User Profile

The user profiles contain information about your end-users such as name, email, addresses, and unique identifier. You can manage the profiles via the Portal & Admin API. The end-users can also manage their own profile through the Profile section in the provided by the AuthUI.

UserInfo Endpoint

The UserInfo endpoint returns the Claims about the authenticated end-user, including the standard profile and custom attributes.

The userInfo object is returned from calling fetch user info function which contains a unique identifier of the user.

try{
    const userInfo = await authgear.fetchUserInfo()
} catch(e) {
    // failed to fetch user info
    // the refresh token maybe expired or revoked
}

authgear.fetchUserInfo { userInfoResult in
    // sessionState is now up to date
    // it will change to .noSession if the session is invalid
    let sessionState = authgear.sessionState

    switch userInfoResult {
    case let .success(userInfo):
        // read the userInfo if needed
    case let .failure(error):
        // failed to fetch user info
        // the refresh token maybe expired or revoked
}

authgear.fetchUserInfo(new OnFetchUserInfoListener() {
    @Override
    public void onFetchedUserInfo(@NonNull UserInfo userInfo) {
        // sessionState is now up to date
        // read the userInfo if needed
    }

    @Override
    public void onFetchingUserInfoFailed(@NonNull Throwable throwable) {
        // sessionState is now up to date
        // it will change to NO_SESSION if the session is invalid
    }
});

try {
  UserInfo userInfo = await authgear.getUserInfo();
  // read the userInfo if needed
} catch (e) {
  // failed to fetch user info
  // the refresh token maybe expired or revoked
}
// sessionState is now up to date
SessionState state = authgear.sessionState;

try
{
    var userInfo = await authgear.FetchUserInfoAsync()
}
catch
{
    // failed to fetch user info
    // the refresh token maybe expired or revoked
}

Standard Attributes

The following attributes are built-in supported by Authgear. They are the set of . Some of them are default hidden from the Admin Portal and end-users. Their visibility and mutability can be configured through the Admin Portal.

Standard Attributes that are coupled with Identities

• email

• email_verified

• phone_number

• phone_number_verified

• preferred_username

Custom Attributes

You can define a set of custom attributes in the user profile. They are returned as a JSON object in under the custom_attributes key in userInfo.

{
    "sub": "...",
    "isAnonymous": false,
    "isVerified": true,
    "custom_attributes": {
        ...
    }
}

Add new attributes

Go to Portal > User Profile > Custom Attributes and click Add New Attribute

Authgear supports the following attribute types:

• String

• Number

• Integer

• Dropdown

• Phone Number

• Email Address

• URL

• Country Code

Modify attributes

You can change the attribute name and validation settings such as min and max value. The attribute type cannot be changed once it's set. To migrate the attribute into a new type, create a new attribute, migrate the values from the old to the new one, and then change the name and access right of the old attribute to make it obsolete.

Delete attributes

Deleting attribute is not supported. You can change the name and access rights to make an attribute obsolete.

Attribute Order

User Profile Configuration

The access rights for different parties on individual attributes can be configured through the Authgear Portal. Under the hood, all the attributes are available, however, they can be configured to be hidden or read-only according to the needs of your projects to avoid confusion.

These are the parties that have access to the user profile:

The Admin API

The Portal

The admin user can view or edit the standard attributes via the Authgear Portal.

The Session Bearer

The End-user

Profiles from Third-party Identity Providers