to organizational policies.
By leveraging the structured profile attributes, administrators can efficiently manage user identities and provide a personalized experience tailored to individual users.
Last updated