Skip to main content
GET
https://api.authiqa.com
/
auth
/
user-profile
curl -X GET https://api.authiqa.com/auth/user-profile \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json"

{
  "userID": "<string>",
  "username": "<string>",
  "email": "<string>",
  "publicKey": "<string>",
  "accountType": "<string>",
  "parentAccount": "<string>",
  "accountStatus": "<string>",
  "emailVerified": true,
  "createdAt": 123,
  "updatedAt": 123,
  "lastLogin": 123,
  "organizationName": "<string>",
  "organizationUrl": "<string>",
  "authUrls": {},
  "domainRestrictionEnabled": true,
  "emailVerificationRequired": true,
  "authProvider": "<string>",
  "lastLoginProvider": "<string>",
  "googleId": "<string>",
  "creditBalance": 123,
  "totalFreeUsers": 123,
  "billableChildAccounts": 123,
  "totalChildAccounts": 123,
  "packagesHistory": [
    {}
  ],
  "accountBalance": 123,
  "availableBalance": 123,
  "childSignupCount": 123,
  "signInCount": 123,
  "emailConfirmationCount": 123,
  "googleAuthCount": 123,
  "githubAuthCount": 123,
  "xAuthCount": 123,
  "facebookAuthCount": 123,
  "lastPasswordChanged": 123,
  "loginAttempts": 123,
  "lastLoginAttempt": 123,
  "lockedUntil": 123,
  "lastResetPasswordRequestAt": 123,
  "googleSsoConfig": {}
}

Overview

This endpoint retrieves comprehensive user profile information including account details, organization settings, authentication history, credit system information, and usage statistics. Requires JWT authentication and returns different data based on account type. This endpoint is free and does not consume credits.

API Details

Authentication

Authorization
string
required
Bearer JWT token for authentication
curl -X GET https://api.authiqa.com/auth/user-profile \
  -H "Authorization: Bearer YOUR_JWT_TOKEN" \
  -H "Content-Type: application/json"

Try It Out

Test the API by providing your JWT token:

Authorization
required
JWT token for authentication

Response Examples

200: Success - Parent Account
{
  "success": true,
  "data": {
    "message": "User profile retrieved successfully",
    "user": {
      "userID": "USR_parent_12345",
      "username": "parentuser",
      "email": "[email protected]",
      "publicKey": "APK_abc123def456_1234567890",
      "accountType": "parent",
      "parentAccount": "ROOT",
      "accountStatus": "active",
      "emailVerified": true,
      "createdAt": 1729616234,
      "updatedAt": 1729616234,
      "lastLogin": 1729616234,
      "organizationName": "Example Corp",
      "organizationUrl": "https://example.com",
      "authUrls": {
        "signin": "https://example.com/signin",
        "signup": "https://example.com/signup"
      },
      "domainRestrictionEnabled": true,
      "emailVerificationRequired": false,
      "organizationId": null,
      "authProvider": "email",
      "lastLoginProvider": "email",
      "googleId": null,
      "creditBalance": 58000,
      "totalFreeUsers": 6000,
      "billableChildAccounts": 0,
      "totalChildAccounts": 3500,
      "packagesHistory": [
        {
          "packageType": "GROWTH",
          "purchaseDate": 1640995200000,
          "creditsAdded": 55000,
          "freeUsersAdded": 5000,
          "price": 50,
          "transactionId": "pi_xxx"
        }
      ],
      "accountBalance": 25.50,
      "availableBalance": 23.75,
      "childSignupCount": 150,
      "signInCount": 2500,
      "emailConfirmationCount": 75,
      "googleAuthCount": 800,
      "githubAuthCount": 200,
      "xAuthCount": 100,
      "facebookAuthCount": 50,
      "lastPasswordChanged": 1729616234,
      "loginAttempts": 0,
      "lastLoginAttempt": null,
      "googleSsoConfig": {
        "enabled": true,
        "clientId": "123456789-abcdefghijklmnop.apps.googleusercontent.com"
      },
      "lastLowCreditNotificationAt": null,
      "lastCriticalCreditNotificationAt": null,
      "lastDepletedCreditNotificationAt": null,
      "lockedUntil": null,
      "lastResetPasswordRequestAt": null
    }
  }
}
200: Success - Child Account
{
  "success": true,
  "data": {
    "message": "User profile retrieved successfully",
    "user": {
      "userID": "USR_child_67890",
      "username": "childuser",
      "email": "[email protected]",
      "publicKey": "APK_def456ghi789_0987654321",
      "accountType": "child",
      "parentAccount": "APK_abc123def456_1234567890",
      "accountStatus": "active",
      "emailVerified": true,
      "createdAt": 1729616234,
      "updatedAt": 1729616234,
      "lastLogin": 1729616234,
      "organizationName": "Example Corp",
      "organizationUrl": null,
      "authUrls": null,
      "domainRestrictionEnabled": true,
      "emailVerificationRequired": false,
      "organizationId": null,
      "authProvider": "google",
      "lastLoginProvider": "google",
      "googleId": "google_user_id_12345",
      "childSignupCount": 0,
      "signInCount": 8,
      "emailConfirmationCount": 1,
      "googleAuthCount": 10,
      "githubAuthCount": 0,
      "xAuthCount": 0,
      "facebookAuthCount": 0,
      "lastPasswordChanged": null,
      "loginAttempts": 0,
      "lastLoginAttempt": null,
     
