User Object Properties in Rules
The user
object stores information about the logged-in user, returned by the identity provider. It is generated when a user authenticates and before rules run. Because of the order of events when a user authenticates, changes made to a user's profile from within a rule will only be available in the current user object if you also save the changes to the user object from within the same rule.
To learn more about the authentication transaction flow, read the "How rules work" section in Create Rules.
Properties
The following properties are available for the user
object.
Property | Data Type | Description |
---|---|---|
user.app_metadata |
object | Custom fields that store info about a user that influences the user's access, such as support plan, security roles, or access control groups. Is `undefined` by default. For more info, see Metadata. |
user.created_at |
date time | Timestamp indicating when the user profile was first created. |
user.email |
text | (unique) User's email address. |
user.email_verified |
boolean | Indicates whether the user has verified their email address. |
user.family_name |
text | User's family name. |
user.given_name |
text | User's given name. |
user.identities |
array (object) |
Contains info retrieved from the identity provider with which the user originally authenticates. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider, but it will typically include the following:
|
user.last_password_reset |
date time | Timestamp indicating the last time the user's password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections. |
user.multifactor |
array (text) | List of multi-factor authentication (MFA) providers with which the user is enrolled. This array is updated when the user enrolls in MFA and when an administrator resets a user's MFA enrollments. |
user.name |
text | User's full name. |
user.nickname |
text | User's nickname. |
user.permissions |
text | Permissions assigned to the user's ID token if using the Authorization Extension. |
user.phone_number |
text | User's phone number. Only valid for users with SMS connections. |
user.phone_verified |
boolean | Indicates whether the user has verified their phone number. Only valid for users with SMS connections. |
user.picture |
text | URL pointing to the user's profile picture. |
user.updated_at |
date time | Timestamp indicating when the user's profile was last updated/modified. Changes to last_login are considered updates, so most of the time, updated_at will match last_login . |
user.user_id |
text | (unique) User's primary unique identifier. |
user.user_metadata |
object | Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences. For more info, see Metadata. |
user.username |
text | (unique) User's username. |