      "lockedUntil": null,
      "lastResetPasswordRequestAt": null
    }
  }
}
401: Unauthorized
{
  "success": false,
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing authentication token"
  }
}

Response Fields

Core Identity

userID
string
Unique user identifier
username
string
User’s username
email
string
User’s email address
publicKey
string
User’s public API key

Account Information

accountType
string
Account type: “parent” or “child”
parentAccount
string
Parent account reference (“ROOT” for parents, parent’s publicKey for children)
accountStatus
string
Account status: “active”, “inactive”, or “locked”
emailVerified
boolean
Whether email address is verified
createdAt
number
Account creation timestamp
updatedAt
number
Last account update timestamp
lastLogin
number
Last login timestamp

Organization Details

organizationName
string
Organization display name
organizationUrl
string
Organization base URL
authUrls
object
Authentication URLs configuration
domainRestrictionEnabled
boolean
Whether widget is domain-restricted
emailVerificationRequired
boolean
Whether email verification is required

Authentication Details

authProvider
string
Primary authentication provider: “email” or “google”
lastLoginProvider
string
Last used authentication provider
googleId
string
Google account ID (if linked)

Credit System Information (Parent Accounts Only)

creditBalance
number
Current available credits
totalFreeUsers
number
Cumulative free user quota from packages
billableChildAccounts
number
Users above free tier
totalChildAccounts
number
Total number of child accounts
packagesHistory
array
History of package purchases

Legacy Billing Information (Parent Accounts Only)

accountBalance
number
Legacy dollar balance (for backward compatibility)
availableBalance
number
Legacy available balance (for backward compatibility)

Credit-Tracked Usage Statistics

childSignupCount
number
Child account signups (5 credits each)
signInCount
number
Total sign-in attempts (1 credit each)
emailConfirmationCount
number
Email confirmations performed (2 credits each)
googleAuthCount
number
Google OAuth authentications (3 credits each)
githubAuthCount
number
GitHub OAuth authentications (3 credits each)
xAuthCount
number
X/Twitter OAuth authentications (3 credits each)
facebookAuthCount
number
Facebook OAuth authentications (3 credits each)

Security Information

lastPasswordChanged
number
Last password change timestamp
loginAttempts
number
Failed login attempts counter
lastLoginAttempt
number
Last login attempt timestamp
lockedUntil
number
Account lock expiry timestamp
lastResetPasswordRequestAt
number
Last password reset request timestamp

Google SSO Configuration (Parent Accounts Only)

googleSsoConfig
object
Google SSO settings with enabled status and client ID

Error Codes

401 Unauthorized
  • UNAUTHORIZED - Missing or invalid JWT token
403 Forbidden
  • ACCOUNT_INACTIVE - Account is not in active status
404 Not Found
  • USER_NOT_FOUND - User account not found in database
500 Internal Server Error
  • INTERNAL_ERROR - Unexpected server error occurred

Security Features

Data Security

Sensitive Data Excluded: The following sensitive fields are intentionally excluded from the response for security:
  • Hashed passwords
  • JWT signing secrets
  • Email verification tokens
  • Encryption keys and initialization vectors
  • Password reset tokens
  • Google OAuth client secrets

Access Control

Authentication Required: This endpoint requires valid JWT authentication and will only return data for the authenticated user.

Account Type Differences

Parent Accounts

  • Include credit system information (balance, packages, free users)
  • Include legacy billing information (backward compatibility)
  • Include SSO configurations
  • Include credit-tracked operation counters
  • Include credit notification timestamps
  • Have organization settings and auth URLs

Child Accounts

  • No credit system information (uses parent’s credits)
  • No billing information
  • No SSO configuration
  • Limited credit-tracked operation counters (own activity only)
  • Inherit parent’s organization settings
  • Have OAuth authentication details

Usage Notes

This endpoint provides comprehensive user information for dashboard displays, account management interfaces, and user settings pages. This is a free operation that does not consume credits.
The response contains detailed usage statistics, credit information, and timestamps. Handle this data appropriately and avoid exposing sensitive information in client-side applications.

Credit System Features

Free Operation

No Credit Cost: User profile retrieval is completely free and does not deduct credits from your account balance.

Real-time Data

Current Information: Returns up-to-date credit balance, package history, and usage statistics for immediate dashboard display.